1. Your Consent (PLEASE READ CAREFULLY!)
2. We may collect the following kinds of information when you use the Services:
Information you provide directly to us. For certain activities, such as when you register, use our telemedicine services, subscribe to our alerts, or contact us directly, we may collect some or all of the following types of information:
We may collect various types of data and information from our Users: i. Personal Information, which is information that identifies an individual or may with reasonable effort identify an individual, either alone or in combination with other information, or may be of private or sensitive nature including Medical Information of a User, all unless anonymized; and ii. Non-personal Information, which is non-identifying and non-identifiable information, without particular reference to the identity of the User from or about whom such information was collected. iii. Medical Information, which is any medical information, including physiological data of the body parts or organs, physiological data, diagnosis, tests, results, treatments, prescription, therapy, counseling, laboratory and any other health related information.
For the avoidance of doubt, any Non-personal Information connected or linked to any Personal Information shall be deemed as Personal Information as long as such connection or linkage exists. In this context it is important to note that Medical Information may be categorized as either Personal Information or Non-Personal Information in accordance with the definitions above and the characteristics of each specific item of Medical Information.
3. How we collect information of our Users
Personal and Medical Information which is collected when you interact with the Service. This is information you provide to us when you access the Services or in the course of your use of the Service, including when you register and open an Account, when you provide additional information about yourself and/or about a Patient during your use of the Service, when you conduct an exam and communicate its results to a clinician via Service, or when you contact us directly.
- Registration Information: As part of the registration, users will be required to enter their information such his/her contact information such as full name, e-mail address, phone number, full address, username and password. The User may also be required to input certain personal demographic details which are related to the Services provided such as date of birth, gender and family members, connections or ties and other basic information. During the registration process, you will be asked to choose a password and username for your Account.
- Medical Information transmitted in the course of using the Services: the User's Medical Information as may be transmitted by or to You through your active voluntary the use of the Hello Devices, included but not limited to descriptions of medical/health status, audiovisual recording, descriptions and images of human body organs and related symptoms and related materials, auscultations of the heart, lung or gastro, body temperature readings whether in real time or off-line and diagnosis of visits as inputted by clinician, etc.
- For health care providers, information about your employment, such as your job title, practice area, primary specialty, and medical license status, gender, date of birth, languages spoken, educational background, address, photograph, social security number, Tax ID, NPI number, professional license information and bank account information.
- Medical Information Users obtained from third parties' systems, products and services (“External Medical Information”): The Services may include features which enable Users to upload and communicate External Medical Information through the Services (such as information generated via external weight scale, blood pressure monitor, pulse oximeter, glucose meter, lab documents, medical summaries). You understand that the accuracy and completeness of Medical Information may be critical for any decision or diagnosis made based on or using such Information. You are solely responsible for the External Medical Information and you are aware that hellocare is not checking or monitoring such Information, including (without limitation) not monitoring such External Medical Information accuracy or completeness. Personal Information which is being collected by us automatically when you use the Services. This is information which we automatically receive from devices (including Hello Devices and mobile devices) and software that you use when you access or interact with our Services. This information includes:
- IP address, UDID (Unique Device Identifier) or other persistent user and/or mobile device token (as applicable), geolocation, device type, operating system, browser type and version, screen resolution, browser and keyboard language, the User's 'click-stream' and activities on the Service, the period of time the User visited the Service and related timestamps.
- We may also collect technical data to address and fix technical problems and improve our Services, including the memory state of your device when a system or app crash occurs while using our Services. Your device or browser settings may permit you to control the collection of this technical data. This data may include parts of a document you were using when a problem occurred, or the contents of your communications. By using the Services, you are consenting to the collection of this technical data.
- Payment information, such as your credit card number, expiration date, and credit card security code.
Non-Personal Information is collected through your use of the Service. We may be aware of your use of the Service, and may gather, collect and record the information relating to such usage, either independently or through the help of our third-party services. We may also collect Non-personal Information through the analysis aggregation and anonymization of Personal Information provided by you.
