Mydayda - Privacy Policy

Privacy Policy

Welcome to Mydayda, Inc. Please carefully read our Privacy Policy to understand how we will treat the information you provide while visiting our website (“Website”). This policy may change from time to time. Please check our Website periodically for updates to our Privacy Policy.

Introduction.

In this Privacy Policy (“Privacy Policy”), we describe how we collect, use, and disclose information that we obtain about visitors to our Mydayda, Inc. (“Mydayda”, “we” or “us”) Website and Mydayda platform (“Platform”) and the users of the Mydayda mobile applications (“Application”) and the service available through our Platform (collectively, the “Service”). Unless otherwise noted on the Website, each web page included within the Website is governed by this Privacy Policy.

The Mydayda Service has been developed for patients who have subscribed to the Service (“Patients”) to: (1) access, collect, and manage their own health records and related information (“Records”); (2) share their Records with, and collect additional information for their Records from (a) hospitals, medical groups, and research clinics (“Clinical Teams”), (b) Clinical Team personnel who are authorized to access and use the Service, including, without limitation, administrators, physicians, nurses, and other caregivers (“Authorized Personnel”), and/or (c) Patients’ authorized family members and third party caregivers (“Authorized Caregivers”) to facilitate and coordinate patient medical care and the administration of medical services by Clinical Teams and Authorized Personnel and facilitate communications between and among Clinical Teams, Patients and Authorized Caregivers about Patient care and post-treatment progress; and (3) obtain additional information about their medical condition and related Clinical Team services.

At the heart of Mydayda and its Privacy Policy is the core tenet that the Patient is in control of his/her personal health information. Mydayda serves as an honest data broker to assist Patients with improving and taking control of their health by taking control of their personal health information.

Our Privacy Policy below outlines the type of information we collect and receive from you while you are visiting the Website or using the Platform, as well as ways in which we process and, sometimes, share such information and how you can correct or change such information. PLEASE REVIEW THE TERMS OF USE AND THIS PRIVACY POLICY CAREFULLY. YOUR USE OF THIS WEBSITE AS A VISITOR TO THE WEBSITE OR, IF APPLICABLE, YOUR REGISTRATION TO THE SERVICE AS A “USER” WITH A USER ACCOUNT SIGNIFIES YOUR AGREEMENT TO THE TERMS OF THIS PRIVACY POLICY.

What is “User Information”?
1. What is “Personal Information”
2. What is “Health Information”?
3. What is “De-Identified User Behavioral Information”?
How We Collect “User Information” from You
1. How We Collect “Personal Information” from You
2. How We Collect “Health Information” from You
3. How We Collect “De-Identified User Behavioral Information” from You
How We Use “User Information” We Collect
Disclosure of “User Information”, including Disclosure to Certain Third Parties
Our Opt-in/Opt-out Policy
Third Party Advertising and Links to Other Sites
Guidelines Regarding Children
Access and Editing/Correction
How we protect and secure your Personal Information
Retention of User Information
Applicable Law
Changes to this Privacy Policy
Contact Information
Effective Date

1. What is “User Information”?

“User Information” includes all data or information: (a) transmitted or provided by you, or to you, through the Service, (b) associated with your account or Records, or (c) otherwise accessed by Mydayda to support your use of the Service, or any part thereof.

A. What is “Personal Information”?

Mydayda understands the importance of a Patient’s relationship with his or her health care providers and the importance of keeping your Personal Information private.

User Information may include information about you that can be used to contact or identify your (“Personal Information”) and other non-identifying information. Certain non-identifying information may be considered part of your Personal Information if it were combined with other identifiers (for example, combining your zip code with your street address) in a way that enables you to be identified. But the same pieces of information are considered non-identifying information when they are taken alone or combined only with other non-identifying information (for example, your gender only or your viewing preferences).

“Personally Identifiable Personal Information” identifies you as an individual, such as your name, postal address, email address, date of birth, and telephone number

As an example, we may collect Personally Identifiable Personal Information about Authorized Personnel or an Authorized Caregiver who uses the Service to help a Patient. And, we may collect Personally Identifiable Personal Information about a Patient that is unrelated to their healthcare, such as basic registration, creating a profile, and information from third parties that is included within a Patient’s profile.

