Privacy policy

Effective Date: December 14th, 2019
Contact

For any questions about this Privacy Policy, our privacy practices or 
if you would like to exercise your rights and choices, please contact us at support@memorahealth.com
 or write to us at:

Memora Health Inc.
38 Bluxome St
STE 410
San Francisco, CA 94107

Memora Health Inc. (“Memora,” “we,” “us,” or “our”) respects your privacy. This Privacy Policy explains how Memora collects, uses, discloses, and secures information about you through www.memorahealth.com/, along with our related websites, networks, applications, mobile applications, our electronic communications, including email and text messages, and other services provided by us (collectively, the “Services”). By using the Services, you consent to the processing of your information as set forth in this Privacy Policy, now and as amended by us.

In providing the Services, we collect and obtain information about individual consumers (“End Users”) to, among other things, provide End Users access to an artificial intelligence engine that delivers disease management suggestions, reminders, healthcare services such as appointment scheduling, and related information through the delivery and receipt of health-related text messages. In providing the Services, we at times act as a service provider to health care providers (“Providers”) who use the Services to engage with End Users.

Memora has subscribed to the EU-U.S. Privacy Shield Framework (collectively, “Privacy Shield”). Memora adheres to the Privacy Shield Principles for Personal Data received from entities in the European Economic Area (the “EEA”). If there is any conflict between the terms in this Privacy Policy and the Privacy Shield Principles as concerns the information about End Users received under the Privacy Shield, the Privacy Shield Principles shall govern to the extent of the conflict. To learn more about the Privacy Shield program visit https://www.privacyshield.gov, and to view our certification, please visit https://www.privacyshield.gov/list.

When you submit information to or through the Services, you consent to the collection, use, sharing and processing of your information as described in this Privacy Policy. By using the Services, you accept the terms of this Privacy Policy and our Terms of Service and consent to our collection, use, disclosure and retention of your information as described in this Privacy Policy. IF YOU DO NOT AGREE WITH ANY PART OF THIS PRIVACY POLICY OR OUR TERMS OF USE, THEN PLEASE DO NOT USE ANY OF THE SERVICES.

Linked sites

For your convenience, we may provide links on our Services to third party websites (“Third Party Sites”), with which we have no affiliation. Please remember that this Privacy Policy is not applicable to such Third Party Sites. A link to any Third Party Sites does not mean that we endorse it or the quality or accuracy of information presented on it. If you decide to visit a Third Party Site, you are participant to its privacy policy and practices and not this Privacy Policy. We encourage you to carefully review the legal and privacy notices of all other digital services that you visit.

Information we collect

Memora collects information from and about users of the Services in a variety of ways. This information includes:

Information You Provide. We collect information you provide when you use the Services or otherwise communicate with us. If you request information or register an account with us, we will collect the information you provide, such as your name, email address, and phone number. We will also collect any information you submit through your use of the Services. For example, if you are an End User, the information you provide can include your messaging history and any information included in your messages via the Services. We may also collect information through your communications with our employees.

Provider Submitted Information about End Users. Providers may provide us information about End Users they recommended to the Services such as the End User’s name, date of birth, gender, telephone number, medical history, upcoming health appointments, and prescribed medications. We use and disclose this information only in accordance with your express authorization, which we require the relevant Provider obtain from you through a separate document when you sign up to use the Services. Please be aware that if you do not provide your authorization, or if you subsequently withdraw your authorization, you may not be able to use the Services, but may continue to receive services from the Provider outside of the Services.

You have the right to revoke this consent at any time by sending an email to support@memorahealth.com, however, please note that the revocation will not apply to the extent that we have already released your information to medical professionals based on this consent. It will take effect as soon as it is received.

Device and Usage Information. Like most online services, we automatically receive standard technical, information when you interact with our Services including browser and device information such as unique device identifiers, mobile phone carrier, internet protocol (IP) addresses (which may identify your general geographic location), browser types, and the date and time of your interactions. We also receive information about your interactions with our Services, such as which website pages you visited and how much time was spent on the page.

We may collect this information using cookies, web beacons, embedded scripts or similar technologies. Cookies are pieces of information that are stored by your browser on the hard drive or memory of your device. Cookies enable us to personalize your experience on the Services, maintain a persistent session, passively collect demographic information, and monitor advertisements and other activities. Our Services may use different kinds of cookies and other types of local storage (such as browser-based or plugin-based local storage).

