Grektek, LLC & Grektek Holdings, Inc. (“Grektek”) Privacy Policy effective September 2017
WHAT INFORMATION DO WE COLLECT ABOUT YOU AND WHY?
We collect information about you directly from you and from third parties, as well as automatically through your use of our Services. You may view most areas of our Site without registering with us. To use our Services or to download our Application, you must create an account with us. When you create an account, we may collect and store some basic information about you, such as your name and email address.
INFORMATION WE COLLECT AUTOMATICALLY
We may track user behavior throughout our Site and our Application. Specifically, we may track the requests you make and how you use the Services. We also collect the following information about your use of our Services: your domain name; your browser type and operating system; web pages you view; links you click; your IP address; the length of time you visit our Site and or use our Services; and the referring URL, or the webpage that led you to our Site. We also may collect the following information about your use of our Application: geolocation information (if you consent); language information; device name and model; operating system type, name, and version; your activities within the Application; and the length of time that you are logged into our Application. We may use this information in aggregated form or we may associate it with your username and other personal information that we collect about you. Please see the section “Our Use of Cookies and Other Tracking Mechanisms?” below for more information.
WHAT ABOUT HEALTH INFORMATION AND MEDICAL RECORDS?
Grektek collects, uses, and stores protected health information (“PHI”) and other medical record information about you. We fully value your privacy and we are in compliance with HIPAA (Health Insurance Portability and Accountability Act) regulations. All PHI and medical information provided to us by you or your physicians, hospitals, clinics or other health care providers (“Provider(s)”) is stored and shared with you and any third parties for whom you give consent, subject to applicable privacy and security policies and procedures, including those related to HIPAA.
The following are some actions that we do to protect your PHI and comply with HIPAA:
- Use of your information is covered by your Provider‘s Notice of Privacy Practices
- Grektek will not access your records containing PHI (including any access via database or portal) external to your using our applications and systems automatically as covered by our terms of use, without your prior authorization
- Grektek will not disclose any PHI to any third-party contrary to HIPAA regulations
- Grektek will enter into Business Associate Agreements as part of HIPAA regulations
- For more information about HIPAA and compliance, please visit http://www.hhs.gov/ocr/hipaa
HOW WE USE YOUR INFORMATION
We use the information that we gather about you for the following purposes: (i) to compile and synthesize medical records from various health care provider types into one location; (ii) to tailor the content and information that we may send or display to you, to provide personalized help and instructions, and to otherwise personalize your experiences while using our Services; (iii) for marketing and promotional purposes – for example, we may use your information, such as your email address, to send you news and newsletters, special offers, and promotions, or to otherwise contact you about products, information, and events that we think may be of interest to you. We also may use the information that we learn about you to assist us in advertising our Services on third party websites and in determining relevant advertising for our own Services; (iv) to better understand how users access and use our Services, both on an aggregated and individualized basis, in order to improve our Services and respond to user desires and preferences, and for other research and analytical purposes; and (v) for our mobile application users, we may also use your information to provide location customization and, with your consent, to send you push notifications.
HOW WE SHARE YOUR INFORMATION
We may share the information that we collect about you, including personal information, in accordance with applicable law and policy as follows. We will share your information with Providers who hold your electronic medical records and or who respond to your and our records requests. We may disclose the non-personal and non-identifiable aggregate information we collect from you to third party vendors, service providers, contractors or agents who perform functions on our behalf, but we will never disclose HIPAA-protected information. If we are acquired by or merged with another company, if substantially all of our assets are transferred to another company, or as part of a bankruptcy proceeding, we may transfer the information we have collected from you to the other company. Finally, we also may disclose the information we collect from you in order to comply with the law, a judicial proceeding, court order, or other legal process, such as in response to a subpoena.
TO PROTECT US AND OTHERS
We also may disclose the information we collect from you where we believe it is necessary to investigate, prevent, or take action regarding illegal activities, suspected fraud, situations involving potential threats to the safety of any person, violations of our Terms of Use or this Policy, or as evidence in litigation in which Company is involved.
AGGREGATE OR DE-IDENTIFIED INFORMATION
We may use aggregate or de-identified/anonymized information about users for analysis and to improve our services, or share it with third parties for marketing, advertising, research or similar purposes.
