we respect your privacy.

PRIVACY POLICy.


PRIVACY POLICY

Last Updated: March 27, 2018

1. Introduction

Your privacy is very important to us. This Privacy Policy (this “Policy”) describes how our Service handles and secures information it collects. This Privacy Policy is part of, and incorporated into, the Terms of Use for our Service. If you have entered into a Subscription Agreement for one of our Services (your “Subscription Agreement”), it will supplement and amend the Terms of Use because the Terms of Use and your Subscription Agreement include subjects that may not be covered in this Policy, and may narrow or modify the scope of our use of information under this Policy, please review them carefully.

2. Information Collected by our Services

Information You Submit:

When you use our Service, you can submit information by:

Typing-in data (such as when you register for our Services or type a message to send to us or another user, or type a search request, or complete an optional form).

Uploading a document, image or other data file.

Engagement Tools and Data:

Our Service also gathers information whenever you visit, log in or otherwise interact with them. As with other websites and interactive services, whenever you interact with our Service, your computer, mobile phone or tablet (a “Device”) and its software transmits a “request” to us. That request includes non-personal information received from your Device (and its software) necessary for us to identify and appropriately route the information your Device is requesting. These “requests” and “replies” are the backbone of all websites and Internet services. Therefore, whenever you:

Visit and navigate through our Services

Click on a link

Open a webpage or web form

Open a web-enabled email sent by us

Send a message via our interactive chat or instant message feature

Otherwise take an action or interact with elements of our Services or its pages, content or features your Device and its software are sending non-personal information to us.

In addition to managing the appropriate routing of information, we use so-called “cookies,” “web beacons,” “server logs” and other Engagement Tools to enhance the quality of the service and content you receive. For example, we use Engagement Tools to:

Save user preferences;

Preserve session settings and activity;

Help authenticate users;

Allow users to auto-fill sign-in pages of websites they frequently visit; and

Analyze the performance of our Services and its various features and content.

Therefore, even if you do not register with us or submit any personal information on our Services, our Engagement Tools automatically receive information about your Device and the software running on it. We call such data “Engagement Data.”

Engagement Data often includes elements such as the date and time a “request” is made, the model of the Device making the “request,” the type and version of operating system running on a Device (e.g., Mac OS or Microsoft Windows), the browser making the request (e.g., Internet Explorer, Chrome or Firefox), routing information, IP address, the Device’s geographic location, search terms a user enters, what URL a Device most recently visited, and, if a mobile application is used, an anonymous unique number. Engagement Data generally does not personally identify a Device’s user. However, it can be combined with personal information. If so, we treat such combined information the same way we treat personal information. Additionally, in the event that our Engagement Tools collect data elements that contain personal information, we treat those data elements as personal information.

You have the ability to control how certain Engagement Tools operate by modifying the settings on your Device or its software. Most browsers, for example, allow you to refuse accepting cookies, and many mobile Devices allow you to disable the sending of location information. In some cases, doing these things could diminish the performance of our Services or render them inoperable. To learn more about Engagement Tools and how we use Engagement Data please see our Engagement Tools sections below entitled “Engagement Tools” and “How Information is Used.”

Third Party Tools:

We work with certain third parties who deploy their own engagement tools on our Services. In some instances they do so exclusively on our behalf. In other instances, they may retain and use the data they collect pursuant to publicly available privacy policies. These Third Party Tools are frequently deployed by companies providing online advertising services or analytics, but they may be deployed in other contexts as well, such as social media plug-ins. We treat personal and non-personal information that we receive from these Third Party Tools the same way we treat personal and non-personal information that we directly collect from our Services. We, however, do not control how these third parties manage the information they gather. Please see the section below entitled “Third Party Services” for more information.

