This Privacy Policy (“Privacy Policy”) is incorporated into our Terms of Service, as applicable. Therefore, terms used in this Privacy Policy that have been previously defined will have the same meanings as provided in our Terms of Service, as applicable. As with our Terms of Service, if we make any changes to our Privacy Policy, we will post the revised Privacy Policy to our primary website (“Site”) and update the “Last Revised” date of the Privacy Policy. Your use of our Site or Service following any such change means you accept the revised Privacy Policy.

We are committed to respecting the privacy of Users of our Site and Service. We created this Privacy Policy to tell you how CheckMySpot, Inc. (“CMS”, “we”, or “us”) and CheckMySpot Professionals and affiliates using the CMS platform collect, use, and disclose information in order to provide you with the Site or Service, as applicable.

By accessing or using the Service, you accept the practices and policies outlined in this Privacy Policy and you hereby consent that we will collect, use, and disclose your information as set forth in this Privacy Policy. If you are using the Service on behalf of an individual other than yourself, you represent that you are authorized by such individual to accept this Privacy Policy on such individual’s behalf.

WHAT INFORMATION DO WE COLLECT?

In general, you can visit the Site without telling us who you are or revealing any personally identifiable information about yourself. However, you should be aware that sections of the Service, such as the app, allow for the submission of and collection through use of the Service of personally identifiable information, including, but not limited to: (1) your name and contact data (such as your e-mail address, phone number, and billing and physical addresses); (2) your login and password; (3) demographic and health and wellness data (such as your gender, date of birth, wellness background, medical history, personal (and family) skin cancer history, eye color, lifestyle information, medication history, and zip code); (4) your communications with a physician or other healthcare provider conducted through the Service;  and (5) any information you provide when you contact or communicate with us (credit card data). We may also collect information from you necessary to provide you with services you request from physicians and other healthcare providers available on the Service, which may include, but is not limited to: (a) payment information; (b) insurance information; and (c) health and medical data (such as previous doctors or other healthcare providers you visited, your reason for visiting a healthcare provider, date of visit, medical history and condition, medications, images or videos and other medical and health information you share with us).

To protect your security and privacy, we require that you or your legal representative (as opposed to a third party on your behalf) enter the personally identifiable information that we collect, and that the information be current. CMS disclaims any legal duty to verify the accuracy of any personally identifiable information that you or your legal representative provide beyond what may be required by law for the particular purpose for which the information is to be used.  In addition to the information, we collect directly from you, we may also collect certain information from physicians and other healthcare providers who provide treatment or other services to you in connection with our Service. This information may include, but is not limited to, the healthcare provider’s diagnoses, treatment plans (including prescription details) and notes.

We may automatically collect certain information from your device through which you access our Service. This information includes, but is not limited to, your language preferences, your phone number or other unique device identifier (the International Mobile Equipment Identity or the Mobile Equipment ID number), the IP address of your device, the manufacturer, model and operating system of your device, the name and version of the Service you are using, information regarding your browser and information that allows us to personalize the Service. We or our service providers may also collect information about how you interact with the Site, the Service and any other websites to which the Service or Site links, such as how many times you use a specific part of the Site or Service, the amount of time you spend using the Site or Service, how often you use the Site or Service, actions you take in the Site or Service and how you engage with the Site or Service. For more details about this type of data collection, please refer to the section below on cookies and web beacons.

We will obtain information regarding your location or the location of your device through which you access the Site or Service. Information regarding your location will be obtained directly from you when you provide us with your zip code. Alternatively, the Site or Service may obtain precise information about the location of your device with your express consent. Once you have consented to the collection of the precise location of your device, you may adjust this consent by managing your location services preferences through the settings of your device.

HOW DO WE USE YOUR INFORMATION?

