PRIVACY POLICY
Last updated: May 6, 2024
My Allergy Score, LLC (“MAS”, “we”, “us” “our”), is committed to maintaining the privacy of information that identifies or relates to you, a particular individual, and includes information referred to as “personally identifiable information”, “personal information”, or “sensitive personal information” under applicable data privacy laws, rules, and regulations (together, “Personal Information”). This Privacy Policy does not cover the practices of companies we do not control or persons we do not manage. This Privacy Policy describes the types of Personal Information we collect from users of our mobile application and our practices for using, maintaining, sharing, and protecting Personal Information. This Privacy Policy also describes the rights and choices you may have with respect to your Personal Information and how you may contact us about our privacy practices. This Privacy Policy applies to users of the My Allergy Score mobile application that is owned and operated by MAS (the “Application” with the services provided through the Application being, the “Services”). For the purposes of this Privacy Policy, “you” and “your” means you as the user of the Application. By using or accessing the Application and any of our Services in any manner, you acknowledge that you accept the practices and policies outlined below, and you hereby consent that we will collect, use, and share your information as described in this Privacy Policy. Additionally, by using or accessing the Application, you consent for MAS to use your Personal Information in connection with your physician’s use and access of the Application.
Use of MAS’s Services is subject to our Terms of Use, which incorporates this Privacy Policy. Capitalized terms used herein shall have the meanings ascribed to them in the Terms of Use.
When using our Application, you may choose to interact with features from third parties that operate independently from MAS, such as social media widgets and links to third-party websites. MAS has no control over and is not responsible for the privacy practices of such third parties. This Privacy Policy does not apply to the extent MAS does not own or control any linked website or features you visit or use. We recommend that you familiarize yourself with the privacy practices of those third parties.
This Privacy Policy is not a contract and does not create any contractual rights or obligations.
1. TYPES OF PERSONAL INFORMATION WE COLLECT
While using our Application, you may provide us with certain information about you. We also may automatically collect information through the use of tracking technologies (see below).
Personal Information that we collect through your use of the Application may include the following:
Personal Information: first and last name, email address, phone number, date of birth, and login identification information, e.g., usernames, passwords, security answers (only if you provide us with such information directly to us when you begin registration to use the Application or complete a form seeking more information)
Payment data: last 4 digits of payment card information, billing address, phone number, and email
Geolocation data: IP address, geolocation, GPS data
Health data: medical conditions, medications, weight, allergy triggers, family medical history
Consumer demographic: age, date of birth, zip code, race, ethnicity
Device/IP data: information about the devices, internet service, IP address, and browsers that you use to access and use our Application; information about your settings and your activities associated with your use of our Application (e.g. how frequently you use our services and your user preferences); forms that you submit electronically through our Application
We may use your Personal Information and link it to the Internet or other electronic network activity information, and we may draw inferences about you from the information we collect. We may also collect PHI and other healthcare-related information from you, as well as such data generated from your or your healthcare provider’s use of the Application, such as (but not limited to) your allergy test results, symptom assessments, reactions to treatments, allergy treatment plan and progress, and visit schedule to your healthcare provider, and other health readings.
We also collect the contact information of your healthcare provider (see below how we share information with your designated recipients); and if you are a healthcare provider using the Application, any of the username and foregoing health information of any person for whom you provide services through our Application.
Health Information:
The information collected and stored by MAS or added by our users who register an account on the Application may be considered Protected Health Information (“PHI”) and/or medical information and is governed by applicable state and federal laws that apply to that information, for example the Health Insurance Portability and Accountability Act of 1996 (Public Law 104-191) and the Health Information Technology for Economic and Clinical Health Act (Public Law 111-5), and their implementing regulations (collectively, “HIPAA”). Please refer to Notice of Privacy Practices located immediately below this Privacy Policy (“Notice of Privacy Practices”) for additional information about your PHI rights under HIPAA. For example, but without limitation, if you have consented to importing data from your healthcare provider into the Application, you should review our Notice of Privacy Practices to understand how we use and disclose such PHI. MAS will not use or disclose information received from your healthcare provider for advertising, marketing, or other use-based data mining purposes and will not combine it with other data and will not sell it.
2. HOW WE COLLECT YOUR INFORMATION
We may collect Personal Information using the following methods:
Directly from you when you provide it to us (such as information you enter into web forms, inquiries, responses, activity on the Application, and during registration to use a Security Platform).
