CareHive Health Inc. (“us or we”) respects the privacy of all who use our website (“Site”) and applications (“the Applications”), which may include but are not limited to appointment booking, patient portal, telehealth, and CareHive360 applications, and services provided by us through the Applications and our website at https://carehive.com (the Site, Applications and other services are referenced collectively as the “Services”), and makes all reasonable attempts to protect it. We (or our subcontractors) host the Applications to connect you to healthcare providers who have entered into an agreement with us (each, a “Medical Provider”, and collectively, the “Medical Practice”). Once you select one or more Medical Providers through the Applications to provide services to you, each of those Medical Providers may be referred to as “Your Provider.” We created this Privacy Statement (“Privacy Statement”) to tell you how we protect, collect, use, disclose and store the information collected through the Services.
BY DOWNLOADING, ACCESSING, OR USING THE SERVICES, AND/OR BY REGISTERING WITH US OR PROVIDING INFORMATION TO US IN CONNECTION WITH THE APPLICATION, YOU ACCEPT THE PRACTICES AND POLICIES OUTLINED IN THIS PRIVACY STATEMENT, AND YOU THEREBY CONSENT TO OUR COLLECTING, USING, AND SHARING YOUR INFORMATION AS SET FORTH IN THIS PRIVACY STATEMENT. IF YOU ARE REGISTERING AN ACCOUNT OR USING THE SERVICES ON BEHALF OF AN INDIVIDUAL OR ENTITY OTHER THAN YOURSELF, YOU REPRESENT THAT YOU ARE AUTHORIZED BY SUCH INDIVIDUAL OR ENTITY TO ACCEPT THIS PRIVACY STATEMENT ON SUCH INDIVIDUAL’S OR ENTITY’S BEHALF.
Your use of the Services is also subject to our Terms of Use, which are available here. We may change this Privacy Statement at any time and any changes to this Privacy Statement will become effective when we make the revised Privacy Statement available through the Site and Applications. We will update the “Last Revised” date at the bottom of this Privacy Statement if we make any such changes to this Privacy Policy. Your use of the Services or the submission of any information in connection with the Services following any change means that you accept the revised Privacy Policy.
To the extent that we collect, use and/or disclose HIPAA protected health information, such collection, use and disclosure is handled as required by HIPAA, not this Privacy Statement. Please see your Medical Provider’s Notices of Privacy Practices. The Notice of Privacy Practices for the following medical providers can be found in the footer of our Site: Remedy Urgent Care, PLLC d/b/a CareHive Medical of TX and Remedy Medical of California, PC d/b/a CareHive Medical of CA.
JURISDICTIONAL ISSUES
We intend to provide our Services in the United States. Accordingly, this Statement, and our collection, use, and disclosure of your Personal Information (as defined below) is governed by U.S. law. We do not represent or warrant that the Services, or any functionality or feature thereof, are appropriate or available for use in any particular jurisdiction. If you choose to access or use the Services from outside the United States, you do so on your own initiative and at your own risk, and are responsible for complying with any and all local laws, rules and regulations. By using the Services and submitting any Personal Information from outside the United States, you acknowledge that the Services are subject to U.S. law and consent to the transfer of your Personal Information to the United States, which may provide a different level of data security than in your country of residence.
COLLECTION OF YOUR PERSONAL INFORMATION
Personal Information We Will Collect
In order for you to use the Services, we may require you to provide us with identifying information (“Personal Information”). We and our service providers will collect Personal Information from you that includes, but is not limited to: (1) your name and your contact data (such as your e-mail address, phone number, billing and physical addresses, and your Application login and password); (2) demographic data (such as your gender, your date of birth and your zip code); (3) insurance information (such as your insurance carrier and insurance plan); (4) payment information (such as your credit or debit card number); (5) confirmation that your Provider provided services to you; and (6) health and medical data (such as the previous doctors, dentists or other health care providers you visited, your reason for visiting those providers, your date of visiting providers, your medical history and condition, and other medical and health information you choose to share with us) that you provide through the Applications. If you communicate with us by, for example, e-mail or letter, any information provided in such communication may be collected as Personal Information.
In addition to the information that we collect directly from you, we may also collect certain Personal Information about you from or on behalf of Your Providers. We use and disclose this information only in accordance with your express authorization which you provide when you use the Applications. Please be aware that if you subsequently withdraw your authorization, you will not be able to use the Services through the Applications.
We may also collect information about the location of your mobile device with your consent. Please see below under “How We Collect Non-Personal Information” for additional information about our collection of location information.