In connection with providing you with the Site or Service, we and our affiliates may use, compile, analyze and save your information for a number of purposes, including, but not limited to: (a) verifying your identity and administering your account, including processing your payments and providing your service; (b) communicating with you about our Site, Service or your use of our Site or Service, and sending you communications on behalf of physicians and other healthcare providers utilizing the Service to meet your needs; (c) ensuring quality customer service by providing you customer support, responding to your requests or concerns, ensuring that our Site or Service functions properly for you, and tailoring our Site or Service to meet your needs; (d) as applicable, facilitating the provision of healthcare services to you by a physician or other healthcare provider, and ensuring the healthcare providers have the services and support necessary for healthcare operations; (e) sending you push notifications (notifications may be enabled or disabled through your device or app settings depending on your device type); or (f) detecting, preventing, investigating and responding to fraud, intellectual property infringement, violations of our Terms of Service, or other misuse of our Site or Service or a healthcare provider’s services.

We use information regarding your location or the location of your device through which you access our Site or Service for a number of purposes, including, but not limited to: (a) identifying physicians and other healthcare providers who may provide you with CMS services; (b) identifying other healthcare providers to whom you may visit at the recommendation of the CMS service and (c) analyzing the demographics of the individuals who access the Site and use the Service.

HOW DO WE DISCLOSE YOUR INFORMATION?

We may disclose your information to third parties in connection with the provision of our Service or as otherwise permitted or required by law. For example, we may disclose your information to: (a) our third-party service providers that provide services such as the hosting of our Site or Service, data analysis, IT services and infrastructure, customer service, e-mail delivery, auditing and other similar services; (b) CMS referral sites to schedule and fulfill appointments and provide healthcare services as part of the Service; (c) CMS providers to whom you send messages through our Service; (d) third parties as we believe necessary or appropriate to comply with applicable laws; and (e) to a third party in the event of any reorganization, merger, sale, joint venture, assignment, transfer, liquidation or other disposition of all or any portion of our business, assets or stock.

CMS has a general policy of not disclosing your information to third parties unless you have consented to such sharing. However, we may share the information about you that you provide to us with other companies collecting and using the information you provide to us to better understand the offers, promotions, health and wellness benefits, insurance trends, employer related trends, and types of advertising that are most appealing to our customers. After these third parties collect the information, it is aggregated so it is not personally identifiable or tied to you or any other user. We may also collect and group demographic and preferences information, responses to surveys and other personally identifiable information that we collect from you into an aggregate, non-personally identifiable form for disclosure to our existing or potential business partners, affiliates, sponsors, and regulators as part of further product development, including as part of a pre-market submission with the U.S. Food and Drug Administration (“FDA”), or other third parties. However, please be assured that this aggregate data will in no way personally identify you or any other parties participating in the Service. When you submit personally identifiable information to us as part of the Service, you may be given an opportunity to opt in to receiving additional information from or on behalf of CMS and/or selected third parties. If you opt in, you may be added to our list of secure users who will receive additional features, including promotional and marketing communications from us, our partners and/or other third parties. If you initially opt in to receiving such communications and you later decide that you no longer want to receive them, you may opt out of receiving promotional and marketing communications from us and/or our partners and other third parties by contacting us at 1-833-4MYSPOT or by regular mail at 4249 Bryson Blvd. Florence, Alabama 35630.  If you discontinue your use of the Service for a period of ninety days or more we may require you to re-register or otherwise stop communicating with you electronically.

HOW DO WE STORE INFORMATION?

CMS will store archives of information subject to this Privacy Policy from secure Users for no less than the required legal period but may retain some or all of the information indefinitely in CMS’s sole discretion.

CAN YOU REQUEST A COPY OF INFORMATION SUBJECT TO THIS PRIVACY POLICY?

With respect to all active secure Users of the Services, upon the detailed and reasonable written request of an active User and the payment of any applicable fees CMS may charge to copy and distribute materials, CMS shall make copies of information subject to this Privacy Policy and identifying the requesting User maintained by CMS to such User within a reasonable time of the request.

USE BY MINORS

If you are under 19 years of age, we must obtain valid and verifiable consent by your parent or legal guardian to this Privacy Policy and our Terms of Service before you can use the Services or the Site. Such consent will be obtained via reasonable methods, as determined by us in our sole discretion. If we determine that the consent obtained is inadequate, we will notify you and you may not use or access the Service or Site at any time or in any manner. However, if you are a parent, legal guardian, or personal representative of a minor child under 19 years of age, you may, in compliance with the Terms of Service, use our Service on behalf of such minor child. Any information you provide us on behalf of your minor child will be treated in accordance with this Privacy Policy. We do not knowingly collect information for individuals under the age of 19 for whom we have not obtained adequate consent pursuant to the above. If we learn that we have received any information for an individual under the age of 19 for whom we have not obtained adequate consent pursuant to the above, we will only use that information to respond directly to that minor (or a parent, legal guardian or personal representative) to inform him or her that he or she cannot use our Service, and subsequently we will delete that information from our own servers.