In addition, you may choose to provide us with additional “Non-Personally Identifiable Personal Information” about you and/or your personal preferences, including, for example, personal preferences in response to surveys.

B. What is “Health Information”?

“Health Information” is a part of the Personal Information that we collect about Patients. Health Information is generally described as information that we collect, receive or create about a Patient and their healthcare.

“Protected Health Information” is individually identifiable health information which is created or received by or on behalf of a covered entity (for example, a health care provider or health plan) and which relates to the past, present or future physical or mental health or condition of an individual, the provision of health care to an individual, or the past, present or future payment for the provision of health care to an individual. Protected Health Information is further defined by the federal Health Insurance Portability and Accountability Act of 1996 (HIPAA) and is subject to the protections of HIPAA.

“Additional Health Information” is a subset of Health Information that does not fall within the category of Protected Health Information above. For example, this would encompass information related to past, present or future physical or mental health or conditions, the provision of health care to an individual, or the past, present or future payment for the provision of health care to an individual but with the difference that such information was not created or received by us from or on behalf of a covered entity. In some instances, Protected Health Information may become Additional Health Information. For example, Patients use Mydayda as a tool to access, collect, and manage their own Records, including retrieving data from covered entities, and such information as part of a Patient’s Records is Additional Health Information. We may also collect Additional Health Information in connection with the Platform or Applications. For example, information inputted into the Platform by a Clinical Team may be added to the Patient’s Records.

C. What is “De-Identified User Behavioral Information”?

When you visit the Website and interact with the Service on the Platform and the Application, we may collect information on your actions at the Website or on your use of the Service on the Platform and the Application in the form data wherein identifying information is removed (“DeIdentified User Behavioral Data”). In doing so, we may utilize the services of certain third party service providers. This information is integral to Mydayda’s internal administration and includes but is not limited to: time spent interacting with the Platform and Applications, frequency of interactions with the Platform and Applications, consistency of interactions with the Platform and Applications, and other behavioral data.

2. How We Collect “User Information” from You.

A. How We Collect “Personal Information” from You.

Personal Information Collected from Clinical Teams

If you are an Authorized Personnel user, we collect Personal Information about you when the Clinical Team subscribes to the Services as well as when you register to use the Services. The Personal Information about Clinical Teams and Authorized Personnel that we collect includes, without limitation, the Clinical Team’s and Authorized Personnel’s name, position, specialty, email address, phone number, and business postal address. We do not collect Health Information about Clinical Teams or their Authorized Personnel.

Personal Information Collected from Patients and Authorized Caregivers

If you are a Patient, we collect Personal Information about you when you register to use the Services and through your or your Authorized Caregiver’s use of the Services, including when you, your Authorized Caregiver and your Clinical Team communicate with each other.

If you are an Authorized Caregiver, we collect Personal Information about you, including, without limitation, your name, email address, phone number and your relationship to the Patient. When communicating with the Clinical Team in using the Services, the Patient, Authorized Caregivers, Clinical Team and its Authorized Personnel may disclose Personal Information about the Patient, which may include Health Information. We do not collect Health Information about Authorized Caregivers

To register to use the Services as a Patient, you must provide your name, primary address, email address and date of birth. If a Patient or Authorized Caregiver chooses to link his or her Mydayda account with a Third Party, we will ask you to provide the user names and passwords for those online accounts that the Patient has authorized Mydayda to access in order to collect other Personal Information regarding the Patient and Patient’s medical history that is maintained by third parties Patient has identified in Patient’s Account as “Authorized Third Parties.” The Personal Information the Patient may permit us to obtain from these Authorized Third Parties may include, without limitation, demographic information, financial information, medical claims history, and other Health Information.

We also may collect additional optional information from you, including, for example, Social Security number, employment history, health care insurance information, and demographic data, however, you are not required to provide us with this information to use the Services.

