Last updated: May 6, 2024
My Allergy Score, LLC ("MAS", "we", "us" "our"), is committed to maintaining the privacy of information that identifies or relates to you, a particular individual, and includes information referred to as "personally identifiable information", "personal information", or "sensitive personal information" under applicable data privacy laws, rules, and regulations (together, "Personal Information"). This Privacy Policy does not cover the practices of companies we do not control or persons we do not manage. This Privacy Policy describes the types of Personal Information we collect from users of our mobile application and our practices for using, maintaining, sharing, and protecting Personal Information. This Privacy Policy also describes the rights and choices you may have with respect to your Personal Information and how you may contact us about our privacy practices. This Privacy Policy applies to users of the My Allergy Score mobile application that is owned and operated by MAS (the "Application" with the services provided through the Application being, the "Services"). For the purposes of this Privacy Policy, "you" and "your" means you as the user of the Application. By using or accessing the Application and any of our Services in any manner, you acknowledge that you accept the practices and policies outlined below, and you hereby consent that we will collect, use, and share your information as described in this Privacy Policy. Additionally, by using or accessing the Application, you consent for MAS to use your Personal Information in connection with your physician's use and access of the Application.
Use of MAS's Services is subject to our Terms of Use, which incorporates this Privacy Policy. Capitalized terms used herein shall have the meanings ascribed to them in the Terms of Use.
When using our Application, you may choose to interact with features from third parties that operate independently from MAS, such as social media widgets and links to third-party websites. MAS has no control over and is not responsible for the privacy practices of such third parties. This Privacy Policy does not apply to the extent MAS does not own or control any linked website or features you visit or use. We recommend that you familiarize yourself with the privacy practices of those third parties.
This Privacy Policy is not a contract and does not create any contractual rights or obligations.
While using our Application, you may provide us with certain information about you. We also may automatically collect information through the use of tracking technologies (see below).
Personal Information that we collect through your use of the Application may include the following:
We may use your Personal Information and link it to the Internet or other electronic network activity information, and we may draw inferences about you from the information we collect. We may also collect PHI and other healthcare-related information from you, as well as such data generated from your or your healthcare provider's use of the Application, such as (but not limited to) your allergy test results, symptom assessments, reactions to treatments, allergy treatment plan and progress, and visit schedule to your healthcare provider, and other health readings.
We also collect the contact information of your healthcare provider (see below how we share information with your designated recipients); and if you are a healthcare provider using the Application, any of the username and foregoing health information of any person for whom you provide services through our Application.
The information collected and stored by MAS or added by our users who register an account on the Application may be considered Protected Health Information ("PHI") and/or medical information and is governed by applicable state and federal laws that apply to that information, for example the Health Insurance Portability and Accountability Act of 1996 (Public Law 104-191) and the Health Information Technology for Economic and Clinical Health Act (Public Law 111-5), and their implementing regulations (collectively, "HIPAA"). Please refer to Notice of Privacy Practices located immediately below this Privacy Policy ("Notice of Privacy Practices") for additional information about your PHI rights under HIPAA. For example, but without limitation, if you have consented to importing data from your healthcare provider into the Application, you should review our Notice of Privacy Practices to understand how we use and disclose such PHI. MAS will not use or disclose information received from your healthcare provider for advertising, marketing, or other use-based data mining purposes and will not combine it with other data and will not sell it.
We may collect Personal Information using the following methods:
Directly from you when you provide it to us (such as information you enter into web forms, inquiries, responses, activity on the Application, and during registration to use a Security Platform).
From the ENT Center of Northwest Alabama, LLC ("ENTNWA"). For example, we collect information about you from ENTNWA when you use the Application to manage ENTNWA's services and you authorize them to share your PHI with us.
Automatically through various tracking technologies, including over time and across third-party website or other online services.
The Application may use tracking technologies for various purposes, including to keep track of your activity on the App, including over multiple sessions. In accordance with applicable law, we may obtain your consent separately before collecting information by automated means.
Our Application may use Mixpanel, a vendor's service that tracks User interactions with web and mobile applications. The data collected is used to build custom reports and measure User engagement.
Our Application may use and interact with various third-party service providers, including, but not limited to, Amazon Web Services, Google Maps, Apple App Store, Google Play Store, and various solutions for communicating through email, SMS, or other electronic means. You can learn more about how these third-parties may handle information collected through our use of its services, and your options for controlling this activity, by visiting their websites.
For more information about how we use Personal Information collected through tracking technologies and the ways you may be able to manage it, see below.
