Privacy Policy
(United States)
Privacy Policy (United States)
Album Health, Inc. (the “Company”) knows that you care about how your personal information is collected, used and shared, and we take your privacy seriously. By visiting the albumhealth.com website and domain name (and the other websites we own or operate) and any other linked pages, features, content, or related services offered from time to time by the Company in connection therewith (collectively, the “Site” as further defined in our Terms of Use (“Terms”)), using our mobile application (the “Mobile App”) or using any of our Services, you consent to this Privacy Policy and to our use and processing of Personal Information for the purposes set forth herein. Capitalized terms not defined in this Privacy Policy shall have the meanings set forth in our Terms, available at albumhealth.com/terms-of-use.
“Company” or the terms “we” or “us” or similar terms refer to Album Health, Inc. “You” or “your” or similar terms refer to you as a user of our Services.
By accepting our Privacy Policy during registration, or by visiting and/or using the Site, the Mobile App or any of our Services, you (a) expressly consent to our collection, use, disclosure and processing of your Personal Information (as defined below) in accordance with this Privacy Policy, and (b) expressly acknowledge that you have read and understood our HIPAA Notice, which describes how we may use and disclose health information about you for treatment, payment or health care operations and for other purposes that are permitted or required by law, including the Health Insurance Portability and Accountability Act of 1996, as amended from time to time (“HIPAA”). Our HIPAA Notice is available at albumhealth.com/hipaa. Any conflict between this Privacy Policy and the HIPAA Notiwith respect to any PHI (as defined in the HIPAA Notice) shall be governed by the HIPAA Notice.
As used in this Privacy Policy, the terms “using” and “processing” information include, among other things, using cookies or embedded scripts on a computer, browser, laptop, tablet, mobile phone or other device (a “Device”), subjecting the information to statistical or other analysis, and using or handling information in any way, including without limitation collecting, storing, evaluating, modifying, deleting, using, combining, disclosing, and transferring information within our organization or among our affiliates within the United States or internationally, as well as using personal information to respond to user / applicant or sponsor (i.e., the entity or organization paying for your participation in our Services) requests and to provide the requested products and services.
WHAT DOES THIS PRIVACY POLICY COVER?
Personal Information – In General.
This Privacy Policy covers how we use and disclose personally identifiable information that we gather from you starting from the time that you initially access our Site, our Mobile App or use our Services. Personally identifiable information refers to any information about you that can be used to contact or identify you and information on your use or potential use of the Site, our Mobile App or our Services, including, but not limited to, a first and last name, a personal profile, an email address or other contact information (collectively, “Personal Information”). Your privacy is important to us, and we are committed to carefully managing your Personal Information in connection with the Services that we provide. It is important for you to understand, however, that this policy does not apply to the practices of companies and / or websites or other third party services that we do not own or control, or to individuals that we do not employ or manage.
Protected Health Information.
We are dedicated to maintaining the privacy and integrity of protected health information that we receive as part of your application for or participation in the our Services (“PHI”). PHI is Personal) Information that we receive as part of your application for or participation in the our program that relates to (a) your past, present, or future physical or mental health or condition, (b) the provision of health care to you, or (c) your past, present, or future payment for the provision of health care, which is created, received, transmitted, or maintained by the Company. This Privacy Policy describes how we protect your privacy as a visitor to, or general user of our Site, our Mobile App and Services. You have additional rights under federal and state law with respect to the access to, use, and disclosure of Personal Information that constitutes PHI. For a more complete description of your rights with respect to PHI, please refer to our HIPAA Notice, which provides important information to you about how we may use and disclose your PHI. Our HIPAA Notice is available here: albumhealth.com/hipaa.
WHAT PERSONAL INFORMATION DO WE COLLECT?
We collect Personal Information you choose to provide us (e.g., through registrations, applications, use of the Services, surveys, and in connection with your inquiries), starting from the time that you initially access our Site, our Mobile App or use our Services. The information we gather from you enables us to administer your account, provide you with the Services, respond to your inquiries and send you communications regarding the Services and your access to and use of the same, obtain your feedback on our Site, our Mobile App and our Services, analyze user behavior and activity, personalize and improve our Services, conduct research activities and contact you about the services that we offer.
From time to time, we may use or augment the Personal Information we have about you with information obtained from third parties (e.g., FitBit or Apple). For example, we may use such third party information to confirm contact information, to verify eligibility, or to better understand your interests by associating demographic information with the information you have provided.