Medical Information
In connecting you with a Medical Provider the Application(s) will collect Personal Information from you and transmit it electronically. We will use administrative, physical, and technical safeguards to protect the security and privacy of information held in the Applications. Our infrastructure is kept in a secured data center that protects against unauthorized access to the physical servers, backups and any element used to store and/or process personal data. Only authorized personnel can access the data center. Our systems and databases are backed up regularly to help protect the data in case of a catastrophe. The data center that stores our servers has policies and procedures in place designed to safeguard the equipment that our data is stored on. We regularly upgrade our system software to include the latest security features. Our servers are protected by a firewall system, which is designed to keep unwanted traffic or access out of our computer network. We also employ an intrusion prevention service (IPS) provided by a secured data center operated by a professional company. We also use security methods to determine the identity of each registered user, so that appropriate rights and restrictions can be enforced for that user. Reliable verification of user identity is called “authentication.” All communication between our Web server, your browser and our mobile apps is encrypted with SSL (Secure Sockets Layer) to guard against network eavesdroppers. Your password is internally encrypted in our system
to prevent unauthorized access to the system. Validations are built throughout the Applications to capture the most reliable information. Only the last 4 digits of your credit card number is stored on our servers.
Remedy will transmit any medical information describing your symptoms (or that of any minor for whom you are requesting Services) to the independent Medical Practice we connect you with, in a secured electronic transaction.
Data From Social Networks
Our Site may collect user information from social networking sites, such as Apple’s Game Center, Facebook, Google+, Instagram, Pinterest, Twitter, including your name, your social network username, location, gender, birth date, email address, profile picture, and public data for contacts, if you connect your account to such social networks.
Cookies
Our Site and Applications will use cookies and other technologies to collect information. Cookies are small bits of information that our websites place on the hard drive of your computer. We may use cookies to facilitate your login processes; allow you to personalize and store your settings; collect usage information; determine our total audience size and traffic; and help us improve our sites by measuring which areas are of greatest interest to users.
Tracking and/or Analytics Services.
Our Site and Applications may use tracking and/or analytics services. These services may record unique mobile gestures such as tap, double-tap, zoom, pinch, scroll, swipe and tilt but, aside from IP address, do not collect personally identifiable information that you do not voluntarily enter in the Site or Applications. These services do not track your browsing habits across websites or mobile applications that do not use the same services. We are using the information collected by these services to understand user behavior and optimize site performance.
Web Beacons
Our Site and Applications may also use web beacons (invisible images often referred to as pixel tags or clear GIFs) in order to recognize users and assess traffic patterns. We may also include web beacons and cookies in our email messages in order to count how many e-mail messages have been opened.
USE OF YOUR INFORMATION
We and our third-party service providers may use Personal Information to: respond to your inquiries and fulfill your requests; send to you administrative information, including information regarding the Services, and changes to our terms, conditions and policies; schedule and provide services related to house call appointments, for example, to send to you appointment confirmation; communicate with you and your Providers regarding your health status, appointments and related services provided by your Provider; obtain or facilitate payments for appointments and related services provided by your Provider and send you payment receipts; and provide you with related customer service; confirm that services you request were provided to you by your Providers; send to you marketing communications that we believe may be of interest to you; personalize your experience on the Services by presenting products and offers tailored to you; further our business purposes, such as quality assessment, data analysis, audits, developing new products, enhancing the Application, improving our services, identifying usage trends, developing tools which help you assess the performance, competence and qualifications of healthcare professionals and conducting training programs for such professionals, and determining the effectiveness of our promotional campaigns; and act as we believe to be necessary or appropriate: (a) under applicable law; (b) to comply with legal process; (c) to respond to requests from public or government authorities; (d) to enforce our Terms of Use; (e) to protect our operations or those of any of our affiliates; (f) to protect our rights, privacy, safety or property, or that of our affiliates, you or others; (g) at our discretion under emergency circumstances, to notify emergency services or your family members, personal representative or other individuals involved in your care of your location and condition; or (h) to allow us to pursue available remedies or limit the damages that we may sustain. Our use of your Personal Information may also be subject to certain restrictions set forth in an agreement between us and your Provider.