B. How We Collect “Health Information” from You?

As an honest data broker, Mydayda places the Patient’s Health Information and other medical information in his or her hands. To do this, Patients use Mydayda to access and retain the Patient’s electronically stored health records from third party repositories, including the Patient’s medical provider(s) and/or their electronic health records providers, and from information entered into the Platform by you and/or other Users associated with the Patient’s account. Through the Platform and Applications, Mydayda then provides the Patient with control of those records and facilitates the disclosure or privacy of the records. At all times, the Patient’s Health Information is protected by Mydayda’s security network.

C. How we Collect “De-Identified User Behavior Information” from you

We may automatically collect the following information about your use of our Platform or Services through cookies, web beacons, and other technologies: your domain name; your browser type and operating system; web pages you view; links you click; your IP address; the length of time you visit our Platform or use our Services; and the referring URL, or the webpage that led you to our Platform, and the following: access time, browser type, device ID, domain name, IP address, page views and referring URL. We also may collect the following information about your use of the Application: mobile device ID; location and language information; device name and model; operating system type, name, and version; your activities within the Application; and the length of time that you are logged into our Application. We may combine this information with other information that we have collected about you, including, where applicable, your username, name, and other personal information.

See more detail about IP addresses and cookies below:

IP Address

Your IP address is a number that is assigned by your ISP (Internet Service Provider) to your computer to identify its location. We use your IP address to help diagnose problems with our server and to administer our website. We also sometimes use IP addresses to communicate with Users, monitor our Website, prevent fraud and possibly even ban those visitors or Users who are not complying with our Terms of Use.
Cookies

Our site uses a feature of your browser to set a "cookie" on your computer. Cookies are small packets of information that a site's computer stores on your computer. We can then read the cookies whenever you visit the Website. We use cookies to save your password so you don't have to re-enter it each time you visit our site, to deliver content specific to your interests, to track the pages you've visited and to make sure you don't see the same ads repeatedly. These cookies allow us to use the De-identified User Behavioral Information we collect to customize your experience so that your visit to the Website is as relevant and as valuable to you as possible.

You may modify your browser preference to provide you with choices relating to cookies. You have the choice to accept all cookies, to be notified when a cookie is set or to reject all cookies. If you choose to reject cookies, you may be unable to use that part of the Website or User forums that require registration in order to participate or will have to sign in each time you visit the Website.

Advertisements at the Website might deliver a cookie to you so that the advertisements that you see can be tracked and the advertiser can ensure that you are not shown the same advertisement too many times. Since the advertiser only tags your computer with a number at the time that you are using the Website, there is no knowledge about who you are. We do not provide advertisers with any Personally Identifiable Personal Information about you.

This privacy statement covers our use of cookies only and does not cover the use of cookies or web beacons by any advertisers on the Website or any other business partners. Some of our business partners (e.g., advertisers) use cookies on our Website. We have no access or control over these cookies.

However, we may use and share with these companies aggregate Non-Personally Identifiable Personal Information or De-identified User Behavioral Information about your visits to the Website and other sites in order to provide future advertisements about goods and services of interest to you. If you would like more information about this practice and to know your choices about not having this information used by these companies, click here.

3. How We Use “User Information” We Collect.

We use the Personally Identifiable Personal Information, including Additional Health Information and De-identified User Behavioral Information you provide for several purposes, such as to provide the Services, to communicate with you and to operate and improve the Website and to give you a better experience when visiting us by personalizing tools, content, services and e-mail messages. We also use this User Information to build new services and develop offers that we believe are more relevant and valuable to you; to facilitate your medical care, to provide better services, to improve our internal processes, and to develop new services; research, development or similar purposes; and/or, if applicable, as permitted in any Personal Authorization

We will use Protected Health Information only to: (a) provide Services to the Patient or the Clinical Team, (b) as permitted in any Personal Authorization (or if no Personal Authorization applies any agreement that we have with your Clinical Team), or (c) for other uses and disclosures permitted by HIPAA.

The Non-Personally Identifiable Personal Information and De-identified User Behavioral Information collected by us is also used to create aggregated portraits of our audience, that is, portraits which present anonymous statistical demographic information, but no personal data or Personally Identifiable Personal Information. For instance, we gather information about how you use the Website using log files, tracking pixels and database history tables. This aggregated information is used, among other things, to determine trends and needs and it is compiled and analyzed on an aggregate and de-identified basis. For example, we may create a report that tells advertisers that 40 percent of our members are males in a certain age range, so that they can determine which of their products or services are most appropriate for our members.

