NexHealth Inc. Privacy Policy

Last Modified: February 12, 2021

‍Introduction

NexHealth, Inc. ("Company" or "We" or “Our”) respect your privacy and are committed to protecting it through our compliance with this policy.

Company develops, operates and distributes certain software applications, which include web applications, hosted applications and applications for mobile devices. The applications, together with the services for communications, coordination and management by patients and healthcare professionals regarding medical conditions, and the data collection, storage, analysis and reporting tools, functions and services, that are provided via the applications, are collectively referred to as the Service.

This policy describes the types of information we may collect from you or that you may provide when you visit the website https://www.nexhealth.com, use our mobile application, use our online application, use our application programming interface (“API”), use our Software-as-a-Service Product (“SaaS”), or enter information on the website of one of our Clinical Partner’s that utilize our SaaS to collect information (collectively referred to as "Service" or “Services”) and our practices for collecting, using, maintaining, protecting, and disclosing that information.

Capitalized terms used herein without definition will have the same meanings as defined in the Terms of Service (available at https://www.nexhealth.com/legal/terms-of-service) and Terms of Sale (available at https://www.nexhealth.com/legal/terms-of-sale) applicable to the Service.

This policy applies to information we collect:

On this Service.
In email, text, and other electronic messages between you and this Service.
Through mobile and desktop applications you access or download from this Service, which provide dedicated non-browser-based interaction between you and this Service.
When you interact with our advertising and applications on third-party Services and services, if those applications or advertising include links to this policy.
When you use our Software-as-a-Service ("SaaS") and Application Programming Interface ("API") services.
When you enter information on one of our Clinical Partner’s website through their use of our SaaS.
When you enter information into any of our applications.

It does not apply to information collected by:

Us offline or through any other means; or
Any third party (including our affiliates and subsidiaries), including through any application or content (including advertising) that may link to or be accessible from or on the Service.

Please read this policy carefully to understand our policies and practices regarding your information and how we will treat it. If you do not agree with our policies and practices, your choice is not to use our Service. By accessing or using this Service, you agree to this privacy policy. This policy may change from time to time (see Changes to Our Privacy Policy). Your continued use of this Service after we make changes is deemed to be acceptance of those changes, so please check the policy periodically for updates.

Children Under the Age of 13

Our Service is not intended for children under 13 years of age. No one under age 13 may provide any information to or on the Service. We do not knowingly collect personal information from children under 13. If you are under 13, do not use or provide any information on this Service or on or through any of its features. If we learn we have collected or received personal information from a child under 13 without verification of parental consent, we will delete that information. If you believe we might have any information from or about a child under 13, please contact us at:

333 Bush St., Suite 2000
San Francisco, CA 94104

support@nexhealth.com

California residents under 16 years of age may have additional rights regarding the collection and sale of their personal information. Please see Your California Privacy Rights for more information.

Information We Collect About You and How We Collect It

We collect several types of information from and about users of our Service, including information:

Collected during the Account Registration process through our Service or through our Clinical Partners;
By which you may be personally identified, such as name, postal address, e-mail address, telephone number, social security number, or any other identifier by which you may be contacted online or offline ("personal information");
Protected Health Information (“PHI”) as defined by the Health Insurance Portability and Accountability Act (definition available here: https://www.hhs.gov/answers/hipaa/what-is-phi/index.html );
That is about you but individually does not identify you; and/or
About your internet connection, the equipment you use to access our Service, and usage details.

We collect this information:

Directly from you when you provide it to us.
Automatically as you navigate through the site. Information collected automatically may include usage details, IP addresses, and information collected through cookies, web beacons, and other tracking technologies.
From third parties, for example, our business partners.

Information You Provide to Us.