DISCLOSURE OF YOUR INFORMATION
We may share information we have collected about you:
- with our contracted service providers that provide services such as hosting of the Application, data analysis, IT services and infrastructure, customer service, e-mail delivery, auditing and other similar services;
- with Providers, including your Providers, to schedule and fulfill appointments and provide healthcare services and confirm those services were delivered to you;
- for the purposes described for Personal Information in this Privacy Policy, including marketing purposes relating to their products and services;
- for other treatment, payment or health care purposes of your Provider;
- a successor company in the event of any reorganization, merger, sale, joint venture, assignment, transfer, liquidation or other disposition of all or any portion of our business, assets or stock (including in connection with any bankruptcy or similar proceeding); and
- others as we believe to be necessary or appropriate: (a) under applicable law; (b) to comply with legal process; (c) to respond to requests from public or government authorities; (d) to enforce the Terms of Use; (e) to protect our operations or those of any of our affiliates; (f) to protect our rights, privacy, safety or property, or that of our affiliates, you or others; (g) at our discretion under emergency circumstances, to notify emergency services or your family members, personal representative or other individuals involved in your care of your location and condition; or (h) to allow us to pursue available remedies or limit the damages that we may sustain.
Our disclosure of your Personal Information may also be subject to certain restrictions set forth in an agreement between us and your Provider.
NON-PERSONAL INFORMATION
“Non-Personal Information” is any information that does not reveal your specific identity. The types of Non-Personal Information that we collect are described in more detail below under “How We Collect Non-Personal Information.”
We and our contracted service providers will collect Non-Personal Information in a variety of ways, including:
Through your device: Certain information is collected automatically through your device, such as your operating system name and version, device manufacturer and model, device identifier, language, the name and version of the software Applications you are using. We use this information to ensure that the Applications functions properly and to understand usage of the Applications.
Through server log files: Your “IP Address” is a number that is automatically assigned to the device that you are using by your Internet Service Provider (ISP). An IP Address is identified and logged automatically in our server log files whenever a user uses the Application, along with the time of the use and the pages visited within the Applications. We use IP Addresses for purposes such as helping to calculate Applications usage levels, diagnose server problems and administer the Applications.
From you: We will collect Non-Personal Information such as your general geographic location, as well as other information, such as your preferred means of communication, when you voluntarily provide such information to us. Unless combined with Personal Information, this information does not personally identify you or any other user of the Services.
By aggregating or de-identifying information: Aggregated and De-Identified Personal Information is information that is derived from Personal Information that does not personally identify you or any other users of the Services. For example, we may aggregate Personal Information to calculate the percentage of our users who have a particular telephone area code or a particular medical condition.
Use and Disclosure of Your Non-Personal Information
Because Non-Personal Information does not personally identify you, we may use and disclose Non-Personal Information for any purpose. In some instances, we may combine Non-Personal Information with Personal Information (such as combining your zip code with your name, or with your name together with a medical condition). If we combine any Non-Personal Information with Personal Information, the combined information will be treated by us as Personal Information as long as it is so combined.
THIRD PARTIES
This Privacy Statement does not address, and we are not responsible for, the privacy, information or other practices of any third parties, including Providers, the manufacturer of your mobile device, and any other third party mobile Applications or websites to which our Website or Applications may contain a link. We encourage you to review the Notice of Privacy Practices of each Provider who provides you with services and the privacy policies of each website and application you visit and use.
HIPAA
Your Provider may be regulated as a “covered entity” under the Health Insurance Portability and Accountability Act (“HIPAA”). Please be aware that this Privacy Statement is distinct from your Provider’s HIPAA Notice of Privacy Practices, which describes in detail how your Provider uses and discloses your individually identifiable health information. If you would like to review a copy of your Provider’s HIPAA Notice of Privacy Practices, please request a copy directly from your Provider. Our use and disclosure of your Personal Information, which we receive pursuant to your express authorization, is not restricted under HIPAA. We will use and disclose your Personal Information consistent with the terms of your authorization and this Privacy Policy.
SECURITY OF YOUR INFORMATION
We seek to use reasonable physical, technical and administrative measures to protect Personal Information under our control. Unfortunately, no data transmission over the Internet or data storage system is 100% secure, and therefore we cannot guarantee against all potential security breaches.
If you have reason to believe that your interaction with us is no longer secure (for example, if you feel that the security of any account you might have with us has been compromised), please immediately notify us of the problem by contacting us in accordance with the “Contacting Us” section below.
RETENTION OF YOUR PERSONAL DATA
The Company will retain Your Personal Data only for as long as is necessary for the purposes set out in this Privacy Policy. We will retain and use Your Personal Data to the extent necessary to comply with our legal obligations (for example, if we are required to retain your data to comply with applicable laws), resolve disputes, and enforce our legal agreements and policies.
The Company will also retain Usage Data for internal analysis purposes. Usage Data is generally retained for a shorter period of time, except when this data is used to strengthen the security or to improve the functionality of Our Service, or We are legally obligated to retain this data for longer time periods.