JURISDICTIONAL ISSUES

We intend to provide our Service in the United States; accordingly, this Privacy Policy, and our collection, use, and disclosure of your information, is governed by the laws of the State of Alabama, those states currently participating in the Interstate Medical Licensure Compact (“IMLC”) and the United States. We do not represent or warrant that our Service is appropriate or available for use in any particular jurisdiction. If you choose to access or use our Service from jurisdictions other than the State of Alabama, or those states currently participating in the IMLC, including from outside the United States, you do so on your own initiative and at your own risk and acknowledge that the Service may not be available except for individuals within these jurisdictions at the time of the healthcare provider-patient encounter. You acknowledge that our Service is subject to laws of the State of Alabama, those of the IMLC and the United States.

THIRD PARTIES

This Privacy Policy does not address, and we are not responsible for, the privacy, information, or other practices, including data privacy and security processes and standards of any third parties, including physicians and other healthcare providers using the Service, the manufacturer of your mobile device and other IT hardware and software, and any other third-party mobile application or website to which our Service may contain a link. These third parties may at times gather information from or about you. We have no control over the privacy practices of these third parties. Any physician or other healthcare provider engaging through our Service may be a “covered entity” and therefore subject to the provisions of HIPAA from time to time. If you are using the Service, your acceptance of the Terms of Service incorporates your acceptance and consent to this Privacy Policy. This notice describes how your physician or other healthcare provider uses and discloses your protected health information (“PHI”). CMS has agreed that its collection, use and disclosure of your PHI on behalf of your healthcare provider will be done consistent with the CheckMySpot Privacy Policy except to the extent you have expressly authorized additional uses and disclosures. CMS further agrees that all collection, use and disclosure of your PHI will be done in accordance with all applicable laws and regulations.

NOTICE OF YOUR RIGHTS UNDER HIPAA

In addition to any rights established by this Privacy Policy, under the HIPAA Privacy Rule, you have the following rights concerning your health information:

1.     Right Inspect and Copy Your Health Information

Upon written request, you have the right to receive an electronic or paper copy of your medical record and other information we have about you.  If you request a copy or summary of your health information, we may charge you a reasonable cost-based fee, including the cost of supplies and labor, postage, and any other associated costs in preparing the summary or explanation. 

2.     Right to Request Restrictions on the Use and Disclosure of Your Health Information

You can ask us not to use or share certain health information for treatment, payment, or our operations.  We are not required to agree to your request, and we may say “no” if it would affect your care. 

3.     Right to Request an Amendment of Your Health Information

You can also ask us to correct health information about you that you think is inaccurate or incomplete.  We may say “no” to this request, but we will tell you why in writing.

4.     Right to an Accounting of Disclosures of Your Health Information

You can ask us for a list (accounting) of the times we’ve shared your health information for six years prior to the date you ask, who we shared it with, and why.  We will include all the disclosures except for those about treatment, payment, and healthcare operations, and certain other disclosures (such as any you asked us to make).  We will provide one account a year for free, but will charge a reasonable, cost-based fee if you ask for another one within twelve months. 

5.     Right to Alternative Communications

You can ask us to contact you in a specific way or to send mail to a different address than the one currently provided.  We will say “yes” to all reasonable requests.

6.     Right to Receive a Paper Copy of Privacy Policy

You can ask for a paper copy of this policy at any time, even if you have agreed to receive the policy electronically.  We will promptly provide you with a paper copy upon request.

7.     How to Contact Us and How to Report a Privacy Rights Violation

If you would like to exercise any of the rights listed above, have questions, and/or would like additional information regarding the uses and disclosures of your health information, you may contact our Privacy Officer at eswjd@checkmyspot.com, or by regular mail at:

CheckMySpot, Inc.