We do not use cookies, web beacons, embedded scripts or similar technologies to store any of your personal, financial, or health-related information on your computer. Also, we do not use cookies to retrieve information from your computer that was not originally provided to us by you directly, or by your browser when you are using the Services. Once you visit or click on links to third-party websites, their sites may use cookies. We do not control what information those websites collect or their use of cookies, and they are not participant to our Privacy Policy, including the use of cookies.

How we use your information

We use information in a variety of ways to provide our Services and to operate our business, including the following:

Services Related Usage. We use the information we collect about and from you for a number of purposes, including: providing and supporting the Services, analyzing how you use the Services, and better tailoring features.

Communications. We use your information to communicate with you for Services-related purposes. For example, we may send email to the email address you provide to us or text messages, to verify your account and for informational and operational purposes, such as account management, customer service, system maintenance, and other Services-related purposes.

Improve our Services. We use the information that we collect (i) to understand and analyze usage trends and preferences; (ii) to monitor and analyze the effectiveness of our Services; and (iii) to improve our Services and develop new products, services, features, and functionality.

Marketing. As permitted by applicable law, we may use information we collect about you for marketing purposes, such as providing you with promotional materials that may be useful, relevant, valuable or otherwise of interest to you. Where required under applicable law, we’ll obtain your prior opt-in consent to send you electronic marketing communications.

Anonymous Data. We may de-identify your information and process it in an anonymous form for other purposes than described above.

How we share your information

We may share, transfer, or disclose your information, if you consent to us doing so, as well as in the following circumstances:

Providers and Approved Persons. If you are an End User that was enrolled by a Provider, we share information collected from you through the Services with your Provider. In addition, the Services may allow End Users to share information collected with explicitly designated third-parties.

Services Providers. We share information with third parties who provide services to us, such as analytics, web site management, information technology, and other similar service providers. In addition, we may use third party analytics vendors to evaluate and provide us with information about your use of the Services. We do not share your information with these third parties, but theses analytics service providers may set and access their own cookies, pixel tags and similar technologies on the Services and they may otherwise collect or have access to information about you which they may collect over time and across different websites. On our website, we use Google Analytics to collect and process certain analytics data; Google provides some additional privacy options described at https://www.google.com/policies/privacy/partners/.

Comply with Legal Requirements. We may disclose your information as we believe to be necessary or appropriate to: (i) comply with applicable law and legal processes; (ii) respond to requests from public and government authorities, including public and government authorities outside your country of residence; (iii) enforce our Terms of Services; (iv) protect our rights, privacy, safety, or property, and/or that of our affiliates, you or others; and (v) allow us to pursue available remedies or limit the damages that we may sustain.

Corporate Transactions. We reserve the right to transfer your information to service providers, advisors, potential transactional partners, or other third parties in connection with the consideration, negotiation, or completion of a corporate transaction in which we are acquired by or merged with another company or we sell, liquidate, or transfer all or a portion of our assets.

Aggregate, De-Identified Information. We may use your data to create aggregate or statistical information that does not directly identify a specific person, and we may share that information. For example, we may share anonymous and aggregated reports and information on user demographics and traffic patterns with third parties.

HIPAA, PIPEDA, GDPR, PHIPA, PIPA

Some of our Providers may be regulated as “covered entities” under the Health Insurance Portability and Accountability Act (“HIPAA”), Personal Information Protection and Electronic Documents Act (“PIPEDA”), General Data Protection Regulation 2016/679 (“GDPR”), Personal Health Information Protection Act (“PHIPA”), or Personal Information Protection Act (“PIPA”). Please be aware that this Privacy Policy is distinct from such Provider’s HIPAA Notice of Privacy Practices, which describes in detail how that Provider uses and discloses individually identifiable health information. If an End User would like to review a copy of their Provider’s relevant Notice of Privacy Practices, the End User should request a copy directly from their Provider.

Information security

We take steps in an effort to treat your information securely and in accordance with this Privacy Policy. Unfortunately, the Internet cannot be guaranteed to be 100% secure, and we cannot ensure or warrant the security of any information you provide to us. We do not accept liability for unintentional disclosure. Users of the Services are responsible for maintaining the security of any password, user ID or other form of authentication involved in obtaining access to password protected or secure areas of any of our Services. In order to protect you and your data, we may suspend your use of any of the Services, without notice, pending an investigation, if any breach of security is suspected. Access to and use of password protected and/or secure areas of any of the Services are restricted to authorized users only. Unauthorized access to such areas is prohibited and may lead to criminal prosecution.

To request access to, or correction, amendment or deletion of your information, End Users should contact support@memorahealth.com.

