Last Updated February 1, 2018
These Terms of Service (the “Terms”) govern your use of the software application entitled “Glendor” across all platforms on which it is available (the “App” or “Product”) and your use of the website available at www.glendor.com (the “Site”). The App and Site are provided by Glendor, Inc. (“we”, “us”, or “Glendor”).
TYPES OF INFORMATION WE COLLECT.
When you visit our Site, use the App, or register for an account on our Platform (“Account”), you or your designees may provide us one or more of the following types of information: personal information (“PII”), insurance information, personal health information (“PHI”), and indirect, non-personally identifiable usage information (“Usage Data”).
If you access our service through a third-party connection or log-in, for example, through Facebook Connect, by linking your account to the Glendor service, that third party may pass certain information about your use of its service to Glendor. This information could include, but is not limited to, the user ID associated with your account, an access token necessary to access that service, any information that you permitted the third party to share with us, and any information you made public in connection with that service.
PII and PHI.
PII is necessary for several reasons. First, the Platform enables you to manage some forms of coverage and benefits information as well as limited historical medical information, which is provided by you, the user, at your discretion.
We might collect and store the following types of PHI:
- Primary Insurance, Medicare and Secondary Insurance Information;
- prescribing physician and office;
- active prescriptions;
- known allergies and other health conditions;
- symptoms and activities you report, by time and date;
- patient identification numbers; and
- clinical information and diagnostic results.
We might collect and store the following types of PII:
- e-mail address
- date of birth
- mailing address
- account numbers
You may choose not to provide your PII; however creating an Account with email address is a prerequisite for using the full functions of the Platform.
HEALTH INFORMATION PRIVACY.
PHI is entitled to special protections under the law, including HIPAA. Glendor makes the Notice of Privacy Practices Concerning Your Personal Health Information available in accordance with the HIPAA Privacy Rule (a federal regulation officially known as the Standards for the Privacy of Individually Identifiable Health Information). The HIPAA Privacy Rule is distinct from Glendor’s Notice of Privacy Practices Concerning Your Personal Health Information, which describes in detail your rights and Glendor’s obligations with respect to individually identifiable PHI that Glendor may receive both online and offline. PHI is health information, including demographic information collected from an individual, and: (a) is created or received by Medical Service Provider; and (b) relates to the past, present or future physical or mental health or condition of an individual, the provision of healthcare to an individual, or the past, present or future payment for the provision of healthcare to an individual, and (i) identifies the individual, or (ii) with respect to which there is a reasonable basis to believe the information can be used to identify the individual. This Policy describes how Glendor uses your individually identifiable personal information and health information (identified therein as personal health information).
Payment Information. Glendor does not collect, access, view, or process your full credit card or debit card information.
Usage Data. In order to maintain and improve our services, we may collect non-personally identifiable Usage Data about how you use the Platform. This information is collected by automated means including by using certain standard web measurement and tracking technologies such as “cookies,” web server logs, or other statistics programs.
- Authentication: to help us authenticate you to deliver personalized content.
- Security: to protect you, us and others, and help us detect fraud and other violations of our Terms of Service.
- Performance: to make our App, Site, or Platform easier and faster to use.
- Features: to enable features and store information about your use of our App, Site, or Platform.
- Analytics and Research: to monitor and evaluate the use of App, Site, or Platform.
Your browser may have an option that allows you to accept cookies, reject cookies, or receive notification when a cookie is sent, but you should note that the use of such restrictive browser settings may limit your use of this Site or the Platform.
You may also be able to disable placement of some (but not all) cookies by setting your browser to decline cookies, though this may worsen your user experience. If you delete your browser cookies, your opt-out cookie will also be deleted. Additionally, if you change computers or web browsers, you will need to opt out again. A useful resource for information about deleting and controlling cookies can be found at AboutCookies.org.
If you enable location data for the mobile device on which you access the App, you are expressly agreeing that we may use your location data to provide our services. You may disable location services at any time in your “settings.”
We do not respond to browser-based "do not track" signals and do not have any third parties on our Site who keep track of your browsing activities over time and across different websites.
Finally, we will de-identify your PHI and PII to make it anonymous and use it in an aggregate form, either alone or in combination with Usage Data to create reports about trends or analyses of treatments, disorders, or conditions, demographic information, and performance information about our Services. This type of information is referred to as “Aggregate Data” and has been de-identified in compliance with the U.S. Department of Health and Human Services’ Guidance Regarding Methods for De-identification of Protected Health Information in Accordance with the Health Insurance Portability and Accountability Act (HIPAA) Privacy Rule and does not identify you personally. We own all right and interest in the Aggregate Data and reserve the right to share Aggregate Data with third parties, including without limitation for marketing purposes or to publish Aggregate Data in white papers, publications, or reports.
HOW WE USE YOUR INFORMATION.
We use the information we collect in a several different ways for a variety of purposes, including:
- To provide, develop, maintain, operate, and improve our services, App, Platform, and our Site;
- To provide you with the ability to store, review, and edit your Healthcare Data, PII, and PHI on the Platform;
- To send service messages and information about our services, App, Platforms, and our Site in which you may be interested;
- To improve our product and services.
We will only disclose your PHI to you via your Account. We are not a business associate of any Medical Service Provider.
We also may share information where required by law.