The information we collect on or through our Service may include:

Information that you provide by filling in forms on our Service, on our Customers website using our API, or on our Clinical Partner Websites. This includes information provided at the time of registering to use our Service, subscribing to our service, posting material, or requesting further services. We may also ask you for information when you report a problem with our Service.
Records and copies of your correspondence (including email addresses), if you contact us.
Your responses to surveys that we might ask you to complete for research purposes.
Details of transactions you carry out through our Service and of the fulfillment of your orders. You may be required to provide financial information before placing an order through our Service.
Specific information about you and your use of our Service (such as, for example, demographic data, profile data and frequency or duration of use).
Information you provide to our Clinical Partner’s through their use of our SaaS.
Your search queries on the Service.

You also may provide information to be published or displayed (hereinafter, "posted") on public areas of the Service, or transmitted to other users of the Service or third parties (collectively, "User Contributions"). Your User Contributions are posted on and transmitted to others at your own risk. Although you may set certain privacy settings for such information by logging into your account profile, please be aware that no security measures are perfect or impenetrable. Additionally, we cannot control the actions of other users of the Service with whom you may choose to share your User Contributions. Therefore, we cannot and do not guarantee that your User Contributions will not be viewed by unauthorized persons.

Information We Collect Through Automatic Data Collection Technologies.

As you navigate through and interact with our Service, we may use automatic data collection technologies to collect certain information about your equipment, browsing actions, and patterns, including:

Details of your visits to our Service, including traffic data, location data, logs, and other communication data and the resources that you access and use on the Service.
Information about your computer and internet connection, including your IP address, operating system, and browser type.

We also may use these technologies to collect information about your online activities over time and across third-party websites or other online services (behavioral tracking). Click here for information on how you can opt out of behavioral tracking on this website and how we respond to web browser signals and other mechanisms that enable consumers to exercise choice about behavioral tracking.

The information we collect automatically may include personal information, or protected health information, or we may maintain it or associate it with personal information we collect in other ways or receive from third parties. It helps us to improve our Service and to deliver a better and more personalized service, including by enabling us to:

Estimate our audience size and usage patterns.
Store information about your preferences, allowing us to customize our Service according to your individual interests.
Speed up your searches.
Recognize you when you return to our Service.

The technologies we use for this automatic data collection may include:

Cookies (or browser cookies). A cookie is a small file placed on the hard drive of your computer. You may refuse to accept browser cookies by activating the appropriate setting on your browser. However, if you select this setting you may be unable to access certain parts of our Service. Unless you have adjusted your browser setting so that it will refuse cookies, our system will issue cookies when you direct your browser to our Service.
Flash Cookies. Certain features of our Service may use local stored objects (or Flash cookies) to collect and store information about your preferences and navigation to, from, and on our Service. Flash cookies are not managed by the same browser settings as are used for browser cookies. For information about managing your privacy and security settings for Flash cookies, see Choices About How We Use and Disclose Your Information.
Web Beacons. Pages of our Service and our emails may contain small electronic files known as web beacons (also referred to as clear gifs, pixel tags, and single-pixel gifs) that permit the Company, for example, to count users who have visited those pages or opened an email and for other related Service statistics (for example, recording the popularity of certain Service content and verifying system and server integrity).

Third-Party Use of Cookies and Other Tracking Technologies

Some content or applications, including advertisements, on the Service are served by third-parties, including advertisers, ad networks and servers, content providers, and application providers. These third parties may use cookies alone or in conjunction with web beacons or other tracking technologies to collect information about you when you use our Service. The information they collect may be associated with your personal information or they may collect information, including personal information, about your online activities over time and across different websites and other online services. They may use this information to provide you with interest-based (behavioral) advertising or other targeted content.

We do not control these third parties' tracking technologies or how they may be used. If you have any questions about an advertisement or other targeted content, you should contact the responsible provider directly. For information about how you can opt out of receiving targeted advertising from many providers, see Choices About How We Use and Disclose Your Information.

