DENTULU INC PRIVATE POLICY
- User Information and Other Information That You Give Us
If you submit, upload, post or transmit any health information, medical history, conditions, problems, symptoms, personal information, consent forms, agreements, requests, comments, ideas, suggestions, information, files, videos, images or other materials to us or our Site (“User Information”), you agree not to provide any User Information that (1) is false, inaccurate, defamatory, abusive, libelous, unlawful, obscene, threatening, harassing, fraudulent, pornographic, or harmful, or that could encourage criminal or unethical behavior, (2) violates or infringes the privacy, copyright, trademark, trade dress, trade secrets or intellectual property rights of any person or entity, or (3) contains or transmits a virus or any other harmful component. You agree not to contact other site users through unsolicited e-mail, telephone calls, mailings or any other method of communication. You represent and warrant to Dentulu and its Providers that you have the legal right and authorization to provide all User Information to Dentulu and its Providers for use as set forth herein and required by Dentulu and the Provider.
When you register for the Application or enroll as a Dentulu registered user (“Enroll”), or login to the Application or Dentulu website to create a profile, comment on articles, or complete surveys, we collect personal information that can identify you (“Personally Identifiable Information” or “PII”), such as your full name, email address, mailing address, telephone number, and credit card information for payment. In addition to PII, Dentulu may also collect the protected Health information (“Protected Health Information” or “PHI”) of you or of an individual for which you are requesting Health services. For example, when you use the Application to transmit a request for Health services to be provided your specified location (a request for a “Visit”), you will be need to provide additional Health information the individual for whom the visit is requested so that Dentulu Dental Hygienists can assess the request and determine whether or not it has an appropriate and available Dental Hygienists (a “Dental Hygienists”) and Dental assistant (“Dental Assistant”) to respond to your request. Another example of how Dentulu may obtain your PHI and/or PII is you may grant permission for other third-parties to share your information directly with Dentulu. This would include, without limitation, the Application’s automated access and synchronization of your PHI and/or PII.
Ultimately, the information that Dentulu collects varies depending upon how you use our Services and what permissions you give to us and other third-parties that also collect your PII and/or PHI. We will not use any PHI for any other purpose without your explicit authorization, or unless otherwise permitted or required by law. You may revoke, in writing, any such authorization at any time, except to the extent we have taken action in reliance thereon.
Notwithstanding, it is important to understand that Dentulu does not have any independent access to Dentulu Dental Hygienists and/or Dentists detailed dental records of its patients that may be created as a result of a Visit. To the extent Dentulu Dental Hygienists and/or Dentists integrates any of the information you provided to Dentulu into Dentulu Dental Hygienists’ and/or Dentists’ Dental record that is created as a result of a Visit, Dentulu has no authority to access, delete or modify any portion of Dentulu Dental Hygienists’ and/or Dentists’ Dental records of its patients.
WE DO NOT KNOWINGLY ENROLL OR COLLECT INFORMATION DIRECTLY FROM CHILDREN UNDER THE AGE OF EIGHTEEN.
Please keep in mind that certain features on the Application or website may give you an opportunity to interact with us and others. These may include forums, message boards, chats, creating community profiles, and rating, tagging and commenting on articles. When you use these features you should be aware that any information you submit, including your name, location, Health issues, and email address, may be publicly available to others. We do not protect the privacy of and are not responsible for your disclosure of any information through these interactive features, including, but not limited to information that you might post related to a minor.
Also, whenever you voluntarily disclose anyone’s personal information on publicly-viewable web pages, that information can be collected and used by others. For example, if you post your email address, you may receive unsolicited messages. We cannot control who reads your posting or what other users may do with the information that you voluntarily post, so we encourage you to exercise discretion and caution with respect to information you choose to disclose through these interactive features. When an individual chooses to post information that will be publicly disclosed, he or she is responsible for all legal consequences. We are not responsible under any data protection laws for information that you voluntarily post on a site that can be accessed by others.
If you believe that we have violated your privacy rights, you should contact us at the mailing address or e-mail address provided below.
