Privacy Policy
This Privacy Policy discloses the policies of Prenuvo Corp. (“Prenuvo,” “we,” “our,” or “us”). By accessing or using our website(s) (the “Site”), Prenuvo medical products (“Products”), web and mobile application(s) (“Apps” or “Applications”), and/or online service(s) (“Cloud Services”), you agree to Prenuvo’ Privacy Policy. Collectively, the Site, App, and Cloud Services are referred to herein as the “Services”. IF YOU DO NOT AGREE TO THIS PRIVACY POLICY, PLEASE DO NOT USE THE PRODUCT OR SERVICES.
This Privacy Policy covers:
- The Information we Collect;
- How we Use the Information we Collect;
- Information Sharing and Disclosure;
- Online Analytics and Tailored Online Marketing;
- Information Access and Retention;
- How we Protect Information;
- Communications Choices;
- Where Collected Information is Transferred and Stored;
- Children;
- How to Contact Us; and
- Changes to this Policy.
The Information we Collect
How we collect and store information depends on your relationship with us (e.g., whether you visit the Site only, or whether use the Product and Services). Several categories of information are collected from you, as described below.
Information You Provide
We may collect information about you during your use of the Services, including your name, username, password, email address, postal address, phone number, mobile phone number, payment information, device model and serial number, and other information you enter, provide us, post on our Services or allow us to access when you do certain things (collectively, “User Information”), such as:
- Use one of our Products;
- Provide registration information and/or create an Account;
- Provide us with feedback or reviews;
- Request certain features or information from us (e.g., newsletters, updates, and other products);
- Download or use the Apps;
- Contact customer support;
- Apply for a job posting;
- Use our Product;
- Connect with the Services or otherwise allow us to access certain information about you via a social networking service; or
- Post user-generated content.
Patient Information
When you use the Product and our Apps, you can enter patient health information of patients (“Patient Information”). Securing and preserving the confidentiality of Patient Information you entrust to us is a top priority for Prenuvo. Patient Information is stored securely when it is in the App or uploaded to our Cloud Services. We will not collect, use or disclose any Patient Information other than as permitted by you, this Privacy Policy, as required by law, or in accordance with additional applicable written agreements (e.g., for U.S. users, a Business Associate Agreement (BAA) as specified in the Health Insurance Portability and Accountability Act (HIPAA) or for E.U. users, a similar agreement constituting a Data Protection Addendum) that govern our use and disclosure of Patient Information. In the event of any inconsistency between the terms of any applicable written agreement such as the BAA and those in this Privacy Policy, the terms of the written agreement will prevail.
Examination Information
When you use the Product and our App, examination information (e.g., MRI images, measurements, findings, annotations, statistics, examinations, calculations, impressions, indications) will be generated (“Examination Information”). Examination Information is stored initially on site, and will be exported or securely uploaded to the Cloud Services in order to provide this to you in our Apps. We designed our Services to store Examination Information separate from any associated user-identifiable information or Patient Information except where such information is stored in encrypted form on your personal mobile device. Such de-identified Examination Information may be transmitted in unencrypted form.
Automatically-Collected Information
When you use the Services, there is some information that we collect automatically, as discussed in this section.
Usage and Analytics Information
We may automatically collect certain information about the computer or devices (including mobile devices) you use to access the Product or Services. As described further below, we may use third-party analytics providers and technologies, including cookies and similar tools, to assist in collecting this information.
Website Data
When you use our Site, we may collect and analyze information such as your Internet Protocol (IP) address, browser types, browser language, operating system, the state or country from which you accessed the Services, referring and exit pages and Uniform Resource Locators (URLs), platform type, user interactions (keypresses, and mouse events such as movement, location, and clicks) domain names, landing pages, pages viewed and the order of those pages, the amount of time spent on particular pages, the date and time you used the Services and upload or post content, error logs, and other similar information. Mobile Device Data. When you access the Services via a mobile device, we may collect information such as geolocation information (as described in the next section below), unique device identifiers (e.g., a UDID or IDFA on Apple devices like the iPhone, and iPad) and other information about your mobile phone or other mobile device(s), such as operating system, version, and time spent in different parts of our App and other apps on your phone. Product Usage Data. We collect certain analytics information about your use of the Product and App (such as models, types or settings of the Products used, workflows used, indications selected, log files, buttons pressed, boot logs, temperature information, usage statistics, or support requests and results). We collect and use most of this information solely in anonymous and aggregate form, but maintain log files in identifiable form for a period of time for troubleshooting and other purposes. This information helps us improve our Product and Services, troubleshoot bugs, and analyze device errors. Cookies and Other Electronic Technologies. We use “cookies” and similar technologies, such as web beacons, to help us recognize you across different Services, improve your user experience, optimize our Services, increase security, analyze use and effectiveness of our Services, and serve and measure online marketing. Cookies are alphanumeric identifiers that are placed on your computing devices. Third-parties may also place cookies and similar technologies on the Services. You can control cookies through your browser settings and other tools. Most browsers tell you how to do so in their “help” section. By accessing and using the Services, you consent to the placement of cookies and beacons in your browser and HTML-based emails in accordance with this Privacy Policy.