We will also use the aggregated Non-Personally Identifiable Personal Information and Deidentified User Behavioral Information discussed above, but no Personally Identifiable Personal Information linked to it, to supply market research to third-parties to help them understand who our audience is.

Unless you edit your User account and disable the “Receive e-mails” option (see “Opting-Out” below), we will use your e-mail address to send you e-mails regarding product announcements and may share your User Information with Affiliates and Third-Party Affiliates (see “You Opt-In for Disclosure of ‘User Information’ to Certain Third Parties” below) for purposes of contacting and directly marketing to you via e-mail.

We will also use your e-mail address to send you e-mails that are generated when you perform certain functions at the Website. The types of e-mails that are sent include, but are not limited to, software license ordering e-mails and welcome e-mails for the User forums.

As an honest data broker, we provide Patients with access to clinical trials, research studies, and other organizations, as well as provide Patients with the ability to share their health information with those organizations.

Following termination of your account, User Information may be retained and used as set forth in this policy including Section 10 below.

4. Disclosure of “User Information”, including Disclosure to Certain Third Parties.

We do not disclose or otherwise share any User Information with unaffiliated third parties without your consent (please see “Our Opt-In/Opt-Out Policy” below), except in the following instances:

(i) If you are a Patient, to your Clinical Team, its Authorized Personnel and your Authorized Caregivers, without further authorization for purposes of treatment, payment or operations; for uses or disclosures otherwise permitted by your Personal Authorization; for other uses or disclosures permitted by law; or for purposes related to such uses or disclosures;

(ii) If you are an Authorized Caregiver, to the Patient and his/her Clinical Team and that Clinical Team’s Authorized Personnel;

(iii) As we believe to be necessary or appropriate: (a) under applicable law, including laws outside your state or country of residence; (b) to comply with legal process; (c) to respond to requests from public and government authorities including public and government authorities outside your state or country of residence; (d) to enforce our terms and conditions; (e) to protect our operations or those of any of our affiliates; (f) to protect our rights, privacy, safety or property, and/or that of our affiliates, you or others; and (g) to allow us to pursue available remedies or limit the damages that we may sustain;

(iv) in the event of a sale, merger, assignment, joint venture or other transfer or disposition of a portion or all of our assets or stock or the assets or stock of any of our affiliated entities (including, without limitation, in connection with any bankruptcy or similar proceedings);

(v) disclosure of aggregate Non-Personally Identifiable Personal Information and De-identified User Behavioral Information to third-parties for purposes of market research;

(vi) disclosure to any of our third-party service providers who provide services such as website hosting, data gathering, data analysis, payment processing, infrastructure provision, IT services, customer service, email delivery services, credit card processing, backup, auditing services and other similar services;

(vii) To third parties for research, development or similar purposes;

(viii) To third parties as directed by your Personal Authorization

(ix) To third parties if such Personal Information has been de-identified; and/or

(x) For any of the above purposes (i)-(ix), following termination of your account.

Unless you edit your User Account and disable the “Receive e-mails” option (see “Opting-Out” below), we also reserve the right to share any User Information which you provide to (or which is gathered from) us with (i) any or all of our subsidiaries and affiliates (collectively, our "Affiliates") and (ii) third-parties participating in any of our affiliate programs or with which we have a marketing, sponsorship or advertising relationship (collectively, our “Third-Party Affiliates”) (subject to the “opt-out” right described below, with respect to disclosures of User Information to Affiliates for their direct marketing uses) for purposes of contacting or directly marketing to you via e-mail. We will also have access to any information you provide to (or which is gathered from) the web sites of any of our Affiliates or Third-Party Affiliates.

As stated above, the Non-Personally Identifiable Personal Information and De-identified User Behavioral Information you provide on pages of the Website, including those that are co-branded with a third party (including tools that are hosted by a third party), may be shared with third-parties on an aggregated basis, for market research purposes, and in these instances, your permission will not be requested since no personal data or Personally Identifiable Personal Information will be shared or provided to these third parties. We will, however, use commercially reasonable efforts to contractually require all such third parties to agree not to use any Non-Personally Identifiable Personal Information about you, in conjunction with other sources of information, or otherwise, to identify you.