We collect the following types of information:
Personal Information You Provide to Us.
We receive and store any information you enter on our Site, our Mobile App or provide to us through the Services, including any third party services that you connect with our Services (e.g., FitBit or Apple). Personal Information that we collect may include things like your full name, gender, mobile phone number, your email address and the email address of your contacts, home and business postal addresses, IP address, browser information, username, password, certain health information (e.g., height, weight, blood pressure, blood glucose, pre-existing medical conditions, tracking of food, sleep and/or activity and insurance information), and any other information or data that you provide when using our Site, our Mobile App and/or our Services. You can choose not to provide us with certain information, but that may result in our inability to provide you access to or use of many of our special features. Our goal is to use the Personal Information you provide for such purposes as answering questions and communicating with you about the Company’s products and services, including updates and new features.
PLEASE NOTE: By using the Services, you consent to and authorize us to disclose your eligibility for and participation in the Services (i.e., you meet the clinical enrollment criteria for the Services, which may identify those individuals at risk for certain chronic diseases or living with certain chronic diseases and have elected at your own discretion to participate in the same) to the other users of the Site, the Mobile App and the Services. The users, including but not limited to administrators, health coaches and other authorized Album Health personnel will have access to a range of Personal Information such as your user name, linking you to your diagnosis and/or reason for program participation. Moreover, as we group participants based on certain characteristics, fellow support group members may be co-workers or other acquaintances.
We take great efforts in protecting your privacy; however, we cannot control, and expressly disclaim any responsibility for, whether or how users will subsequently use or disclose posted or previously disclosed information. If you do not consent to the disclosure of this information, you should not access or use the Site, the Mobile App or the Services.
Personal Information Collected Automatically.
We receive and store certain types of information whenever you interact with the Site, the Mobile App and / or use the Services. We automatically receive and record information on our server logs from your browser, including your IP address, and the page you requested. In addition, we may use personal identifiers to recognize you when you arrive at the Site via an external link, such as a link appearing on a third-party site or in an Album-generated email presented to you. See also our “What About Tracking Technologies?” section below. We will also use your information to provide customer service and support.
Generally, our Services automatically collect usage information, such as the numbers and frequency of visitors to the Site and Mobile App and its components, similar to TV ratings that indicate how many people watched a particular show. We only use this data in aggregate form, that is, as a statistical measure, and not in a manner that would permit us to identify you personally (“De-identified Information”). This type of aggregate data enables us to figure out how often users or customers use parts of the Site, Mobile App or Services so that we can make the Site, Mobile App and Services as appealing to as many users and customers as possible and improve our Services. We may provide this de-identified, aggregate data to our partners and/or customers to identify how our users use our Site, Mobile App and/or Services. Again, we never disclose information to a partner or customer in a manner that would identify you personally.
You may set your browser to refuse or disable these data collection methods, but doing so may change your experience with the Site, the Mobile App or the Services, diminish certain aspects of the Site’s or Mobile App’s functionality or render certain features of the Site, the Mobile App or the Services inoperable. The Site may not recognize or respond to “do not track” technologies employed by your browser.
E-mail Communications.
We often receive a confirmation when you open an email from us if your computer supports this type of program. We use this confirmation to help us make emails more interesting and helpful. We also compare our customer list to lists received from other companies in an effort to avoid sending unnecessary messages to our customers. When you receive e-mail from us, you can opt out of receiving further e-mails by following the included instructions to unsubscribe. However, by opting out of further email communications after you enroll in the Services, you may limit program reminders and other valuable program content and components.
What About Tracking Technologies?
In addition to any Personal Information or other information that you choose to submit to us via the Site, Mobile App or Services, we and our third party service providers may use a variety of technologies that automatically (or passively) store or collect certain information when you visit or interact with the Site, Mobile App or Services (“Usage Information”). This Usage Information may be stored or accessed using technologies that may be downloaded to your Device whenever you visit or interact with the Site, Mobile App or Services. To the extent we associate Usage Information with your Personal Information that we collect directly from you, we will treat it as Personal Information. Examples of Usage Information include: your IP address or other unique device identifier (e.g., a number that is automatically assigned to your Device used to access the Site which our computers use to identify your Device), your Device’s functionality (e.g., browser, operating system, mobile network information, etc.), the areas within the Site or Services that you visit and your activities there, your Device location, your Device characteristics and certain other data regarding your Device.