4. Audiovisual Recording Consent.
You agree and acknowledge that in providing telehealth services hellocare records and stores the audiovisual Personal Information (and related materials) related to the User's communicated through the Service by you or on your behalf, and to you in the scope of your use thereof including in your communication with your Clinician or healthcare provider using the Service, and that hellocare shall maintain and use such information in accordance with the terms hereof.
5. The Purposes and Legal Basis of the Collection, Processing and Use of Information
Legal Basis for use
- With your consent: We ask for your agreement to collect and process your information for specific purposes and you have the right to withdraw your consent at any time.
Purpose of use
We may use the Personal Information that we collect about you for the following purposes:
- To provide and operate the Service, including without limitation, enabling Users to perform a full physical examination remotely without the need to meet a Clinician face-to-face and enabling Clinicians to collect digital physical exam information and have it available for future review and other functions or services as otherwise described to you at the time of collection;
- To send you updates, notices, notifications, and additional communications regarding the Services
- To be able to manage your Account and provide you with customer support services which may include at hellocare discretion, review of your examination data and audiovisual recordings to detect any incorrect use of the Services and upon such detection having our support team contact you through the Hello Health App to provide you with support for correction of such use.
- To study and analyze the information on an aggregated, statistical basis to discover patterns and anomalies, to study complications and treatment methods and improvements, and other medical/clinical related research and development;
- to enable us to further develop, customize and improve the Service based on Users' common preferences, uses, attributes and anonymized data;
- to enable us to provide our Users with a better user experience, with more relevant and accurate information, services, third party services, features and functionalities, statistical and research purposes, etc.
- To prevent, detect, mitigate, and investigate fraud, security breaches or other potentially prohibited or illegal activities
- To comply with any applicable rule or regulation, to protect our legal interests and/or respond to or defend against (actual or potential) legal proceedings against us or our affiliates.
6. Sharing Information with Third Parties
hellocare will not share or otherwise allow access to any Personal or Medical Information it collects to any third party, except in the following cases:
(a) Law enforcement, legal proceedings, and as authorized by law: We may disclose Personal Information to satisfy any applicable law, regulation, legal process, subpoena or governmental request;
(d) Third Party Services: We partner with certain third parties to provide selected services that are used to facilitate and enhance the Services. Service Providers"). Such Third-Party Service Providers may have access to, or process on our behalf Personal Information which we collect, hold, use, analyze, process and/or manage. These Services Providers include hosting, database and server co-location services (e.g. Microsoft Azure Services), data analytics services (e.g. Google Analytics), session replay records for app analytic purposes such as crashes, functionality and usability, remote access services, data and cyber security services, fraud detection and prevention services, e-mail and text message distribution and monitoring services (e.g. Twilio), payment processors (e.g. Stripe) dispute resolution providers, customer support and call center services, and our business, legal and financial advisors (collectively, "Third Party Service Providers"). We remain responsible for any Personal Information processing done by Third Party Service Providers on its behalf, except for events outside of its reasonable control.
(e) Clinicians and Third-Party Professionals: We may share with or allow Clinicians of your choice access to your Personal Information. Additionally, if your Clinicians, if so permitted under applicable law, determine that they require clinical/medical consultation with a third party clinicians, we may share your Personal Information with such third party professionals, in order to provide you with the Services. For avoidance of doubt, hellocare may transfer and disclose to third parties or otherwise use Non-personal Information (which includes Medical Information which is Non-Personal including by being anonymized) at its own discretion.
7. Storage, Transfer and Retention of your Information
By providing your information, you expressly consent to the place of storage and transfer described above, including transfers outside of the jurisdiction in which the information was provided. We retain the Personal Information we collect only for as long as needed in order to provide you with our Services and to comply with applicable laws and regulations. We then either delete from our systems or anonymize it without further notice to you.
If you withdraw your consent to us processing your Personal Information, we will delete your Personal Information from our systems (except to the extent such data in whole or in part to comply with any applicable rule or regulation and/or response or defend against legal proceedings versus us or our affiliates).
8. Updating, Obtaining a copy of, or Deleting of Personal Information
Subject the limitations pursuant to applicable law and if entitled for the same thereunder, you may also be entitled to obtain the Personal Information you directly provided us (excluding data we obtained from other sources) in a structured, commonly used, and machine-readable format and may have the right to transmit such data to another party. We may provide such access through the Services.
