Privacy Policy
This Privacy Policy discloses the practices of Telewell Medical Clinics, Inc. (dba Taiga Health or Taiga) and its predecessors licensors, beneficiaries, and/or affiliated medical practice entities (collectively, the “Companies”, “Taiga”, “we”, or “us”), concerning information we obtain by and through your use of the Taiga mobile application (the “Application”) and website and the services provided through the Application (the “Services”). The Companies are committed to respecting your privacy and recognizing your need for appropriate protection and management of personally identifiable information and health information you share with us. The purpose of this Privacy Policy is to explain the types of information Taiga obtains about users of the Application and/or Services, how the information is obtained, how it is used, how it is disclosed, how you can get access to this information, and the choices you have regarding our use of, and your ability to review and correct, the information. By using the Application and/or the Services, you are accepting and consenting to the use of your information as described in this policy. We will not accept any Personally Identifiable Information or Protected Health Information from you prior to providing you with this Privacy Policy. Please review this Policy carefully.
Please note, Taiga Health is an administrative and technology service provider that owns the Application. Taiga has entered into contracts with certain independent health care providers who provide virtual, non-emergency general adult and pediatric health services (collectively, “Taiga Doctors”). Among other things, Taiga Health contracts with Taiga Doctors, licenses the Application to Taiga Doctors to provide Taiga Doctors with the capability to receive, respond to and schedule requested visits.
This Privacy Policy specifically applies to how the Companies collect, use, and disclose the information you provide or that we obtains with your consent as a result of your use of the Application or your enrollment as a registered user with Taiga. This Privacy Policy does not apply to protected health information or medical information provided from you to Taiga Doctors.
1. Information That You Give Us
When you create an account on the Application or enroll as a Taiga registered user (“Enroll”), or login to the Application or Taiga website to create a profile or complete surveys, we collect personal information that can identify you (“Personally Identifiable Information” or “PII”), such as your full name, email address, mailing address, telephone number, and credit card information for payment. In addition to PII, Taiga may also collect the protected health information (“Protected Health Information” or “PHI”) of you or of an individual for whom you are requesting health services. For example, when you use the Application to transmit a request for health services to be provided at your specified location (a request for a “Visit”), you will need to provide additional health information
about the individual for whom the visit is requested so that Taiga Doctors can assess the request and determine whether or not Taiga Doctors has an appropriate and available medical provider (a “Provider”) and medical assistant (“Medical Assistant”) to respond to your request. Another example of how Taiga may obtain your PHI and/or PII is when you grant permission for other third-parties to share your information directly with Taiga. This would include, without limitation, the Application’s access and synchronization of your PHI and/or PII with the smart biometric devices which you may associated with your account such as the Apple Health application and/or Apple Health Records or Samsung Health.
Ultimately, the information that Taiga collects varies depending upon how you use our Services and what permissions you give to us and other third-parties that also collect your PII and/or PHI. We will not use any PHI for any other purpose without your explicit authorization, or unless otherwise permitted or required by law. You may revoke, in writing, any such authorization at any time, except to the extent we have taken action in reliance thereon.
Taiga does not disclose any data obtained through Apple Clinical Health Records API or through synchronization with the Apple Health application to any third-party for advertising, marketing, or other use-based data mining purposes.
If you believe that we have violated your privacy rights, you should contact us at the mailing address or e-mail address provided below.
<pclass=”fs24″>2. Other Information We Collect.</pclass=”fs24″>
Cookies. Our Application may use cookies and other technologies to collect information. Cookies are small bits of information that our websites place on the hard drive of your computer. We may use cookies to facilitate your login processes; allow you to personalize and store your settings; collect usage information; determine our total audience size and traffic; and help us improve our sites by measuring which areas are of greatest interest to users.
Tracking and/or Analytics Services. We may use mobile application tracking and/or analytics services. These services may record unique mobile gestures such as tap, double-tap, zoom, pinch, scroll, swipe and tilt but do not collect personally identifiable information that you do not voluntarily enter in the Application. These services do not track your browsing habits across mobile applications that do not use the same services. We are using the information collected by these services to understand user behavior and optimize site performance.
Web Beacons. We may also use web beacons (invisible images often referred to as pixel tags or clear GIFs) in order to recognize users and assess traffic patterns, and we may include web beacons and cookies in our email messages in order to count how many e-mail messages have been opened.
Non-Personally Identifiable Information. We also collect Non-Personally Identifiable Information that is not health information or medical information in the form of statistics and information regarding the Application user’s statistics and metrics obtained from third party devices (for example, steps, distance, calories burned, GPS coordinates, bat speed, hand speed, swing time, etc.), which may be combined with personal information you submit through the Application and/or Services so that you can fully enjoy the benefits of the Application’s tracking, monitoring, and diagnostic tools. We may also request the following optional information as part of your profile so that you can fully enjoy the features and functions of our Services: your weight, height, and gender.
