隐私政策. Privacy Policy - Diagnostic Detectives Network China

生效日期：2019 年 6 月 1 日。

最后更新：2021 年 8 月 15 日

请注意，通过使用本网站（“网站”）、diagnosticdetectives.com/de（“公司”、“我们”、“我们的”或“我们”）提供的服务或公司提供的移动应用程序，您是接受本隐私政策中描述的做法。如果您不同意本隐私政策，请不要使用本网站、公司的服务或公司的移动应用程序。

本隐私政策的目的是什么？

本隐私政策披露了公司在网站、移动应用程序和我们的服务方面的个人信息收集和传播做法。请仔细阅读本隐私政策。

我们还制定了本隐私政策，以表明我们对隐私的承诺。我们认识到，当您向我们提供有关您自己的信息时，您相信我们会以负责任的方式处理该信息。我们致力于确保我们赢得这种信任。

我们从用户那里收集哪些信息以及如何使用这些信息？

以下内容描述了公司可能收集的有关您的个人信息和其他信息的类型，以及公司可能如何使用和维护这些信息，包括但不限于：

登记。在您使用我们在网站上或以其他方式提供的某些服务之前，我们可能会要求您在网站上注册并向我们提供您的电子邮件地址、密码、您的名字和姓氏以及其他联系信息和个人详细信息。我们要求这些信息用于识别目的，与您就您的帐户进行沟通，并促进某些服务的运作。我们可能会无限期保留这些信息。

形式。为了充分利用我们提供的服务，您可能需要填写包含个人信息的表格，例如您的姓名、地址、电话号码、社会安全号码、帐户信息、就业、健康状况和其他与您的健康相关的个人信息保险范围、诊断和治疗。

病历。为了让医疗专业人士对您的健康提出第二意见，您可能需要向我们提供过去和现在的病历、症状描述、病史和生活方式描述。

一致。如果您通过电子邮件与我们联系，我们可能会在特定于您的文件中收集您提交的信息。我们可能会无限期保留这些信息。

URL 和 IP 地址。与许多其他网站一样，公司收集有关用户使用和导航我们网站的信息。这些信息有助于我们设计我们的网站以更好地满足我们用户的需求。例如，我们的网站将跟踪您在访问我们网站之前访问过的 URL、您接下来访问的 URL 以及您的互联网协议 (IP) 地址。我们使用您的 IP 地址来帮助诊断我们服务器的问题并管理我们的网站。您的 IP 地址还用于帮助识别您的身份并收集广泛的人口统计信息。

使用 Cookie 收集的信息。与大多数主要网站一样，公司在我们网站的某些页面上使用 cookie。Cookies 通过保存您的偏好等功能，让您更轻松地使用 Internet。例如，cookie 可以让网站记住您已注册，这使我们能够加快您未来在我们网站上的活动，并允许您在访问我们的网站时减少输入注册信息的频率。我们还可能使用 cookie 来提供适合您兴趣的内容。我们的 cookie 可能使我们能够将您对我们网站的使用与您之前提交的个人识别信息相关联，例如当您返回我们的网站时通过姓名呼叫您。如果您的浏览器设置为拒绝 cookie，或者如果您的浏览器通知您您将要接收 cookie 而您拒绝了它，那么您对本网站的使用可能不会像 cookie 那样有效或愉快启用。我们通过 cookie 收集的信息使我们能够改进我们的营销和促销工作，统计分析网站使用情况，改进我们的内容和产品供应，并定制我们网站的内容、布局和服务。但是，我们仅在汇总的基础上使用通过 cookie 收集的信息，而不会使用任何可识别您个人身份的信息。您可以在本文档的后面了解有关特定 cookie 的更多信息。

公司向谁披露我们收集的有关您的信息？

我们不会共享、出租、出售或以其他方式披露我们收集的关于您的任何个人身份信息，除非我们获得您的许可或在以下任何情况下：

如果您请求咨询服务、医生转诊或其他服务，我们可能会使用您的信息来满足此类请求（包括向第三方提供该信息）。我们也可能随时审查您的病例、您与本网站互动前后的医疗记录，以及因接受服务而创建的任何记录。我们可能会向您的医疗保健付款人分享有关您、您的护理和您使用服务的信息，或在必要时分享您在适用的健康计划文件中向您描述的计划设计，或应您的要求。如果您的健康计划为使用服务提供奖励，我们将共享实施此类奖励所需的信息。我们可能会要求您的主治医生提供礼节性通知和/或要求他们提供额外的医疗记录，包括与您在接受服务后接受的护理有关的记录。我们可能会审查这些记录，其中包括审查您获得的服务质量、审查为您治疗的医生和医疗专业人员（包括您可能已收到转诊的医生和医疗专业人员）提供的服务质量，更好地了解您病情的治疗过程，包括有关结果和费用的信息，并改进对具有相似或不同病症的人的治疗和建议。在此过程中，我们将注意尽量减少个人识别信息。我们还可能使用收集到的匿名信息，包括来自您的医疗记录的信息，以得出关于医疗保健过程、特定条件和其他事项的结论。我们和我们的附属医生和研究人员可能会在期刊、网站和其他地方发布这些匿名信息。但是，我们不会公布您的姓名或任何关于您的识别信息；我们将仅将匿名数据用于任何公共目的。
我们可能会向为公司提供服务的第三方承包商披露我们收集的有关您的信息，以便提供某些服务或完成或确认您与我们进行的交易。
我们可能会出于营销或促销目的披露有关您的汇总数据的结果（例如，我们网站上一定比例的用户居住在美国的某个特定州）。在这些情况下，我们不会向这些实体披露任何可用于识别您个人身份的信息。某些信息（例如您的密码）根本不会透露给营销广告商，即使是以汇总的形式。
作为合并、收购或其他出售或转让其资产或业务的一部分，我们可能会披露有关您的信息。公司不保证收到与其中一项交易有关的此类信息的任何实体将遵守本政策的所有条款。
我们可能会出于提供本网站可用服务等目的而披露有关您的信息；与保险、再保险和超额或止损保险公司协调；执行我们会员的权利；防止实际或潜在的欺诈；解决会员查询或争议；接收付款；开展我们的业务；保护我们记录的机密性或安全性；管理预防性健康和病例管理计划；执行审计和费率制定职能；使我们的服务提供商能够代表我们提供营销服务，并向会员告知我们自己的产品或服务；遵守联邦或州法律和其他适用的法律要求。
我们可能会在法律允许的范围内，在法庭上或在可能因不当使用本网站、应用程序或服务而引起的法律诉讼的阶段披露您的信息，或由于您就相关服务发起的争议。
此外，在某些情况下，我们可能有法律义务向政府或第三方披露您的信息，例如与我们网站上的非法活动有关或响应传票、法院命令或其他法律程序。公司保留将我们收集的信息发布给执法部门或其他政府官员的权利，我们全权酌情决定认为必要或适当。