How We Use Your Information

We use information that we collect about you or that you provide to us, including any personal information:

Except as set forth below, at no time will any of your Personal Data be shared with any third party by Company. Your IP address is not linked to personally identifiable information, but is used to gather broad demographic data and to monitor statistics to improve the Service.
Company uses Traffic Data to help diagnose problems with its web servers, to administer the Service and to analyze user trends and behaviors.
Company will share Traffic Data with certain third parties for the purposes of technical and customer support.
Company collects, stores, processes and analyzes Service Data and produces Analytics. The term Analytics means user profiles and statistics, metrics, abstractions and other analyses that are based on or derived from your use of the Service and Service Data, which are developed in the aggregate with other data, results and measurements or in a manner that does not disclose the identity of any Patient, Clinician or Clinical Partner or any specific Service Data (except in aggregated or de- identified form).
Company will use your Service Data and exploit Analytics in the manner and for the purposes described in the Terms of Service and Terms of Sale, including without limitation:

to use Service Data to communicate with you and your Patients, Clinician(s) and Clinical Partner (as the case may be);
to include, copy, disclose, distribute, transmit and display Service Data in communications between a Patient and his or her Clinician (and vice versa) that have been properly initiated via the Service;
to access, record, collect, copy, store, process, analyze and use Service Data to provide the Service (including with regard to the use of PHI in messaging between a Patient and his or her Clinician);
to develop, improve, extend and test the Service (and underlying technology platforms); to design, develop and produce Analytics;
to market and promote Company and the Service using Analytics; and to disclose, distribute and transmit Service Data and/or Analytics to Clinical Partners.

To present our Service and its contents to you.
To provide you with information, products, or services that you request from us.
To provide Services to our Clinical Partners who use our SaaS.
To fulfill any other purpose for which you provide it.
To provide you with notices about your account, including expiration and renewal notices.
To carry out our obligations and enforce our rights arising from any contracts entered into between you and us, including for billing and collection.
To notify you about changes to our Service or any products or services we offer or provide though it.
To allow you to participate in interactive features on our Service.
In any other way we may describe when you provide the information.
For any other purpose with your consent.

Disclosure of Your Information

We may disclose aggregated information about our users, and information that does not identify any individual, without restriction.

We may disclose personal information that we collect or you provide as described in this privacy policy:

To our subsidiaries and affiliates.
To our Clinical Partners and customers.
To contractors, service providers, and other third parties we use to support our business and who are bound by contractual obligations to keep personal information confidential and use it only for the purposes for which we disclose it to them.
To a buyer or other successor in the event of a merger, divestiture, restructuring, reorganization, dissolution, or other sale or transfer of some or all of NexHealth, Inc.'s assets, whether as a going concern or as part of bankruptcy, liquidation, or similar proceeding, in which personal information held by NexHealth, Inc. about our Service users is among the assets transferred.
To third parties to market their products or services to you if you have not opted out of these disclosures. We contractually require these third parties to keep personal information confidential and use it only for the purposes for which we disclose it to them. For more information, see Choices About How We Use and Disclose Your Information.
To fulfill the purpose for which you provide it.
For any other purpose disclosed by us when you provide the information.
With your consent.

We may also disclose your personal information:

To comply with any court order, law, or legal process, including to respond to any government or regulatory request.
To enforce or apply our Terms of Service or terms of sale and other agreements, including for billing and collection purposes.
If we believe disclosure is necessary or appropriate to protect the rights, property, or safety of NexHealth, Inc., our customers, or others. This includes exchanging information with other companies and organizations for the purposes of fraud protection and credit risk reduction.

