CareHive Health Inc. (“us or we”) respects the privacy of all who use our website (“Site”) and applications (“the Applications”), which may include but are not limited to appointment booking, patient portal, telehealth, and CareHive360 applications, and services provided by us through the Applications and our website at https://carehive.com (the Site, Applications and other services are referenced collectively as the “Services”), and makes all reasonable attempts to protect it. We (or our subcontractors) host the Applications to connect you to healthcare providers who have entered into an agreement with us (each, a “Medical Provider”, and collectively, the “Medical Practice”). Once you select one or more Medical Providers through the Applications to provide services to you, each of those Medical Providers may be referred to as “Your Provider.” We created this Privacy Statement (“Privacy Statement”) to tell you how we protect, collect, use, disclose and store the information collected through the Services.
BY DOWNLOADING, ACCESSING, OR USING THE SERVICES, AND/OR BY REGISTERING WITH US OR PROVIDING INFORMATION TO US IN CONNECTION WITH THE APPLICATION, YOU ACCEPT THE PRACTICES AND POLICIES OUTLINED IN THIS PRIVACY STATEMENT, AND YOU THEREBY CONSENT TO OUR COLLECTING, USING, AND SHARING YOUR INFORMATION AS SET FORTH IN THIS PRIVACY STATEMENT. IF YOU ARE REGISTERING AN ACCOUNT OR USING THE SERVICES ON BEHALF OF AN INDIVIDUAL OR ENTITY OTHER THAN YOURSELF, YOU REPRESENT THAT YOU ARE AUTHORIZED BY SUCH INDIVIDUAL OR ENTITY TO ACCEPT THIS PRIVACY STATEMENT ON SUCH INDIVIDUAL’S OR ENTITY’S BEHALF.
To the extent that we collect, use and/or disclose HIPAA protected health information, such collection, use and disclosure is handled as required by HIPAA, not this Privacy Statement. Please see your Medical Provider’s Notices of Privacy Practices. The Notice of Privacy Practices for the following medical providers can be found in the footer of our Site: Remedy Urgent Care, PLLC d/b/a CareHive Medical of TX and Remedy Medical of California, PC d/b/a CareHive Medical of CA.
We intend to provide our Services in the United States. Accordingly, this Statement, and our collection, use, and disclosure of your Personal Information (as defined below) is governed by U.S. law. We do not represent or warrant that the Services, or any functionality or feature thereof, are appropriate or available for use in any particular jurisdiction. If you choose to access or use the Services from outside the United States, you do so on your own initiative and at your own risk, and are responsible for complying with any and all local laws, rules and regulations. By using the Services and submitting any Personal Information from outside the United States, you acknowledge that the Services are subject to U.S. law and consent to the transfer of your Personal Information to the United States, which may provide a different level of data security than in your country of residence.
COLLECTION OF YOUR PERSONAL INFORMATION
Personal Information We Will Collect
In order for you to use the Services, we may require you to provide us with identifying information (“Personal Information”). We and our service providers will collect Personal Information from you that includes, but is not limited to: (1) your name and your contact data (such as your e-mail address, phone number, billing and physical addresses, and your Application login and password); (2) demographic data (such as your gender, your date of birth and your zip code); (3) insurance information (such as your insurance carrier and insurance plan); (4) payment information (such as your credit or debit card number); (5) confirmation that your Provider provided services to you; and (6) health and medical data (such as the previous doctors, dentists or other health care providers you visited, your reason for visiting those providers, your date of visiting providers, your medical history and condition, and other medical and health information you choose to share with us) that you provide through the Applications. If you communicate with us by, for example, e-mail or letter, any information provided in such communication may be collected as Personal Information.
In addition to the information that we collect directly from you, we may also collect certain Personal Information about you from or on behalf of Your Providers. We use and disclose this information only in accordance with your express authorization which you provide when you use the Applications. Please be aware that if you subsequently withdraw your authorization, you will not be able to use the Services through the Applications.
We may also collect information about the location of your mobile device with your consent. Please see below under “How We Collect Non-Personal Information” for additional information about our collection of location information.
