Effective Date: December 2020
Personal Information We Collect
Patient Discovery collects your personally identifiable information (“PII”) through the Website when you choose to provide such information, such as when you (i) complete a discussion guide with information about your medical condition, preferences, and goals of care, (ii) request an offer or service, or (iii) submit information through the “Contact” page of the Website, where you must provide your email address. Patient Discovery also collects your IP address and web log data. Patient Discovery may also pull certain limited information, such as your name and your doctor appointment dates, from your healthcare provider’s electronic health record system.
Use of Personal Information
We will use your PII only (i) to operate the Website, (ii) to provide the Services, and (iii) to provide marketing materials, communications and information, promotional offers, and newsletters. If you provide your email address, we may send you administrative and promotional emails, brochures and other written materials. Where required in the relevant jurisdiction, we will obtain your consent before sending you promotional emails. If you wish to opt out of promotional emails, you may do so by following the “unsubscribe” instructions in the email.
Disclosure of Personal Information
Disclosures to Your Healthcare Provider. We may share the fact that you have signed up for this website with your healthcare provider. All other PII may only be shared with your healthcare provider by request from you. Patient Discovery is not responsible for a healthcare provider’s use of your personal information, which is governed by the provider’s privacy practices and applicable privacy laws and regulations.
Disclosures to Third Parties Assisting In Our Operations. We may share your PII under confidentiality agreements and any legally required data processing agreements with other companies that work with, or on behalf of, Patient Discovery to provide products and services, such as those who are providing email solutions, providing cloud hosting services, analyzing data and usage of the Website, or providing support and maintenance services for the Website, as well as legal, regulatory, audit and other professional advisors. These companies may use your PII to assist us in our operations or for our legitimate business interests. However, these companies do not have any independent right to share this information.
Disclosures Under Special Circumstances. We may provide information about you, including PII, to respond to subpoenas, court orders, legal processes or governmental regulations or inquiries, or to establish or exercise our legal rights or defend against legal claims. We believe it is necessary to share information in order to investigate, prevent or take action regarding illegal activities, suspected fraud, situations involving potential threats to the physical safety of any person, or as otherwise required by law.
Automatically Collected Information and Anonymous Information
Each time you visit the Website, Patient Discovery collects some information to improve the overall quality of your online experience.
Aggregated and/or Anonymized Data. Patient Discovery may collect aggregate queries for internal reporting and also may count, track, and aggregate the visitor’s activity into Patient Discovery’s analysis of general traffic-flow at the Website. To these ends, Patient Discovery may merge information about you into aggregated group data.
In some cases, Patient Discovery may remove personal identifiers from PII and may maintain it in aggregate or de-identified form. This information may or may not later be combined with other information to generate fully anonymous data and information. Such anonymous data and information may be shared with, or sold to, Patient Discovery’s affiliates, business partners, service providers and/or vendors; if it does so, Patient Discovery will not disclose your individual identity.
Web Server Logs and IP Addresses. An Internet Protocol (“IP”) address is a number that automatically identifies the computer or device you have used to access the Internet. The IP address enables our server to send you the web pages that you want to visit, and it may disclose the server owned by your Internet Service Provider. Patient Discovery may use IP addresses to conduct Website analyses and performance reviews and to administer the Website, although it will not combine traffic data with user accounts.
Web Beacons. Some of the Website’s web pages may use web beacons in conjunction with cookies to compile aggregate statistics about Website usage. A web beacon is an electronic image (also referred to as an “action tag,” “single-pixel,” or “clear GIF”) that is commonly used to track the traffic patterns of users from one web page to another in order to maximize web traffic flow and to otherwise analyze the effectiveness of the Website. Some web beacons may be unusable if you elect to reject their associated cookies.
Response to “Do Not Track” Signals
Some web browsers may transmit “do-not-track” signals to the websites with which the user communicates, although web browsers incorporate and activate this functionality in different ways, and it is not always clear whether users intend for these signals to be transmitted. There currently is disagreement, including among participants in the leading Internet standards-setting organization, concerning what, if anything, websites should do when they receive such signals. Patient Discovery currently does not take action in response to these signals, but, if and when a standard is established and accepted, we may reassess how to respond to these signals.
Children’s Privacy Protection
Under Age 13. Patient Discovery does not knowingly collect or retain personally identifiable information about persons under 13 years of age. Any person who provides their personal information to Patient Discovery via the Website represents that they are 13 years of age or older. The Website does not knowingly solicit or collect personally identifiable information online from children under the age of 13 without prior verifiable parental consent. If we learn that a child under the age of 13 (or such legally required higher age) has submitted personally identifiable information online without parental consent, we will take all reasonable measures to delete such information from our databases and to not use such information for any purpose (except where necessary to protect the safety of the child or others as required or allowed by law). If you become aware of any personally identifiable information, we have collected from children under 13, please contact us at email@example.com.
Under Age 18. Minors under 18 years of age may have the PII that they have provided to us through the Website deleted by contacting us at firstname.lastname@example.org and requesting deletion. Please note that, while we make reasonable efforts to comply with such requests, deletion of your personal information does not ensure complete and comprehensive removal of that data from all our systems and back-up systems.
Privacy Settings/Opt Out/Changes/Access
If you would like your PII removed from our database, changed or updated, you can contact us at email@example.com. If requested, we will promptly verify and delete your account and you will no longer receive emails from Patient Discovery. Your removal from the mailing list or database will not remove records of past transactions or delete information stored in our data backups and archives where we are required to keep your data for legitimate business or legal requirements. Data on past transactions and data stored in backups and archives will be deleted in the normal course of our business. You have the right to access or, if required by applicable laws, receive a copy of your PII held by us by making a written request by sending an email to the contact email address below.
Patient Discovery understands that storing our data in a secure manner is essential. Patient Discovery stores PII and other data using reasonable physical, technical and administrative safeguards to secure data against foreseeable risks, such as unauthorized use, access, disclosure, destruction or modification. Please note, however, that while Patient Discovery has endeavored to create a secure and reliable website for users, the confidentiality of any communication or material transmitted to/from the Website or via e-mail cannot be guaranteed.
Website Visitors from Outside the United States