From the ENT Center of Northwest Alabama, LLC (“ENTNWA”). For example, we collect information about you from ENTNWA when you use the Application to manage ENTNWA’s services and you authorize them to share your PHI with us.
Automatically through various tracking technologies, including over time and across third-party website or other online services.
The Application may use tracking technologies for various purposes, including to keep track of your activity on the App, including over multiple sessions. In accordance with applicable law, we may obtain your consent separately before collecting information by automated means.
Our Application may use Mixpanel, a vendor’s service that tracks User interactions with web and mobile applications. The data collected is used to build custom reports and measure User engagement.
Our Application may use and interact with various third-party service providers, including, but not limited to, Amazon Web Services, Google Maps, Apple App Store, Google Play Store, and various solutions for communicating through email, SMS, or other electronic means. You can learn more about how these third-parties may handle information collected through our use of its services, and your options for controlling this activity, by visiting their websites.
For more information about how we use Personal Information collected through tracking technologies and the ways you may be able to manage it, see below.
3. HOW WE USE YOUR INFORMATION
We may use your Personal Information for the following purposes:
Operate, maintain, supervise, administer, and enhance the Application, including monitoring and analyzing the effectiveness of content on the Application, aggregate site usage data, and other usage of the Application such as checking your eligibility and assisting you in completing the registration process.
Provide you with a tailored and user-friendly experience as you navigate our Application.
Geolocation information is used only to facilitate functionality of the application – to provide location-dependent services.
Promote and market our Application to you.
Complete the activity you specifically asked for, e.g., utilize the services of the Application, obtain more information, communicate with ENTNWA or other healthcare providers you authorize.
Conduct research on users’ demographics, interests, and behavior based upon information provided during use of our Application.
Anonymize and aggregate information for analytics and reporting.
Respond to law enforcement requests and court orders, and legally process and carry out our legal and contractual obligations and enforce our rights under applicable law.
Authenticate use, detect potential fraudulent use, and otherwise maintain the security of the Application and safety of users.
Develop, test, improve, and demonstrate the Application.
Provide technical support (or allow our third-party service provides to provide technical support) for the Application.
To provide localized, up-to-date allergen information.
If applicable, as otherwise permitted by the Notice of Privacy Practices.
Any other purpose with your consent.
4. HOW WE SHARE YOUR INFORMATION
We may share Personal Information with third parties in certain circumstances or for certain purposes, including:
For business purposes. We may share your Personal Information with vendors and service providers, including our data hosting and data storage partners, analytics and advertising providers, technology services and support, and data security. We also may share Personal Information with professional advisors, such as auditors, law firms, and accounting firms. We may disclose your name, email address, date of birth, phone number, and address if you provided it to us via a form on the website or during an incomplete or failed registration to service providers.
With your provider and other service providers when using the Application. We may share your Personal Information with ENTNWA or any other healthcare provider that you designate to us when using the Application. YOU ARE RESPONSIBLE FOR DETERMINING YOUR HEALTHCARE PROVIDERS AND PROVIDING US ACCURATE INFORMATION FOR YOUR HEALTHCARE PROVIDERS. We do not verify the accuracy of any information you provide when you designate a healthcare provider to receive your Personal Information. You must provide to us any applicable consents or authorizations that we request for any healthcare provider that you designate to us as an intended recipient of your Personal Information. If your healthcare provider is an entity, you should consult that person’s terms of service, privacy policy, and other provisions of their website and services as they apply to your Personal Information that is transferred to such healthcare provider. If any such persons share your Personal Information with us, this privacy policy applies with respect to our practices.
With your direction or consent. We may share your Personal Information with other third parties if you request or direct us to do so. This includes your use of social media widgets on our Application.
With affiliates within our corporate group. We may share your Personal Information with any affiliates within our corporate group.
With Service Providers. We may share your Personal Information with third-party entities, business partners, or others that provide services or products, or perform functions, on our behalf so that we may operate and manage our business, including but not limited to providing: the Application and peripheral devices, including service providers that provide data hosting, storage, retrieval, and analytical services; administrative functions and process, including but not limited to email services and shipping services; legal functions and processes; control and compliance processes; and staff augmentation.
Legal Purposes. We may share your Personal Information to comply with applicable law or any obligations thereunder, including cooperation with law enforcement, judicial orders, and regulatory inquiries.
Privacy Practices. We may share information as outlined in our Notice of Privacy Practices.
In the context of a transaction. We may share your Personal Information in connection with an asset sale, merger, bankruptcy, or other business transaction.