In connecting you with a Medical Provider the Application(s) will collect Personal Information from you and transmit it electronically. We will use administrative, physical, and technical safeguards to protect the security and privacy of information held in the Applications. Our infrastructure is kept in a secured data center that protects against unauthorized access to the physical servers, backups and any element used to store and/or process personal data. Only authorized personnel can access the data center. Our systems and databases are backed up regularly to help protect the data in case of a catastrophe. The data center that stores our servers has policies and procedures in place designed to safeguard the equipment that our data is stored on. We regularly upgrade our system software to include the latest security features. Our servers are protected by a firewall system, which is designed to keep unwanted traffic or access out of our computer network. We also employ an intrusion prevention service (IPS) provided by a secured data center operated by a professional company. We also use security methods to determine the identity of each registered user, so that appropriate rights and restrictions can be enforced for that user. Reliable verification of user identity is called “authentication.” All communication between our Web server, your browser and our mobile apps is encrypted with SSL (Secure Sockets Layer) to guard against network eavesdroppers. Your password is internally encrypted in our system
to prevent unauthorized access to the system. Validations are built throughout the Applications to capture the most reliable information. Only the last 4 digits of your credit card number is stored on our servers.
Remedy will transmit any medical information describing your symptoms (or that of any minor for whom you are requesting Services) to the independent Medical Practice we connect you with, in a secured electronic transaction.
Data From Social Networks
Our Site may collect user information from social networking sites, such as Apple’s Game Center, Facebook, Google+, Instagram, Pinterest, Twitter, including your name, your social network username, location, gender, birth date, email address, profile picture, and public data for contacts, if you connect your account to such social networks.
Tracking and/or Analytics Services.
Our Site and Applications may use tracking and/or analytics services. These services may record unique mobile gestures such as tap, double-tap, zoom, pinch, scroll, swipe and tilt but, aside from IP address, do not collect personally identifiable information that you do not voluntarily enter in the Site or Applications. These services do not track your browsing habits across websites or mobile applications that do not use the same services. We are using the information collected by these services to understand user behavior and optimize site performance.
Our Site and Applications may also use web beacons (invisible images often referred to as pixel tags or clear GIFs) in order to recognize users and assess traffic patterns. We may also include web beacons and cookies in our email messages in order to count how many e-mail messages have been opened.
USE OF YOUR INFORMATION
DISCLOSURE OF YOUR INFORMATION
We may share information we have collected about you:
- with our contracted service providers that provide services such as hosting of the Application, data analysis, IT services and infrastructure, customer service, e-mail delivery, auditing and other similar services;
- with Providers, including your Providers, to schedule and fulfill appointments and provide healthcare services and confirm those services were delivered to you;
- for other treatment, payment or health care purposes of your Provider;
- a successor company in the event of any reorganization, merger, sale, joint venture, assignment, transfer, liquidation or other disposition of all or any portion of our business, assets or stock (including in connection with any bankruptcy or similar proceeding); and
Our disclosure of your Personal Information may also be subject to certain restrictions set forth in an agreement between us and your Provider.
“Non-Personal Information” is any information that does not reveal your specific identity. The types of Non-Personal Information that we collect are described in more detail below under “How We Collect Non-Personal Information.”
We and our contracted service providers will collect Non-Personal Information in a variety of ways, including:
Through your device: Certain information is collected automatically through your device, such as your operating system name and version, device manufacturer and model, device identifier, language, the name and version of the software Applications you are using. We use this information to ensure that the Applications functions properly and to understand usage of the Applications.
Through server log files: Your “IP Address” is a number that is automatically assigned to the device that you are using by your Internet Service Provider (ISP). An IP Address is identified and logged automatically in our server log files whenever a user uses the Application, along with the time of the use and the pages visited within the Applications. We use IP Addresses for purposes such as helping to calculate Applications usage levels, diagnose server problems and administer the Applications.
From you: We will collect Non-Personal Information such as your general geographic location, as well as other information, such as your preferred means of communication, when you voluntarily provide such information to us. Unless combined with Personal Information, this information does not personally identify you or any other user of the Services.
By aggregating or de-identifying information: Aggregated and De-Identified Personal Information is information that is derived from Personal Information that does not personally identify you or any other users of the Services. For example, we may aggregate Personal Information to calculate the percentage of our users who have a particular telephone area code or a particular medical condition.
Use and Disclosure of Your Non-Personal Information
Because Non-Personal Information does not personally identify you, we may use and disclose Non-Personal Information for any purpose. In some instances, we may combine Non-Personal Information with Personal Information (such as combining your zip code with your name, or with your name together with a medical condition). If we combine any Non-Personal Information with Personal Information, the combined information will be treated by us as Personal Information as long as it is so combined.
This Privacy Statement does not address, and we are not responsible for, the privacy, information or other practices of any third parties, including Providers, the manufacturer of your mobile device, and any other third party mobile Applications or websites to which our Website or Applications may contain a link. We encourage you to review the Notice of Privacy Practices of each Provider who provides you with services and the privacy policies of each website and application you visit and use.