5. Our Opt-In/Opt-Out Policy

A. Opting-In

When you set up a User Account you agree (opt-in) that we may contact you via e-mail with product information and special offers or news about us and we may share your User Information with Affiliates and Third-Party Affiliates. If you do not wish to receive the e-mails, you may opt-out in the manner described under “Opting-Out” below.

A. Opting-In

You also agree that we may provide you with information about the opportunity to receive offers, goods and services directly from select companies other than us. In such instances where you have opted-in to receive such offers, goods and services from third parties, we will share your information with such third parties and will often provide you access to the privacy policy of the third party for your review via a link.

For purposes of this Privacy Policy, "opt-in" is generally defined as any affirmative action by a visitor or User to submit or receive information, as the case may be.

In some instances, when you have the opportunity on the Website to subscribe to a newsletter or purchase products offered by a third-party e-mail service, advertiser or partner, the e-mail address information will be located on the third party's server and any information you provide is subject to that entity's privacy policy, not this one.

If you have additional questions about how one of the advertisers, partners or sponsors on our Website use information about you, we urge you to contact them directly.

B. Opting-Out

We currently provide the following opt-out opportunities:

i. At any time, you can edit your User Account and disable the “Receive e-mails” option

ii. At any time, you can follow a link provided in every newsletter or e-mail message (except for e-commerce confirmation or service notice e-mails) to unsubscribe from that mailing list or e-mail service.

Also, remember, once you have provided information directly to any third-party (including any Affiliate or Third-Party Affiliate), if you Opt-out as noted above, we cannot require the third-party to delete any of the information that you have already provided because the third-party’s use of that information will be subject to that third-party’s privacy policy, but we can, and will, no longer contact you or share your information in the future with such parties.

Notwithstanding anything else in this Privacy Policy, please note that we reserve the right to contact you in the event of a change in the Terms of Use and/or this Privacy Policy or a need to contact you regarding your User Account or your use of the User forums or to respond to any inquiries that you’ve made of us.

AT ANY TIME, YOU CAN OPT-OUT BY EXERCISING ONE OF THE OPT-OUT OPPORTUNITIES DESCRIBED ABOVE AND WE WILL NOT USE ANY PERSONAL INFORMATION TO CONTACT YOU FOR MARKETING PURPOSES.

6. Third Party Advertising and Links to Other Sites

The Website may contain links to participating service provider websites that are not co-branded or affiliated with us in any way. We cannot be responsible for the privacy practices or the content of such websites, and we do not control the practices of any of our service providers to whose sites we link.

7. Guidelines Regarding Children.

Personal information about children is a concern for all of us. We take the protection of children's privacy very seriously. We do not encourage participation or visitation by children. The Service is not permitted for use by individuals under the age of eighteen (18) unless they have provided the written consent of their parents or legal guardians, and we request that these individuals do not provide Personal Information to us.

8. Access and Editing/Correction.

You may modify Personal Information that you have submitted by logging into your account and updating your profile information. Please note that copies of information that you have updated, modified or deleted may remain viewable in cached and archived pages of the Platform or Application for a period of time.

You may also contact us directly if you would like to review, correct, update, delete or otherwise limit our use of your Personal Information that has been previously provided to us by sending us an email at healthreacords@mydayda.com. In your request, please make clear what information you would like to have changed, whether you would like to have your Personal Information deleted from our database or otherwise let us know what limitations you would like to put on our use of your Personal Information. We will try to comply with your request as soon as reasonably practicable. Please note that in order to comply with certain requests to limit use of your Personal Information we may need to terminate your account with us and your ability to access and use the Services, and you agree that we will not be liable to you for such termination. Although we will use reasonable efforts to do so, you understand that it may not be technologically possible to remove from our systems every record of your Personal Information. The need to back up our systems to protect information from inadvertent loss means a copy of your Personal Information may exist in a non-erasable form that will be difficult or impossible for us to locate or remove

We will retain your Personal Information for the period necessary to fulfill the purposes outlined in this Privacy Policy unless a longer retention period is required or allowed by law.