We may use your Personal Information for the following purposes:
Operate, maintain, supervise, administer, and enhance the Application, including monitoring and analyzing the effectiveness of content on the Application, aggregate site usage data, and other usage of the Application such as checking your eligibility and assisting you in completing the registration process.
Provide you with a tailored and user-friendly experience as you navigate our Application.
Geolocation information is used only to facilitate functionality of the application – to provide location-dependent services.
Promote and market our Application to you.
Complete the activity you specifically asked for, e.g., utilize the services of the Application, obtain more information, communicate with ENTNWA or other healthcare providers you authorize.
Conduct research on users' demographics, interests, and behavior based upon information provided during use of our Application.
Anonymize and aggregate information for analytics and reporting.
Respond to law enforcement requests and court orders, and legally process and carry out our legal and contractual obligations and enforce our rights under applicable law.
Authenticate use, detect potential fraudulent use, and otherwise maintain the security of the Application and safety of users.
Develop, test, improve, and demonstrate the Application.
Provide technical support (or allow our third-party service provides to provide technical support) for the Application.
To provide localized, up-to-date allergen information.
If applicable, as otherwise permitted by the Notice of Privacy Practices.
Any other purpose with your consent.
We may share Personal Information with third parties in certain circumstances or for certain purposes, including:
For business purposes. We may share your Personal Information with vendors and service providers, including our data hosting and data storage partners, analytics and advertising providers, technology services and support, and data security. We also may share Personal Information with professional advisors, such as auditors, law firms, and accounting firms. We may disclose your name, email address, date of birth, phone number, and address if you provided it to us via a form on the website or during an incomplete or failed registration to service providers.
With your provider and other service providers when using the Application. We may share your Personal Information with ENTNWA or any other healthcare provider that you designate to us when using the Application. YOU ARE RESPONSIBLE FOR DETERMINING YOUR HEALTHCARE PROVIDERS AND PROVIDING US ACCURATE INFORMATION FOR YOUR HEALTHCARE PROVIDERS. We do not verify the accuracy of any information you provide when you designate a healthcare provider to receive your Personal Information. You must provide to us any applicable consents or authorizations that we request for any healthcare provider that you designate to us as an intended recipient of your Personal Information. If your healthcare provider is an entity, you should consult that person's terms of service, privacy policy, and other provisions of their website and services as they apply to your Personal Information that is transferred to such healthcare provider. If any such persons share your Personal Information with us, this privacy policy applies with respect to our practices.
With your direction or consent. We may share your Personal Information with other third parties if you request or direct us to do so. This includes your use of social media widgets on our Application.
With affiliates within our corporate group. We may share your Personal Information with any affiliates within our corporate group.
With Service Providers. We may share your Personal Information with third-party entities, business partners, or others that provide services or products, or perform functions, on our behalf so that we may operate and manage our business, including but not limited to providing: the Application and peripheral devices, including service providers that provide data hosting, storage, retrieval, and analytical services; administrative functions and process, including but not limited to email services and shipping services; legal functions and processes; control and compliance processes; and staff augmentation.
Legal Purposes. We may share your Personal Information to comply with applicable law or any obligations thereunder, including cooperation with law enforcement, judicial orders, and regulatory inquiries.
Privacy Practices. We may share information as outlined in our Notice of Privacy Practices.
In the context of a transaction. We may share your Personal Information in connection with an asset sale, merger, bankruptcy, or other business transaction.
For other business reasons. We may share your Personal Information to enforce any applicable Application usage terms or agreements we have with you, and to ensure the safety and security of the Application and/or our users.
We also may disclose de-identified information. De-identified information shared with third-parties will not be disclosed in a manner that allows it to be re-identified.
Third-parties with whom we share information will provide the same or equal protection of your user data as we do in our privacy policy.
Our Application may contain links to other online platforms operated by third parties. We do not control such other online platforms and are not responsible for their content, their privacy policies, or their use of your information. Information you provide on public or semi-public venues, including information you share on third-party social networking platforms (such as Facebook, LinkedIn, or Twitter) may also be viewable by other users of the Application and/or users of those third-party online platforms without limitation as to its use by us or by a third party. Our inclusion of such links does not, by itself, imply any endorsement of the content on such platforms or of their owners or operators except as disclosed on the Application. We expressly disclaim any and all liability for the actions of third parties, including but without limitation to actions relating to the use and/or disclosure of Personal Information by third parties. Any information submitted by you directly to these third parties is subject to that third party's Privacy Policy.