Glendor expressly reserves the right to transfer any and all such information including, without limitation, Healthcare Data, Usage Data, PII, and PHI, to a successor in interest of Glendor that acquires rights to that information as a result of merger, acquisition, or the sale of Glendor or the acquisition of all or substantially all of its assets.
Glendor uses good faith physical, managerial and technical safeguards to preserve the integrity and security of user personal information. Glendor attempts to restrict access to PII and PHI to those employees, agents, contractors and representative who need access to perform their job functions, such as customer service personnel and technical staff. Glendor cannot, however, ensure or warrant the security of any information transmitted to Glendor; users do so at their own risk. Unauthorized entry or use, hardware or software failure and other factors may compromise the security of your information at any time. For any additional information about the security measures Glendor uses, please contact Glendor at firstname.lastname@example.org.
INFORMATION FROM CHILDREN.
This Site is not intended for children. We do not knowingly collect or solicit personal information from or communicate with children under the age of eighteen (18) via the Site. In certain circumstances, you may be a parent or legal guardian of a person under eighteen (18) years of age and provide PII and consent to collect PHI, Healthcare Data, and Usage Data for such person. In all such cases, the parent or legal guardian is required to set up and be the owner of the Account and is solely responsible for monitoring all activity on such Account and for all PII and PHI collected via such Account. The parent or legal guardian may review, edit, or remove any PII or PHI contained in such Account. YOU MAY NOT ESTABLISH AN ACCOUNT IF YOU ARE UNDER THE AGE OF EIGHTEEN (18) YEARS OF AGE EXCEPT AS DESCRIBED IN THIS SECTION.
HOW WE HANDLE DATA.
The servers from which we provide the Platform and Site, and to which all Payment Data, Expense Data, PII, and PHI are sent, are located in the United States. If you are physically located within the European Union, Asia, or any other region with laws or regulations governing personal data collection, use, and disclosure that differ from United States laws, please be advised that you are transferring your Healthcare Data, Usage Data, PII, and PHI to the United States and you consent to such transfer and the application of the laws of the United States and/or the State of Utah and/or any applicable state or local law with respect to any dispute arising from or related to such transfer.
WE ADHERE TO AND HAVE CERTIFIED OUR COMPLIANCE WITH THE SAFEHARBOR PRIVACY PRINCIPLES, INCLUDING NOTICE, CHOICE, ONWARD TRANSFER, SECURITY, DATA INTEGRITY, ACCESS, AND ENFORCEMENT, OF THE UNITED STATES/EUROPEAN UNION DATA PROTECTION SAFE HARBOR FRAMEWORK AND THE UNITED STATES/SWITZERLAND DATA PROTECTION SAFE HARBOR FRAMEWORK, BOTH OF WHICH ARE MADE AVAILABLE BY THE U.S. DEPARTMENT OF COMMERCE AT HTTP://WWW.EXPORT.GOV/SAFEHARBOR. OUR CERTIFICATION CAN ALSO BE VIEWED AT HTTP://WWW.EXPORT.GOV/SAFEHARBOR.
If you believe that we have not adhered to this Policy, please contact us by e-mail at email@example.com. We will do our best to address your concerns. If you feel that your complaint has been addressed incompletely, we invite you to let us know for further investigation. If you and we are unable to reach a resolution to the dispute, we and you will settle the dispute exclusively under the pursuant to JAMS Comprehensive Rules or International Rules of JAMS International (for more information, visit www.jamsinternational.com/rules-procedures/safeharbor).
UNSUBSCRIBING, REMOVING OR MODIFYING YOUR INFORMATION.
To edit or delete any information contained in your Account, please login and update your profile. To unsubscribe from an email or other messaging, please follow the instructions in any email or messages you receive. Please note that even if you delete information it may remain on our servers.
We offer you choices regarding the collection, use, and sharing of your information. We will periodically send you free newsletters and e-mails that directly promote the use of our site or services and may contain advertisements for third party companies. When you receive newsletters or promotional communications from us, you may indicate a preference to stop receiving further communications from us and you will have the opportunity to “opt-out” by following the unsubscribe instructions provided in the e-mail you receive or by contacting us directly (please see contact information below). Should you decide to opt-out of receiving future mailings, we may share your e-mail address with third parties to ensure that you do not receive further communications from third parties. Despite your indicated e-mail preferences, we may send you emails related to your account or transactions thereunder, or notices of any updates to our Terms or this Policy.
CALIFORNIA USERS: YOUR CALIFORNIA PRIVACY RIGHTS.
California’s “Shine the Light” law, Civil Code section 1798.83, requires certain businesses to respond to requests from California customers asking about the businesses’ practices related to disclosing personal information to third parties for the third parties’ direct marketing purposes. Alternatively, such businesses may have in place a policy not to disclose personal information of customers to third parties for the third parties’ direct marketing purposes if the customer has exercised an option to opt-out of such information sharing. You may opt-out of information sharing by emailing us at firstname.lastname@example.org. In addition, if you wish to find out about any rights you may have under California Civil Code section 1798.83, you may notify us in writing at email@example.com.
OTHER TERMS AND CONDITIONS.
In addition to this Policy, your access to and use of the App, the Platform, or the Site is subject to our Terms of Service, including the disclaimer that Glendor does not provide medical advice or clinical information except through third party services, and any such advice is to be taken at the user’s own risk.