Effective Date: January 23, 2023 Last Reviewed On: January 19, 2023
Protected Health Information
In some cases, such as use of the Hello Heart mobile application (our "App"),Hello Heart may be acting as a Covered Entity, as defined by the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”). HIPAA requires that Covered Entities comply with certain privacy and security requirements, and we follow all of them. When Hello Heart collects, uses, or shares identifiable information about you that is protected by HIPAA, our HIPAA Notice of Privacy Practicesapplies. We encourage you to review the HIPAA Notice of Privacy Practices to learn more about our privacy practices related to identifiable data protected by HIPAA, also known as Protected Health Information.
Personal Information We Collect
We are using the term “Personal Information” to refer to any information that relates to you directly or indirectly, in particular by reference to an identifier, location or factors specific to your physical, physiological, genetic, economic, cultural or social identity. We may collect and process Personal Information you provide us directly, indirectly or in connection with your use of our App, website, or Services. We may collect, or may have collected, the following categories of Personal Information:
Examples of information we collect
which may include business and/or personal contact information (e.g., name, email address, telephone number, mailing address government-issued identification).
Information relating to internet activity or other electronic network activity
which may include your interactions with our website, App, emails, other communications, Wi-Fi, and marketing content
which may include Global Positioning System (“GPS”) data.
which may include purchase history, such as enrollment in programs.
Audio electronic or visual information
which may include images you provide to us (e.g., if you upload photos) or that are viewed or recorded by on-premises security cameras.
Professional or employment-related information
such as curriculum vitae, resumes, employment history, education, and specialty.
Internet and electronic network activity information or online identifiers
such as information about your interactions with our online resources, IP addresses, and cookies.
Sensitive Personal Information, with your consent
Sensitive Personal Information is Personal Information that is defined under applicable state and federal laws as sensitive, such as
Payment information and other financial information
Biometric information such as voiceprints, facial scans or other similar identifiers, and
Inferences about you, such as household income level and marital status, or inferences necessary to facilitate your use of the App or participation in our Services
Information not listed above and related to characteristics that may be protected understate or federal laws, which may include demographic information such as your date of birth, race, ethnicity, gender, or language preferences.
Personal information categories listed in the California Customer Records statute (Cal. Civ. Code § 1798.80(e)).
Protected classification characteristics under California or federal law.
Internet or other similar network activity.
Professional or employment-related information.
We may combine the Personal Information we collect about you from one source with the Personal Information we collect about you from another source, such as combining online information with our offline interactions with you (for example, our interactions by telephone or in person). We may also combine any of the information we collect about you with information we lawfully obtain from other sources, such as public records or websites, or other third parties(e.g., health care professionals, patient groups, government agencies). If necessary, we will collect your consent, or provide an opportunity for you to opt out of this type of processing.
How We May Use Personal Information
Hello Heart may use your Personal Information to:
Communicate with you, including responding to your communications, requests, or questions related to our App or our Services more generally.
Recruit candidates for participation in, or to conduct, research
Recruit for employment purposes, new-hire onboarding, and to conduct other activities in the course of Hello Heart employment, which may include pre-employment screening, scheduling interviews, or communications regarding the application process, benefits, and payroll.
Process and manage safety and quality concerns
Provide you with our Services
For support-related activities
Develop new products and Services
Fulfill our contractual obligations to you or conduct business with you
Analyze and improve our App, Services, and other business processes
Conduct surveys or polls and obtain testimonials
Comply with legal and regulatory requirements
Conduct other legitimate business activities, as allowed by applicable law
Sharing Personal Information
We may disclose your Personal Information to:
Our subsidiaries and/or corporate affiliates
Service providers working on our behalf, or providing services such as information technology support, website hosting, payment processing
Third parties to whom you authorize us to disclose your Personal Information in connection with our Services
Authorized law enforcement, regulatory or other government authorities, where required by applicable law, or pursuant to a valid subpoena or court order
Third parties to protect and defend Hello Heart's rights and interests, such as when needed for corporate audits, to investigate or respond to a complaint or threat, or to exercise our legal rights
When we share your Personal Information with a third party for a business purpose, we take reasonable steps to impose obligations on these third parties requiring implementation of measures to safeguard your Personal Information.