Personal and Non-Personal Information: Information you submit to us that identifies you or can be used to contact you (e.g., email or mailing address) is your “personal information.” This includes identifiers that a governmental authority, financial institution or insurance carrier may use to uniquely identify you (e.g., a Social Security, credit card or ACH account number). When we combine non-personal information with personal information, or non-personal information with other non-personal information in a way that renders the combined information personal information, we treat that combined information the same way we treat personal information. When we combine personal information with information from third party sources, we also treat that combined information the same way we treat personal information.

3. Engagement Tools:

Our Services use engagement tools described below to deliver and enhance the quality of the services and content you receive. This information is intended to help you understand more about these tools and how they are used.

Server Logs:

We may automatically collect and store certain information in server logs when you attempt to access or use our Services. These server logs will typically include the following information:

Date and time your Device accesses our Services

URL of services your Device is requesting and the referring web pages

Internet Protocol addresses, domain servers and mobile carriers your Device is connecting through

Your Device type and operating system

Browser type (if your Device is accessing our Services via web browser) or application identifier (if access is through our mobile application)

Identity of cookies (discussed below) we may have placed on your Device

Device GPS location (if this function is enabled on your Device) and

Event and routing information.

Local Storage:

We may collect and store information (including personal information) locally on your Device using mechanisms such as browser web storage (including HTML5) and application data caches.

Cookies:

Cookies may also be sent to your Device to collect information. A “cookie” is a small data file sent from a website and stored on your hard drive to identify your computer and allow for an enhanced personalized user experience based on your previous activity on the website. Several types of cookies are used to store and record this information:

Session Cookies:

A “session cookie” enables us to recognize you during a particular use of our Services. Session cookies are temporary and expire after a short time after your use or when you close your web browser.

Persistent Cookies:

A “persistent cookie” is used to help us remember your information and settings when you use our Services resulting in an enhanced user experience. When you first log on to your account, our Services will be presented in a default mode. During your visit, you may select certain preferences that may be remembered and stored through the use of persistent cookies. These preferences will then be remembered the next time you log on to your account.

Flash Cookies:

A “flash cookie” is used when our Services utilize Adobe Flash Player (all versions) and Macromedia's Flash Player (version 6 and above). Like other types of cookies, flash cookies work to store information for a better user experience. However, flash cookies differ in that they are saved in a different location on your hard drive. To manage your flash cookie settings, please visit the Macromedia Website Privacy Settings panel located at: www.macromedia.com.

Although most web browsers automatically accept cookies, you may opt-out on receiving these cookies by configuring your web browser so as to not accept them or to announce when a cookie is being placed. Should you decline the placement of a cookie on your hard drive, please be aware that you may not be able to utilize or access some of our Services. If you are using different web browsers or devices, you may choose to have different preferences for each of them.

Anonymous Identifiers:

An “anonymous identifier” is a random string of characters that may be used to store and collect information and it works similarly to cookies. Anonymous identifiers may be used for certain mobile devices where cookie technology is not available.

Pixel Tag (also known as “Gif” or “Web Beacon”):

A “pixel tag” is an invisible tag placed on pages throughout our Services; this tag is not placed on your computer. If you visit one of these tagged pages, the pixel tag will generate a generic notice of your visit to that particular page. A pixel tag may also be placed within the body of an email to track when an email has been opened or accessed.

Local Data Cache and Auto-Fill:

Your Device may be configured to store data locally in your web browser or application data caches. This enables your Device to quickly access our Services by auto-filling user-IDs and passwords during log-in, and reducing the delivery of data or image files that have already been delivered to the device. You can set your web browser to refuse allowing us to do this. However, it would likely impact how quickly and efficiently you can access our Services.

Through Your Mobile or Tablet Device:

We also offer applications for your mobile or tablet Device. You are required to download and install the application on to your hardware. When you use the application, we will collect your Device information and a unique identifier for the purpose of providing you with the most up to date application and features. If you use our Services through our application component, we will track your actual location, by using GPS signals sent by your Device or by using sensor data from your Device. We will not share this information with third parties for any purpose and will only use this information for the sole purpose of fulfilling your request. If you desire to no longer allow our application to use your location, you must turn this off on your Device.