TRANSFER OF YOUR PERSONAL DATA
Your information, including Personal Data, is processed at the Company’s operating offices and in any other places where the parties involved in the processing are located. It means that this information may be transferred to — and maintained on — computers located outside of Your state, province, country, or other governmental jurisdiction where the data protection laws may differ than those from Your jurisdiction.
Your consent to this Privacy Statement followed by Your submission of such information represents Your agreement to that transfer.
The Company will take all steps reasonably necessary to ensure that Your data is treated securely and in accordance with this Privacy Statement and no transfer of Your Personal Data will take place to an organization or a country unless there are adequate controls in place including the security of Your data and other personal information.
CHOICES AND ACCESS REGARDING YOUR INFORMATION
We give you choices regarding our use and disclosure of your Personal Information for marketing purposes. Specifically, you may opt-out from:
- Receiving marketing-related e-mails from us based upon your Personal Information. If you no longer want to receive marketing-related e-mails from us on a going-forward basis, you may opt-out of receiving such marketing related e-mails by using the Unsubscribe feature embedded in the email or by mailing us at the address below.
- Our sharing of your Personal Information with affiliates for their marketing purposes: If you would prefer that we do not share your Personal Information on a going-forward basis with our affiliates for their marketing purposes, you may opt-out of such sharing by mailing us at the address below.
We will try to comply with your request(s) as soon as reasonably practicable. Please note that if you opt-out as described above, we will not be able to remove your Personal Information from the databases of our affiliates with whom we have already shared such information (i.e., to which we have already provided such information as of the date that we implement your opt-out request). Please also note that if you do opt-out of receiving marketing-related messages from us, we may still send administrative messages to you; you cannot opt-out from receiving administrative messages.
HOW YOU CAN ACCESS OR UPDATE YOUR PERSONAL INFORMATION
If you would like to review or update your Personal Information that has been previously provided to us, you may do so by logging into your account within the Applications. We will try to comply with your request to update your Personal Information as soon as reasonably practicable. We are not responsible for changing information from the databases of third parties with whom we have already shared your Personal Information. You may have additional rights to access, correct or modify the health information that is held by your Provider.
USE OF SITE AND APPLICATIONS BY MINORS
The Site and Applications are not directed to individuals under the age of 18, and we do not knowingly collect Personal Information from users under the age of 18. If we learn that we have received any information from an individual under the age of 18, we will use that information only to respond directly to that child (or a parent, legal guardian or personal representative) to inform him or her that he or she cannot use the Services and subsequently we will delete that information from our own servers. However, if you are a parent, legal guardian or personal representative of a minor child, you may, in compliance with the Terms of Use, use the Services on behalf of such minor child. Any information that you provide us while using the Services on behalf of your minor child will be treated as Personal Information as otherwise provided herein.
CONTROLLING YOUR PERSONAL INFORMATION
As a registered user of the Services, you can modify some of the Personal Information you have included in your profile or change your username by logging in and accessing your account. Upon your request, we will use commercially reasonable efforts to delete your account and the Personal Information in your profile; however, it may be impossible to remove your account without some residual information being retained by us, and we may be required by law or our agreement with your Provider to retain certain information. We have no obligation to delete any data or information you provide on a Medical History Form following termination of your account or the account of any Provider to whom your Medical History Form was submitted through the Services. Registered users who wish to close their account should mail us at the address below.
CALIFORNIA PRIVACY RIGHTS
California Civil Code Section 1798.83, also known as the “Shine The Light” law, permits our users who are California residents to request and obtain from us, once a year and free of charge, information about categories of personal information (if any) we disclosed to third parties for direct marketing purposes and the names and addresses of all third parties with which we shared personal information in the immediately preceding calendar year. If you are a California resident and would like to make such a request, please submit your request in writing to us using the contact information provided below.
If you are under 18 years of age, reside in California, and have a registered account with the Site [or our mobile application], you have the right to request removal of unwanted data that you publicly post on the Site [or our mobile application]. To request removal of such data, please contact us using the contact information provided below, and include the email address associated with your account and a statement that you reside in California. We will make sure the data is not publicly displayed on the Site [or our mobile application], but please be aware that the data may not be completely or comprehensively removed from our systems.
Contacting Us
If you have any questions about this Privacy Policy, please contact us by email at [email protected] or regular mail at:
CareHive Health Inc.
PO Box 4317, Dept. 615
Houston, TX 77210
Please note that e-mail communications are not always secure. Please do not include health information, credit card information or other sensitive information in your e-mail messages to us.
Compliance Email: [email protected]
Compliance Phone: 512-793-7373
Last Revised: January 8, 2024