Choices About How We Use and Disclose Your Information

We strive to provide you with choices regarding the personal information you provide to us. We have created mechanisms to provide you with the following control over your information:

Tracking Technologies and Advertising. You can set your browser to refuse all or some browser cookies, or to alert you when cookies are being sent. To learn how you can manage your Flash cookie settings, visit the Flash player settings page on Adobe's website. If you disable or refuse cookies, please note that some parts of this site may then be inaccessible or not function properly.
Disclosure of Your Information for Third-Party Advertising. If you do not want us to share your personal information with unaffiliated or non-agent third parties for promotional purposes, you can opt out by checking the relevant box located on the form on which we collect your data (the order/registration form). You can also always opt out by logging into the Service and adjusting your user preferences in your account profile, by checking or unchecking the relevant boxes or by sending us an email stating your request to support@nexhealth.com. You can also opt out by clicking “Opt-out” or “Unsubscribe” in our email communications with you.
Promotional Offers from the Company. If you do not wish to have your email address used by the Company to promote our own or third parties' products or services, you can opt out by checking the relevant box located on the form on which we collect your data (the order/registration form) or at any other time by logging into the Service and adjusting your user preferences in your account profile by checking or unchecking the relevant boxes or by sending us an email stating your request to support@nexhealth.com. If we have sent you a promotional email, you may send us a return email asking to be omitted from future email distributions. This opt out does not apply to information provided to the Company as a result of a product purchase, warranty registration, product service experience, or other transactions.

We do not control third parties' collection or use of your information to serve interest-based advertising. However these third parties may provide you with ways to choose not to have your information collected or used in this way. You can opt out of receiving targeted ads from members of the Network Advertising Initiative ("NAI") on the NAI's website.

California residents may have additional personal information rights and choices. Please see Your California Privacy Rights below for more information.

Nevada residents who wish to exercise their sale opt-out rights under Nevada Revised Statutes Chapter 603A may submit a request to this designated address: support@nexhealth.com. However, please know we do not currently sell data triggering that statute's opt-out requirements.

Health Insurance Portability and Accountability Act of 1996 (HIPAA)

In operating the Service, and as it relates to PHI, Company endeavors to comply in all material respects with Health Insurance Portability and Accountability Act of 1996 (“HIPAA”). Pursuant to HIPAA, medical facilities or professionals from whom Company receives information about patients may be Covered Entities (as defined under HIPAA), and we may serve as their Business Associate (as defined under HIPAA). As a result, some of the information we collect may constitute PHI (as defined in HIPAA).

Do Not Track Policy

Currently, Company will not share Personal Data with any third party for purposes that are not related to the Service or its arrangements with applicable Clinical Partners. Company may, however, disclose Personal Data if (a) reasonably necessary for Company (or its service providers) to operate the Service, including processing your queries, responses and other messages, (b) to communicate with Patients, Clinicians and Clinical Partners, (c) otherwise permitted under the Privacy Policy or elsewhere in the Terms of Service and Terms of Sale, (d) Company reasonably believes that such action is necessary to conform or comply with any legal, regulatory, law enforcement or similar requirement or investigation, to protect or defend the rights or property of Company or any third party or to enforce the Terms of Service and Terms of Sale or (e) otherwise authorized by you.

Third-Party Connections

You may be able to access the Service and/or communicate with the Service from, and you may be able to link or communicate from the Service to, applications, devices, distribution platforms and websites owned and operated by Channel Partners and Clinical Partners. These other applications, devices, platforms and websites are not operated or controlled by Company. Additional or different terms and conditions (including without limitation, privacy and security practices) apply when you access and use such other applications, devices, platforms and websites, which are not the responsibility of Company.

Accessing and Correcting Your Information

You can review and change your personal information by sending us an email at support@nexhealth.com to request access to, correct, or delete any personal information that you have provided to us. We cannot delete your personal information except by also deleting your user account. We may not accommodate a request to change information if we believe the change would violate any law or legal requirement or cause the information to be incorrect.

If you delete your User Contributions from the Service, copies of your User Contributions may remain viewable in cached and archived pages, or might have been copied or stored by other Service users. Proper access and use of information provided on the Service, including User Contributions, is governed by our Terms of Service.

California residents may have additional personal information rights and choices. Please see Your California Privacy Rights for more information.

Your California Privacy Rights

If you are a California resident, California law may provide you with additional rights regarding our use of your personal information. To learn more about your California privacy rights, see below.