Mobile Device Information. Your use of the Application may also include collection of information from your mobile device. For example, the Application may request your permission to collect location data and/or may request access to multimedia (photos or videos) stored on your mobile device. You have the option of declining collection of geolocation data, but this may limit your ability to participate in certain activities through the Application. If you do not wish for your location data to be shared with Taiga, please respond accordingly when prompted on your mobile device, or visit your mobile device settings. Multimedia will only be collected from your device if you affirmatively select it to upload to the application (i.e. you choose an image or video to store within the Application). Multimedia will not be shared with other Application users.
3. How We Use Your Information.
Subject to this Privacy Policy, the Terms of Service, and applicable terms and conditions of third-party applications, all data transmitted through the Application or website is owned by Taiga; provided, however, that PHI that you provide for the purpose of scheduling a Visit with a Medical Practice will be solely owned by the Medical Practice. To the extent Taiga is precluded from owning data transmitted through the Application, you grant Taiga a perpetual, worldwide, royalty-free license to use such data (with the exception of PHI) to the extent necessary to enable use of the Application, the website, and Services. Generally, we may use information in the following ways:
· For the purposes for which you specifically provided it including, without limitation, to enable us to process your registration, provide the Services or other requests.
· To transmit a request for a Visit per your request.
· To send you information about your relationship or transactions with us.
· To notify you about our products, services, and special offers, except that we will not use PHI for marketing purposes without your prior written consent for yourself or your minor child.
· To otherwise contact you with information that we believe will be of interest to you.
· To enhance or develop features, products and services. To allow us to personalize the content that you and others see on the Application.
· To allow other select companies to send you promotional materials about their products and services, provided that no PHI will be used for this purpose without your prior written consent.
We use non-Personally Identifiable Information for purposes such as measuring the number of users of various features of the Application, making the Application more useful
to users and delivering targeted advertising and non-advertising content. We may also use Non-Personally Identifiable Information (for example, statistics regarding use and metrics) for research purposes, for marketing and promotional purposes, and to develop new learning tools and solutions and we may share such information with third parties, including researchers and/or advertisers, on an aggregate and anonymous basis. We use IP addresses to analyze trends, administer the Application, track a visitor’s movement, and gather demographic information for aggregate, non-personally identifiable use.
You acknowledge that unless you request in writing otherwise, we, in our sole discretion, has the right but not the obligation to store any information, whether Personally Identifiable Information or otherwise, perpetually, to the extent permitted by law. If you wish for any information about you to be removed from our database, please contact us through the contact information provided below in the “How to Contact Us” section of this Privacy Policy.
4. Sharing Your Information.
Except as otherwise described in this Privacy Policy, or if we inform you otherwise at the time of data collection and receive your consent where required, we will not sell, trade, or share your information with third parties.
We may share your information as follows:
- Visits: We will share your information, at your direction, to transmit a request for a Visit with Taiga Doctors. The Provider and/or other representative of Taiga Doctors may contact you prior to the Provider being dispatched to your location, to ensure that he or she is equipped to handle your medical case. Taiga Doctors treatment of your information is subject to Doctors own policies and procedures. Any PHI that we collect and save from you will be kept private and secure, as required by law.
- With Affiliates: We may share your information with affiliated companies and businesses, provided that your PHI will not be shared for any marketing purposes without your prior written consent, in accordance with applicable law.
- With Service Providers: We may use other companies to perform services including, without limitation, facilitating some aspects of our Application such as processing credit card transactions sending emails, fulfilling purchase requests, and data analysis on our behalf. These other companies may be supplied with or have access to your information solely for the purpose of providing these services to you on our behalf. Such service providers shall be bound by appropriate confidentiality and security obligations, which may include, as applicable, business associate contract obligations.
- With Business Partners: When you make purchases or engage in promotions offered through our Application, we may share PII, but not your PHI, with the businesses with which we partner to offer you those products, services, and promotions. When you accept a particular business partner’s offer, you authorize us to provide your information to that business partner.
Special Circumstances:
We also may disclose your information:
· In response to a subpoena or similar investigative demand, a court order, or other request from a law enforcement or government agency where required by applicable law.
· When disclosure is required or allowed by law in connection with efforts to investigate, prevent, or take other action regarding illegal activity, suspected fraud or other wrongdoing; to protect and defend the rights, property or safety of our company, our users, our employees, or others; to comply with applicable law or cooperate with law enforcement; or to enforce our Application’s terms and conditions or other agreements or policies.
· In connection with a corporate transaction, such as the sale of all or a portion of our business, a divestiture, merger, consolidation, or asset sale, or in the event of bankruptcy, as required or allowed by law.
SPECIAL NOTICE FOR USERS OF THE APPLICATION: IF YOU ELECT TO MAKE YOUR PROFILE (OR THAT OF A MINOR OR FAMILY MEMBER) VIEWABLE BY PHYSICIANS, ALL INFORMATION THAT YOU INCLUDE IN THAT PROFILE MAY BE VIEWED BY PHYSICIANS. YOU SHOULD NOT ENTER ANY INFORMATION IN THE PROFILE THAT YOU (OR ANOTHER PERSON) WISH TO REMAIN CONFIDENTIAL. A PHYSICIAN WILL NOT BE ABLE TO CONTACT YOU EXCEPT THROUGH THE PERSONAL CONTACT INFORMATION YOU PROVIDE THROUGH THE APPLICATION. TAIGA IS NOT RESPONSIBLE FOR THE RETENTION, USE OR PRIVACY PRACTICES OF MEDICAL PRACTICES AFTER THEY HAVE RECEIVED YOUR INFORMATION.