Children's Privacy

We do not knowingly collect, maintain, or use personal information from children under 13 years of age, and no part of the Services is directed to children under the age of 13. If you learn that your child has provided us with personal information without your consent, you may alert us at the contact information listed below. If we learn that we have collected any personal information from children under 13, we will promptly take steps to delete such information and terminate the child’s account.

California privacy rights

Under California’s “Shine the Light” law, California residents who provide personal information to us in obtaining products or services for personal, family or household use are entitled to request and obtain from us once a calendar year information about certain types of information we may share with other businesses for their own direct marketing uses. To make such a request, please send an email to legal@memorahealth.com and provide us with your name, address and email address. We will respond to you within 30 days of receiving such a request. Please be aware that not all information sharing is covered by the “Shine the Light” requirements and only information on covered sharing will be included in our response.

Do not track

We do not support Do Not Track with respect to the Services at this time. Do Not Track is a privacy preference that you can set in your web browser to indicate that you do not want certain information about your webpage visits collected across websites when you have not interacted with that service on the page. For all the details, including how to turn on Do Not Track, visit Do Not Track.

Accountability for onward transfers

Except as permitted or required by applicable law and in accordance with Memora’s role as a controller or processor, Memora provides EEA users with an opportunity to opt out of sharing their information with third-party controllers. Memora requires third-party controllers to whom it discloses the information of EEA users to contractually agree to (a) only process the user information for limited and specified purposes consistent with the consent provided by the relevant EEA user, (b) provide the same level of protection for user information as is required by the Privacy Shield Principles, and (c) notify Memora and cease processing user information (or take other reasonable and appropriate remedial steps) if the third-party controller determines that it cannot meet its obligation to provide the same level of protection for user information as is required by the Privacy Shield Principles.

Memora may disclose user information to trusted third parties as indicated in the Privacy Policy without offering an opportunity to opt out. Memora requires that its agents and service providers that have access to user information within the scope of this Privacy Policy provide the same level of protection as required by the Privacy Shield Principles. Memora has liability for onward transfers to third parties unless we can prove we were not a party to the events giving rise to the damages. Users do not have an opportunity to opt out from disclosures of user information as required by law.

Memora commits to cooperating with EU data protection authorities and comply with the advice given by such authorities with regard to human resources data transferred from the EU in the context of an employment relationship.

Recourse, enforcement and dispute resolution

If you have any questions or concerns, please write to us at the address listed below. In compliance with the Privacy Shield Principles, Memora commits to resolve complaints or disputes about our collection, disclosure or use of your personal information. EU individuals with inquiries or complaints regarding our Privacy Shield policy should first contact Memora at legal@memorahealth.com directed to Memora Health’s counsel.

Memora has further committed to refer unresolved Privacy Shield complaints or disputes to the International Centre for Dispute Resolution’s American Arbitration Association (“ICDR-AAA”), an alternative dispute resolution provider located in the United States. If you do not receive timely acknowledgment of your complaint or inquiry from us, or if we have not addressed your complaint to your satisfaction, please visit https://www.adr.org/support for more information or to file a complaint. The services of ICDR-AAA are provided at no cost to you.

A binding arbitration option may also be available to you in order to address residual complaints not resolved by any other means. Memora is subject to the investigatory and enforcement powers of the U.S. Federal Trade Commission (“FTC”) and U.S. Health and Human Services (“HHS”).

Your choices

If you do not want the Services to collect information through the use of cookies, your browser may allow you to be notified when you receive certain types of cookies and restrict or disable certain cookies. Each browser is different, so you should check your browser’s “Help” menu to learn how to change your cookie preferences. Please be aware that if you disable or reject cookies, some features may not work properly.

You can opt-out of receiving further promotional emails from us by following the unsubscribe instructions provided in the promotional email you receive or by contacting us directly at the email address listed below.

You can opt-out of receiving further text messages from us by texting “STOP” to the number from which you are currently receiving messages and health information. Alternatively, you can contact us at support@memorahealth.com to adjust or opt-out of further text messages.

Contact us

If you have any questions or comments about this Privacy Policy, our privacy practices or if you would like to exercise your rights and choices, please contact us at support@memorahealth.com or by writing to us at:
Memora Health Inc.
38 Bluxome St
STE 410
San Francisco, CA 94107

Privacy policy updates

We may update this Privacy Policy from time to time. If we make any changes, we will notify you by revising the "Effective Date" at the bottom of this Privacy Policy. If we make any revisions that materially change the ways in which we use or share the information previously collected from you through the Services, we will give you the opportunity to consent to such changes before applying them to that information. The revised Privacy Policy supersedes all previous versions.