4249 Bryson Blvd.

Florence, AL 35630

Telephone: 1-833-4MYSPOT

If you believe that your privacy rights have been violated or that we have violated our own privacy practices, you may file a complaint with us.  You may also file a complaint with the Secretary of the U.S. Department of Health and Human Services by sending a letter to 200 Independence Avenue, S.W., Washington, D.C. 20201, calling 1-877-696-6775, or visiting www.hhs.gov/ocr/privacy/hipaa/complaints/.  Complaints filed directly with the Secretary must name us, describe the acts or omissions in violation of the Privacy Rules or our privacy practices, and must be filed within 180 days of the time you knew or should have known of the violation.    Complaints submitted directly to us must be in writing and to the attention of our Privacy Officer. We will not retaliate against you for filing a complaint. 

COOKIES AND WEB BEACONS

Please note that we may use “cookies”—a small data file that we transfer to your computer’s hard drive—to collect certain information about you and your use of our Service, such as IP addresses (the Internet access of a computer), domain names, and the type of computer, smart phone device, and operating system being used. We may also use cookies to identify your computer or smart phone device when you revisit our Service to, for example, recall your authentication information or to track statistical information related to navigation throughout the Site, as applicable. We may use both “session” cookies and “persistent” cookies to better operate the Service to enhance your experience while using the Service. A session cookie enables certain features of the Service and is deleted from your computer or smart phone device, as applicable, when you disconnect from or leave the Site. If a portion of the Service requires a password, you are giving us explicit permission to use a persistent cookie, which is a small data file that is generated when, as a registered user of the Service, you enter your assigned user ID and password to access the password-protected area of the Service. This file is stored on your computer or smart phone device. You may adjust your browser to refuse to accept cookies, remove cookies or notify you when a cookie is set by editing your web browser preferences or options. (Each browser is different, so check the “Help” menu on your browser to learn how to change your cookie preferences.) You do not have to accept all cookies sent to you by the Service; however, depending on the particular cookie you reject, you may not be able to use some features of the Service or some features may not function properly.

Please note that linked third-party websites may also use cookies. We cannot control the use of cookies by these third-party websites. For example, when you link from the Service to a third-party website, that website may have the ability to recognize that you have come from our Service by using cookies. If you have any questions about how third-party websites use cookies, you should contact such third parties directly.

We may also employ software technology known as “web beacons” or “clear GIFs,” which helps us keep track of what content on our Service is effective. Web beacons are small graphics with a unique identifier that are used to track the online movements of Internet users. Web beacons are embedded in the web pages you review, so they are not stored on your hard drive. The web beacons we may use will not track or collect any personally identifiable information about you and they are in no way linked to your personally identifiable information.

SECURITY OF INFORMATION AND DISCLOSURES

CMS uses industry standard security measures to safeguard information concerning, and submitted by, users like you. Despite the security measures employed by CMS, you should be aware that it is impossible to guarantee absolute security with respect to information sent through the Internet or as part of a mobile application.

CMS will, to the extent possible, control your personally identifiable information, and, except as otherwise set forth in this Privacy Policy, we will not disclose your personally identifiable information to third parties. Although we are committed to maintaining the confidentiality of your personally identifiable information, if required by law, we reserve the right to disclose such information without first obtaining your consent.

We strive to use reasonable physical, technical, and administrative measures to protect information under our control. However, you must keep your password and your account confidential, and you are responsible for all use of your account. If you have reason to believe that the security of your account has been compromised, please notify us immediately in accordance with the “Contacting Us” section below.

When using our Service, you may choose not to provide us with certain information, but this may limit the features you are able to use. You may also choose to opt out of receiving certain communications (e.g., newsletters, promotions) by emailing us your preference. Please note that even if you opt out, we may still send you service-related communications.

If you reside in California and have provided your personally identifiable information to us, you may request information once per calendar year about our disclosures of certain categories of your personally identifiable information to third parties for their direct marketing purposes. Such requests must be submitted in writing using the email address in the “Contacting Us” section below.

CONTACTING US

If you have any questions about this Privacy Policy, please contact us at eswebbjd@checkmyspot.com or by regular mail at:

CheckMySpot, Inc.

 4249 Bryson Blvd.

Florence, AL 35630