- HIPAA and Confidentiality of Health Information.
The healthcare providers and Dental Professionals from the Dentulu’s platform that you interact with when using the Services are required by the Health Insurance Portability and Accountability Act (“HIPAA”) to describe their privacy practices in document called a Notice of Privacy Practices. You can access a copy of this notice on the application or request it in writing upon the commencement of treatment. Certain Dental Practices and Physicians may be subject to laws and regulations governing the use and disclosure of Health information they create or receive. Included among them is the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”), the Health Information Technology for Economic and Clinical Health of 2009 (“HITECH”), and the regulations adopted thereunder, and applicable state laws. When Dentulu stores, processes, or transmits “individually identifiable Health information” (as such term is defined by HIPAA) on behalf of such a Health care Dental Hygienists, Dentulu does so as its “business associate” (as also defined by HIPAA). Dentulu is prohibited from, among other things, using individually identifiable Health information in a manner that the Health care Dental Hygienists herself may not. Dentulu is also required to, among other things, apply reasonable and appropriate measures to safeguard the confidentiality, integrity and availability of individually identifiable Health information we store and process on behalf of such Health care Dental Hygienists.
- Other Information We Collect.
Tracking and/or Analytics Services. We may use mobile application tracking and/or analytics services. These services may record unique mobile gestures such as tap, double-tap, zoom, pinch, scroll, swipe and tilt but do not collect personally identifiable information that you do not voluntarily enter in the Application. These services do not track your browsing habits across mobile applications that do not use the same services. We are using the information collected by these services to understand user behavior and optimize site performance.
Web Beacons. We may also use web beacons (invisible images often referred to as pixel tags or clear GIFs) in order to recognize users and assess traffic patterns, and we may include web beacons and cookies in our email messages in order to count how many e-mail messages have been opened.
Non-Personally Identifiable Information. We also collect Non-Personally Identifiable Information that is not Health information or Dental information in the form of statistics and information regarding the Application user’s statistics and metrics obtained from third party devices (for example, steps, distance, calories burned, GPS coordinates, bat speed, hand speed, swing time, etc.), which may be combined with personal information you submit through the Application and/or Services so that you can fully enjoy the benefits of the Application’s tracking, monitoring, and diagnostic tools. We may also request the following optional information as part of your profile so that you can fully enjoy the features and functions of our Services: your weight, height, and gender.
Mobile Device Information. Your use of the Application may also include collection of information from your mobile device. For example, the Application may request your permission to collect location data and/or may request access to multimedia (photos or videos) stored on your mobile device. You have the option of declining collection of geolocation data, but this may limit your ability to participate in certain activities through the Application. If you do not wish for your location data to be shared with Dentulu, please respond accordingly when prompted on your mobile device, or visit your mobile device settings. Multimedia will only be collected from your device if you affirmatively select it to upload to the application (i.e. you choose an image or video to store within the Application). Multimedia will not be shared with other Application users (with the exception of your profile photo, to the extent such feature is offered, which will appear in your user profile).
The Personal Information we collect or maintain may also include:
- Your name, age, email address, username, password, and other registration information.
- Health Information that you provide us, which may include information or records relating to your medical or health history, health status and laboratory testing results, diagnostic images, and other health related information.
- Health information about you prepared by the health care provider(s) who provide the Services through the Site such as medical records, treatment and examination notes, and other health related information.
- Billing information that you provide us.
- Information about the computer or mobile device you are using, such as what Internet browser you use, the kind of computer or mobile device you use, and other information about how you use the Site.
- Other information you input into the Site or related services.
- How We Use Your Information.
- For the purposes for which you specifically provided it including, without limitation, to enable us to process your registration, provide the Services or other requests.
- To transmit a request for a Visit per your request.
- To send you information about your relationship or transactions with us.
- To notify you about our products, services, and special offers, except that we will not use PHI for marketing purposes without your prior written consent for yourself or your minor child.
- To otherwise contact you with information that we believe will be of interest to you.