SECURITY OF YOUR INFORMATION
We seek to use reasonable physical, technical and administrative measures to protect Personal Information under our control. Unfortunately, no data transmission over the Internet or data storage system is 100% secure, and therefore we cannot guarantee against all potential security breaches.
If you have reason to believe that your interaction with us is no longer secure (for example, if you feel that the security of any account you might have with us has been compromised), please immediately notify us of the problem by contacting us in accordance with the “Contacting Us” section below.
RETENTION OF YOUR PERSONAL DATA
The Company will also retain Usage Data for internal analysis purposes. Usage Data is generally retained for a shorter period of time, except when this data is used to strengthen the security or to improve the functionality of Our Service, or We are legally obligated to retain this data for longer time periods.
TRANSFER OF YOUR PERSONAL DATA
Your information, including Personal Data, is processed at the Company’s operating offices and in any other places where the parties involved in the processing are located. It means that this information may be transferred to — and maintained on — computers located outside of Your state, province, country, or other governmental jurisdiction where the data protection laws may differ than those from Your jurisdiction.
Your consent to this Privacy Statement followed by Your submission of such information represents Your agreement to that transfer.
The Company will take all steps reasonably necessary to ensure that Your data is treated securely and in accordance with this Privacy Statement and no transfer of Your Personal Data will take place to an organization or a country unless there are adequate controls in place including the security of Your data and other personal information.
CHOICES AND ACCESS REGARDING YOUR INFORMATION
We give you choices regarding our use and disclosure of your Personal Information for marketing purposes. Specifically, you may opt-out from:
- Receiving marketing-related e-mails from us based upon your Personal Information. If you no longer want to receive marketing-related e-mails from us on a going-forward basis, you may opt-out of receiving such marketing related e-mails by using the Unsubscribe feature embedded in the email or by mailing us at the address below.
- Our sharing of your Personal Information with affiliates for their marketing purposes: If you would prefer that we do not share your Personal Information on a going-forward basis with our affiliates for their marketing purposes, you may opt-out of such sharing by mailing us at the address below.
We will try to comply with your request(s) as soon as reasonably practicable. Please note that if you opt-out as described above, we will not be able to remove your Personal Information from the databases of our affiliates with whom we have already shared such information (i.e., to which we have already provided such information as of the date that we implement your opt-out request). Please also note that if you do opt-out of receiving marketing-related messages from us, we may still send administrative messages to you; you cannot opt-out from receiving administrative messages.
HOW YOU CAN ACCESS OR UPDATE YOUR PERSONAL INFORMATION
If you would like to review or update your Personal Information that has been previously provided to us, you may do so by logging into your account within the Applications. We will try to comply with your request to update your Personal Information as soon as reasonably practicable. We are not responsible for changing information from the databases of third parties with whom we have already shared your Personal Information. You may have additional rights to access, correct or modify the health information that is held by your Provider.
USE OF SITE AND APPLICATIONS BY MINORS
CONTROLLING YOUR PERSONAL INFORMATION
As a registered user of the Services, you can modify some of the Personal Information you have included in your profile or change your username by logging in and accessing your account. Upon your request, we will use commercially reasonable efforts to delete your account and the Personal Information in your profile; however, it may be impossible to remove your account without some residual information being retained by us, and we may be required by law or our agreement with your Provider to retain certain information. We have no obligation to delete any data or information you provide on a Medical History Form following termination of your account or the account of any Provider to whom your Medical History Form was submitted through the Services. Registered users who wish to close their account should mail us at the address below.
CALIFORNIA PRIVACY RIGHTS
California Civil Code Section 1798.83, also known as the “Shine The Light” law, permits our users who are California residents to request and obtain from us, once a year and free of charge, information about categories of personal information (if any) we disclosed to third parties for direct marketing purposes and the names and addresses of all third parties with which we shared personal information in the immediately preceding calendar year. If you are a California resident and would like to make such a request, please submit your request in writing to us using the contact information provided below.
If you are under 18 years of age, reside in California, and have a registered account with the Site [or our mobile application], you have the right to request removal of unwanted data that you publicly post on the Site [or our mobile application]. To request removal of such data, please contact us using the contact information provided below, and include the email address associated with your account and a statement that you reside in California. We will make sure the data is not publicly displayed on the Site [or our mobile application], but please be aware that the data may not be completely or comprehensively removed from our systems.
CareHive Health Inc.
5901 Vega Ave, Suite 100
Austin TX 78735
Please note that e-mail communications are not always secure; so please do not include health information, credit card information or other sensitive information in your e-mail messages to us.
Compliance Email: [email protected]
Compliance Phone: 512-793-7373
Last Revised: August 10, 2021