如果您在美国境外使用我们的网站或服务，我们收集的有关您的信息将传输到美国境内的服务器，这可能涉及将信息传输到位于欧洲经济区的国家/地区之外。允许公司收集有关您的信息，即表示您同意此类传输和处理您的数据。

您对受保护健康信息的权利

您对我们维护的有关您的受保护健康信息享有某些权利。

访问您受保护的健康信息的权利。您有权查看或获取受保护的健康信息记录的副本，但有一些有限的例外情况。通常记录包括注册、计费、理赔支付和病例或医疗管理记录。您要求查看和/或获取受保护的健康信息记录副本的请求必须以书面形式提出。我们可能会就制作、复制和邮寄您要求的信息的费用收取费用，但我们会提前告诉您费用（GDPR豁免适用）。
修改您受保护的健康信息的权利。如果您认为我们维护的您的信息（包括受保护的健康信息）不正确或不完整，您可以要求我们修改信息。您的请求必须以书面形式提出，并且必须包括您寻求更改的原因。例如，如果您要求修改已经准确和完整的记录，我们可能会拒绝您的请求。

如果我们拒绝您的修改请求，我们将书面通知您。然后，您有权向我们提交书面声明不同意我们的决定，我们有权反驳该声明。

对披露进行会计处理的权利。您有权要求对我们对您受保护的健康信息进行的披露进行说明。该列表不包括我们对您的治疗、我们的付款或医疗保健业务的披露，或向您或经您授权的披露（GDPR 制度涵盖的用户除外，他们可能会要求此类使用）。该列表还可能排除某些其他披露，例如出于国家安全目的。

您要求对披露进行会计处理的请求必须以书面形式提出，并且必须说明您希望进行会计处理的时间段。您的请求应指明您想要该清单的形式（例如，纸质或电子形式）。您在 12 个月内请求的第一次会计将是免费的。对于GDPR制度之外的用户，我们可能会在同一时间段内提供会计附加清单，但我们会提前告诉您费用。

要求限制使用和披露您受保护的健康信息的权利。您有权要求我们限制或限制我们使用或披露您受保护的健康信息（或 GDPR 涵盖的用户的所有个人信息）以进行治疗、付款或医疗保健操作的方式。我们可能不同意您的要求。如果我们同意，我们将遵守您的要求，除非紧急情况需要该信息。您的限制请求必须以书面形式提出。在您的请求中，您必须告诉我们： (i) 您想限制哪些信息；(ii) 您是否想限制我们使用或披露您的信息的方式，或两者兼而有之；(iii) 您希望限制适用于谁。
接收机密通讯的权利。如果通信可能危及您，您有权要求我们使用某种方式与您交流或我们将有关您的信息发送到某个位置。您接收机密通讯的请求必须以书面形式提出。您的请求必须明确说明我们的全部或部分通信可能危及您。我们将满足所有合理的要求。您的请求必须指明您希望联系的方式或地点。
获得本隐私政策纸质副本的权利。您有权随时索取本隐私政策的纸质副本，即使您之前已同意接收电子副本。
行使您的权利的联系信息。您可以通过以下电子邮件联系我们的办公室来行使上述任何权利：在diagnosticdetectives dot com 上获得支持。

本网站采用了哪些安全措施？

我们的网站要求用户向我们提供唯一标识符，以便登录网站的许多区域。我们利用这些唯一标识符来验证用户的身份和资格，以保护我们的会员免于将敏感或个人身份信息泄露给未经授权的用户。为了帮助保护您通过本网站传输的数据的隐私，在需要个人身份信息的情况下，我们还使用旨在加密您输入的信息的技术，然后使用安全套接字层 (SSL) 技术或类似的加密技术将其发送给我们. 此外，公司采取措施保护我们收集的用户数据免受未经授权的访问。但是，您应该记住，本网站和我们的服务在软件、硬件和网络上运行，其中的任何组件可能不时需要维护或遇到我们无法控制的问题或安全漏洞。

另请注意，尽管我们出于最佳意图和本隐私政策中概述的准则，但不能保证通过 Internet 或加密方法传输的数据是 100% 安全的。

您如何更正或更新我们收集的有关您的信息？

您可以通过管理您的帐户资料或通过下面注明的电子邮件或邮寄地址与公司联系来更正或更新收集到的有关您的信息。我们将尽合理努力更新我们的记录。如有必要，我们可能会出于技术限制、争议解决、故障排除和协议执行等原因保留原始和更新的信息。

链接网站和其他第三方的政策是什么？

本隐私政策仅涉及我们从您那里收集的信息的使用和披露。您应该知道，当您在本网站上时，您可能会被定向到我们无法控制的其他网站，公司不对第三方的隐私惯例或链接网站的内容负责。我们鼓励您在与任何网站互动时阅读发布的隐私政策。