If you wish to exercise any of these rights, contact us at firstname.lastname@example.org. When handling these requests, we may ask for additional information to confirm your identity and your request. Please note, upon request to delete your Personal Information, we may retain such data in whole or in part to comply with any applicable rule or regulation and/or response or defend against legal proceedings versus us or our affiliates.
To find out whether these rights apply to you and on any other privacy related matter, you can contact your local data protection authority if you have concerns regarding your rights under the local law.
9. Minors and Adults without Mental Capacity
To open an Account on our Services, you must be over the age of eighteen (18) and have the mental capacity to enter into a legal agreement. Without relieving you of your responsibility to comply with the TOU and the terms hereof we reserve the right (without obligation) to request proof of age at any stage so that we can verify that minors under the age of eighteen (18) are not using our Services.
If You have added and listed a Patient under the age of 18 or an Adult without mental capacity you hereby declare to hellocare that You are the parent or legal guardian of such Patient or that you are a Clinician authorized to provide care for such Patient:
If you are a parent or guardian you may use the Service, to provide Medical Information on behalf of your child or dependent who is under the age of eighteen (18) or without mental capacity by adding and listing them under your Account. In such a case, you (in your capacity as parent or guardian) assume full responsibility for ensuring that the information that you provide to hellocare about your child or dependent is kept secure and accurate.
For Clinicians: If a Patient is under the age of eighteen (18) or an adult without mental capacity, you hereby declare that you have all of the required consents, approvals, and rights to provide health services to such Patient including the receipt, access, processing, transmitting, displaying and providing Medical Information on the minor's behalf.
In the event that it comes to our knowledge that a person under the age of eighteen (18) or an adult without mental capacity is using our Services, not in accordance with the above mentioned terms, we will prohibit and block such User from accessing our Services and will make all efforts to promptly delete any Personal Information (as such term is defined in herein with regard to such User).
10. Direct Marketing
If you provide us with your contact details through the Services or our website (separately from any of your PHI), for the purpose of receiving from hellocare different offers with respect to the hellocare Services, you hereby agree that we may use such contact details, in order to contact you, inform you regarding our products and services which may interest you, and send you other marketing material, including news and updates by transmission to the e-mail address or phone number you have provided.
You may withdraw your consent by sending us a written notice via email to the following address: email@example.com.
hellocare is responsible for taking all reasonable and appropriate steps for the protection of the confidentiality, availability, privacy, and integrity of information in its custody. This includes the preservation of information in case of intentional, accidental, or natural disaster. In addition, hellocare is responsible for the maintenance and currency of applications that use this information.
hellocare will use reasonable efforts to ensure that personally identifiable information is adequately protected from unauthorized disclosure.
Enforcement of hellocare Information Security Policies and compliance with Federal and State regulations regarding information technology is the responsibility of the Information Security Officer. All hellocare Information Security Policies are to be reviewed on an annual basis by the Information Security Officer (ISO) for compliance with the hellocare Information Security Policy and Federal and State regulations.
We take great care in implementing and maintaining the security of the Service and the Site, and our Users' Personal Information. Our Services, or parts thereof, are hosted on MICROSOFT AZURE, which provides advanced security features. hellocare employs industry standard procedures and policies to ensure the safety of its Users' Personal Information, and prevent unauthorized use of any such information, including secured transmission protocols and AES 256-bit encryption. However, we do not and cannot guarantee that unauthorized access will never occur. In case of the personal data breach, the notification toward the appropriate supervisory authorities shall be communicated within 72 hours after hellocare has become aware of such event. Personal data breach notification will include information on data subjects affected, the types of data affected, the number of data subjects affected, improvements that have been made in order to prevent such an event in the future and more.
We urge you to use the strongest password combination available on your mobile device and employ reasonable physical security means to protect unauthorized access.
12. Third Party Websites
14. Compliance with HIPAA Privacy Regulations
Our privacy practices are intended to comply with our obligations as a Business Associate with respect to your health care provider under the Health Insurance Portability and Accountability Act of 1996 ("HIPAA"). We will maintain the privacy of your Personal Information as required by HIPAA and by any Business Associate Agreement we might have with your healthcare provider. We encourage you to review your healthcare provider's Notice of Privacy Practices, which describes how your Provider may use and disclose your PHI to us and others.
15. Notice of Electronic Disclosure
The following notice is made pursuant to Section 181.154 to the Texas Health and Safety Code to the extent applicable - Subject to and in accordance with the terms hereof, PHI may be stored, processed, conveyed, and in some instances, disclosed in an electronic format. hellocare will provide you with a written notice and request a separate authorization in the event of electronic disclosure other than for the purpose of treatment, payment, health care operations, or as otherwise authorized or required by state or federal law.
16. Your use of information; Data protection laws
You agree that you shall comply with our TOU Policy specifically section five (5) regarding your use of information. If you receive information about another customer of ours, you must keep the information confidential and only use it in connection with our services permitted to our policies and the applicable laws. You may not disclose or distribute any information about our users to a third party or use the information for marketing purposes unless you receive that user's express consent to do so. You may not send unsolicited emails to a customer or assist in sending unsolicited emails to third parties regarding our services without prior consent of ours.
The privacy and data protection laws that may apply include any associated regulations, regulatory requirements and codes of practice applicable to the provision of the services described in this agreement. For example, if you or your business is subject to the requirements of the General Data Protection Regulation (EU) 2016/679 (GDPR), The Health Insurance Portability and Accountability Act (HIPAA) or the California Consumer Privacy Act (CCPA), you will comply with such regulation with respect to the processing of personal data. In complying with such laws, you will:
- implement and maintain all appropriate security measures for the processing of personal data; and
- not knowingly do anything or permit anything to be done which might lead to a breach of any privacy and data protection laws by hellocare.
17. External Services
The Licensed Application may enable access to Licensor's and/or third-party services and Websites (collectively and individually, “External Services”). You agree to use the External Services at your sole risk, always complying with applicable third-party terms of agreement. We are not responsible for examining or evaluating the content or accuracy of any third-party External Services, and shall not be liable for any such third-party External Services. Data displayed by any Licensed Application or External Service, including but not limited to financial, medical and location information, is for general informational purposes only and is not guaranteed by hellocare or its agents. You will not use the External Services in any manner that is inconsistent with the terms of this TOU or that infringes the intellectual property rights of TOU or any third party. You agree not to use the External Services to harass, abuse, stalk, threaten or defame any person or entity, and that hellocare is not responsible for any such case. External Services may not be available in all languages or in your Home Country, and may not be appropriate or available for use in any particular location. To the extent you choose to use such External Services, you are solely responsible for compliance with any applicable laws. hellocare reserves the right to change, suspend, remove, disable or impose access restrictions or limits on any External Services at any time without notice or liability to you.
hellocare will use reasonable care and skill with respect to the provision of the Licensed Application and any External Services performed or provided by the Licensed Application to you. hellocare does not make any other promises or warranties about the External Services and in particular does not warrant that:
(i) your use of the External Services will be uninterrupted or error-free;
(ii) the External Services will be free from loss, corruption, attack, viruses, interference, hacking, or other security intrusion, and hellocare disclaims any liability relating thereto. You shall be responsible for backing up your own system, including any Licensed Application that is stored on your system.
18. Third-Party Services, Licenses and Copyrights
Our Services includes software licensed under other open source software. We acknowledge all third party copyrights (“External Services”) where they have been used on this site and where we are aware of them being held under third party copyright. A list of acknowledged copyrights of our (“External Services”) can be found here: (“Open Source/Third-party License List”).
19. General Information
20. Have any Concerns?
If in any case you suspect a violation of hellocare Policies from our side, a third-party vendor, clients or anyone in relation with the Policies published that have an impact in your usage of our services, you can raise your concern via our helpline at the email address: firstname.lastname@example.org.
Our reputation as a company that our users can trust is our most valuable asset, and it is up to all of us to make sure that we continually earn that trust. All of our communications and other interactions with our users should increase their trust in us.
Therefore, hellocare prohibits retaliation against any user who reports or participates in an investigation of a possible violation of our policies, or the law. If you believe you are being retaliated against, please contact the Human Resources & Recruiting Department at email@example.com.