We may use various methods or technologies to store or collect your Usage Information, including your visits to or interactions with our Site, Mobile App and Services (“Tracking Technologies”). We may use these Tracking Technologies for a variety of purposes, including but not limited to uses deemed to be necessary or useful to assess the performance of our Site, Mobile App and Services (including as part of our analytic practices or otherwise to improve our Site, Mobile App and Services) or uses required to offer you enhanced functionality when accessing our Site, Mobile App and Services (including identifying you when you sign in to the Site or the Mobile App or keeping track of your specified preferences).
Tracking Technologies that may include the following (and may include subsequent technologies and methods later developed which perform a similar function):
Cookies. Cookies are alphanumeric identifiers that we transfer to your computer’s hard drive through your browser to enable our systems to recognize your browser and tell us how and when pages in our Site are visited and by how many people. We use cookies to enhance visitors’ experiences by understanding how visitors and / or users engage with and navigate our Site. Regular cookies may generally be disabled or removed by tools that are available as part of most commercial browsers and in some but not all instances can be blocked in the future by selecting certain settings. Each browser that you use will need to be set separately, and different browsers offer different functionality and options in this regard. Also, these tools may not be effective with regard to certain types of cookies (e.g., Adobe Flash or HTML5 cookies). Please be aware that if you disable or remove cookies on your Device, some parts of our Site or Services may not function properly and when you revisit our Site or Services your ability to limit cookies is subject to your browser settings and limitations.
We may choose to serve ads on the Site or the Mobile App. These ads may be delivered to users by our advertising partners, who may set cookies. These cookies allow the ad server to recognize your Device each time they send you an online advertisement to compile information about you or others who use your computer. This information allows ad networks to, among other things, deliver targeted advertisements that they believe will be of most interest to you. This Privacy Policy refers only to the use of cookies by the Company and does not cover the use of cookies by any third parties (e.g., advertisers).
Embedded Scripts. An embedded script is programming code that is designed to collect information about your interactions with the Site, Mobile App and Services, such as the links that you click on. The code is temporarily downloaded onto your Device, is active only while you are connected to the Site or Mobile App, and is deactivated or deleted thereafter.
Web Beacons. Small graphic images or other web programming code called “web beacons” (also known as “1×1 GIFs” or “clear GIFs”) may be included in pages and messages of our Site, Mobile App and Services. Web beacons may be invisible to you, but any electronic image or other web programming code inserted into a page or e-mail can act as a web beacon. Web beacons or similar technologies may be used for a number of purposes, including to count visitors to the Site, Mobile App and Services, to monitor how users navigate the Site, the Mobile App and Services, to count how many sent e-mails were actually opened or to count how many particular articles or links were actually viewed.
There may be other Tracking Technologies now and later devised and used by us in connection with the Site, Mobile App and Services. Further, third parties may use Tracking Technologies with our Website. We do not control those Tracking Technologies, and we are not responsible for them. However, you consent to potentially encountering third party Tracking Technologies in connection with your use of the Site and Services and accept that this Privacy Policy does not apply to the Tracking Technologies or practices of such third parties. In such cases, you must check the third party websites to confirm how your information is collected and used.
WHAT PERSONAL INFORMATION DO WE SHARE?
Personal Information regarding our users is an integral part of our business. We will not rent, sell or share your Personal Information with other people or non-affiliated companies except to provide the Services, when we otherwise have your permission, as expressly permitted or required by the HIPAA Notice or as expressly permitted or required under this Privacy Policy, including under the following circumstances:
User Profiles: In the future, we may provide functionality to permit you to create a user profile page in which you may provide information about yourself, including, without limitation, your health information, symptoms, treatments, as well as your feelings about your health information and/or yourself (“User Submissions,” as further defined in our Terms). You may also be able to upload pictures, videos and stories to your profile page as part of the User Submissions. User Submissions may be displayed to other users (including members of your group(s), who may be from the same deployment or otherwise affiliated) to facilitate user interaction within the Services. Email addresses may be used to add new User Submissions to user profiles and to communicate through User Submissions. Users’ email addresses will not be directly revealed to other users by us, except when the user is “connected” to another user via a shared group membership, or an invitation, or if the user has chosen to include their email address in their User Profile. Please note that any User Submissions you make, including Personal Information, on or through your profile page may be available for other users, the Company, administration, moderators, and other staff. Additionally, other users may be able to post comments and view posted comments on your profile page.