我如何知道隐私政策的变化？

公司保留不时更新本隐私政策的权利。请定期访问此页面，以便您了解任何更改。

我们对网站儿童用户的政策是什么？

我们不会有意收集或维护 13 岁以下人士的个人身份信息，我们网站的任何部分都不会针对 13 岁以下人士。如果您未满 13 岁，请不要在任何时候使用或访问我们的网站或以任何方式。如果公司获悉在未经父母同意的情况下收集了 13 岁以下人士的个人身份信息，则公司将采取适当措施删除此信息。如果您是父母或监护人并发现您 13 岁以下的孩子获得了公司帐户，则您可以通过以下地址提醒公司，并要求我们从我们的系统中删除该孩子的个人信息。

什么法律管辖我对网站和公司服务的使用？

选择访问本网站、使用我们的服务或以其他方式向公司提供信息，即表示您同意任何有关隐私或本隐私政策中包含的条款的争议将受特拉华州法律管辖。您还同意遵守我们的服务条款或我们与您达成的其他协议中对损害赔偿的任何限制。

如何联系我们/数据控制者？

如果您对本隐私政策有任何疑问，或出于任何其他原因需要联系所有者/数据控制者，您可以通过电子邮件与我们联系，地址为“支持在diagnosticdetectives dot com”。

关于本隐私声明的附加信息

在我们保留会员信息的范围内，本隐私政策中指明的政策将保持有效，即使会员的保险范围已终止。我们可能随时更改本隐私政策，并会根据法律或法规的要求通知您任何更改。

有关特定服务的信息

分析
本节中包含的服务使所有者能够监控和分析网络流量，并可用于跟踪用户行为。

谷歌分析（谷歌公司）
谷歌分析是谷歌公司（“谷歌”）提供的网络分析服务。谷歌利用收集到的数据来跟踪和检查此应用程序的使用情况，准备关于其活动的报告并与其他谷歌服务共享。
谷歌可能会使用收集到的数据将其自己的广告网络的广告语境化和个性化。
收集的个人数据：Cookie 和使用数据。
处理地点：美国 –隐私政策–选择退出

用于 Google Analytics (Google Inc.) 的显示广告扩展
本应用程序上的 Google Analytics 可能使用 Google 基于兴趣的广告、第 3 方受众数据和来自 DoubleClick Cookie 的信息来扩展人口统计、兴趣和广告交互数据的分析。
收集的个人数据：Cookie 和使用数据。
处理地点：美国 –隐私政策–选择退出

直接收集的分析（本网站）
本网站使用不涉及第三方的内部分析系统。
收集的个人数据：Cookie 和使用数据。

Google Tag Manager (Google Inc.)
Google Tag Manager 是 Google Inc. 提供的一项分析服务。
收集的个人数据：Cookie 和使用数据。
处理地点：美国 –隐私政策

Facebook 广告转化跟踪 (Facebook, Inc.)
Facebook 广告转化跟踪是 Facebook, Inc. 提供的一项分析服务，它将来自 Facebook 广告网络的数据与在本网站上执行的操作联系起来。
收集的个人数据：Cookie 和使用数据、跟踪像素。
处理地点：美国 –隐私政策

Facebook Analytics for Apps (Facebook, Inc.)
Facebook Analytics for Apps 是由 Facebook, Inc. 提供的一项分析服务。
收集的个人数据：使用数据和服务隐私政策中指定的各种类型的数据。
处理地点：美国 –隐私政策

Google AdWords 转化跟踪 (Google Inc.)
Google AdWords 转化跟踪是 Google Inc. 提供的一项分析服务，它将来自 Google AdWords 广告网络的数据与在本网站上执行的操作联系起来。
收集的个人数据：Cookie 和使用数据、跟踪像素。
处理地点：美国 –隐私政策

LinkedIn 转换跟踪（LinkedIn Corporation）
LinkedIn 转换跟踪是由 LinkedIn Corporation 提供的一项分析服务，它将来自 LinkedIn 广告网络的数据与在本网站上执行的操作联系起来。
收集的个人数据：Cookie 和使用数据、跟踪像素。
处理地点：美国 –隐私政策

显示来自外部平台的内容
这种类型的服务允许您直接从本网站的页面查看托管在外部平台上的内容并与之交互。
此类服务可能仍会收集安装该服务的页面的 Web 流量数据，即使用户不使用它。

Wistia 小部件 (Wistia, Inc.)
Wistia 是由 Wistia, Inc. 提供的视频内容可视化服务，允许本网站在其页面上加入此类内容。
收集的个人数据：Cookie 和使用数据。
处理地点：美国 –隐私政策

基础设施监控
此类服务允许本网站监控其组件的使用和行为，从而改进其性能、操作、维护和故障排除。
处理哪些个人数据取决于这些服务的特点和实施方式，其功能是过滤本网站的活动。

管理联系人和发送消息
此类服务可以管理电子邮件联系人、电话联系人或任何其他联系人信息的数据库，以便与用户进行通信。

这些服务还可能收集有关用户查看消息的日期和时间以及用户与消息交互的日期和时间的数据，例如通过单击消息中包含的链接。

与外部社交网络和平台的
交互此类服务允许直接从本应用程序的页面与社交网络或其他外部平台进行交互。
通过此应用程序获得的交互和信息始终受用户对每个社交网络的隐私设置的约束。
此类服务可能仍会收集安装该服务的页面的流量数据，即使用户不使用它。

Facebook Like 按钮和社交小工具 (Facebook, Inc.)
Facebook Like 按钮和社交小工具是允许与 Facebook, Inc. 提供的 Facebook 社交网络互动的服务。
收集的个人数据：Cookie 和使用数据。
处理地点：美国 –隐私政策

Twitter Tweet 按钮和社交小部件 (Twitter, Inc.)
Twitter Tweet 按钮和社交小部件是允许与 Twitter, Inc. 提供的 Twitter 社交网络进行交互的服务。
收集的个人数据：Cookie 和使用数据。
处理地点：美国 –隐私政策

LinkedIn 按钮和社交小工具（LinkedIn Corporation）
LinkedIn 按钮和社交小工具是允许与 LinkedIn Corporation 提供的 LinkedIn 社交网络进行交互的服务。
收集的个人数据：Cookie 和使用数据。
处理地点：美国 –隐私政策