9. How We Protect and Secure Your “User Information.”

The importance of security for all User Information associated with our visitors and Users is of utmost concern to us. We use reasonable administrative, technical, and physical measures to protect Personal Information under our control, and Protected Health Information is specifically per the HIPAA rules. If you have reason to believe that your interaction with us is no longer secure (for example, if you feel that the security of any account you might have with us has been compromised), please immediately notify us of the problem.

First, all of your Personal Information requires use of your password. We recommend that you do not share your password with anyone and that you take steps to protect against unauthorized access to your password, phone, and computer by, among other things, signing off after using a shared computer, choosing a robust password that nobody else knows or can easily guess, and keeping your log-in and password private. We are not responsible for any lost, stolen, or compromised passwords or for any activity on your account via unauthorized password activity.

Second, we exercise reasonable care in providing secure transmission of your Personal Information from your PC to our servers and ensuring the security of your information on our systems. For example, we use industry-standard tools, such as firewalls and SSL encryption (for login and checkout pages), in an attempt to make your information secure and confidential. Unfortunately, no data transmission over the Internet can be guaranteed to be 100% secure. As a result, while we take steps to protect your information, we can't ensure or warrant the security of any Personal Information you transmit to us or from our online products or services, and you do so entirely at your own risk.

10. Retention of User Information

You may decide to unsubscribe from the Mydayda Service at any time. If you decide to terminate your account, we may not delete the information that we have already collected and we may continue to use it, but we will stop receiving any new User Information and will stop contacting you about the Service. You may also contact us as set forth in Section 8 above regarding requests to correct, update, delete or otherwise limit the information from your account. Mydayda will maintain and/or destroy all User Information associated with your account in accordance with its current document retention and destruction policies. Please note that copies of your User Information may remain in your, your Clinical Team’s or other authorized third parties’ records, including from any prior authorized disclosure to such parties. You agree that Mydayda cannot, and has no obligation to, remove User Information from your, Clinical Team’s, or other third parties’ records once properly disclosed.

11. Applicable Law.

We control and operate the Website from the United States. The Website is not intended to subject us to the privacy laws or jurisdiction of any state, country or territory other than that of the United States. Please note that we do not represent or warrant that the Website is appropriate for use in any particular jurisdiction. Those who choose to access the Website do so at their own initiative and are responsible for complying with all local laws, rules and regulations.

12. Changes to this Privacy Policy.

This Policy is current as of the Effective Date set forth above. We may change this Policy from time to time, so please be sure to check back periodically. We will post any significant changes to this Policy on our Platform, at www.mydayda.com.

If we make any changes to this Policy that materially affect our practices with regard to the Personal Information we have previously collected from you, we will endeavor to provide you with notice in advance of such change by highlighting the change on our Platform, or otherwise notify you at the email address provided by you at the time you registered for the Services, whichever occurs earlier. Any change to this Privacy Policy will be effective for all information that we maintain, even information in existence before the change. Your use of the Platform following these changes means that you accept the revised Privacy Policy. Of course, if you do not agree with any such change, you may access and edit your Personal Information at any time as described in Section 8 above.

In instances where we ask for your Personal Information and we tell you the data we are collecting on that page will be shared with unaffiliated third parties, and in cases where a Visitor or User to the Website opts-in to share his/her Personal Information with third parties, those disclosures and opt-ins will override anything to the contrary in this Privacy Policy

In addition, we reserve the right to make non-significant changes to our Privacy Policy that will not affect our use of User Information at any time without any notice to you other than posting any such changes in a revised version of this Privacy Policy on the Website.

We encourage you to periodically review our Privacy Policy to be sure you are familiar with the most current version.

This Privacy Policy will include the most recent date in which any revision has been made. Please note that this Privacy Policy is also incorporated into the Terms of Use.

13. Contact Information.

If you have questions about this Privacy Policy or anything else about Mydayda, Inc., you may direct them to privacy-policy@mydayda.com.

14. Effective Date

This Privacy Policy was last updated on December 20, 2019.