For other business reasons. We may share your Personal Information to enforce any applicable Application usage terms or agreements we have with you, and to ensure the safety and security of the Application and/or our users.
We also may disclose de-identified information. De-identified information shared with third-parties will not be disclosed in a manner that allows it to be re-identified.
Third-parties with whom we share information will provide the same or equal protection of your user data as we do in our privacy policy.
5. THIRD PARTY WEBSITES AND LINKS
Our Application may contain links to other online platforms operated by third parties. We do not control such other online platforms and are not responsible for their content, their privacy policies, or their use of your information. Information you provide on public or semi-public venues, including information you share on third-party social networking platforms (such as Facebook, LinkedIn, or Twitter) may also be viewable by other users of the Application and/or users of those third-party online platforms without limitation as to its use by us or by a third party. Our inclusion of such links does not, by itself, imply any endorsement of the content on such platforms or of their owners or operators except as disclosed on the Application. We expressly disclaim any and all liability for the actions of third parties, including but without limitation to actions relating to the use and/or disclosure of Personal Information by third parties. Any information submitted by you directly to these third parties is subject to that third party’s Privacy Policy.
6. UPDATING OR DELETING YOUR INFORMATION
You can change or update much of your Personal Information by making the changes right in the Application.
You may also send us an email at contact@entcenteralabama.com to request access to, correct, or delete any Personal Information that you have provided to us or that we have otherwise collected. We cannot delete all of your Personal Information except by also deleting your user account (See Section 11 below for information about how to delete your user account). We may not accommodate a request to change information if we believe the change would violate any law or legal requirement or cause the information to be incorrect.
7. CHILDREN’S PRIVACY
Our Application is not intended for children under 18 years of age, and we do not knowingly collect or solicit Personal Information from children under 16. If you are under 16, do not use or provide any information on this Application or through any of its features. If we learn we have collected or received Personal Information from a child under 16 without verification of parental consent, we will delete it. If you are the parent or guardian of a child under 16 years of age whom you believe might have provided us with their Personal Information, you may contact us using the below information to request that it be deleted.
8. SECURITY OF PERSONAL INFORMATION
We take steps to secure Personal Information through administrative, technical, and physical safeguards designed to protect against the risk of accidental, unlawful, or unauthorized destruction, loss, alteration, access, disclosure, or use. Unfortunately, we cannot guarantee the security of information transmitted through the Internet, and where we have given you (or where you have chosen) a password, you are responsible for keeping this password confidential.
9. RETENTION OF PERSONAL INFORMATION
We generally retain records only as long as necessary and as required for our business operations, for archival purposes, and/or to satisfy legal requirements. When determining the appropriate retention period for Personal Information, we take into account various criteria, such as the amount, nature, and sensitivity of the Personal Information; potential risk of harm from unauthorized use or disclosure; purposes for which we process your Personal Information; whether we can achieve those purposes through other means; and business operations and legal requirements. Because we maintain our Application to protect from accidental or malicious loss and destruction, residual copies of your Personal Information may be retained in our backup and archival systems for a limited period of time, after which the information will be automatically deleted or put beyond use where deletion is not possible.
10. INTERNATIONAL USERS
The Application is controlled and operated by us from the United States and is not intended to subject us to the laws or jurisdiction of any state, country, or territory other than that of the United States. Any information you provide to us through use of our Application may be stored and processed, transferred between, and accessed from the United States and other countries that may not guarantee the same level of protection of personal data as the one in which you reside. However, we will handle your Personal Information in accordance with this Privacy Policy regardless of where your Personal Information is stored/accessed.
11. DELETING YOUR USER ACCOUNT
Deleting the Application from your device will not delete your user account. You may delete your user account by emailing us at contact@entcenteralabama.com with the subject line stating, “Account deletion request.” While deleting your account will delete your Personal Information from within the Application, it cannot delete your Personal Information held by parties with whom your information was already shared pursuant to this Privacy Policy or the Notice of Privacy Practices.
12. UPDATING THIS PRIVACY POLICY
This Privacy Policy may be updated periodically to reflect changes in our privacy practices. It is your responsibility to review the Privacy Policy from time to time to view any such changes.
13. HOW TO CONTACT US
Should you have any questions about our privacy practices or this Privacy Policy, please email us at contact@entcenteralabama.com or contact us at:
My Allergy Score, LLC
210 Seville Street
Florence, Alabama 35634
ATTN: Practice Administrator