再营销和行为定位
此类服务允许本应用程序及其合作伙伴根据用户过去使用本应用程序的情况通知、优化和投放广告。
此活动是通过跟踪使用数据和使用 Cookie 来执行的，这些信息会传输给管理再营销和行为定位活动的合作伙伴。

通过 Google Analytics for Display Advertising (Google Inc.)
进行再营销 Google Analytics for Display Advertising 是 Google Inc. 提供的一项再营销和行为定位服务，它将 Google Analytics 及其 Cookie 执行的跟踪活动与 Adwords 广告网络和 Doubleclick Cookie 联系起来.
收集的个人数据：Cookie 和使用数据。
处理地点：美国 –隐私政策–选择退出

LinkedIn 网站重定向（LinkedIn 公司）
LinkedIn 网站重定向是由 LinkedIn 公司提供的一种再营销和行为定向服务，它将本网站的活动与 LinkedIn 广告网络联系起来。
收集的个人数据：Cookie 和使用数据。
处理地点：美国 –隐私政策–选择退出

用户数据库管理
此类服务允许所有者通过从电子邮件地址、个人姓名或用户提供给此应用程序的其他信息开始构建用户配置文件，并通过分析功能跟踪用户活动。此个人数据也可能与有关用户的公开信息（例如社交网络的个人资料）相匹配，并用于构建所有者可以显示和用于改进此应用程序的私人个人资料。
其中一些服务还可以允许向用户发送定时消息，例如基于在此应用程序上执行的特定操作的电子邮件。

内容性能和功能测试（A/B 测试）
本节中包含的服务允许所有者跟踪和分析用户对有关网络流量的响应或有关更改本网站结构、文本或任何其他组件的行为。

联系用户
联系表格（本网站）
通过填写任何联系表格及其数据，用户授权本网站使用这些详细信息来回复信息请求、报价或表格标题所示的任何其他类型的请求。
收集的个人数据：各种类型的数据。

系统日志和维护
出于运营和维护目的，本网站和任何第三方服务可能会收集记录与本网站交互的文件（系统日志），为此目的使用其他个人数据（例如 IP 地址）。

欧盟/欧洲经济共同体用户的附加信息

提供服务需要数据
除非另有说明，所有要求的数据都是强制性的，您选择不提供数据可能导致无法为您提供服务。在我们明确表示某些数据不是强制性的的情况下，您可以自由地不传送这些数据，而不会对服务的可用性或功能产生任何影响。如果您不确定哪些个人数据是强制性的，欢迎您通过上述地址与我们联系。

关于您的个人数据的附加信息
除了本隐私政策中包含的信息之外，根据您的要求，我们可能会向您提供有关特定服务或个人数据收集和处理的附加和上下文信息。

您的 GDPR 权利仅
在适用于公司的范围内，如果您受 GDPR 制度的约束，则您有权随时了解您的个人数据是否已被存储。您并且可以咨询本公司以了解其内容和来源，验证其准确性或要求对其进行补充、取消、更新或更正，或将其转换为匿名格式或阻止任何违反法律，以及以任何和所有合法理由反对他们的待遇。请求应通过上述联系信息发送给数据控制者。

关于处理方法的附加信息
所有者采取安全措施来防止未经授权的访问、披露、修改或未经授权的破坏数据。数据处理使用计算机和/或支持 IT 的工具进行，遵循与指定目的严格相关的组织程序和模式。除所有者外，在某些情况下，参与本网站运营（管理、销售、营销、法律、系统管理）或外部方（例如第三方）的某些类型的负责人可能会访问数据。方技术服务提供商、邮件运营商、托管提供商、IT 公司、通信机构），如有必要，由所有者指定为数据处理器。如果适用，所有者可以随时向 GDPR 涵盖的人员索取此列表。

处理的法律依据
如果以下情况之一适用，所有者可以处理与用户有关的个人数据：

用户或其代理人（包括团体赞助商和雇主）已出于一个或多个特定目的同意。注意：根据某些法律，所有者可能被允许处理个人数据，直到用户反对此类处理（“选择退出”），而无需依赖同意或以下任何其他法律依据；
为履行与用户或用户的授权代理人（例如团体赞助商或雇主）的协议和/或任何合同前义务，必须提供数据；
处理是遵守所有者所承担的法律义务所必需的；
处理与为公共利益或行使授予所有者的官方权力而执行的任务有关；
为了所有者或第三方追求的合法利益，处理是必要的。

在任何情况下，所有者都乐意帮助澄清适用于处理的具体法律依据，尤其是提供个人数据是法定或合同要求，还是签订合同所必需的要求。

处理地点
数据在所有者的运营办公室、位于美国的数据中心以及参与处理的各方所在的任何其他地方进行处理。美国的隐私保护与其他司法管辖区不同（而且通常较少）。通过提供数据、使用本网站、使用公司提供的移动应用程序或请求服务，您同意将您的数据传输到美国并在美国处理此类数据。

保留时间
个人数据应在收集目的所需的时间内进行处理和存储。
所以：

为与提供服务相关的目的而收集的个人数据应保留至 (a) 完成此类服务，(b) 相关协议（例如与集团赞助商的协议）中规定的较长时间，以及 (c)根据需要维护此类服务的记录。
为所有者合法利益而收集的个人数据应在满足此类目的需要的时间内保留，包括但不限于根据法律、法规和医疗保健实践的要求保留已完成服务的记录，以及出于以下所述的其他原因这项政策。用户可以在本文档的相关部分或通过联系所有者找到有关所有者追求的合法利益的具体信息。

只要用户同意此类处理，所有者就可以被允许将个人数据保留更长的时间
，只要此类同意不被撤回。此外，在为履行法律义务（包括但不限于保留执行或推荐的医疗保健服务的记录）或根据当局的命令而需要时，所有者可能有义务将个人数据保留更长的时间。

信息被删除后，访问权、删除权、纠正权和数据携带权将无法执行。

收集有关您的数据的目的
是为了让我们能够为您提供服务，以及用于以下目的：分析、再营销和行为定位、与外部社交网络和平台的互动、管理联系人和发送消息、用户数据库管理, 显示来自外部平台的内容，内容性能和功能测试（A/B 测试），医疗和临床条件的生成模型，医生和临床表现的生成模型，基础设施监控和联系用户。

本政策中未包含的
信息可随时向数据控制者索取有关收集或处理个人数据的更多详细信息。请参阅本文档开头的联系信息。

数据保护官
数据保护官应为 HIPAA 隐私官。

法律依据
本隐私声明是根据多项立法的规定编写的，其中包括 1996 年美国健康保险流通与责任法案（“HIPAA”）、美国经济和临床健康信息技术法案（“HITECH”）。和艺术。法规 (EU) 2016/679（通用数据保护法规或“GDPR”）的 13/14。

Effective date: 01 June 2019.