4. How Information is Used

We use personal and non-personal information (including Engagement Data) for the following purposes:

Operating, maintaining, managing and administering our Services, including processing registrations and payments, and providing customer support;

Responding to questions and communications, which we retain in the ordinary course of business;

Administrative announcements about features, functionality, terms or other aspects of our Services; and, if applicable, informing you about offers for services or products we believe may be of interest (for further information, see also “Service Emails and other Communications” below);

Safeguarding and protecting our Services, the information they safeguard, the rights of third parties and in response to legal process, in each case, as more fully described below in “The Importance of Protecting our Services and the Information they Safeguard;” and

Any other purpose described in this Policy or your Subscription Agreement.

We use non-personal information for the following purposes:

Auditing, research, measurement and analysis in order to maintain, administer, enhance and protect our Services, including analyzing usage trends and patterns and measuring the effectiveness of content, advertising, features or services;

Creating new features and services;

Health and medical research; public health and service activities; healthcare- and medical-related services; and

Other purposes described in this Policy or your Subscription Agreement.

We may also use non-personal information to prepare aggregate reports for current or future advertisers, sponsors or other partners to show trends about the general use of our Services. Such reports may include age, gender, geographic, demographic or other general user information, but do not include personal information.

5. Consents and Authorizations:

From time to time, we may request your consent or authorization (your “consent”) in connection with the use or sharing of your information. In some instances, this will be because your Subscription Agreement, this Policy or applicable law or regulations requires us to obtain such consent. In other instances, such consent will be for informational purposes. In the latter case, the request to obtain your consent should not be interpreted as narrowing the scope or applicability of your Subscription Agreement or this Policy – by entering into your Subscription Agreement or using the applicable Services, you have accepted and agreed to our information handling practices in the manner described in your Subscription Agreement and this Policy.

In cases where you consent or “opt-in” to the use or sharing of your personal information in a manner that is not otherwise provided for in your Subscription Agreement or this Policy, unless otherwise explicitly stated in such consent, you will have the ability to rescind your consent and “opt-out” of our use or sharing of such information in the future. In that event, we will refrain from our use or sharing of such information, but we may not be able to require the removal of such information from the databases of the recipients with whom such information has been shared.

6. How our Services Allow Users to Share Information:

Our Services can be used to facilitate one-on-one communications between both Healthcare Provider and Patient users.

In any one-on-one communication, users are sending information to one another. Depending on the message, this could include contact and other personal information. See also “Service Emails and other Communication” below.

You should be aware that this Policy covers only the information you submit through our Services. If you contact or exchange information with another user in person or through a means other than our Services, such activity is not covered by this Policy.

Confidentiality of Health Information:

Some of our users – such as healthcare providers – are subject to laws and regulations governing the use and disclosure of health information they create or receive. Included among them is the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”), the Health Information Technology for Economic and Clinical Health of 2009 (“HITECH”), and the regulations adopted thereunder. When we store, process or transmit “individually identifiable health information” (as such term is defined by HIPAA) on behalf of a health care provider who has entered a Healthcare Provider Subscription Agreement, we do so as its “business associate” (as also defined by HIPAA). Under this agreement, we are prohibited from, among other things, using individually identifiable health information in a manner that the provider itself may not. We are also required to, among other things, apply reasonable and appropriate measures to safeguard the confidentiality, integrity and availability of individually identifiable health information we store and process on behalf of such providers. To see our Subscription Agreement, and to specifically review our business associate obligations, please review Sections 5.2, 5.3, and 5.4 of that agreement. We are also subject to laws and regulations governing the use and information of certain personal and health information, including HIPAA, when we operate as a business associate of a healthcare provider.

Service Emails and other Communications:

Our Services allow users to communicate with others through in-product messaging services. Communications that are sent by or on behalf of a user are indicated as being “From” that user. Communications that are sent by us are indicated as being from us or one of our account or support specialists assigned to assist you. Either type of communications may be “real time” communications or communications triggered automatically upon the occurrence of certain events or dates.

