Last updated: Oct 10, 2018
SCOPE
This Privacy Policy is entered into by and between you and DEVI MGMT (DEVI). This policy is presented to you in order to help you make an informed decision about using the Devi Integrative Health app and the services provided by DEVI MGMT and to explain to you what information we collect, how we store that information, and how we may use it. By using the Devi Integrative Health app, or any other DEVI MGMT website, app or service on which this policy appears, you are consenting to have your Personal Information (defined below) and non-personally identifiable data transferred to and/or processed in the United States in accordance with the terms of this Privacy Policy. Please do not use Devi Integrative Health Services or the DEVI MGMT app if you do not agree with this policy and any other policies listed on or within the DEVI MGMT Services.
“Personal Information” means information that alone or when in combination with other information may be used to readily identify, contact, or locate you, such as: name, address, e-mail address, phone number, social security number, and insurance-issued ID numbers. “Personal Information” also includes identifiable health information collected about you. However, “Personal Information” does not include any information or data which has been anonymized so that it does not allow a third-party to identify a specific individual.
“Protected Health Information”, as defined in the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”), 45 C.F.R. Parts 160, 162, and 164, means information, including demographic information, which relates to an individual’s past, present, or future physical or mental health or condition or the provision of health care to the individual, or the past, present, or future payment for the provision of health care to the individual, and that identifies the individual or for which there is a reasonable basis to believe can be used to identify the individual.
ABOUT DEVI MGMT
DEVI uses cutting edge software to provide education and digital health guidance and support to patients, monitor patient health through wearable technology and patient self-reporting, manage patient progress, collect payments, and provide other healthcare related services. The information that is submitted through the Devi Integrative Health app and DEVI Service will be held subject to the requirements of our health service provider clients and applicable law, such as the Health Insurance Portability and Accountability Act (HIPAA).
INFORMATION WE COLLECT FROM YOU
Non-Personally Identifiable Information
When you use the Devi Integrative Health app or DEVI Service, we may collect certain non-personally identifiable information. This may include your browser information (including browser type, browser version, host operating system, and browser language) and your IP address. We use this information to help diagnose problems with our servers and for other administrative purposes.
In addition, aggregate traffic information may also be compiled by the DEVI Service from this non-personally identifiable information. We may use this data for improving the features offered by the DEVI Service.
Personal Information
We may collect information, including Personal Information and Protected Health Information, about you:
when you register to use the Devi Integrative Health app or other DEVI Services;
when you interact with and use the Devi Integrative Health app or other DEVI Services;
when you provide Personal Information via the Devi Integrative Health app or other DEVI Services;
when you upload an image, document, or any other data to the Devi Integrative Health app or other DEVI Services;
when you communicate with us.
Devi Integrative Health's Use of Cookies
We use cookies on the Devi Integrative Health Service. By using the DEVI Service or the Devi Integrative Health app, you accept the use of cookies in accordance with this Privacy Policy. If you do not accept the use of these cookies, please disable them following the instructions in this Privacy Policy.
We primarily use two different types of cookies on this website: (1) Strictly Necessary Cookies and (2) Analytics Cookies:
Strictly Necessary Cookies:
These cookies are essential in order to enable you to move around the website and use its features and services, such as accessing secure areas of the website. These cookies do not gather information about you that could be used for marketing or remembering where you have been on the internet.
Analytics Cookies:
These cookies collect information about how visitors use a website, for instance, which pages visitors go to most often, and if they get error messages from web pages. These cookies do not collect information that identifies you. All the information that these cookies collect is anonymous and is used only to improve a website’s services.
Managing Cookies. You can enable, disable or delete cookies within your browser. In order to do this, follow the instructions provided by your browser (usually located within the “Help”, “Tools” or “Edit” menu). Disabling a cookie or category of cookie does not delete the cookie from your browser; you will need to do this yourself from within your browser by choosing the option to delete cookies. If you have disabled one or more analytics cookies, we may still use information collected from cookies prior to your disabled preference being set, however, we will stop using the disabled cookie to collect any further information.
USE OF INFORMATION COLLECTED
Primary Purpose of Information Collected
The information and data collected through the DEVI Services, including Personal Information and/or Protected Health Information, is primarily used for the purposes of:
providing you the products and services you request;
notifying you about changes to our service and policies; and
communicating with you.
Other Uses
DEVI may also use the information we collect about you, including Personal Information, for the following purposes:
Communications.
We may periodically contact you using information supplied to the site (e.g. to provide newsletters or marketing information on new products and services). You may opt out of receiving marketing communications by clicking on the unsubscribe link at the bottom of such emails. Certain communications, such as those regarding changes to our policies or changes to services you have purchased, you may not opt out of.
Surveys and Ratings. DEVI may make the content of any survey or ratings you provide public. DEVI will notify you in advance how it will use any survey or rating feedback in such request for this information.
Anonymized and Aggregate Data.
DEVI may anonymize and aggregate any data collected through the DEVI Service, and use it for business or research purposes. For example, we may use such anonymized and aggregate data for evaluating the performance of content and features provided through the DEVI Service.
DISCLOSURE OF PERSONAL INFORMATION
Vendors and Service Providers
We may share any information we receive with vendors and service providers retained in connection with the provision of the DEVI Service. When Protected Health Information is shared, as such term is defined by HIPAA, our vendors and service providers will be bound by appropriate business associate agreements as required by HIPAA.