Information from Third-Parties
We may obtain additional information about you from third-parties such as marketers, partners, researchers, and others. We may combine information that we collect from or about you with information we obtain about you from such third-parties and affiliates and information derived from any other subscription, product, or service we provide. If you connect to a third-party network, platform, app, or service through the Services, you are authorizing us to collect, store, and use in accordance with this Privacy Policy any and all information that you agreed the social network or other third-party could provide to us based on your settings on the third-party social network or platform. Your agreement takes place when you connect with the third-party network, platform, or service via our Services, and/or when you connect with one of our applications through one of these services.
E-mail Communications
To help us make emails more relevant to you, we (may) receive a confirmation when you open e-mail from Prenuvo if your computer supports such capabilities.
Anonymous or De-Identified Data.
As noted, we store Examination Information in a de-identified manner that separates it from any associated Patient Information. We may also process other information collected by our Services or by other means so that the information does not identify any particular individual. Our use and disclosure of aggregated and/or de-identified information (including de-identified Examination Information) is not subject to any restrictions under this Privacy Policy, and we may analyze, assess, or disclose it to others (individually or in aggregate) without limitation for any purpose. For example, we may perform image analysis on collections of de-identified MRI images stored on the Cloud Services.
How we Use the Information we Collect
We use the information that we collect in order to:
- Provide you with the Product and Services you have purchased or requested and send you information about your relationship or transactions with us;
- Notify you about new features of the Product or Services, special events, and send you newsletters;
- Generate and review reports and data about our user base and Product and/or Services usage patterns;
- Analyze the accuracy, effectiveness, usability, or popularity of the Products and/or Services (for example, we may monitor and analyze traffic and usage of our Site and App);
- Provide you with support and improve the content and features of the Product or Services, or develop new products or services;
- Personalize the content and marketing that you see on the Services;
- If you have provided us permission, send you marketing communications (e.g., via mail, e-mail, text message, telephone, push notifications, or other means to which you have agreed) about Prenuvo products, software updates, Cloud activity (e.g., in digest form), and third-party products, software, and services that we believe may be of interest to you. If you do not wish to receive direct marketing, you may choose to opt-out pursuant to the instructions in Section 7 below;
- Help prevent fraud and enforce the legal terms that govern your use of the Product and Services; and
- Administer and troubleshoot the Product and/or Services.
Legal bases for processing (for residents of the European Union): If you are a resident of the European Union (EU), we collect and process information about you only where we have legal bases for doing so under applicable EU laws. The legal bases depend on the Services you use and how you use them. This means we collect and use your information only where:
- We need it to provide you the Product and Services, including to operate the Services, provide customer support and personalized features and to protect the safety and security of the Product and Services;
- It satisfies a legitimate interest (which is not overridden by your data protection interests), such as for research and development, to market and promote the Product and Services and to protect our legal rights and interests;
- You give us consent to do so for a specific purpose; or
- We need to process your data to comply with a legal obligation.
If you have consented to our use of information about you for a specific purpose, you have the right to change your mind at any time, but this will not affect any processing that has already taken place. Where we are using your information because we or a third party (e.g. your employer) have a legitimate interest to do so, you have the right to object to that use though, in some cases, this may mean no longer using the Product or Services.
Information Sharing and Disclosure
We do not rent, sell, or share any collected information with third-parties except as described in this Privacy Policy. We may share your information for the following purposes:
Third-Party Service Providers
We may share the collected information with our service providers who use the collected information on our behalf to assist in business activities such as delivering certain features or services, order fulfillment, payment processing, marketing, and other similar services. For example, a company such as FedEx may ship parcels on our behalf and we may provide them with your User Information. These companies may have access to personal information needed to perform their functions but they are only provided the limited amount of information required to perform their service. When engaging these parties, we require them to safeguard personal information using strict security and privacy protections, in accordance with the law.
Legal Reasons
We release personal information when we believe release is reasonable and permitted by law, including if it is appropriate to comply with subpoenas, court orders or other legal processes, for health and safety reasons, or otherwise clearly in the interests of the individual and consent cannot be obtained in a timely way. This does not include selling, renting, sharing, or otherwise disclosing personally identifiable information from customers for commercial purposes in violation of the commitments set forth in this Privacy Policy.