Email communications received from users and our administrative announcements are often transactional or relationship messages, such as workout reminders and message notifications, or other service notifications. You may not be able to opt out of receiving certain messages, although our Services may provide a means to modify the frequency of receiving them. In cases in which we believe user emails are not primarily transactional or relationship messages, it will include the capability to opt-out of receiving further e-mails. If you sign-up to receive marketing or informational announcements from us, such emails will include capability to opt-out of receiving such e-mails in the future.

Emails and other communications from individuals who are not users of our Services, or that are being sent in connection with business, agreements or subject matter other than your Subscription Agreement or your use of our Services, are not covered by this Policy. If, for example, you contact us regarding a job opening, that communication to us is not covered by this Policy even though that job opening may have been posted on our Services. Likewise, if you submit to us any ideas, suggestions or proposals (collectively, “Suggestions”) relating to our Services or other products or services by any means – such as through “Contact Us,” by email or other communication channels, one of our communities or user forums, or to our customer support or other personnel – such Suggestions are not governed by this Policy.

7. Sharing of Information

We will not share personal information you submit except under the following circumstances:

When you choose to share such information through our Services. Under certain circumstances this may require a specialized consent before our Services complete certain such transmissions;

When you are otherwise notified at the time we collect such information, or we otherwise have your express consent;

When your account has been issued by an account administrator with administrative rights over your account, your account administrator will have access to your account information, including your personal information. Your account administrator may: (i) receive and retain your account information (ii) suspend or terminate your account access, or (iii) access or retain information you submit or otherwise stored as part of your account for any purposes required or permitted under applicable law;

When we share such information with our current and future affiliates;

When we share such information with trusted service providers operating on our behalf consistent with the terms of this Policy and your Subscription Agreement. Such service providers shall be bound by appropriate confidentiality and security obligations, which may include, as applicable, business associate contract obligations. We will not sell, rent or trade your personal information with any third parties for their promotional or marketing purposes;

When we protect our Services, the information they safeguard, the rights of third parties and in response to legal process, as more fully described below in “The Importance of Protecting our Services and the Information they Safeguard;”

In connection with a sale, merger, transfer, exchange, reorganization or other disposition (whether of assets, stock, or otherwise) of all or a portion of the business conducted by the services to which this Privacy applies. If such a transaction occurs, the acquiring company’s use of your personal information will remain subject to this Policy; and

Any other purposes described in this Policy or your Subscription Agreement.

It is important for you to understand that other users who submit to, or receive from, our Services personal information about you, may share that information with other persons, even without separately notifying you or seeking your consent.

8. The Importance of Protecting our Services and the Information they Safeguard:

Many of our Services are protected by technical measures intended to safeguard the confidentiality, integrity and accessibility of sensitive information our users store and share on our Services. Further, certain regulations require us to investigate potential or suspected threats on our Services or the confidentiality, integrity or availability of the information they safeguard. Accordingly, we may preserve, use and disclose information – including personal and non-personal information – when we have a good faith belief it is necessary or advisable to:

Detect, prevent and address potential or suspected: threats on our Services or the confidentiality, integrity or availability of any information they house; fraud and other illegal activity; or violations of our Subscription Agreements or Terms of Use; and to protect ourselves, you and third parties.

We may also preserve, use and disclose such information in response to a search warrant, court order, subpoena, judicial proceeding or other legal process if we have a good faith belief that the law requires us to do so. Such legal process may prohibit us from notifying the users or other individuals or entities identified by such information or take such other actions as would otherwise be a violation of your Subscription Agreement or this Policy. When we preserve information pursuant to this section, it may be for extended periods of time, as we in good faith believe are necessary or appropriate under the circumstances, and may include the preservation of information from accounts that have been disabled.