California's "shine the Light" law (Civil Code Section § 1798.83) permits users of our App that are California residents to request certain information regarding our disclosure of personal information to third parties for their direct marketing purposes. To make such a request, please send an email to support@nexhealth.com or write us at: 333 Bush St., Suite 2000, San Francisco, California 94104.

Non-US Users

YOU EXPRESSLY CONSENT TO THE TRANSMISSION, COLLECTION, STORAGE, PROCESSING AND USE OF THE ANALYTICS AND YOUR PERSONAL DATA IN ACCORDANCE WITH THIS PRIVACY POLICY. YOUR PERSONAL DATA MAY BE COLLECTED, STORED, PROCESSED, USED AND TRANSMITTED WITHIN, FROM AND TO THE COUNTRY WHERE IT WAS COLLECTED AND THE UNITED STATES. UNITED STATES LAWS REGARDING THE USE OF PERSONAL DATA MAY BE LESS STRINGENT THAN THE LAWS IN YOUR COUNTRY

Changes to Our Privacy Policy

It is our policy to post any changes we make to our privacy policy on this page with a notice that the privacy policy has been updated on the Service home page. If we make material changes to how we treat our users' personal information, we will notify you through a notice on the Service home page. The date the privacy policy was last revised is identified at the top of the page. You are responsible for ensuring we have an up-to-date active and deliverable email address for you, and for periodically visiting our Service and this privacy policy to check for any changes.

Termination

If you terminate your registration and account for the Service, or if your registration or account is terminated for any reason by Company, then Company will remove your Service Data from the Service; provided, Company may retain and use your Service Data in the manner described herein, but only in aggregated or de-identified form.

Contact Information

To ask questions or comment about this privacy policy and our privacy practices, contact us at:

333 Bush St., Suite 2000
San Francisco, CA 94104

support@nexhealth.com

or via our toll-free number:

(888) 345 2549

To register a complaint or concern, please email support@nexhealth.com.

NexHealth Inc. Privacy Policy for California Residents

Effective Date: February 12, 2021

Last Updated on: February 12, 2021

This Privacy Policy for California Residents supplements the information contained in NexHealth Inc.’s (“Company”, or “We”, or “Us”) General Privacy Policy and applies solely to all visitors, users, and others who reside in the State of California ("consumers" or "you"). We adopt this notice to comply with the California Consumer Privacy Act of 2018 (CCPA) and any terms defined in the CCPA have the same meaning when used in this Policy.

Where noted in this Policy, the CCPA temporarily exempts personal information reflecting a written or verbal business-to-business communication ("B2B personal information") from some its requirements.

Information We Collect

We collect information that identifies, relates to, describes, references, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer, household, or device ("personal information"). Personal information does not include:

Publicly available information from government records.
Deidentified or aggregated consumer information.
Information excluded from the CCPA's scope, like:

health or medical information covered by the Health Insurance Portability and Accountability Act of 1996 (HIPAA) and the California Confidentiality of Medical Information Act (CMIA), clinical trial data, or other qualifying research data;
personal information covered by certain sector-specific privacy laws, including the Fair Credit Reporting Act (FCRA), the Gramm-Leach-Bliley Act (GLBA) or California Financial Information Privacy Act (FIPA), and the Driver's Privacy Protection Act of 1994.]

In particular, we have collected the following categories of personal information from consumers within the last twelve (12) months:

Category

Examples

Collected

A. Identifiers.

A real name, alias, postal address, unique personal identifier, online identifier, Internet Protocol address, email address, account name, Social Security number, driver's license number, passport number, or other similar identifiers.

Yes

B. Personal information categories listed in the California Customer Records statute (Cal. Civ. Code § 1798.80(e)).

A name, signature, Social Security number, physical characteristics or description, address, telephone number, passport number, driver's license or state identification card number, insurance policy number, education, employment, employment history, bank account number, credit card number, debit card number, or any other financial information, medical information, or health insurance information.

Some personal information included in this category may overlap with other categories.