Last Updated: 15 August 2021

Please note that by using this website (the “Site”), the services provided by diagnosticdetectives.com/sg (“Company”, “we”, “our” or “us”) or mobile applications provided by the Company, you are accepting the practices described in this Privacy Policy. If you do not agree to this Privacy Policy, please do not use the Site, the Company’s services, or the Company’s mobile applications.

What is the purpose of this Privacy Policy?

This Privacy Policy discloses Company’s personal information gathering and dissemination practices with respect to the Site, mobile applications, and our services. Please read this Privacy Policy carefully.

We have also created this Privacy Policy to demonstrate our commitment to privacy. We recognize that when you provide us with information about yourself that you trust us to act in a responsible manner with that information. We are committed to making sure we earn that trust.

What information do we collect from users and how is it used?

The following describes the types of personal and other information the Company may collect about you, and how the Company may use and maintain that information, including, but not limited to:

Registration. Before you can utilize certain services that we offer on the Site or otherwise, we may ask that you register with the Site and provide us with your email address, a password, your first and last name and other contact information and personal details. We request this information for identification purposes, to communicate with you regarding your account, and to facilitate the functioning of certain services. We may keep this information indefinitely.

Forms. To fully utilize the services we offer, you may be required to fill out forms that will contain personal information such as your name, address, telephone number, social security number, account information, employment, health status and other personal information relevant to your health insurance coverage, diagnosis and treatment.

Medical Records. In order for the medical professionals giving second opinions regarding your health, you may be required to provide us with past and current medical records, description of symptoms, a medical history and life-style descriptions.

Correspondence. If you correspond with us via email, we may gather in a file specific to you the information that you submit. We may keep this information indefinitely.

URL and IP addresses. Like many other websites, Company collects information about users’ utilization and navigation of our Site. This information helps us to design our Site to better suit our users’ needs. For example, our Site will track the URL that you visited before you came to our Site, the URL to which you next go and your Internet Protocol (IP) address. We use your IP address to help diagnose problems with our server and to administer our Site. Your IP address also is used to help identify you and to gather broad demographic information.

Information Collected With Cookies. Like most major websites, Company uses cookies on certain pages of our Site. Cookies make using the Internet easier by, among other things, saving your preferences for you. For example, a cookie lets the Site remember that you’ve registered, which allows us to speed up your future activities at our Site, and which allows you to enter your registration information less frequently while visiting our Site. We may also use cookies to deliver content tailored to your interests. Our cookies may enable us to relate your use of our Site to personally identifying information that you previously submitted, such as calling you by name when you return to our Site. If your browser is set to reject cookies, or if your browser notifies you that you are about to receive a cookie and you reject it, then your use of the Site may not be as efficient or as enjoyable as it would be if the cookie were enabled. The information that we collect with cookies allows us to improve our marketing and promotional efforts, to statistically analyze Site usage, to improve our content and product offerings and to customize our Site’s content, layout and services. However, we only use information collected with cookies on an aggregated basis without the use of any information that personally identifies you. You may learn more about specific cookies later in this document.

To whom does Company disclose information about you that we collect?

We will not share, rent, sell or otherwise disclose any of the personally identifiable information that we collect about you, except when we have your permission or in any of the following situations:

If you have requested a consultative service, a physician referral, or another service, we may use information about you to fulfill such request (including providing that information to third parties). We may also at any time review your case, your medical records from prior to and after your interaction with the Site, and any records created as a result of services received. We may share information about you, your care, and your use of services to your healthcare payor, or as necessary to implement plan designs described to you in your applicable health plan documentation, or on your request. If your health plan provides incentives for utilization of services, we will share information required to implement such incentives. We may request courtesy notices from your treating physician(s) and/or request additional medical records from them, including records pertaining to care you received after receiving the services. We may review these records for, among other purposes, reviewing the quality of service you received, reviewing the quality of service provided by the physicians and medical professionals treating you (including the physicians and medical professionals to whom you may have received a referral), to better understand the course of treatment for your condition(s) including information regarding outcomes and costs, and to improve treatments and recommendations for people with similar or different conditions. We will take care to minimize personally identifying information in this process. We may also use anonymous information gathered, including information from your medical records, to generate conclusions about the healthcare process, particular conditions, and other matters. We and our affiliated physicians and researchers may publish this anonymous information in journals, websites and other locations. However, we will not publish your name or any identifying information about you; we will use only anonymous data for any public purpose.
We may disclose information that we collect about you to our third-party contractors who perform services for Company in order to provide certain services or to complete or confirm a transaction that you conduct with us.
We may disclose the results of aggregated data about you for marketing or promotional purposes (for instance, that a certain percentage of our Site’s users are living in a particular state of the United States). In these situations, we do not disclose to these entities any information that could be used to personally identify you. Certain information, such as your password, is not disclosed to marketing advertisers at all, even in aggregate form.
We may disclose information about you as part of a merger, acquisition or other sale or transfer of its assets or business. Company does not guarantee that any entity receiving such information in connection with one of these transactions will comply with all terms of this policy.
We may disclose information about you for purposes such as to provide services available on the Site; to coordinate with insurance, reinsurance and excess or stop loss insurers; to enforce our members’ rights; to protect against actual or potential fraud; to resolve member inquiries or disputes; to receive payments; to carry out our business; to protect the confidentiality or security of our records; to administer preventive health and case management programs; to perform auditing and ratemaking functions; to enable our service providers to perform marketing services on our behalf and inform Members about our own products or services; to comply with federal or state laws and other applicable legal requirements.
We may disclose your information, to the extent permitted by law, in court or in the stages leading to possible legal action arising from improper use of this website, application or services, or due to a dispute you initiate in connection with the related services.
Moreover, we may be legally obligated to disclose information about you to the government or to third parties under certain circumstances, such as in connection with illegal activity on our Site or to respond to a subpoena, court order or other legal process. Company reserves the right to release information that we collect to law enforcement or other government officials, as we, in our sole and absolute discretion, deem necessary or appropriate.