Prevent Illegal Activities
We may disclose your information when we believe it appropriate in order to investigate, prevent, or take action regarding possible illegal activities, suspected fraud, situations involving potential threats to the physical safety of any person, violations of the Terms and Conditions for the Product or Services you accessed, to establish or exercise our legal rights, and/or to defend against legal claims protect our rights and property.
Merger or Acquisition
As we continue to develop our business, we may sell, buy, merge or partner with other companies or businesses, or sell some or all of our assets. In such transactions, the collected information may be among the transferred assets.
App Vendor
We may provide your identity and mobile device identifier to third-party app store providers (e.g., Apple iTunes Store) to allow you to download our App. When we otherwise have your permission.
Online Analytics and Tailored Marketing
Online Analytics
We may use third-party web analytics services on our Services, such as those of Google Analytics. These service providers use the sort of technology described in the Automatically-Collected Information section above to help us analyze how users use the Services, including by noting the third-party website from which you arrive. The information collected by the technology will be disclosed to or collected directly by these service providers, who use the information to evaluate your use of the Services. We also use Google Analytics for certain purposes related to online marketing, as described in the following section. To prevent Google Analytics from using your information for analytics, you may install the Google Analytics Opt-Out Browser Add-on by clicking here.
Tailored Online Marketing.
Third-parties whose products or services are accessible or marketed via the Services may also place cookies or other tracking technologies on your computer, mobile phone, or other device to collect information about your use of the Services in order to (i) inform, optimize, and serve marketing content based on past visits to our websites and other sites and (ii) report how our marketing content impressions, other uses of marketing services, and interactions with these marketing impressions and marketing services are related to visits to our websites. We may also allow other third-parties (e.g., ad networks and ad servers such as Google Analytics, DoubleClick and others) to serve tailored marketing to you on the Services, and to access their own cookies or other tracking technologies on your computer, mobile phone, or other device you use to access the Services. We neither have access to, nor does this Policy govern, the use of cookies or other tracking technologies that may be placed on your computer, mobile phone, or other device you use to access the Services by non-affiliated, third-party ad technology, ad servers, ad networks or any other non-affiliated third-parties. Those parties that use these technologies may offer you a way to opt out of targeted marketing. For example, to opt out of Google Analytics for Display Advertising or customize Google Display Network ads, you can visit the Google Ads Settings page. Please note that to the extent marketing technology is integrated into the Services, you may still receive marketing content even if you opt-out of tailored marketing. In that case, the marketing content will just not be tailored to your interests. Also, we do not control any of the above opt-out links and are not responsible for any choices you make using these mechanisms or the continued availability or accuracy of these mechanisms.
When using the App, you may also receive tailored in-application marketing content. Each operating system, iOS for Apple devices, Android for Android devices, and Windows for Microsoft devices provides its own instructions on how to prevent the delivery of tailored in-application marketing content. You may review the support materials and/or the privacy settings for the respective operating systems in order to opt-out of tailored in-application marketing. For any other devices and/or operating systems, please visit the privacy settings for the applicable device or contact the applicable platform operator.
Information Access and Retention
Information Access
Generally, you may email us to correct or change any collected information by using the contact information below in the “How to Contact Us” section.
If you are a resident of the European Union, you may have additional rights to access, rectify, download or erase your information, as well as the right to restrict and object to certain processing of your information. These rights are explained in the remainder of this section. If you are unable to exercise your rights using the information below, please contact us using the contact information in the “How to Contact Us” section.
While some of these rights apply generally, certain rights apply only in certain limited circumstances. You can exercise some of the choices by logging into the Services (for registered users) and using settings available within the Services or your Account. Where the Services are administered by an institution administrator (see "Notice to End Users" below), you may need to contact your administrator to assist with your requests first. For all other requests, you may contact us as provided in the Contact Us section below to request assistance.
Your request and choices may be limited in certain cases: for example, if you ask to delete information which we or your institution administrator are permitted by law or have compelling legitimate interests to keep. If you have unresolved concerns, you may have the right to complain to a data protection authority in the country where you live, where you work or where you feel your rights were infringed.
Your request and choices may be limited in certain cases: for example, if you ask to delete information which we or your institution administrator are permitted by law or have compelling legitimate interests to keep. If you have unresolved concerns, you may have the right to complain to a data protection authority in the country where you live, where you work or where you feel your rights were infringed.
Deactivate your Account: If you no longer wish to use our Services, you or your administrator may be able to deactivate your Services Account. If you or your administrator are unable to deactivate your Account, please contact us using the information below. For more information on how to delete your information, see below.
Delete your information: Our Services give you the ability to delete certain information about you from within the Services. For example, you can remove certain profile information within your profile settings. Please note, however, that we may need to retain certain information for record keeping purposes, to complete transactions or to comply with our legal obligations.
