Privacy Policy
Last Revised: 10/26/2020
Effective: 10/26/2020
Introduction
Ellipsas Inc., (“Ellipsas,” “we,” “us,” or “our”) respects your privacy and is committed to protecting it through our compliance with this policy.
This policy (“Privacy Policy”) describes the types of information we may collect from you or that you may provide when you visit the websites “Ellipsas.com” or “patient.ellipsas.com” (the “Websites”) and our practices for collecting, using, maintaining, protecting, and disclosing that information. Our Websites allow our users to enter and view their health-related information. This Privacy Policy also describes the choices available to you regarding our use of your personal information and how you can access and update this information.
This policy applies to information we collect:
Through our Websites
Through email, text, and other electronic means facilitating communication between you, your provider(s) and us through our Websites
Through technical properties of compatible hardware and software used in conjunction with our product.
Ellipsas is committed to protecting the privacy of the users of our Websites. We will use and disclose your personal information as stated in this Privacy Policy.
Information We Collect About You, How We Collect It, and How It is Controlled.
We collect several types of information from and about users of our Websites, including information:
that your healthcare provider(s) may relay, such as diagnosis, medication, and date of visit (“Health Diagnostic Information”);
that is about you but individually does not identify you, such as gender and age (“Non-identifying Information”); and
about your internet connection, the equipment you use to access our Websites and usage details (“Technical Information”).
The information you provide to us may include:
information that you provide by filling in forms on our Websites. This includes information provided at the time of registering to use our Websites, including unique identifiers such as user name, account number, and password, or health-related material you provide to us. We may also ask you for information when you report a problem with our Websites.
records and copies of your correspondence including email addresses if you contact us. This can include comments or questions sent to us using email or secure messaging forms to be shared with our staff and your healthcare provider(s) who are most able to address your concerns.
details of your use of our Websites including duration of use, date of use, and result of use. Such details may be transmitted to your healthcare provider(s).
details you provide to your healthcare provider(s) through our Websites and phone discussions, which may be documented in your medical record.
We collect this information:
directly from you when you voluntarily provide it to us.
directly from your healthcare provider(s) when you and your healthcare provider(s) meet and when you give your consent to the healthcare provider(s) to share the information with us.
automatically as you navigate through the site. Information collected automatically may include usage details and IP addresses.
This information can be controlled in the following way:
Only you, your healthcare provider(s), and Ellipsas can have access to edit, modify, or update your Personal Information, Health Diagnostic Information, Biometric Information, and Non-identifying information.
Ellipsas, you and your healthcare provider(s) can view your Personal Information, Health Diagnostic Information, Biometric Information, and Non-identifying Information.
Information We Collect Through Automatic Data Collection Technologies.
As you navigate through and interact with our Websites, we may use automatic data collection technologies to collect Technical Information that may include information about your equipment, browsing action, and patterns, including:
Details of your visits to our Websites, including the resources that you access and use on the Websites and Apps.
Information about your internet connection, including your IP address.
Information about and from third party websites that you visit either directly before or directly after visiting our Websites.
The technologies we use for this automatic data collection may include:
Cookies (or browser cookies). A cookie is a small file placed on the hard drive of your computer. You may refuse to accept browser cookies by activating the appropriate setting on your browser. However, if you select this setting you may be unable to access certain parts of our Websites. Unless you have adjusted your browser setting so that it will refuse cookies, our system will issue cookies when you direct your browser to our Websites.
Flash Cookies. Certain features of our Websites may use local stored objects (or Flash cookies) to collect and store information about your preferences and navigation to, from, and on our Website. Flash cookies are not managed by the same browser settings as are used for browser cookies.
Web Beacons. Pages of our the Website may contain small electronic files known as web beacons (also referred to as clear gifs, pixel tags, and single-pixel gifs) that permit the Company, for example, to count users who have visited those pages and for other related website statistics (for example, recording the popularity of certain website content and verifying system and server integrity).
The Technical Information we collect automatically does not include individually identifiable information, but we may associate the Technical Information with individually identifiable information we collect in other ways to improve our Websites and to deliver a better and more personalized service, including by enabling us to:
Estimate our audience size and usage patterns.
Store information about your preferences, allowing us to customize our Website according to your individual interests.
Monitor access to our services and safeguard certain information by limiting access only to authorized users, for example healthcare provider(s).
How We Use Your Information
We use information that we collect about you or that you provide to us including any personal information:
To understand and meet your needs and preferences to provide you with our products and services. For example, to:
carry out our obligations and enforce our rights arising from any contracts entered into between you and us.
present our Websites and their content to you.
provide you with information, products, or services that you request from us.
send you newsletters, text messages or email communications.
manage or respond to your inquiries and concerns.
administer your account.
communicate your health information, or the health information of someone under your authorized care, to healthcare provider(s) treating you or the person under your care.
communicate to you the health information of others under your authorized care.
To communicate with you about new and enhance existing products. For example, to:
make available or send to you upgrades or updates or notices of upgrades or updates of products.
improve our Websites, Apps, and marketing efforts.
conduct internal quality improvement or business analysis.