- To enhance or develop features, products and services. To allow us to personalize the content that you and others see on the Application.
- To provide advertisers and other third parties with aggregate information about Application users and Application usage patterns.
- To allow other select companies to send you promotional materials about their products and services, provided that no PHI will be used for this purpose without your prior written consent.
We use non-Personally Identifiable Information for purposes such as measuring the number of users of various features of the Application, making the Application more useful to users and delivering targeted advertising and non-advertising content. We may also use Non-Personally Identifiable Information (for example, statistics regarding use and metrics) for research purposes, for marketing and promotional purposes, and to develop new learning tools and solutions and we may share such information with third parties, including researchers and/or advertisers, on an aggregate and anonymous basis. We use IP addresses to analyze trends, administer the Application, track a visitor’s movement, and gather demographic information for aggregate, non-personally identifiable use.
- Sharing Your Information.
We may share your information as follows:
- Visits: We will share your information, at your direction, to transmit a request for a Visit with Dentulu Dental Hygienists. The Dental Hygienists and/or other representative of Dentulu Dental Hygienists may contact you prior to the Dental Hygienists being dispatched to your location, to ensure that he or she is equipped to handle your Dental case. Dentulu Dental Hygienists treatment of your information is subject to Dentulu Dental Hygienists own policies and procedures. Any PHI that we collect and save from you will be kept private and secure, as required by law.
- With Affiliates: We may share your information with affiliated companies and businesses, provided that your PHI will not be shared for any marketing purposes without your prior written consent, in accordance with applicable law.
- With Service Dental Hygienists: We may use other companies to perform services including, without limitation, facilitating some aspects of our Application such as processing credit card transactions sending emails, fulfilling purchase requests, and data analysis on our behalf. These other companies may be supplied with or have access to your information solely for providing these services to you on our behalf. Such service Dental Hygienists shall be bound by appropriate confidentiality and security obligations, which may include, as applicable, business associate contract obligations.
- With Business Partners: When you make purchases or engage in promotions offered through our Application, we may share PII, but not your PHI, with the businesses with which we partner to offer you those products, services, and promotions. When you accept a particular business partner’s offer, you authorize us to provide your information to that business partner.
- To our wholly owned subsidiary, Breakthrough, and affiliated medical/Dental groups.
- To contractors, service providers and other third parties we use to support our business and who are bound by contractual obligations to keep personal information confidential and use it only for the purposes for which we disclose it to them.
- As required by law, which can include providing information as required by law, regulation, subpoena, court order, legal process or government request.
- When we believe in good faith that disclosure is necessary to protect your safety or the safety of others, to protect our rights, to investigate fraud, or to respond to a government request.
- To a buyer or other successor in the event of a merger, divestiture, restructuring, reorganization, dissolution or other sale or transfer of some or all of Dentulu’s assets, whether as a going concern or as part of bankruptcy, liquidation or similar proceeding, in which Personal Information maintained by the Site is among the assets transferred.
We also may disclose your information:
- In response to a subpoena or similar investigative demand, a court order, or other request from a law enforcement or government agency where required by applicable law.
- When disclosure is required or allowed by law in connection with efforts to investigate, prevent, or take other action regarding illegal activity, suspected fraud or other wrongdoing; to protect and defend the rights, property or safety of our company, our users, our employees, or others; to comply with applicable law or cooperate with law enforcement; or to enforce our Application’s terms and conditions or other agreements or policies.
- In connection with a corporate transaction, such as the sale of all or a portion of our business, a divestiture, merger, consolidation, or asset sale, or in the event of bankruptcy, as required or allowed by law.