Communication in Response to User Submissions: As part of the Site and Services, you will receive from us email and other communication relating to your User Submissions. You acknowledge and agree that by posting such User Submissions, we may send you email and other communications (e.g., phone calls or text messages) that we determine, in our sole discretion, are related to your User Submissions.
Agents: We employ other companies and people to perform tasks on our behalf and need to share your information with them to provide products and/or services to you. Without specific authorization and/or consent, we limit the rights of our agents to use Personal Information we share with them to that which is minimally necessary to assist us. You hereby consent to our sharing of Personal Information for the above purposes.
Business Transfers: In some cases, we may choose to buy or sell assets. In these types of transactions, customer information, including Personal Information about customers, is typically one of the business assets that are transferred. Moreover, if the Company, or substantially all of its assets were acquired, or in the unlikely event that the Company goes out of business or enters bankruptcy, Personal Information would be one of the assets that is transferred or acquired by a third party. By continuing to use the Site, the Mobile App and Services, you acknowledge that if we sell or transfer our business (e.g., through an acquisition) or an asset (e.g., our website) to another company, we will share your personal information with such company and will require such company to use and protect your personal information consistent with this Privacy Policy.
Sponsors and Third Party Administrators; As Required by Law: We may, in our sole discretion, share, transfer or otherwise disclose certain of your Personal Information (e.g., reports containing data related to enrollment, engagement, retention, and outcomes) to your sponsor or your sponsor’s third party administrators (e.g., incentives vendors, wellness administrators, etc.) for treatment, payment, or healthcare operations purposes and for other purposes permitted or required by law, as more fully described in our HIPAA Notice.
Protection of the Company and Others: We may release Personal Information when we believe in good faith that release is necessary to comply with the law; enforce or apply our conditions of use and other agreements; or protect the rights, property, or safety of the Company, our employees, our users, or others. This includes exchanging information with other companies and organizations for fraud protection, detection or suppression. If necessary, we will make all legally required disclosures of any breach of the security, confidentiality, or integrity of your Personal Information, including, without limitation, breaches of your unencrypted, electronically stored “personal information” or “medical information” (as defined in applicable state statutes on security breach notification). To the extent permitted by applicable laws, we will make such disclosures to you via email or conspicuous posting on your private profile on the Site or the Mobile App in the most expedient time possible and without unreasonable delay, insofar as consistent with (a) the legitimate needs of law enforcement, or (b) any measures necessary to determine the scope of the breach and restore the reasonable integrity of the data system.
With Your Consent: Except as set forth above, you will be notified when your Personal Information may be shared with third parties, and will be able to control the sharing of this information.
De-identified Information: We may create De-Identified Information from the information that you share with us, including any Personal Information, and use such De-identified Information without restriction. We may, for example, share De-identified Information with the sponsors paying for your participation in the Services (e.g., reports containing data related to enrollment, engagement, retention, and outcomes to evidence overall program success metrics) and with third party administrators working with the sponsors to administer certain services to you (e.g., incentives vendors, wellness administrators, etc.). Again, we never disclose aggregate information in a manner that would identify you personally.
IS MY PERSONAL INFORMATION SECURE?
We employ industry standard administrative, physical, and technical measures designed to safeguard and protect information under our control from unauthorized access, use, and disclosure. In addition, when we collect, maintain, access, use, or disclose your Personal Information, we will do so using systems and processes consistent with information privacy and security requirements under applicable federal and state laws, including, without limitation, HIPAA.
Furthermore, your individual user account is protected by a password for your privacy and security. To ensure that there is no unauthorized access to your account and Personal Information, we suggest that you safeguard your password appropriately and limit access to your computer and browser by signing off after you have finished accessing your account.
The Site and the Mobile App may contain links to third party websites (“Third Party Websites”). In such an event, before using the Third Party Websites or related services, you must review and accept the terms of use and privacy policies for those sites and/or services. We are not responsible for the privacy policies and/or practices of any Third Party Websites, and we are not responsible or liable for the availability, reliability, content, functions, performance, accuracy, legality, appropriateness, services, materials, or any other aspect of such Third Party Websites. This Privacy Policy only governs information collected on our Site, our Mobile App or through our Services. When you access any Third Party Websites, you do so at your own risk, and you understand and agree that you are solely responsible for reading and understanding any terms of use and/or privacy policies that apply to such Third Party Websites.