9. Security

The security of our Services and the information they store, process and transmit is a top priority. To prevent unauthorized access, maintain data accuracy, and ensure the appropriate use of the information we collect, we deploy a wide range of technical, physical and administrative safeguards, including: Secure Socket Layer (SSL) encryption, firewalls, system alerts and other information system security technologies; housing health data in secure facilities that restrict physical and network access; and regular evaluation and enhancement of our information technology systems, facilities, and information collection, storage and processing practices. Under our Healthcare Provider Subscription Agreement and applicable law, we are required to apply reasonable and appropriate measures to safeguard the confidentiality, integrity and availability of individually identifiable health information (as such term is defined by HIPAA) residing on and processed by our Services. It is important to remember, however, that no system can guarantee 100% security at all times. Accordingly, we cannot guarantee the security of information stored on or transmitted to or from our Services.

 

Steps You Can Take:

If we learn of a security vulnerability or risk, we may attempt to notify you and provide information on protective measures you may take. There are, however, some precautions that you can proactively take to improve your system security and reduce the likelihood of unintended disclosure of personal information:

Install malware detection programs that regularly scan your system and incoming traffic for malicious code – such as computer viruses, worms, Trojan Horses and spyware. Because viruses and malware are continuously created and modified, regular malware protection software typically requires frequent updates.

Use a firewall to prevent unauthorized access to your Device.

Because malware often targets vulnerabilities in existing operating systems, browsers, plug-ins and other programs, software vendors frequently update their products with security patches to guard against known or commonly exploited vulnerabilities. Vendors often try to alert their users and recommend immediate installation of these security patches.

Use a strong password using a combination of letters and numbers that are not easily guessed. Do not share your password with others.

If you use a shared Device, always close all active programs and log out before leaving it unattended.

Avoid using a public wireless network, if possible. If you do use a public network, use the most restrictive wireless network settings on your Device.

If you use file-sharing programs, be sure to restrict all other folders or directories to “no share.”

Be very cautious with any email requesting you to share personal information. On websites, look for the lock symbol on or near your browser’s address bar which signifies a secure website before supplying personal information.

When participating in one of our communities, blogs, forums, surveys or other open communication platforms, exercise care in selecting what information you share, particularly personal or health information.

10. Children under 13

Our Services are not intended for or designed to attract children under the age of 13, and we do not knowingly collect personal information from such children. If we learn that we have inadvertently obtained personal information from a child under the age of 13, we will delete that information as soon as practicable. If you become aware that your child has provided us with personal information without your consent, please contact us immediately at the contact information below. Should this policy change, we would comply with the Children’s Online Privacy Protection Act, which requires us to notify and obtain consent from a parent or guardian before we collect, use and disclose the personal information of children who are under 13 years of age.

Without limiting the generality of the foregoing, our Services do allow users above the age of 18 years old – such as healthcare providers, parents and guardians – to submit personal information about others, including minors. Such users assume full responsibility over their submission, use and transmission of such information.

11. United States Only

Access to our Services is administered in the United States (“US”) and are intended for users in the US. You may not use our Services in any jurisdiction where offering, accessing or using our Services would be illegal or unlawful. If you are located outside of the United States, please note that the information you submit to us will be transferred to the US. By using our Services, you consent to this transfer. You also consent to the transfer to and processing of any personal information by us or any of the other parties described in the section “Sharing of Information” above, whether located in the US or any other countries, for the purposes described in this Policy, or for any other specific purposes to which you consent. If you are located in a country other than the US, you should note that, at present, the laws of the US and certain other countries have not been approved by the European Commission or privacy authorities in certain other countries as providing “adequate protection” for personal information within the meaning of the European Union Data Protection Directive or applicable laws of other countries.

12. Third Party Services

This Policy applies only to our Services. It does not apply to services offered by third parties, including websites and other online services that our Services may display links to or advertisements for. When you click on such links or advertisements, you will be visiting websites or interactive services operated by third parties, who have their own information collection practices and may also collect information using tracking tools, such as cookies, web beacons, server logs and the like. When you click on or interact with an ad appearing in our Services, the advertiser or sponsor may infer that you meet targeting criteria that they may have used in connection with the sponsoring such ad. This may lead to similar ads being targeted to you on our Services or elsewhere. We do not have control over how any third party gathers or uses information, so you should review their privacy policies to learn of their information gathering and handling practices.