If you use our Site or services outside of the United States, information that we collect about you will be transferred to servers inside the United States, which may involve the transfer of information out of countries located in the European Economic Area. By allowing Company to collect information about you, you consent to such transfer and processing of your data.

Your Rights Regarding Your Protected Health Information

You have certain rights regarding protected health information that we maintain about you.

Right to Access Your Protected Health Information. You have the right to review or obtain copies of your protected health information records, with some limited exceptions. Usually the records include enrollment, billing, claims payment and case or medical management records. Your request to review and/or obtain a copy of your protected health information records must be made in writing. We may charge a fee for the costs of producing, copying and mailing your requested information, but we will tell you the cost in advance (waived as applicable by the GDPR).

Right to Amend Your Protected Health Information. If you feel that your information (including protected health information) maintained by us is incorrect or incomplete, you may request that we amend the information. Your request must be made in writing and must include the reason you are seeking a change. We may deny your request if, for example, you ask to amend a record that is already accurate and complete.

If we deny your request to amend, we will notify you in writing. You then have the right to submit to us a written statement of disagreement with our decision and we have the right to rebut that statement.

Right to an Accounting of Disclosures. You have the right to request an accounting of disclosures we have made of your protected health information. The list will not include our disclosures related to your treatment, our payment or healthcare operations, or disclosures made to you or with your authorization (except for users covered by the GDPR regime, which may request such uses). The list may also exclude certain other disclosures, such as for national security purposes.

Your request for an accounting of disclosures must be made in writing and must state a time period for which you want an accounting. Your request should indicate in what form you want the list (for example, on paper or electronically). The first accounting that you request within a 12-month period will be free. For users outside the GDPR regime, we may charge for providing the accounting additional lists within the same time period, but we will tell you the cost in advance.

Right to Request Restrictions on the Use and Disclosure of Your Protected Health Information. You have the right to request that we restrict or limit how we use or disclose your protected health information (or for users covered by the GDPR, all personal information) for treatment, payment or healthcare operations. We may not agree to your request. If we do agree, we will comply with your request unless the information is needed for an emergency. Your request for a restriction must be made in writing. In your request, you must tell us: (i) what information you want to limit; (ii) whether you want to limit how we use or disclose your information, or both; and (iii) to whom you want the restrictions to apply.
Right to Receive Confidential Communications. You have the right to request that we use a certain method to communicate with you or that we send information about you to a certain location if the communication could endanger you. Your request to receive confidential communications must be made in writing. Your request must clearly state that all or part of the communication from us could endanger you. We will accommodate all reasonable requests. Your request must specify how or where you wish to be contacted.
Right to a Paper Copy of This Privacy Policy. You have a right at any time to request a paper copy of this Privacy Policy, even if you had previously agreed to receive an electronic copy.
Contact Information for Exercising Your Rights. You may exercise any of the rights described above by contacting our office by email as follows: support at diagnosticdetectives dot com.

What security measures does the Site employ?

Our Site requires users to give us unique identifiers in order to log into many areas of the Site. We utilize these unique identifiers to verify the user’s identity and eligibility, in order to protect our members from the release of sensitive or personally identifiable information to unauthorized users. To help protect the privacy of data you transmit through this Site, where personally identifiable information is requested, we also use technology designed to encrypt the information that you input before it is sent to us using Secure Sockets Layer (SSL) technology or similar encryption technology. In addition, Company takes steps to protect the user data we collect against unauthorized access. However, you should keep in mind that this Site and our services are run on software, hardware and networks, any component of which may, from time to time, require maintenance or experience problems or breaches of security beyond our control.

Please also be aware that despite our best intentions and the guidelines outlined in this Privacy Policy, no data transmission over the Internet or encryption method can be guaranteed to be 100% secure.

How can you correct or update information that we collect about you?

You may correct or update information collected about you by managing your account profile or by contacting Company at the email or mailing address noted below. We will use reasonable efforts to update our records. If necessary, we may retain original and updated information for reasons such as technical constraints, dispute resolution, troubleshooting and agreement enforcement.

What are the policies of linked Sites and other third parties?

This Privacy Policy only addresses the use and disclosure of information we collect from you. You should be aware that when you are on the Site, you can be directed to other websites that are beyond our control, and Company is not responsible for the privacy practices of third parties or the content of linked websites. We encourage you to read the posted privacy policy whenever interacting with any website.

How will I know about changes in the Privacy Policy?

Company reserves the right to update this Privacy Policy from time to time. Please visit this page periodically so that you will be apprised of any changes.

What is our policy on children users of our Site?

We do not knowingly collect or maintain personally identifiable information from persons under 13 years old, and no part of our Site is directed to persons under 13. IF YOU ARE UNDER 13 YEARS OF AGE, PLEASE DO NOT USE OR ACCESS OUR SITE AT ANY TIME OR IN ANY MANNER. If Company learns that personally identifiable information of persons less than 13 years old has been collected without verifiable parental consent, then Company will take the appropriate steps to delete this information. If you are a parent or guardian and discover that your child under the age of 13 has obtained a Company account, then you may alert Company at the address below and request that we delete that child’s personal information from our systems.

What law governs my use of the Site and Company’s services?