Yes

C. Protected classification characteristics under California or federal law.

Age (40 years or older), race, color, ancestry, national origin, citizenship, religion or creed, marital status, medical condition, physical or mental disability, sex (including gender, gender identity, gender expression, pregnancy or childbirth and related medical conditions), sexual orientation, veteran or military status, genetic information (including familial genetic information).

Yes

D. Commercial information.

Records of personal property, products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies.

E. Biometric information.

Genetic, physiological, behavioral, and biological characteristics, or activity patterns used to extract a template or other identifier or identifying information, such as, fingerprints, faceprints, and voiceprints, iris or retina scans, keystroke, gait, or other physical patterns, and sleep, health, or exercise data.

Yes

F. Internet or other similar network activity.

Browsing history, search history, information on a consumer's interaction with a website, application, or advertisement.

Yes

G. Geolocation data.

Physical location or movements.

Yes

H. Sensory data.

Audio, electronic, visual, thermal, olfactory, or similar information.

Yes

I. Professional or employment-related information.

Current or past job history or performance evaluations.

J. Non-public education information (per the Family Educational Rights and Privacy Act (20 U.S.C. Section 1232g, 34 C.F.R. Part 99)).

Education records directly related to a student maintained by an educational institution or party acting on its behalf, such as grades, transcripts, class lists, student schedules, student identification codes, student financial information, or student disciplinary records.

K. Inferences drawn from other personal information.

Profile reflecting a person's preferences, characteristics, psychological trends, predispositions, behavior, attitudes, intelligence, abilities, and aptitudes.

Yes

We obtain the categories of personal information listed above from the following categories of sources:

Directly from you. For example, from forms you complete or products and services you purchase.
Indirectly from you. For example, from observing your actions on our Website.
Through our Clinical Partners and Customers.

Use of Personal Information

We may use, or disclose the personal information we collect for one or more of the following purposes:

To fulfill or meet the reason you provided the information. For example, if you share your name and contact information to request a price quote or ask a question about our products or services, we will use that personal information to respond to your inquiry. If you provide your personal information to purchase a product or service, we will use that information to process your payment and facilitate delivery. We may also save your information to facilitate new product orders or process returns.
To provide, support, personalize, and develop our Website, products, and services.
To create, maintain, customize, and secure your account with us.
To process your requests, purchases, transactions, and payments and prevent transactional fraud.
To provide you with support and to respond to your inquiries, including to investigate and address your concerns and monitor and improve our responses.
To personalize your Website experience and to deliver content and product and service offerings relevant to your interests, including targeted offers and ads through our Website, third-party sites, and via email or text message (with your consent, where required by law).
To help maintain the safety, security, and integrity of our Website, products and services, databases and other technology assets, and business.
For testing, research, analysis, and product development, including to develop and improve our Website, products, and services.
To respond to law enforcement requests and as required by applicable law, court order, or governmental regulations.
As described to you when collecting your personal information or as otherwise set forth in the CCPA.
To evaluate or conduct a merger, divestiture, restructuring, reorganization, dissolution, or other sale or transfer of some or all of our assets, whether as a going concern or as part of bankruptcy, liquidation, or similar proceeding, in which personal information held by us about our Website users/consumers is among the assets transferred.

We will not collect additional categories of personal information or use the personal information we collected for materially different, unrelated, or incompatible purposes without providing you notice.

Sharing Personal Information

We may share your personal information by disclosing it to a third party for a business purpose. We only make these business purpose disclosures under written contracts that describe the purposes, require the recipient to keep the personal information confidential, and prohibit using the disclosed information for any purpose except performing the contract. In the preceding twelve (12) months, Company has disclosed personal information for a business purpose to the categories of third parties indicated in the chart below.

We do not sell personal information. For more on your personal information sale rights, see Personal Information Sales Opt-Out and Opt-In Rights.

Personal Information Category

Category of Third-Party Recipients

Business Purpose Disclosures

Sales

A: Identifiers.