Request that we stop using your information: Where you gave us consent to use your information for a limited purpose, you can contact us to withdraw that consent, but this will not affect any processing that has already taken place at the time. You can also opt-out of our use of your information for marketing purposes via available options in your Service Account settings (if you are registered user) or by contacting us. When you make such requests, we may need time to investigate and facilitate your request. If there is delay or dispute as to whether we have the right to continue using your information, we will restrict any further use of your information until the request is honored or the dispute is resolved.
Data portability: Data portability is the ability to obtain some of your information in a format you can move from one service provider to another. Depending on the context, this applies to some of your information, but not to all of your information. Should you request it, we will provide you with an electronic file of your basic Account information.
Retention of Information
For registered users, we will retain your personal information for as long as your Account is active or as needed to provide you with the Services or any information you have requested. If you wish to cancel your Account or request that we no longer use your information, contact us using the information below. However, if you cancel your Account, you will no longer be able to use the Product or certain Services. After you cancel your Account, we will retain and use your information as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements.
How we Protect Information
We have put in place commercially reasonable physical, electronic, and managerial procedures: to safeguard and help prevent unauthorized access, to maintain data security, and, to use correctly the information we collect through the Services. These safeguards vary based on the sensitivity of the information that we collect and store.
Although we take appropriate measures to safeguard against unauthorized disclosures of information, these measures cannot be guaranteed to be 100% secure. As a result, we cannot ensure or warrant the security of any information you transmit to us or that such information will never be disclosed in a manner that is inconsistent with this Privacy Policy.
Communication Choices
Information collected by Prenuvo is used for the purposes set forth in this Privacy Policy, and is subject to the choices discussed throughout this Privacy Policy. You may opt out of receiving promotional communications from us by using the unsubscribe link within each email, updating your email preferences within your Services Account settings (for registered users), or by contacting us to have your contact information removed from our promotional email list or registration database. Please note that it may take us some time to process your requests consistent with applicable law. Note that you do not have the ability to opt-out of non-marketing communications that Prenuvo sends if you are a registered user of our Product or Services or if you have engaged in transactions with us.
Third Party and Marketing Content.
The Services may contain links to third-party websites. We are not responsible for the privacy practices or the content of those third-party websites. Our Site may include advertising and links to other websites that are served by third-party advertisers. Prenuvo does not provide any personally identifiable customer information to these advertisers. However, these third-party advertisers may automatically receive your IP address when they serve ads on our websites. They may also use cookies, JavaScript, and other technologies to measure their ads and to personalize advertising content. Prenuvo does not have access to or control of the features that they may use, and the information practices of these advertisers and third-parties are not covered by this Privacy Policy.
Where Information is Transferred and Stored
Patient Information and any user identifiable information is stored in data centers located in the US except where such storage is prohibited by health regulations in the country in which Products were used. In such cases where storage in the US is not allowed, such information will be stored in an appropriate jurisdiction according to the laws where the Product was consumed.
Examination Information, which shall always be de-identified, is stored in data centers located in the US.
All other data, such as data entered into Prenuvo’ website at Prenuvo.com for sales, marketing, or purchasing purposes (“Other Data”) may be provided to online data storage providers who have data centres in different locations around the world.
Your use of the Product and/or Services may involve the transfer, storage and processing of collected information to and in the above-noted countries and jurisdictions, including for Other Data, to jurisdictions outside the jurisdiction where you are located. Information stored in each location may be subject to the law and regulatory authorities of that jurisdiction, and such laws and regulations may not have equivalent privacy and data protection laws to the jurisdiction in which you reside. Where such consent is legally valid, by using the Product and/or Services, you consent to your information being transferred to our facilities in in other jurisdictions and to the facilities of those third-party service providers with whom we share it, as described herein.
Children
We are committed to protecting the online privacy of children. In order to protect the privacy of children, children under 13 years of age are not permitted to provide any personal information to us and any users of our Product and Services are to ensure that any information of a minor (including any Patient Information and/or Examination Information) is only be provided to us with parental consent. Please email us at the contact information noted below if you believe we may have collected information from your child without proper consent and we will work to delete it.
How to Contact Us
If you have any questions, comments, or concerns regarding our Privacy Policy or practices, please send an email to info@prenuvo.com to the attention of our Privacy Officer, and we will attempt to resolve them quickly.
Changes to this Policy
We reserve the right to change this Privacy Policy at any time to reflect changes in the law, our data collection and use practices, the features of our Product and/or Services, or advances in technology. Please check this page periodically for changes. Your continued use of the Product and/or Services following the posting of changes to this policy will mean you accept those changes. If we make any material changes to this Privacy Policy, we will post the updated Privacy Policy here and notify you by email or by means of a notice on our website prior to the changes becoming effective.
Last updated August 2018