Display or Disclosure to Health Service Providers and Others
The content you provide via the DEVI Services or Devi Integrative Health app may be displayed on the DEVI Service or disclosed to others at your direction. Your DEVI provider (including your health provider’s staff), will have access to certain account information, including Personal Information and Protected Health Information. For example, when you enter biometrics or activity information, manually or through wearable technology, send private messages and/or share journal entries, your DEVI provider and staff will be able to see your name, contact information, as well as any other health information you have provided. However, DEVI will not have access to (i) any payment information, such as your credit card number, or (ii) your account password. You may also be permitted to share the content of your health records with third-parties. DEVI is not responsible for the privacy practices of others who may view and use the information you disclose to others.
Marketing and Advertising
DEVI does not rent, sell, or share Personal Information about you with other third-parties or non-affiliated companies for their marketing or promotional purposes.
When Required by Law.
DEVI reserves the right to disclose your Personal Information, without prior notice to you, as required by law or when we believe that disclosure is necessary to comply with a law, regulation, or any legal request (e.g. court order or subpoena). Furthermore, we may share your Personal Information when we believe it is necessary to address fraud or other illegal or prohibited activity perpetrated through the DEVI Services, or to prevent imminent bodily harm.
Merger, Sale, or Other Asset Transfers
If DEVI is involved in a merger, acquisition, reorganization, bankruptcy, receivership, sale of company asses, or transition of service to another provider, your information may be sold or transferred as part of such a transaction as permitted by law and/or contract. We cannot control how such successor entities may use or disclose such information.
With Your Permission
DEVI may disclose your Personal Information according to your instructions and with your permission.
ACCESS AND CORRECTION OF PERSONAL INFORMATION
With respect to most information collected, DEVI obtains your personal information on behalf of a health service provider. To request access to, correction, amendment, or deletion of such Personal Information and/or Protected Health Information, please first contact the health service provider to which the information was provided. If the health service provider is unable to resolve your request, and for all other inquiries regarding your Personal Information, please contact: ami.shah@face2facehealth.com.
SECURITY
We have implemented reasonable measures to protect the information we collect and store (e.g. hashed user password and SSL encryption), taking into consideration the types of risks we face and the reasonable protections available to us. No method of protecting information is 100% secure, and we cannot guarantee its absolute security. Consequently, we cannot ensure or warrant the security of any information you transmit to us and you do so at your own risk. Once we receive your data, we take steps to ensure security on our systems and/or on the systems of our service providers. Please note this is not a guarantee that such information may not be accessed, disclosed, altered, or destroyed by breach of such safeguards.
DEVI has adopted and maintains appropriate physical, technical and administrative policies and procedures to safeguard and secure the Protected Health Information we process, transmit or receive. We also will not access, use, or disclose the Protected Health Information except as permitted by health service provider clients, you, and/or applicable law, including HIPAA. DEVI takes the privacy of its customers seriously, and strives to protect the privacy of the Personal Information it processes, and to avoid any inadvertent disclosure.
If DEVI learns of a security system breach affecting personal information and/or Protected Health Information, DEVI maintains a breach notification policy pursuant to Business Associate Agreements it may have with a health service provider clients and/or consistent with applicable law.
By using the DEVI Service or providing Personal Information to us, you agree that we can communicate with you electronically regarding security, privacy, and administrative issues relating to your use of the DEVI Service and Devi Integrative Health app.
INTERNATIONAL USERS
Access to and use of the DEVI Service is administered in the United States and is intended for users within the United States.
PLEASE NOTE: If you are using the DEVI Service from the European Union or other regions with laws governing data collection and use, you are agreeing to the transfer of your information to the United States for processing. By providing you information to DEVI you consent to any transfer and processing in accordance with this Privacy Policy.
PRIVACY PRACTICES OF THIRD PARTIES
When you click on links to websites or applications outside of the DEVI Services, third parties may place their own cookies or other technological devices on your Internet browser or device. We have no control over these third parties and no responsibility for the technologies they employ. To learn how a particular web site collects and uses your information, you should read the privacy policy of that website.
PRIVACY OF CHILDREN
DEVI does not knowingly collect information from anyone under the age of 13. If we are made aware that we have received information from anyone under the age of 13, we will promptly locate and remove that information from our records.
YOUR CALIFORNIA PRIVACY RIGHTS
Under California’s “Shine the Light” law, California residents have the right to receive information from us regarding categories of Personal Information we shared with third-parties for their direct marketing purposes during the previous calendar year, if any. This information will be provided free of charge, once per calendar year upon request. To request this information please email ami.shah@face2facehealth.com with the subject line “Request for California Privacy Information”. We will respond to such written requests within 30 days following receipt at the e-mail or mailing address stated above.
CHANGES TO PRIVACY POLICY
We may modify this Privacy Policy at any time, and the revised version will be effective when posted. If you are concerned about how your Personal Information is used, please review this Privacy Policy periodically. If we make material changes to this policy, including and new uses of your Personal Information not already disclosed in our Privacy Policy, we will notify you here at http://devi.pages.ontraport.net/, and make reasonable efforts to notify you by email or by means of a notice on our homepage. The date of the most recent revisions will also appear on this page. Changes are effective immediately upon posting. Unless stated otherwise, our current Privacy Policy applies to all information that we have about you and your interactions with the DEVI Service.
QUESTIONS
For questions or concerns regarding this Privacy Policy please contact: ami.shah@face2facehealth.com.
To return to our main page, click here.