To manage and develop our business operations and comply with our legal requirements. For example, to:
detect, monitor, investigate, mitigate, or attempt to prevent fraud and technical or security issues or to protect our property.
conduct internal testing and data analytics.
internally improve our algorithms.
allow for business continuity and disaster recovery operations.
provide emergency assistance in situations that may threaten the life or physical safety of you or others.
respond to court orders, warrants or other lawful requests or legal processes.
enforce and protect our legal rights.
In any other way we may describe when you provide the information or for any other purpose with your consent.
How We Secure and Store Your Information.
We have security measures in place that are intended to help protect against the loss, misuse, unauthorized access or alteration of information under our control. These measures include:
Encryption of data using the Secure Socket Layer (SSL) system.
Use of a secured messaging service when we send your personal information electronically to the Websites and Apps.
Use of Amazon Web Services (AWS) located in the U.S. for data storage and security.
Use of a physical firewall of data in hand and cyber firewall through AWS.
Your information may be collected, used, processed, transferred, and retained in the United States, which may be outside the region in which you are situated and may have different privacy or data protection legislation, and may therefore be subject to the laws of the United States. If you are a resident of the European Economic Area or a country which restricts data transfers outside of that jurisdiction or region without your consent, by using our Websites, you consent to your information being transferred outside of the European Economic Area or your country for processing or storage by or on behalf of us.
The HIPAA Privacy Rule provides additional guidelines for the use and disclosure of electronic personal health information (“ePHI”). The covered entity in partnership with Ellipsas is responsible for allowing patients the necessary rights and access to their ePHI. As a possible “business associate” as defined under HIPAA, Ellipsas strives to comply with the HIPAA Privacy Rule by training employees on the proper handling of secure information, protecting and authenticating ePHI in our encrypted server, and conveying ePHI to users when instructed to do so by providers.
How We Interact with Third Parties.
Some of our services may interact directly with third party service providers. When you use a service with these third-party service providers, we will not receive or store any information you provide to them nor will we provide any information to them without your consent. This may include:
Social media services. Third parties may provide features that may collect your IP address, which page you are visiting on our Website, and may use cookies to enable features to function properly.
Storing ePHI records. Ellipsas may transmit these records to a HIPAA-compliant third party server to store and secure your information.
Your interactions with these third-party service providers are outside of the purview of Ellipsas. If you submit personal information to any of those sites, your information is governed by their privacy statements. We encourage you to carefully read the privacy statement of any website you visit.
Children Under the Age of 13.
Our Website is not intended for children under 13 years of age. No one under age 13 may provide any information to or on the Website. We do not knowingly collect personal information from children under 13. If you are under 13, do not use or provide any information on this Website or on or through any of its features on the Website, make any purchases through the Website, or provide any information about yourself to us, including your name, address, telephone number, email address. If we learn we have collected or received personal information from a child under 13, we will delete this information. If you believe we might have any information from or about a child under 13, please contact us at info@Ellipsas.com.
Requests to Limit Use and Disclosure of Your Personal Information
State and federal laws may allow you to request that we limit our uses and disclosures of your personal information for treatment, payment, and health care operations purposes. You may contact us at the information in the “Questions, Complains, and Contacts” section below. We will consider all requests and, if we deny your request, we will notify you in writing. Federal law requires us to agree to your request to restrict disclosures to a health plan or insurer relating to specific health care services, if you have paid for those services in full.
Data Retention
We will retain your full information for as long as your account is active or as needed to provide you services. Further, we will retain and use your information as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements. We reserve the right to retain any data that is not personally identifying, despite your account being inactive or closed.
Data Use upon Business Transfers
If Ellipsas, or substantially all of its assets, is acquired, or in the unlikely event that Ellipsas goes out of business or enters bankruptcy, user information may be one of the assets that is transferred or acquired by a third party. You acknowledge that such transfers may occur, and that any acquirer of Ellipsas may continue to use your information as set forth in this Privacy Policy.
Accessing and Correcting Your Information
You can review your personal information by logging into our Websites or Apps and visiting your account profile page.
You may also contact us at the information in the “Contact” section below to request access to or correct any information that you have provided to us. We will respond to all access requests within 30 days. However, we may not accommodate a request to change information if we believe the change could violate any law or legal requirement or cause the information to be incorrect.
California Privacy Rights
California Civil Code Section § 1798.83 permits users of our Websites that are California residents to request certain information regarding our disclosure of personal information to third parties for their direct marketing purposes. To make such a request, please send an email to info@Ellipsas.com.
Privacy Policy Changes
Please read this policy carefully to understand our policies and practices regarding how we collect, keep and treat your information:
By accessing or using this Website, you are agreeing to the terms of this privacy policy.
If we make material changes to our Privacy Statement, we will post notice of the changes prior to the changes becoming effective. Any revised Privacy Statement will apply both to information we already have about you at the time of the change, and any information created or received after the change takes effect.
This Privacy Policy was last revised as of the date set forth at the top of the document.
We encourage you to periodically reread this Privacy Policy, to see if there have been any changes to our policies that may affect you. Your continued use of the Websites and Apps after we make changes to the Privacy Policy is deemed to be acceptance of those changes, so please check periodically for updates.
Questions, Complaints, and Contacts
If you have any questions about this Privacy Policy, our policies and practices concerning the Websites, your rights under this statement, and your dealings with the Ellipsas Websites, you can contact Ellipsas by sending a message to the Ellipsas Team atinfo@Ellipsas.com.