The following identifies the third-party tools that we use in connection with our Services. Each of our third-party tool providers has its own privacy policy that describes its information collection and handling practices. These providers may use cookies, web beacons, pixel tags, or similar technologies in order to collect information. For links to their privacy policies, see below. This information may change over time. We will try to keep this information updated but may sometimes fall behind.

Web Analytics Providers:

We use the following web analytics providers to create a better user experience on our Sites.

Google Analytics

Hotjar

Online Survey/Form Tool:

We use the following online survey tool to collect feedback from our users related to our Sites and Services, as well as to improve the user experience. Participation in surveys that are sent out to users of our Services is voluntary.

Survey Monkey

Communication Analytics:

We use the following email analytics providers to ensure that our communications to you are received in your email inbox every time and to provide you with a more customized communication.

Mailchimp

Constant Contact

Mandrill

Other Third-Party Tools:

We will use a variety of other third-party tools that we may not fall into any of the above categories. The following are some other third-party tools that may collect information from users.

Google Maps

YouTube, by Google

13. Changes to this Policy

We work hard to continuously improve and enhance our Services. Some of these improvements and enhancements may result in changes to this Policy. We will post such changes along with their effective date on this page, and if the changes are significant, we will provide a more prominent notice. Because our Policy can change at any time, we encourage you to reread it periodically to see if there have been any changes that affect you. If you disagree with any changes to this Policy and do not wish your information to be subject to the revised Policy, you will need to deactivate your account before the new Policy becomes effective. Your use of our Services following any such change constitutes your agreement that all information collected from or about you through our Services after the revised Policy is posted will be subject to the terms of the revised Policy.

14. Viewing, Updating and Deactivating Information

Our Services aim to provide you with access to the personal information you submit and the means to update it. This can be accomplished by logging into our Services or contacting us using the contact information below. Under certain circumstances, we may ask you to verify your identity before your request is processed. This will be done free of charge except where it would require a disproportionate effort. We may reject requests that are unreasonably repetitive, require disproportionate technical effort (for example, developing a new system or fundamentally changing an existing practice), risk the privacy of others, or would be extremely impractical (for instance, requests concerning information residing on backup tapes).

If you desire to deactivate your account, please contact us using the contact information below. Upon your request, your account will be deactivated, and your personal information and Records will be securely archived. We retain archived information for a period of five years (or longer if required by law) as necessary to comply with legal obligations, resolve disputes and enforce our agreements and other authorized uses under this Policy.

Please note that, unless you are an administrator who has administrative rights over another user’s account pursuant to a Subscription Agreement, you are not entitled to review the content of another user’s account. Accordingly, if you have used our Services to share personal information with another user or other party, you will not be able to access, update or delete that shared information pursuant to this Policy or your Subscription Agreement. Please also note that other users may submit personal information that identifies you. You will also not be able to access, update or delete that information pursuant to this Policy or your Subscription Agreement. In either case, certain users – such as healthcare providers – may be required under HIPAA and other applicable laws or regulations to retain such information for extended periods of time. This means that until our Subscription Agreement with such user(s) terminate(s), we will continue to retain such information on their behalf. HIPAA grants patient’s certain rights to access and correct certain health information their healthcare providers retain about them. Patients should submit requests to access or correct their health information directly to their healthcare providers.

You should also be aware that we store indefinitely non-personal information, including Engagement Data and de-identified health information, as well as all information that you have share on any of our public forums, blogs, communities, surveys and the like.

15. Contact Us

You may contact us at:

Practice Dashboards for Physical Therapy, Inc.

Attention: Privacy Officer

4957 Lakemont Blvd SE, Ste C4-241

Bellevue, WA 98006

email: support@practicedashboard.com