Informed Health Technologies Privacy Policy
Last Updated: September 2020
This Privacy Policy applies to Informed Health Technologies, Inc. (“IHT”, “we”, “us” and “our”).
IHT is committed to ensuring the privacy of your personal information. We are further committed to preventing unauthorized access to that information. Our Privacy Policy details what personal information is collected from users, business representatives, and others and describes how we use it, how it is stored, and your choices in managing our use of your information.
Who we are
IHT empowers patients and caregivers by:
•collecting health data from many sources,
•merging the data,
•allowing the data to be shared with others according to your preferences,
•monitors changes in the data, and
•enables the people in your network to be notified about concerning data.
IHT is based in California and uses data service providers based in the United States. This privacy policy applies to all products and services offered by IHT (the “Services”) including but not limited to the website, https://informedht.com, and the Medical Hub®.
We respect your privacy and take safeguarding your Personal Data seriously. Please read this Privacy Policy carefully together with the our Terms of Service / Software License Agreement to understand what Personal Data (defined below) we collect from you, how we use it, and your choices related to our use of your Personal Data. If you do not agree with this Privacy Policy, please do not use the Services.
What is Personal Data?
“Personal Data” means any information relating to an identified or identifiable natural person; an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural, or social identity of that natural person. Under specific laws, Personal Data may include any information relating to a household.
Personal Data we process
With your permission, we collect information about you, including relationships you may have identified as contacts. Some of this data may be directly entered by you. Some of this data may be collected from third parties at your request. This data ranges from your vital signs, like blood pressure or heart rate, to your family history to medications you are currently taking or once took. It may also include records from your clinicians, which might include a doctor, dentist, or optometrist. In addition, it may include data obtained from devices that you wear or have in your home. We may also collect data about how you use the Services, things like the length of time you spend or where you are when you use the Services.
Personal Data that you actively submit to us
We allow you to enter data about yourself. You choose which data items you want to enter to have us monitor your health. You choose who you want to have access to your data through our HubConnect feature. We do not share your data with anyone without you first telling us what data you want shared and with whom.
Personal Data we collect from third parties
We may collect data from third parties you identify, including your doctors, hospitals or wearable or home monitoring devices. You will explicitly identify these third parties. As with data you enter yourself, we do not share your data with anyone without you first telling us what data you want shared and with whom.
Personal Data we automatically collect through your use of the Services
When you use our Services, we may monitor your usage. We may collect data including your geographic location, your Internet Protocol (IP) address, times you start and stop using the Services, and similar types of usage data. We use this data for internal purposes only and do not share it with anyone. Internal uses include things like noticing whether our Members tend to go to specific places more often than others so we understand how to better serve you by prioritizing our Service upgrades to those areas.
Tracking technologies, cookies, and clear GIFs
We may use tracking technologies, cookies and clear GIFs to collect usage information. Tracking technologies are used to collect information from your web browser through our servers or filtering systems when you visit any of our sites.
Cookies store small text files onto a user’s computer hard drive with the user’s browser, containing a session ID and other data. Cookies enable a web site to track a user’s activities on the website for the following purposes: (1) enable essential features; (2) provide analytics to improve website performance and effectiveness; (3) store user preferences; and (4) facilitate relevant targeted advertising on advertising platforms or networks. Users can change preferences in their web browsers to prevent the acceptance of cookies. Cookies may also be set within emails in order to track how often our emails are opened. While you may choose to block cookies, blocking cookies may cause certain Service functions, typically related to your convenience, to fail.
A clear GIF is a transparent graphic image placed on a website. The use of clear GIFs allows us to monitor your actions when you open a web page and makes it easier for us to follow and record the activities of recognized browsers. Clear GIFs are used in combination with cookies to obtain information on how visitors interact with our Services.
Information collected may include but is not limited to your browser type, your operating system, your language preference, any referring web page you were visiting before you came to our site, and the date and time of each visitor request. We can also track how you use the Services and monitor aggregate usage and web traffic routing. We collect this information to better understand how you use and interact with our Services in order to improve your experience. We do not share this information with anyone.
How we use your Personal Data
IHT is driven to empower you in your healthcare journey. We collect your health data so you have a better understanding about your health status. We make it easier for you to find errors in your medical record. We enable you to share your health information, in whole or in part, with people close to you who can help you remain in your optimal health. We analyze your data to watch for concerning health changes and let you, or someone you have designated, know there might be a problem. Our role is to collect and share data, not to diagnose health issues. The observations we make are inferences only, may be inaccurate, delayed, or fail to transmit for reasons beyond our control. This privacy policy reflects only how we intend to utilize your data and is not an agreement to guarantee any service or to identify fitness of any product for any specific purpose.
Sharing of Personal Data
California Consumer Privacy Act of 2018 (“CCPA”)
The categories of Personal Data we may collect about you include:
(A) Identifiers such as a real name, alias, postal address, unique personal identifier, online identifier Internet Protocol address, email address, account name, social security number, driver’s license number, passport number, or other similar identifiers.
(B) Any categories of personal information described in subdivision (e) of Section 1798.80.
(C) Characteristics of protected classifications under California or federal law.
(D) Commercial information, including records of personal property, products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies.
(E) Biometric information.
(F) Internet or other electronic network activity information, including, but not limited to, browsing history, search history, and information regarding a consumer’s interaction with an Internet Web site, application, or advertisement.
(G) Geolocation data.
(H) Audio, electronic, visual, thermal, olfactory, or similar information.
(I) Professional or employment-related information.