How Long We Retain Personal Information
We will retain your Personal Information for the time-period required or allowed by applicable law. Otherwise, we maintain your Personal Information for as long as reasonably necessary to serve the purpose(s) for which it was collected.
Third-Party Services and Features
Our Services may contain links to, or make available third-party websites, services, features or other resources not run by us or on our behalf(“Third-Party Services”). We make these Third-Party Services available as a convenience to you, and Hello Heart is not affiliated with, endorsing or sponsoring the Third-Party Services.
You should review the privacy notice or policy of any Third-Party Service to whom you give information in connection with our Services.
We use reasonable physical, technical and administrative safeguards to protect your Personal Information. Please be aware that despite our efforts, no information security measures can guarantee security. You should take steps to ensure your Personal Information is protected like using passwords that would be difficult to
guess, not using the same password for multiple accounts, and periodically changing your password.
Cookies and Other Tracking Technologies
We may use various tracking methods or technologies (“Tracking Technologies”) to store or collect your usage information, including information about your visits to or interactions with our website, the App, and other aspects of the Services. We use Tracking Technologies for a variety of purposes we believe to be necessary or helpful in improving or assessing the performance of the Services (for example, as part of our analytic practices) or in offering you enhanced functionality (for example, to identify you when you sign in, to keep track of your specified preferences, or to help ensure that the security of your account has not been compromised).
Tracking Technologies may include the following technologies and methods as well as any subsequent technologies and methods later developed to perform similar functions:
Embedded Scripts. An embedded script is programming code designed to collect information about your interactions with the website, the App, and other aspects of our Services, such as a link that you may click on. Embedded scripts are temporarily downloaded onto your device. Embedded scripts remain active only while you are connected to the Services and are then deactivated or deleted.
Web Beacons. The Services may also include small graphic images or other web programming code called “web beacons” (also known as “1×1 GIFs” or “clear GIFs”). Any electronic image or other web programming code inserted into a page or email can act as a web beacon, and web beacons may be invisible to you. Web beacons and similar technologies may be used for a number of purposes, including to count visitors to the Services, to count how many sent emails were opened, to count how many articles or links were viewed, or to monitor how users navigate the Services.
Your Rights and Choices About Your Personal Information
Hello Heart is committed to respecting your choices about the use of your Personal Information and we will take reasonable steps to respond to and honor your requests to exercise your rights to access, correct, delete or object to the use, disclosure or other processing of your Personal Information. If you wish to exercise these rights, please contact us by sending an e-mail with your request to email@example.com.
To protect your privacy and security, we may require you to provide us with information to verify your identity. We will respond to your request in accordance with applicable law, and if we are unable to comply with your request, we will provide you with an explanation.
These rights are not absolute, only apply in certain circumstances, and may vary depending on your country, region or US state of residence. This means that we may be unable or not obligated to satisfy your request, for example, due to legal obligations or other requirements to which Hello Heart is subject.
Hello Heart will not discriminate against you for exercising your rights, but we may not be able to provide you with programs or Services that you have requested if we are not able to use your information. If you have provided permission to Hello Heart to process your Personal Information, you have the right to withdraw your consent for such processing at any time by contacting us at firstname.lastname@example.org.
Personal Information of Children
Wecare about protecting the online privacy of children. We will not intentionally collect any PersonalInformation from anyone under the age of 16. If you think that we have collected Personal Informationfrom a child, or anyone under the age of 16, please contact us at email@example.com.
Hello Heart may update or make changes to this Privacy Statement from time to time, at our discretion. We encourage you to visit this page periodically and to review our most current Privacy Statement and applicable effective date.