OUR USE OF COOKIES AND OTHER TRACKING MECHANISMS
We use cookies and other tracking technologies (including technologies designed specifically for mobile applications) to collect information about you and about your use of our services. We may combine this information with other personal information we collect from you. We use this information to enhance and personalize your experience while using the Services, to track user activities in order to understand how users use our Services, and to improve our Services. Cookies. Cookies are pieces of information that some websites transfer to your computer, through your web browser, for record-keeping purposes. Some cookies allow us to make it easier for you to navigate our Site, while others are used to enable a faster log-in process or to allow us to track your activities at our Site. Most web browsers automatically accept cookies, but if you prefer, you can edit your browser options to block them in the future. The Help portion of the toolbar on most browsers will tell you how to prevent your computer from accepting new cookies, how to have the browser notify you when you receive a new cookie, or how to disable cookies altogether. Visitors to our Site who disable cookies will be able to browse certain areas of the Site, but some features may not function.
We may also use Local Storage Objects: Clear GIFs, pixel tags and other technologies. Clear GIFs are tiny graphics with a unique identifier, similar in function to cookies. In contrast to cookies, which are stored on your computer’s hard drive, clear GIFs are embedded invisibly on web pages. We may use clear GIFs (a.k.a. web beacons, web bugs or pixel tags), in connection with our Site to, among other things, track the activities of Site visitors, help us manage content, and compile statistics about use of our Services. We and our third-party service providers may also use clear GIFs in HTML e-mails to our customers, to help us track e-mail response rates, identify when our e-mails are viewed, and track whether our e-mails are forwarded.
THIRD PARTIES
We may use automated devices and applications, such as Google Analytics, to evaluate usage of our Site and, to the extent permitted, our applications. We also may use other analytic means to evaluate our Service. We use these tools to help us improve our Services, performance and user experiences. We may also engage third parties to track and analyze Site data on our behalf. We use the data collected by such third parties to help us administer and improve the quality of the Site and to analyze Site usage. Such third parties may combine the information that we provide about you with other information that they have collected. This Policy does not cover such third parties use of the data. Third-Party Links. Our Services contain links to third party websites. Any access to and use of such linked websites is not governed by this Policy, but instead is governed by the privacy policies of those third-party websites. We are not responsible for the information practices of such third-party websites.
SECURITY OF YOUR PERSONAL INFORMATION AND PHI
We have implemented commercially reasonable precautions to protect the information we collect from loss, misuse, and unauthorized access, disclosure, alteration, and destruction. Please be aware that despite our best efforts, no data security measures can guarantee 100% security. You should take steps to protect against unauthorized access to your password, phone, and computer by, among other things, signing off after using a shared computer, deleting any downloaded files and clearing the browser cache, choosing a robust password that nobody else knows or can easily guess, and keeping your log-in and password private. We are not responsible for any lost, stolen, or compromised passwords or for any activity on your account via unauthorized password activity.
ACCESS TO MY PERSONAL INFORMATION
You may modify personal information that you have submitted by logging into your account and updating your profile information. Please note that copies of information that you have updated, modified or deleted may remain viewable in cached and archived pages of the Site or in the Application for a period of time.
WHAT CHOICES DO YOU HAVE WITH REGARD TO YOUR PERSONAL INFORMATION?
We may send periodic promotional or informational emails to you. You may opt-out of such communications by following the opt-out instructions contained in the e-mail. Please note that it may take up to 10 business days for us to process opt-out requests. If you opt-out of receiving emails about recommendations or other information we think may interest you, we may still send you e-mails about your account or any Services you have requested or received from us.
CHILDREN UNDER 13
Our Services are not designed for children under 13. If we discover that a child under 13 has provided us with personal information, we will delete such information from our systems.
CONTACT US
If you have questions about the privacy aspects of our Service or would like to make a complaint, please contact us at [email protected].
CHANGES TO THIS POLICY
This Policy is current as of the Effective Date set forth above. We may change this Policy from time to time, so please be sure to check back periodically. We will post any changes to this Policy on our Site. If we make any changes to this Policy that materially affect our practices with regard to the personal information we have previously collected from you, we will endeavor to provide you with notice in advance of such change by highlighting the change on our Site.