Last Updated: August 1, 2020
The term “you”, “your”, “User” or “Consumer” shall refer to any individual that views, uses, accesses, browses or submits any content or material to the Services. The term “Provider” shall refer to mental health providers and health systems that use our marketing services. The terms “we,” “our” or “us” shall refer to Violet.
BY VISITING, SIGNING UP, USING, BROWSING, OR ACCESSING THE SERVICES, YOU CONSENT TO THE DATA PRACTICES DESCRIBED IN THIS STATEMENT. IF YOU DO NOT AGREE WITH OUT PRIVACY PRACTICES, DO NOT USE THE SERVICES.
INFORMATION WE COLLECT
We may collect information, including: Personal Health Information, Personal Information and Non-Personal Information, when you interact with us and the Services, for example when you:
- Access or use the Services;
- Create an account with us (if applicable);
- Open or respond to our e-mails;
- Contact customer service;
- Visit any page online that displays our ads or content;
- Make a purchase on or through the Services (if applicable);
PERSONAL HEALTH INFORMATION (PHI) and HIPAA
Certain demographic, health and/or health-related information that Violet collects about Consumers as part of providing the Services to Providers may be considered “Protected Health Information” or “PHI” under the Health Insurance Portability and Accountability Act (“HIPAA”). Specifically, when Violet, acting as a “Business Associate” (as such term is defined in HIPAA) receives identifiable information about a Consumer from or on behalf of a Provider, this information is considered PHI. Personal data that a Consumer provides to Violet outside of the foregoing context is not PHI. For example, when you provide information directly to us, such as when creating an account or using our interactive tools and services, searching for Providers or available appointments with Providers, and completing medical history forms; or when you voluntarily provide information in free-form text boxes through the Services or through responses to surveys and questionnaires, or post reviews; or when you send us an email or otherwise contact us, that information is not PHI. HIPAA provides specific protections for the privacy and security of PHI and restricts how PHI is used and disclosed. Violet may only use and disclose PHI in the ways permitted by a Consumer’s Provider(s) or authorized by a Consumer.
“Personal Information” means information about you that specifically identifies you or, when combined with other information we have, can be used to identify you. As a general rule, we do not collect Personal Information about you when you visit and/or use the Services, unless you choose to provide such information to us. Submitting Personal Information through the Services is voluntary. By doing so, you are giving us your permission to use the information for the stated purpose.
- LEGAL BASIS FOR COLLECTING YOUR PERSONAL INFORMATION
- With your consent: We ask for your agreement to process your information for specific purposes and you have the right to withdraw your consent at any time.
- INFORMATION WE COLLECT AND HOW WE COLLECT INFORMATION
Through the Services, we may collect information that can identify you when you voluntarily submit it to us. Your Personal Information may include:
- Your name;
- Your address;
- Email address;
- Phone number;
- Billing Information (such as billing address, credit card digits);
- Demographic Data (such as name, age, gender identity, zip code, ethnicity)
- Health Information (medical history, health conditions, Providers used)
- Insurance Information;
- Other similar information
- STORAGE OF PERSONAL INFORMATION
We will take reasonable precautions, as well as physical, technical, and organizational measures in accordance with industry standards, as described herein, to protect your Personal Information from loss, misuse, unauthorized access, disclosure, alteration, or destruction. Computer safeguards, such as firewalls and data encryption may be used to protect your information. We authorize access to your information only for those employees or agents who require it to fulfill their job responsibilities and these individuals are required to treat this information as confidential.
However, the security of information on or transmitted via the Internet cannot be guaranteed. Unauthorized entry of use, hardware or software failures, and other factors may compromise the security of your Personal Information. All information you send to us electronically or through email is not secure. Any transmission is at your own risk as the transmission of information via the Internet is not completely secure. Users are solely responsible for protecting their passwords, limiting access to their computers, and signing out of the Account after their sessions.
We collect and temporarily store certain information about your usage of the Services. Non-Personal Information means information that alone cannot identify you, including data such as cookies, pixel tags, web beacons and device information. The information includes, without limitation:
- Device Data: We may collect information such as: the type of computer and/or mobile device you use; the unique device ID of your computer and/or mobile device; the IP address of your computer and/or mobile device; the operating system of your computer and/or mobile device; and the type of mobile internet browsers of your computer and/or mobile device.
- Usage details: When you access and use the Services, we may automatically collect certain details of your access to and use of the Services, including traffic data, location data, logs and other communication data and the resources that you access and use on or through the App.
- Location information- When you first visit or use the Services we may request permission to collect and use your device’s precise geolocation. You can opt not to permit the collection of this information, but you may not be able to use the Services provided by Violet without access to your location. We need your location information in order to provide our Services. You can control how and whether we collect your precise geolocation information through your device’s settings.
We may use information that is neither Personal Data nor PHI (including non-PHI Personal Data that has been de-identified and/or aggregated) to better understand who uses our Services and how we can deliver a better digital healthcare experience, or otherwise at our discretion.
If you do not want us to collect this information, you may either change your device’s privacy settings or DO NOT ACCESS OR USE THE SERVICES.
INFORMATION COLLECTION TECHNOLOGIES
The technologies we use for automatic information collection may include:
- Cookies (or mobile cookies): We may use "cookies" to help you personalize your online experience. A cookie is a text file that is placed on your hard disk by a web page server. Cookies cannot be used to run programs or deliver viruses to your computer. Cookies are uniquely assigned to you and can only be read by a web server in the domain that issued the cookie to you. The purpose of a cookie is to tell the web server that you have returned to a specific page. You have the ability to accept or decline cookies. Most web browsers automatically accept cookies, but you can usually modify your browser setting to decline cookies if you prefer. If you choose to decline cookies, you may not be able to fully experience the interactive features of the Services.
- Retargeting/Advertising Cookies: Retargeting/Advertising Cookies collect data about your online activity and identify your interests so that we can provide advertising that we believe is relevant to you.
- