-Effective 31 Dec 2019-
“Company” or the terms “we” or “us” or similar terms refer to CardiacFITT, LLC. “You” or “your” or similar terms refer to you as a user of our Services.
Personal Information – In General.
Protected Health Information.
2. WHAT PERSONAL INFORMATION DO WE COLLECT?
We collect Personal Information you choose to provide us (e.g., through registrations, applications, use of the Services, the scale we supply to you, your mobile phone, any devices that you use to collect health information (e.g., blood pressure cuffs), surveys, etc.). We also collect Personal Information from third parties when you authorize them to disclose such information to us. For example, you might authorize an app on your smart phone to make steps, location, heart-rate or other data available to us by choosing that from a setting menu we show to you. We also collect Personal Information in connection with your inquiries. Collection starts from the time that you initially access our Site or our Mobile App or use our Services. The information we gather in these ways enables us to administer your account, provide you with the Services, respond to your inquiries and send you communications regarding the Services and your access to and use of the same, obtain your feedback on our Site, our Mobile App and our Services, analyze user behavior and activity, personalize and improve our Services, conduct research activities, and contact you about the services that we offer.
From time to time, we may use or augment the Personal Information we have about you with information obtained from third parties. For example, we may use such third party information to confirm contact or financial information, to verify eligibility, or to better understand your interests by associating demographic information with the information you have provided.
We collect the following types of information: Personal Information You Provide to Us.
PLEASE NOTE: By using the Services, you consent to and authorize CardiacFITT to disclose your eligibility for and participation in the Services (i.e., you meet the clinical enrollment criteria for the Services, which may identify those individuals at risk for certain chronic diseases or living with certain chronic diseases and have elected at your own discretion to participate in the same) to the other users of the Services. The users, including but not limited to administrators, health coaches and other authorized CardiacFITT personnel, and your fellow support group members, will have access to a range of Personal Information such as your user name and picture, linking you to your diagnosis and/or reason for program participation. Moreover, as we group participants based on certain characteristics, fellow support group members may be co-workers or other acquaintances.
We take great efforts in protecting your privacy; however, we cannot control, and we expressly disclaim any responsibility for, whether or how users will subsequently use or disclose posted or previously disclosed information. If you do not consent to the disclosure of this information, you should not access or use the Services. The Services include the ability for users to share Personal Information, including information regarding your health and medical condition. Any information you choose to provide or upload to the group or public forum components of the Services, including Personal Information about your health and medical condition, will be visible to your group, as well as health coaches, administrators, and other users. As your information will be viewable to the other users of the Site, the Mobile App and the Services, you should provide only the information you feel comfortable disclosing. There may be an opportunity to speak on the phone or via video chat in a group conference call.
Participation in such opportunities is not mandatory, but should you choose to participate, you should share only as much information as you feel comfortable sharing in these additional forums.
Personal Information Collected Automatically.
We receive and store certain types of information whenever you interact with the Site, the Mobile App and / or use the Services. We automatically receive and record information on our server logs from your browser, including your IP address, and the page you requested. In addition, we may use personal identifiers to recognize you when you arrive at the Site via an external link, such as a link appearing on a third party site or in a CardiacFITT-generated email presented to you (see also our “What About Tracking Technologies?” section below). We will also use your information to provide customer service and support.
Generally, the Services automatically collect usage information, such as the numbers and frequency of visitors to the Site and Mobile App and its components, similar to TV ratings that indicate how many people watched a particular show. We only use this data in aggregate form (i.e., as a statistical measure), and not in a manner that would permit us to identify you personally. This type of aggregate data enables us to figure out how often users or customers use parts of the Site, Mobile App or Services so that we can make the Site, Mobile App and Services as appealing to as many users and customers as possible and improve our Services. We may provide this de-identified, aggregate data to our partners and/or customers to identify how our users use our Site, Mobile App and/or Services. Again, we never disclose this information to a partner or customer in a manner that would identify you personally.
You may set your browser to refuse or disable these data collection methods, but doing so may change your experience with the Site, the Mobile App or the Services, diminish certain aspects of the Site’s or Mobile App’s functionality or render certain features of the Site, the Mobile App or the Services inoperable. For example, the Site may not recognize or respond to “do not track” technologies employed by your browser.
We often receive a confirmation when you open an email from us if your computer supports this type of program. We use this confirmation to help us make emails more interesting and helpful. When you receive email from us, you can opt out of receiving further emails by following the included instructions to unsubscribe. However, by opting out of further email communications after you enroll in the Services, you may limit program reminders and other valuable program content and components.
What About Tracking Technologies?
In addition to any Personal Information or other information that you choose to submit to us via the Site, Mobile App or Services, we and our third party service providers may use a variety of technologies that automatically (or passively) store or collect certain
information when you visit or interact with the Site, Mobile App or Services (“Usage Information”). This Usage Information may be stored or accessed using technologies that may be downloaded to your Device whenever you visit or interact with the Site, Mobile App or Services. To the extent we associate Usage Information with your Personal Information that we collect directly from you, we will treat it as Personal Information. Examples of Usage Information include: your IP address or other unique device identifier (e.g., a number that is automatically assigned to your Device used to access the Site which our computers use to identify your Device), your Device’s functionality (e.g., browser, operating system, mobile network information, etc.), the areas within the Site or Services that you visit and your activities there, your Device location, your Device characteristics and certain other data regarding your Device.
We may use various methods or technologies to store or collect your Usage Information, including your visits to or interactions with our Site, Mobile App and Services (“Tracking Technologies”). We may use these Tracking Technologies for a variety of purposes, including but not limited to uses deemed to be necessary or useful to assess the performance of our Site, Mobile App and Services (including as part of our analytic practices or otherwise to improve our Site, Mobile App and Services) or uses required to offer you enhanced functionality when accessing our Site, Mobile App and Services (including identifying you when you sign in to the Site or the Mobile App or keeping track of your specified preferences).
Tracking Technologies may include the following (and may include subsequent technologies and methods later developed which perform a similar function):
Embedded Scripts. An embedded script is programming code that is designed to collect information about your interactions with the Site, Mobile App and Services, such as the links that you click on. The code is temporarily downloaded onto your Device, is active only while you are connected to the Site or Mobile App, and is deactivated or deleted thereafter.
Web Beacons. Small graphic images or other web programming code called “web beacons” (also known as “1×1 GIFs” or “clear GIFs”) may be included in pages and messages of our Site, Mobile App and Services. Web beacons may be invisible to you, but any electronic image or other web programming code inserted into a page or email can act as a web beacon. Web beacons or similar technologies may be used for a number of purposes, including to count visitors to the Site, Mobile App and Services, to monitor how users navigate the Site, the Mobile App and Services, to count how many sent emails were actually opened or to count how many particular articles or links were actually viewed.
3. WHO OWNS THE PERSONAL INFORMATION YOU DISCLOSE TO COMPANY?
4. WHAT PERSONAL INFORMATION DO WE SHARE?
Forums: We may make available your Personal Information through the Site, the Mobile App and/or the Services (for example, discussion boards, chat rooms, profile pages, bulletin boards, blogs, instant messaging, activities, polls, games and other communication forums) (each, a “Forum”) to which you post information and materials. Some of these Forums are described more specifically below. Please note that any information, text, and images posted or disclosed by the user on or through such Forums may be visible to the user’s group(s), as well as our health coaches and other authorized personnel, administrators, visitors to the Site or the Mobile App, and other users of the Site or the Mobile App. Specifically, Personal Information such as the picture you’ve uploaded and your screen name may be available for other users to view when you make a posting to such Forums.
Information regarding your activities in such Services may also be available for view by other users. For example, other users may be able to view a list of all postings you have made in all available Forums. Any postings you have made to a Forum may also be available for view later by users of the Site or the Mobile App by scrolling to older posts on the Forum. We urge you to exercise discretion and caution when deciding to disclose your Personal Information, such as your health information, or any other information, through a Forum or otherwise through the Site.
Discussion Boards and Chat Rooms: We may provide functionality to post on our discussion boards, and permit you to enter into chat rooms and communicate with other users in the chat rooms. Please note that if you use such functionalities to communicate, your name / screen name will be disclosed to all visitors to the discussion boards, present and future, as well as all users in the chat room at that time. Please remember that information posted to discussion boards becomes public information.
Use caution when posting. Further, if a comment you make on the discussion board or in the chat room contains Personal Information, we cannot control how the Personal Information will be used or disclosed by the other users of the discussion board or chat room. We urge you to exercise discretion and caution when deciding to disclose your Personal Information, or any other information, in any comment and/or message, and to be careful about the people to whom you send such comments and/or messages.
Messaging Services: We may provide functionality to permit you to send messages, including instant messages, to other users through the Site. Please note that if you use such functionality to send such a message to another user, your screen name will be disclosed to that user, as well as administrators. Further, if a message you send using such functionality contains Personal Information, we cannot control how the Personal Information will be used or disclosed by the recipient of your message. We urge you to exercise discretion and caution when deciding to disclose your Personal Information, or any other information, in any message, and to be careful about the people to whom you send such messages.
IN THE CASE OF YOUR USE OF FORUMS, DISCUSSION BOARDS, CHAT ROOMS AND MESSAGING SERVICES, AS DESCRIBED ABOVE, WE ARE NOT RESPONSIBLE FOR THE USE BY OTHERS OF ANY INFORMATION, INCLUDING PERSONAL INFORMATION, THAT IS DISCLOSED BY YOU OR ON YOUR BEHALF BY YOUR SYSTEM IN SUCH FORUMS, DISCUSSION BOARDS, CHAT ROOMS AND MESSAGING SERVICES. BY DISCLOSING ANY OF YOUR INFORMATION VIA FORUMS, DISCUSSION BOARDS, CHAT ROOMS AND MESSAGING SERVICES, YOU ACKNOWLEDGE AND ACCEPT ANY RISK AND DAMAGE ARISING FROM DISCLOSURE OF SUCH INFORMATION.
User Profiles: We may provide functionality to permit you to create a user profile page in which you may provide information about yourself, including, without limitation, your health information, symptoms, treatments, as well as your feelings about your health information and/or yourself (“User Submissions,” as defined in our Terms). You may also be able to upload pictures, videos and stories to your profile page as part of the User Submissions. User Submissions may be displayed to other users (including members of your group(s), who may be from the same deployment or otherwise affiliated) to facilitate user interaction within the Services. Email addresses are used to add new User Submissions to user profiles and to communicate through User Submissions. Users’ email addresses will not be directly revealed to other users by us, except when the user is “connected” to another user via a shared group membership, or an invitation, or if the user has chosen to include their email address in their User Profile. Please note that any User Submissions you make, including Personal Information, on or through your profile page may be available for other users, Company, administration, moderators, and other staff. Additionally, other users may be able to post comments and view posted comments on your profile page.
Communication in Response to User Submissions: As part of the Site and Services, you will receive from us email and other communications relating to your User Submissions. You acknowledge and agree that by posting such User Submissions, we may send you email and other communications (e.g., phone calls or text messages) that we determine, in our sole discretion, are related to your User Submissions.
Affiliated Businesses We Do Not Control: In order to provide you with the optimal user experience, we anticipate that we may become affiliated and work closely with a variety of third party businesses. In certain situations, these businesses may sell products or services to you through the Site. In other situations, we may provide services or sell products jointly with affiliated businesses. You should be able to recognize when an affiliated business is associated with your transactions. And, throughout the course of the transactions, we will share your Personal Information that is related to such transactions with that affiliated business.
Agents: We employ other companies and people to perform tasks on our behalf and need to share your information with them to provide products and/or services to you. Without specific authorization and/or consent, we limit the rights of our agents to use Personal Information we share with them to that which is minimally necessary to assist us. You hereby consent to our sharing of Personal Information for the above purposes.
Referrals: From time to time, we may ask or invite you to refer our Services to family members, colleagues or friends. In these cases, it is your responsibility to ensure that these persons are indeed family members (marriage, common-law partnership or parent-child relationship) or people with whom you have a personal relationship (frequency of communication, sharing of interests, opinions, etc.). In short, we ask you to limit your invitations to people in your inner circle that may have an interest in our Services. We will send them an email saying that you have suggested that they may be interested to try our Services. We will not contact them again if they do not reply or if they request that we do not contact them again.
Promotional Offers: We will never disclose your Personal Information to other businesses for their marketing purposes, but we may send you offers that promote the products of other businesses. These offers will be intended to benefit you, your health, or your CardiacFITT experience. If you do not wish to receive these offers, you can click the “unsubscribe” link contained within the emails or you can send an email with your request to email@example.com. We will process your request within a reasonable time, but you may receive additional offers as we process your request.
Sponsors and Third Party Administrators; As Required by Law: We may, in our sole discretion, share, transfer or otherwise disclose certain of your Personal Information (e.g., reports containing data related to enrollment, engagement, retention, and outcomes) to your sponsor (i.e., your employer or health plan) or your sponsor’s third party administrators (e.g., incentives vendors, wellness administrators, etc.) for treatment, payment, or healthcare operations purposes and for other purposes permitted or required by law, as more fully described in our HIPAA Notice.
Protection of Company and Others: We may release your Personal Information when we believe in good faith that such release is necessary to comply with applicable law; enforce or apply our conditions of use and other agreements; or protect the rights, property, or safety of Company, our employees, our users, or others. This includes exchanging information with other companies and organizations for fraud protection, detection or suppression, and credit risk reduction. If necessary, we will make all legally required disclosures of any breach of the security, confidentiality, or integrity of your Personal Information, including, without limitation, breaches of your unencrypted, electronically stored “personal information” or “medical information” (as defined by applicable laws on security breach notification). To the extent permitted by applicable laws, we will make such disclosures to you via email or conspicuous posting on your private profile on the Site or the Mobile App in the most expedient time possible and without unreasonable delay, insofar as consistent with (a) the legitimate needs of law enforcement, or (b) any measures necessary to determine the scope of the breach and restore the reasonable integrity of the data system.
With Your Consent: Except as set forth above, you will be notified when your Personal Information may be shared with third parties, and will be able to control the sharing of this information.
De-identified Data: We may create de-Identified data from the User Submissions that you share with us, including any Personal Information, and use such de-identified data without restriction. When an applicable law requires that we use a particular method of de-identification, we will comply with that law. Otherwise, we may use a de-identification method that is appropriate under the circumstances and would not reasonably identify you. We may use de-identified data in any way that is allowed by law. Some ways in which we might use de-Identified data include to understand, evaluate, or modify the Services; to use for our own business purposes; or to generate statistical information about the Services that we share with our customers and other third parties who are evaluating, analyzing, accrediting or researching CardiacFITT’s programs.
5. IS MY PERSONAL INFORMATION SECURE?
We employ industry standard administrative, physical and technical measures designed to safeguard and protect information under our control from unauthorized access, use and disclosure. In addition, when we collect, maintain, access, use or disclose your Personal Information, we will do so using systems and processes consistent with information privacy and security requirements under applicable federal and state laws, including, without limitation, HIPAA.
Furthermore, your individual user account is protected by a password for your privacy and security. To ensure that there is no unauthorized access to your account and Personal Information, we suggest that you safeguard your password appropriately and limit access to your computer and browser by signing off after you have finished accessing your account.
6. WHAT PERSONAL INFORMATION CAN I ACCESS AND CORRECT?
You can access certain information about you for the purpose of viewing, and in certain situations, updating that information. This list may change as the Site and Services change.
First and last name
Account and user profile information (e.g., nickname and picture)
User email address
User mailing address
User mobile phone number
Username and password
Communication preferences (e.g., email and push notifications)
Activity tracking data
Food tracking data
In order to help us maintain and ensure that your information is accurate and up to date, please update your information if it changes or inform us promptly at so that we make the appropriate changes. When you update information, however, we often maintain a copy of the unrevised information in our records.
7. WHAT CHOICES DO I HAVE REGARDING MY PERSONAL INFORMATION?
You can always choose not to disclose information to us, even though it may be needed to take advantage of certain features of the Site, the Mobile App and the Services.
8. HOW DO WE PROTECT CHILDREN’S PERSONAL INFORMATION?
The Services are not directed to children. We do not knowingly allow or solicit anyone under the age of 18 to participate independently in any of the Services. We do not knowingly collect Personal Information from children. If a parent or guardian becomes aware that his or her child has provided us with Personal Information, please contact us. If we become aware that a user of the Services is under the age of 18 and has provided us with Personal Information without verifiable parental consent, we will delete such Personal Information from our files.
10. QUESTIONS OR CONCERNS
If you have any questions, concerns or complaints regarding privacy on our Site or Mobile App or if you want to make a request to access or correct your Personal Information, please contact our Privacy Officer at:
By email: firstname.lastname@example.org
Privacy & HIPPA
2201 Main Street, Suite 400-9
Dallas, TX 75201
By phone: 214.238.2825
We will make every effort to respond to your questions, concerns complaints and requests within a reasonable time.
Effective Date: December 31, 2019