You can change or update much of your Personal Information by making the changes right in the Application.
You may also send us an email at contact@entcenteralabama.com to request access to, correct, or delete any Personal Information that you have provided to us or that we have otherwise collected. We cannot delete all of your Personal Information except by also deleting your user account (See Section 11 below for information about how to delete your user account). We may not accommodate a request to change information if we believe the change would violate any law or legal requirement or cause the information to be incorrect.
Our Application is not intended for children under 18 years of age, and we do not knowingly collect or solicit Personal Information from children under 16. If you are under 16, do not use or provide any information on this Application or through any of its features. If we learn we have collected or received Personal Information from a child under 16 without verification of parental consent, we will delete it. If you are the parent or guardian of a child under 16 years of age whom you believe might have provided us with their Personal Information, you may contact us using the below information to request that it be deleted.
We take steps to secure Personal Information through administrative, technical, and physical safeguards designed to protect against the risk of accidental, unlawful, or unauthorized destruction, loss, alteration, access, disclosure, or use. Unfortunately, we cannot guarantee the security of information transmitted through the Internet, and where we have given you (or where you have chosen) a password, you are responsible for keeping this password confidential.
We generally retain records only as long as necessary and as required for our business operations, for archival purposes, and/or to satisfy legal requirements. When determining the appropriate retention period for Personal Information, we take into account various criteria, such as the amount, nature, and sensitivity of the Personal Information; potential risk of harm from unauthorized use or disclosure; purposes for which we process your Personal Information; whether we can achieve those purposes through other means; and business operations and legal requirements. Because we maintain our Application to protect from accidental or malicious loss and destruction, residual copies of your Personal Information may be retained in our backup and archival systems for a limited period of time, after which the information will be automatically deleted or put beyond use where deletion is not possible.
The Application is controlled and operated by us from the United States and is not intended to subject us to the laws or jurisdiction of any state, country, or territory other than that of the United States. Any information you provide to us through use of our Application may be stored and processed, transferred between, and accessed from the United States and other countries that may not guarantee the same level of protection of personal data as the one in which you reside. However, we will handle your Personal Information in accordance with this Privacy Policy regardless of where your Personal Information is stored/accessed.
Deleting the Application from your device will not delete your user account. You may delete your user account by emailing us at contact@entcenteralabama.com with the subject line stating, "Account deletion request." While deleting your account will delete your Personal Information from within the Application, it cannot delete your Personal Information held by parties with whom your information was already shared pursuant to this Privacy Policy or the Notice of Privacy Practices.
This Privacy Policy may be updated periodically to reflect changes in our privacy practices. It is your responsibility to review the Privacy Policy from time to time to view any such changes.
Should you have any questions about our privacy practices or this Privacy Policy, please email us at contact@entcenteralabama.com or contact us at:
My Allergy Score, LLC
210 Seville Street
Florence, Alabama 35634
ATTN: Practice Administrator
Last updated: May 6, 2024
THIS NOTICE DESCRIBES HOW PROTECTED HEALTH INFORMATION MAY BE USED AND DISCLOSED. PLEASE REVIEW IT CAREFULLY.
This notice applies to your protected health information ("PHI") that may be accessed or used by My Allergy Score, LLC ("MAS"). PHI is information about you that may be used to identify you (such as your name, social security number or address), and that relates to (a) your past, present or future physical or mental health or condition, (b) the provision of healthcare to you, or (c) your past, present, or future payment for the provision of healthcare. In conducting its business, MAS may receive or access records containing your PHI.
MAS will abide by the terms of this Notice while it is in effect. This current Notice takes effect on January 15, 2024, and will remain in effect until MAS replaces it. MAS reserves the right to change the terms of this Notice at any time, as long as the changes are in compliance with applicable law. If MAS changes the terms of this Notice, the new terms will apply to all PHI that it maintains, including PHI that was created or received before such changes were made. If MAS changes this Notice, it will post the new Notice in the My Allergy Score Application and will make the new Notice available upon request.