(J) Education information, defined as information that is not publicly available personally identifiable information as defined in the Family Educational Rights and Privacy Act (20 U.S.C. section 1232g, 34 C.F.R. Part 99).
(K) Inferences drawn from any of the information identified in this subdivision to create a profile about a consumer reflecting the consumer’s preferences, characteristics, psychological trends, preferences, predispositions, behavior, attitudes, intelligence, abilities, and aptitudes.]
Retention of Personal Data
IHT retains Personal Data until a) you ask us to delete it, b) we learn that 12 months have passed since your death, c) there is no activity in your account for 60 consecutive months, or d) legally required to destroy it.
We retain Personal Data that we are required to retain to meet our regulatory obligations including tax records and transaction history. We regularly review our retention policy to ensure compliance with our obligations under data protection laws and other regulatory requirements. We regularly audit our databases and archived information to ensure that Personal Data is only stored and archived in alignment with our retention policies. If your data is destroyed, a record will be retained that indicates your name, date of birth (if on file), when you began the Services, and when your data was destroyed.
Protection of Personal Data
IHT uses technical and organization measures to protect the Personal Data that we store, transmit, or otherwise process, against accidental or unlawful destruction, loss, alteration, unauthorized disclosure, or access. We regularly consider appropriate new security technology and methods as we maintain and develop our software and systems. We encrypt all data we store and all data we transmit over the Internet.
Your Personal Data may be transferred to, and maintained on, computers located outside of your state, province, country, or other governmental jurisdiction where the privacy laws may not be as protective as those in your jurisdiction. If you are located outside the United States and choose to provide your Personal Data to us, we may transfer your Personal Data to the United States and process it there. Where we transfer your Personal Data, we will take all reasonable steps to ensure that your privacy rights continue to be protected.
In the case of transfers of data out of the European Economic Area or the United Kingdom, we have committed to comply with the Privacy Shield. We endeavor to utilize third-party service providers from the United States that have certified with Privacy Shield or alternatively provide adequate protections that are compliant with the EU General Data Protection Regulation (“GDPR”) such as implementing Standard Contractual Clauses or Binding Corporate Rules.
Our commitment to the Privacy Shield
IHT complies with the EU-U.S. Privacy Shield Framework and Swiss-U.S. Privacy Shield Framework as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of Personal Data transferred from the European Economic Area, United Kingdom, and Switzerland to the United States in reliance on Privacy Shield. IHT has certified to the Department of Commerce that it adheres to the Privacy Shield Principles with respect to such information. If there is any conflict between the terms in this Privacy Policy and the Privacy Shield Principles, the Privacy Shield Principles shall govern. To learn more about the Privacy Shield program, and to view our certification, please visit https://www.privacyshield.gov.
As part of its participation in Privacy Shield, IHT is subject to the investigatory and enforcement powers of the Federal Trade Commission. Organizations participating in the Frameworks must respond within 45 days of receiving a complaint. If you have not received a timely or satisfactory response to your question or complaint, please contact the JAMS Privacy Shield Program. Their website can be accessed at: https://www.jamsadr.com/eu-us-privacy-shield.
Please note that this independent dispute resolution body is designated to address complaints and provide appropriate recourse free of charge to the individual. If an individual’s complaint cannot be resolved through IHT’s internal processes, IHT will cooperate with JAMS pursuant to the JAMS International Mediation Rules, available on the JAMS website at https://www.jamsadr.com/international-mediation-rules/. JAMS mediation may be commenced as provided for in the relevant JAMS rules. The mediator may propose any appropriate remedy, such as deletion of the relevant Personal Data, publicity for findings of noncompliance, payment of compensation for losses incurred as a result of noncompliance, or cessation of processing of the Personal Data of the individual who brought the complaint. The mediator or the individual also may refer the matter to the Federal Trade Commission. Under certain circumstances, individuals also may be able to invoke binding arbitration to address complaints about IHT’s compliance with the Privacy Shield Principles.
Privacy Rights
Residents of the European Economic Area, United Kingdom and Switzerland
In compliance with the Privacy Shield, individuals have the right to access Personal Data and to correct, amend, restrict, or delete that information where it is inaccurate, or has been processed in violation of the Privacy Shield principles, except where the burden or expense of providing access is disproportionate to the risks to the individual’s privacy in the case in questions, or where the rights of persons other than the individual will be violated. However, data that has been obtained from third parties cannot be changed. To best empower you, clinicians must be able to trust that the data we receive on your behalf from other clinicians is the same data we originally received. As a result, you may not change this data when you use our Services.
We invite all individuals to contact us with any inquiries they may have about their Personal Data. Our contact details are at the end of this Privacy Policy.
Individuals may have specific rights in their Personal Data based upon their residency. For residents of the European Economic Union, under the EU General Data Protection Regulation, these rights include the right to: (i) request access to and rectification or erasure of their Personal Data; (ii) obtain restriction of processing or to object to processing of their Personal Data; (iii) ask for a copy of their Personal Data to be provided to them, or a third party, in a digital format; and (iv) lodge a complaint about the processing of their Personal Data with their local data protection authority.
For residents of California, under the CPA, these rights include the right to: (i) know what Personal Data is being collected about them, (ii) know whether their Personal Data is sold or disclosed and to whom, (iii) say no to the sale of Personal Data, (iv) access their Personal Data, and (v) equal service and price, even if they exercise their privacy rights.
Changes to this policy
This document is effective as of the date indicated at the top of this Privacy Policy under “Last Updated”. This document may be amended from time to time.
Contact Information
Inquiries may be made by contacting us through any of the following means:
email: support@informedht.com
US Mail:
720 Court St., #884
Woodland, CA 95695