By choosing to visit this Site, use our services, or otherwise provide information to Company, you agree that any dispute over privacy or the terms contained in this Privacy Policy will be governed by the law of the State of Delaware. You also agree to abide by any limitation on damages contained in our Terms of Service or other agreement that we have with you.

How to contact us / data controller?

If you have any questions about this Privacy Policy, or need to reach the owner / data controller for any other reason, you may contact us by e-mail at “support at diagnosticdetectives dot com”.

Additional Information About This Privacy Statement

The policies indicated in this Privacy Policy will remain effective, even if the Member’s coverage is terminated, to the extent we retain information about a member. We may change this Privacy Policy at any time and will inform you of any changes as required by law or regulation.

Information about Particular Services

Analytics
The services contained in this section enable the Owner to monitor and analyze web traffic and can be used to keep track of User behavior.

Google Analytics (Google Inc.)
Google Analytics is a web analysis service provided by Google Inc. (“Google”). Google utilizes the Data collected to track and examine the use of this Application, to prepare reports on its activities and share them with other Google services.
Google may use the Data collected to contextualize and personalize the ads of its own advertising network.
Personal Data collected: Cookies and Usage data.
Place of processing: US – Privacy Policy – Opt Out

Display Advertising extension for Google Analytics (Google Inc.)
Google Analytics on this Application might use Google’s Interest-based advertising, 3rd-party audience data and information from the DoubleClick Cookie to extend analytics with demographics, interests and ads interaction data.
Personal Data collected: Cookies and Usage data.
Place of processing: US – Privacy Policy – Opt Out

Analytics collected directly (This Website)
This Website uses an internal analytics system that does not involve third parties.
Personal Data collected: Cookies and Usage Data.

Google Tag Manager (Google Inc.)
Google Tag Manager is an analytics service provided by Google Inc.
Personal Data collected: Cookies and Usage data.
Place of processing: US – Privacy Policy

Facebook Ads conversion tracking (Facebook, Inc.)
Facebook Ads conversion tracking is an analytics service provided by Facebook, Inc. that connects data from the Facebook advertising network with actions performed on this Website.
Personal Data collected: Cookies and Usage Data, Tracking Pixel.
Place of processing: US – Privacy Policy

Facebook Analytics for Apps (Facebook, Inc.)
Facebook Analytics for Apps is an analytics service provided by Facebook, Inc.
Personal Data collected: Usage Data and various types of Data as specified in the privacy policy of the service.
Place of processing: US – Privacy Policy

Google AdWords conversion tracking (Google Inc.)
Google AdWords conversion tracking is an analytics service provided by Google Inc. that connects data from the Google AdWords advertising network with actions performed on this Website.
Personal Data collected: Cookies and Usage Data, Tracking Pixel.
Place of processing: US – Privacy Policy

LinkedIn conversion tracking (LinkedIn Corporation)
LinkedIn conversion tracking is an analytics service provided by LinkedIn Corporation that connects data from the LinkedIn advertising network with actions performed on this Website.
Personal Data collected: Cookies and Usage Data, Tracking Pixel.
Place of processing: US – Privacy Policy

Displaying content from external platforms
This type of service allows you to view content hosted on external platforms directly from the pages of this Website and interact with them.
This type of service might still collect web traffic data for the pages where the service is installed, even when Users do not use it.

Wistia widget (Wistia, Inc.)
Wistia is a video content visualization service provided by Wistia, Inc. that allows this Website to incorporate content of this kind on its pages.
Personal Data collected: Cookies and Usage Data.
Place of processing: US – Privacy Policy

Infrastructure monitoring
This type of service allows this Website to monitor the use and behavior of its components so its performance, operation, maintenance and troubleshooting can be improved.
Which Personal Data are processed depends on the characteristics and mode of implementation of these services, whose function is to filter the activities of this Website.

Managing contacts and sending messages
This type of services makes it possible to manage a database of email contacts, phone contacts or any other contact information to communicate with the User.

These services may also collect data concerning the date and time when the message was viewed by the User, as well as when the User interacted with it, such as by clicking on links included in the message.

Interaction with external social networks and platforms
This type of services allows interaction with social networks or other external platforms directly from the pages of this Application.
The interaction and information obtained through this Application are always subject to the User’s privacy settings for each social network.
This type of service might still collect traffic data for the pages where the service is installed, even when Users do not use it.

Facebook Like button and social widgets (Facebook, Inc.)
The Facebook Like button and social widgets are services allowing interaction with the Facebook social network provided by Facebook, Inc.
Personal Data collected: Cookies and Usage data.
Place of processing: US – Privacy Policy

Twitter Tweet button and social widgets (Twitter, Inc.)
The Twitter Tweet button and social widgets are services allowing interaction with the Twitter social network provided by Twitter, Inc.
Personal Data collected: Cookies and Usage data.
Place of processing: US – Privacy Policy

LinkedIn button and social widgets (LinkedIn Corporation)
The LinkedIn button and social widgets are services allowing interaction with the LinkedIn social network provided by LinkedIn Corporation.
Personal Data collected: Cookies and Usage Data.
Place of processing: US – Privacy Policy

Remarketing and Behavioral Targeting
This type of services allows this Application and its partners to inform, optimize and serve advertising based on past use of this Application by the User.
This activity is performed by tracking Usage Data and by using Cookies, information that is transferred to the partners that manage the remarketing and behavioral targeting activity.

Remarketing through Google Analytics for Display Advertising (Google Inc.)
Google Analytics for Display Advertising is a Remarketing and Behavioral Targeting service provided by Google Inc. that connects the tracking activity performed by Google Analytics and its Cookies with the Adwords advertising network and the Doubleclick Cookie.
Personal Data collected: Cookies and Usage data.
Place of processing: US – Privacy Policy – Opt Out

LinkedIn Website Retargeting (LinkedIn Corporation)
LinkedIn Website Retargeting is a remarketing and behavioral targeting service provided by LinkedIn Corporation that connects the activity of this Website with the LinkedIn advertising network.
Personal Data collected: Cookies and Usage Data.
Place of processing: US – Privacy Policy – Opt Out

User database management
This type of services allows the Owner to build user profiles by starting from an email address, a personal name, or other information that the User provides to this Application, as well as to track User activities through analytics features. This Personal Data may also be matched with publicly available information about the User (such as social networks’ profiles) and used to build private profiles that the Owner can display and use for improving this Application.
Some of these services may also enable the sending of timed messages to the User, such as emails based on specific actions performed on this Application.