Please note that you hold the option to refuse or cease using MAS's products and services at any time (such as the My Allergy Application and its related services) (the "MAS Services"), without affecting your right to receive future care from your healthcare provider. The existing confidentiality obligations in place between MAS and your healthcare provider will continue to apply during your use of the MAS Services. You should look to your healthcare provider for access to your PHI resulting from your use of the MAS Services. PLEASE NOTE: THE MAS SERVICES ONLY COLLECT A SUBSET OF PHI. MAS DOES NOT HAVE ACCESS TO YOUR FULL MEDICAL RECORD, WHICH IS MAINTAINED BY YOUR HEALTHCARE PROVIDER. YOU SHOULD CHECK WITH YOUR HEALTHCARE PROVIDER'S NOTICE OF PRIVACY PRACTICES FOR THE FULL EXPLANATION OF YOUR RIGHTS AND THEIR RESPONSIBILITIES REGARDING YOUR MEDICAL RECORD.
When it comes to your PHI, you have certain rights. This section explains your rights and some of our responsibilities to help you.
Get an electronic copy of your PHI: You can ask to see or get an electronic copy of your PHI that we have about you. Ask us how to do this. We will provide a copy or a summary of your PHI within the time allowed by law, usually within 30 days of your request. We may charge a reasonable, cost-based fee.
Amend your PHI: You can ask your healthcare provider to amend PHI about you that you think is incorrect or incomplete. Your healthcare provider may say "no" to your request, but they will tell you why in writing within 60 days. If your healthcare provider approves your request, it may send a request for amendment to us and, to the extent we are able, we will make the amendment.
Request confidential communications: You can ask us to contact you in a specific way (for example, home or office phone) or to send mail to a different address. We will say "yes" to all reasonable requests.
Ask us to limit what we use or share: You can ask us not to use or share certain PHI for treatment, payment, or our operations. We are not required to agree to your request, and we may say "no" if it would affect your care or would restrict your healthcare provider's access to your data.
Choose someone to act for you: If you have given someone medical power of attorney or if someone is your legal guardian, that person can exercise your rights and make choices about your PHI. We will make sure the person has this authority and can act for you before we take any action.
We typically use or share your PHI in the following ways.
Provide products and services to you as part of your treatment: We can use your PHI and share it with healthcare professionals who are treating you. Example: We provide your PHI to your physician or other healthcare providers involved in your care, such as communications about upcoming planned treatments or lab results.
Run our organization: We can use and share your PHI to run our operations and contact you when necessary. Example: We use PHI about you to deliver our products or services to you and provide related support.
Bill for services: Your healthcare provider can use and share your PHI to bill and get payment from health plans or other entities. Example: your healthcare provider may receive information from us to aid in billing your insurance for services they provide.
Operations: We may use and disclose your PHI when we engage third parties to provide various services for MAS related to your use of the Services (to the extent permitted by law). If any such third party must have access to your PHI in order for you to use the Services. Example: PHI may be shared with Google LLC to assist in receiving location-based services.
Other Ways: We are allowed or required to share your information in other ways – usually in ways that contribute to the public good, such as public health and research.
Help with public health and safety issues: We can share PHI about you for certain situations such as: preventing disease; helping with product recalls; reporting adverse reactions to medications; reporting suspected abuse, neglect, or domestic violence; preventing or reducing a serious threat to anyone's health or safety.
Do research: We can use or share your information for health research.
Comply with the law: We will share information about you if state or federal laws require it, including with the Department of Health and Human Services if it wants to see that we're complying with federal privacy law.
Work with a medical examiner or funeral director: We can share PHI with a coroner, medical examiner, or funeral director when an individual dies.
Respond to lawsuits and legal actions: We can share PHI about you in response to a court or administrative order, or in response to a subpoena.
Address workers' compensation, law enforcement, and other government requests: We can use or share PHI about you: for workers' compensation claim; for law enforcement purposes or with a law enforcement official; with health oversight agencies for activities authorized by law; for special government functions such as military, national security, and presidential protective services.
As otherwise permitted by law: We may share PHI in any other matter that is permitted by applicable law, may use your PHI to make improvements to our products and services, and may use and share your PHI in any manner as permitted within any written agreement between you and us.
We are required by law to maintain the privacy and security of your protected PHI. We will not use or share your information other than as described here unless you tell us we can in writing. If you tell us we can, you may change your mind at any time. Let us know in writing if you change your mind. Additionally, anonymized (de-identified) PHI that is shared will not be re-identified by the third-party without your express permission.
If you would like more information about this policy, or to make requests pursuant to this policy, please send an email to us at contact@entcenteralabama.com.
This policy is intended to apply solely with respect to the relationship that we have with you. It is not intended to supersede or replace your healthcare provider's notice of privacy practices. In the event of a conflict between this policy and your healthcare provider's notice of privacy practices, your healthcare provider's notice of privacy practices will control with respect to their use of your PHI.