We exercise great care to protect your personal information. However, we cannot ensure or warrant the security and confidentiality of any information that you transmit to us or receive from us via the Services offered through our Site and Mobile App, by Internet or wireless connection, including email, or the appropriateness of the measures we use to safeguard such information. Unauthorized entry, access, or use; loss; hardware or software failure; and other factors, may compromise the security of your information at any time. This is especially true for any information that you transmit to us via email or text message, since we have no way of protecting that information until it reaches us. E-mail and text message and the communication lines they travel over do not have the security features that are built into our Site and Mobile App and may not be secure. In addition, by downloading the Mobile App from a digital distribution platform such as the Apple App Store or Google Play (a “Mobile App Provider”), the Mobile App Provider and its agents may be able to identify you as a user of our Services. If you have reason to believe that your data or your interactions with us are no longer secure, you may contact us at the email address, mailing address or telephone number listed at the end of this Privacy Policy. In addition, if you have privacy or data security related questions, please feel free to contact the office identified at the end of this Privacy Policy.
WHAT PERSONAL INFORMATION CAN I ACCESS AND CORRECT?
You can access certain information about you for the purpose of viewing, and in certain situations, updating that information. This list may change as the Site, the Mobile APP or the Services change.
- Real name
- Account and user profile information (e.g., nickname)
- User email address
- User mailing address
- User mobile phone number
- Username and password
- Communication preferences
In order to help us maintain and ensure that your information is accurate and up to date, please update your information if it changes or inform us promptly at privacy@albumhealth.com so that we make the appropriate changes.
WHAT CHOICES DO I HAVE REGARDING MY PERSONAL INFORMATION?
As stated previously, you can always opt not to disclose information, even though it may be needed to take advantage of certain features of the Site, the Mobile App and the Services.
You are able to add or update certain information on pages, such as those listed in the “What Personal Information Can I Access And Correct” section, above. When you update information, however, we often maintain a copy of the unrevised information in our records.
If you would like us to remove your records from our system, you may request deletion of your account with us by sending e-mail to privacy@albumhealth.com. Please note that some information may remain in our records after deletion of your account, including any information or records we are legally obligated to retain. We will process your request within a reasonable time, but please note that you may receive additional communications and offers as we process your request.
If you do not wish to receive email or other mail, phone calls or texts from us, please click on the “Unsubscribe” link contained in the emails or indicate this preference by emailing us at privacy@albumhealth.com. Please note that if you do not want to receive legal notices from us, such as this Privacy Policy, those legal notices will still govern your use of the Site, Mobile App and Services, and you are responsible for reviewing such legal notices for changes. We will process your request within a reasonable time, but please note that you may receive additional emails as we process your request.
HOW DO WE PROTECT CHILDREN’S PERSONAL INFORMATION?
The Services are not directed to children. We do not knowingly allow or solicit anyone under the age of 18 to participate independently in any of the Services. We do not knowingly collect Personal Information from children. If a parent or guardian becomes aware that his or her child has provided us with Personal Information, please contact us. If we become aware that a user of the Services is under the age of 18 and has provided us with Personal Information without verifiable parental consent, we will delete such Personal Information from our files.
CHANGES TO THIS PRIVACY POLICY
By using the Site, Mobile App and Services, you agree to the current Privacy Policy and our Terms, into which this Privacy Policy is incorporated. We reserve the right, in our sole discretion, to modify, discontinue, or terminate the Services or to modify this Privacy Policy at any time. Use of information we collect now is subject to the Privacy Policy in effect at the time such information is used or disclosed. If we make changes in the way we use Personal Information, we will notify you by posting an announcement on our Site and/or sending you an email. By continuing to access or use the Services after we have posted a modification or have provided you with notice of a modification, you are indicating that you agree to be bound by the modified Privacy Policy. If the modified Privacy Policy is not acceptable to you, your only recourse is to cease accessing the Site or Mobile App and using the Services.
QUESTIONS OR CONCERNS
If you have any questions, concerns or complaints regarding privacy on our Site or Mobile App or if you want to make a request to access or correct your Personal Information, please contact our Privacy Officer at:
By email: privacy@albumhealth.com
By mail:
Privacy Officer
Album Health, Inc.
1717 Ingersoll Avenue
Des Moines, IA 50309
By phone: 888-820-7267
We will make every effort to respond to your questions, concerns complaints and requests within a reasonable time.
Effective Date: June 5, 2018