Content performance and features testing (A/B testing)
The services contained in this section allow the Owner to track and analyze the User response concerning web traffic or behavior regarding changes to the structure, text or any other component of this Website.

Contacting the User
Contact form (this Website)
By filling in any contact form with their Data, the User authorizes this Website to use these details to reply to requests for information, quotes or any other kind of request as indicated by the form’s header.
Personal Data collected: various types of Data.

System logs and maintenance
For operation and maintenance purposes, this Website and any third-party services may collect files that record interaction with this Website (System logs) use other Personal Data (such as the IP Address) for this purpose.

Additional Information for EU / EEC Users

Data Is required to provide services
Unless otherwise specified, all data requested is mandatory and your choice to not provide data may make it impossible to provide services to you. In cases where we have made clear that some Data is not mandatory, you are free not to communicate this Data without any consequences on the availability or the functioning of the service. If you are uncertain about which Personal Data is mandatory then you are welcome to contact us at the address specified above.

Additional information about your Personal Data
In addition to the information contained in this privacy policy, upon your request we may you with additional and contextual information concerning particular services or the collection and processing of Personal Data.

Your GDPR rights
Solely to the extent applicable to the Company, if you are subject to the GDPR regime, then you have the right, at any time, to know whether your Personal Data has been stored. You and can consult the Company to learn about their contents and origin, to verify their accuracy or to ask for them to be supplemented, cancelled, updated or corrected, or for their transformation into anonymous format or to block any data held in violation of the law, as well as to oppose their treatment for any and all legitimate reasons. Requests should be sent to the Data Controller at the contact information set out above.

Additional information regarding methods of processing
The Owner takes security measures to prevent unauthorized access, disclosure, modification, or unauthorized destruction of the Data. The Data processing is carried out using computers and/or IT enabled tools, following organizational procedures and modes strictly related to the purposes indicated. In addition to the Owner, in some cases, the Data may be accessible to certain types of persons in charge, involved with the operation of this Website (administration, sales, marketing, legal, system administration) or external parties (such as third-party technical service providers, mail carriers, hosting providers, IT companies, communications agencies) appointed, if necessary, as Data Processors by the Owner. If applicable, this list may be requested and by a GDPR-covered Person from the Owner at any time.

Legal basis for processing
The Owner may process Personal Data relating to Users if one of the following applies:

Users or their agents (including group sponsors and employers) have given their consent for one or more specific purposes. Note: Under some legislations the Owner may be allowed to process Personal Data until the User objects to such processing (“opt-out”), without having to rely on consent or any other of the following legal bases;
provision of Data is necessary for the performance of an agreement with the User or an authorized agent of the User (such as a group sponsor or employer) and/or for any pre contractual obligations thereof;
processing is necessary for compliance with a legal obligation to which the Owner is subject;
processing is related to a task that is carried out in the public interest or in the exercise of official authority vested in the Owner;
processing is necessary for the purposes of the legitimate interests pursued by the Owner or by a third party.

In any case, the Owner will gladly help to clarify the specific legal basis that applies to the processing, and in particular whether the provision of Personal Data is a statutory or contractual requirement, or a requirement necessary to enter into a contract.

Place of processing
The Data is processed at the Owner’s operating offices, in data centers located in the United States and in any other places where the parties involved in the processing are located. The United States has different (and often lesser) privacy protections than other jurisdictions. By providing data, using this website, using mobile applications provided by Company, or requesting services, you consent to the transfer of your data to the United States and the processing of such data in the United States.

Retention time
Personal Data shall be processed and stored for as long as required by the purpose they have been collected for.
Therefore:

Personal Data collected for purposes related to the performance of services shall be retained until the longer of (a) such services are completed, (b) as specified in a relevant agreement (such as an agreement with a group sponsor), and (c) as required to maintain records of such services.
Personal Data collected for the purposes of the Owner’s legitimate interests shall be retained as long as needed to fulfill such purposes, including but not limited to retention of records of completed services as required by law, regulation and healthcare practice and for the other reasons described in this policy. Users may find specific information regarding the legitimate interests pursued by the Owner within the relevant sections of this document or by contacting the Owner.

The Owner may be allowed to retain Personal Data for a longer period whenever the User has given
consent to such processing, as long as such consent is not withdrawn. Furthermore, the Owner may be obliged to retain Personal Data for a longer period whenever required to do so for the performance of a legal obligation (including but not limited to retention of records of healthcare services performed or recommended) or upon order of an authority.

The right to access, the right to erasure, the right to rectification and the right to data portability cannot be enforced after information has been deleted.

The purposes of processing
Data about you is collected to allow us to provide services to you, as well as for the following purposes: Analytics, Remarketing and behavioral targeting, Interaction with external social networks and platforms, Managing contacts and sending messages, User database management, Displaying content from external platforms, Content performance and features testing (A/B testing), Generation models of medical and clinical conditions, Generation models of physician and clinical performance, Infrastructure monitoring and Contacting the User.

Information not contained in this policy
More details concerning the collection or processing of Personal Data may be requested from the Data Controller at any time. Please see the contact information at the beginning of this document.

Data Protection Officer
The Data Protection Officer shall be the HIPAA Privacy Officer.

Legal Basis
This privacy statement has been prepared based on provisions of multiple legislations, including the U.S. Health Insurance Portability and Accountability Act of 1996 (“HIPAA”), the U.S. Health Information Technology for Economic and Clinical Health Act (“HITECH”). and Art. 13/14 of Regulation (EU) 2016/679 (General Data Protection Regulation or “GDPR”).