5. Confidentiality of Health Information.
Certain Medical Practices and Physicians may be subject to laws and regulations governing the use and disclosure of health information they create or receive depending on your location. Included among them is the Personal Information Protection and Electronic Documents Act of 2000 (“PIPEDA”), The Personal Health Information Protection Act of 2004 (“PHIPA”), Health Insurance Portability and Accountability Act of 1996 (“HIPAA”), the Health Information Technology for Economic and Clinical Health of 2009 (“HITECH”), the General Data Protection Regulation (“GDPR”)and the regulations adopted thereunder, and applicable laws. When Taiga stores, processes, or transmits “individually identifiable health information” (as such term is defined by HIPAA) on behalf of such a health care provider, Taiga does so as its “business associate” (as also defined by HIPAA). Taiga is prohibited from, among other things, using individually identifiable health information in a manner that the health care provider itself may not. Taiga is also required to, among other things, apply reasonable and appropriate measures to safeguard the confidentiality, integrity and availability of individually identifiable health information we store and process on behalf of such health care providers.
6. How to Access or Update Your Information.
You have the ability to review and update your personal information by visiting the account management section on the Website accessible through the patient portal.
7. How We Protect Your Information.
We use commercially reasonable administrative, technical, and physical measures to safeguard your information in our possession against loss, theft and unauthorized use, disclosure or modification. We follow generally accepted industry standards to protect the information submitted to us, both during transmission and once we receive it. No method of transmission over the internet is 100% secure, however. Therefore, while we strive to make all reasonable efforts to use commercially acceptable means to protect your personal information, we cannot guarantee its absolute security. In the unlikely event of a data breach, you will be notified as soon as reasonably possible, in accordance with applicable law. Furthermore, we are not responsible for any breach of security or for any actions of any third parties that receive the information.
Certain of the administrative, technical, and physical measures in place are as follows: Taiga’s infrastructure is kept in a secured data center that protects from unauthorized access to the physical servers, backups and any element used to store and/or process personal data. Only authorized personnel can access the data center. Taiga systems and databases are backed up regularly to help protect the data in case of an uncontrollable catastrophe. The data center that stores Taiga servers has policies and procedures in place designed to safeguard the equipment that our data is stored on. Taiga regularly upgrades its system software to include the latest security features. Taiga servers are protected by a firewall system, which is designed to keep unwanted traffic or access out of our computer network. Taiga also employs an intrusion prevention service (IPS) provided by a secured data center operated by a professional company, and uses security methods to determine the identity of each registered user, so that appropriate rights and restrictions can be enforced for that user. Reliable verification of user identity is called “authentication.” All communication between Taiga’s Web server, your browser and the Application is encrypted with SSL (Secure Sockets Layer) to guard against network eavesdroppers. Your password is internally encrypted in Taiga’s system to prevent unauthorized access to the system. Validations are built throughout the application to capture the most reliable information. Only the last 4 digits of your credit card number is stored on our servers.
8. Changes To Our Privacy Policy.
From time to time we may revise this Privacy Policy. If we make revisions that change the way we collect or use your information, those changes will be posted in this Privacy Policy and the effective date will be noted at the end of the Privacy Policy. Therefore, you should review it periodically so that you are up to date on our most current policies and practices. If we make material changes to our practices regarding use of your information, your information will continue to be governed by the Privacy Policy under which it was subject prior to those changes, unless you have been provided notice of, and have not objected to, the changes.
9. Links to Third Party Sites.
Our Application or website may contain links to websites or applications operated and maintained by third-parties, over which we have no control. Privacy policies for these third-party sites and applications may be different from our Privacy Policy. You access these third-party sites and applications at your own risk. You should always read the privacy policy of a linked site or applications before disclosing any personal information on such site and/or through such applications. Taiga is not responsible for information you submit to third-parties.
Right to Opt-Out of the Sale of Your Personal Information. We do not sell any of your personal information.
Right to Non-Discrimination. We will not discriminate against those who exercise their rights under this section. If you exercise your rights, we will not deny you goods or services, charge you different prices or rates for goods or services, or provide you with a different level or quality of goods or services.
Accessing in Alternative Formats. For individuals with disabilities, please contact us in accordance with the “How to Contact Us” section regarding how to access the information in this Privacy Policy in an alternative format.
Response Time. We aim to respond to a consumer request for access or deletion within 45 days of receiving a verifiable request. If we require more time, we will inform you of the reason and extension period in writing.
Do Not Track Symbols. We do not have the capability to respond to “Do Not Track” signals received from various web browsers at this time.
10. How to Contact Us.
If you have any questions, comments or concerns about our Privacy Policy, you may contact us at customerservice@taiga.health