SPECIAL NOTICE FOR USERS OF THE APPLICATION: IF YOU ELECT TO MAKE YOUR PROFILE (OR THAT OF A MINOR OR FAMILY MEMBER) VIEWABLE BY DENTISTS, ALL INFORMATION THAT YOU INCLUDE IN THAT PROFILE MAY BE VIEWED BY DENTISTS OR PHYSICIANS. YOU SHOULD NOT ENTER ANY INFORMATION IN THE PROFILE THAT YOU (OR ANOTHER PERSON) WISH TO REMAIN CONFIDENTIAL. A DENTIST OR PHYSICIAN WILL NOT BE ABLE TO CONTACT YOU EXCEPT THROUGH THE PERSONAL CONTACT INFORMATION YOU PROVIDE THROUGH THE APPLICATION. DENTULU IS NOT RESPONSIBLE FOR THE RETENTION, USE OR PRIVACY PRACTICES OF DENTAL PRACTICES AFTER THEY HAVE RECEIVED YOUR INFORMATION.
- Confidentiality of Health Information.
Certain Dental Practices and Physicians may be subject to laws and regulations governing the use and disclosure of Health information they create or receive. Included among them is the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”), the Health Information Technology for Economic and Clinical Health of 2009 (“HITECH”), and the regulations adopted thereunder, and applicable state laws. When Dentulu stores, processes, or transmits “individually identifiable Health information” (as such term is defined by HIPAA) on behalf of such a Health care Dental Hygienists, Dentulu does so as its “business associate” (as also defined by HIPAA). Dentulu is prohibited from, among other things, using individually identifiable Health information in a manner that the Health care Dental Hygienists herself may not. Dentulu is also required to, among other things, apply reasonable and appropriate measures to safeguard the confidentiality, integrity and availability of individually identifiable Health information we store and process on behalf of such Health care Dental Hygienists.
- How to Access or Update Your Information.
- How We Protect Your Information.
We use commercially reasonable administrative, technical, and physical measures to safeguard your information in our possession against loss, theft and unauthorized use, disclosure or modification. We follow generally accepted industry standards to protect the information submitted to us, both during transmission and once we receive it. No method of transmission over the internet is 100% secure, however. Therefore, while we strive to make all reasonable efforts to use commercially acceptable means to protect your personal information, we cannot guarantee its absolute security. In the unlikely event of a data breach, you will be notified as soon as reasonably possible, in accordance with applicable law. Furthermore, we are not responsible for any breach of security or for any actions of any third parties that receive the information.
Certain aspects of the administrative, technical, and physical measures in place are as follows. Dentulu’s infrastructure is kept in a secured data center that protects from unauthorized access to the physical servers, backups and any element used to store and/or process personal data. Only authorized personnel can access the data center. Dentulu systems and databases are backed up regularly to help protect the data in case of an uncontrollable catastrophe. The data center that stores Dentulu servers has policies and procedures in place designed to safeguard the equipment that our data is stored on. Dentulu regularly upgrades its system software to include the latest security features. Dentulu servers are protected by a firewall system, which is designed to keep unwanted traffic or access out of our computer network. Dentulu also employs an intrusion prevention service (IPS) provided by a secured data center operated by a professional company, and uses security methods to determine the identity of each registered user, so that appropriate rights and restrictions can be enforced for that user. Reliable verification of user identity is called “authentication.” All communication between Dentulu’s Web server, your browser and the Application is encrypted with SSL (Secure Sockets Layer) to guard against network eavesdroppers. Your password is internally encrypted in Dentulu’s system to prevent unauthorized access to the system. Validations are built throughout the application to capture the most reliable information.
- Deletion of Information. You can close your online account by emailing us at firstname.lastname@example.org. If you close your account, we will no longer use your online account information or share it with third parties. We may, however, retain a copy of the information for archival purposes, and to avoid identity theft or fraud.
- Children’s Online Privacy Protection Act.
We support and comply with the Children’s Online Privacy Protection Act (COPPA) and we do not knowingly collect information from children under the age of 18, nor do we share such information with third parties. Children under the age of 18 may not use the Application. If you seek a Visit for a minor, you will be responsible for providing information related to the minor and for paying for the Visit requested for the minor.
- Links to Third Party Sites.
- How to Contact Us.
Attn: General Counsel,
2002 South Burlington Avenue
Los Angeles, CA 90007
- Effective Date.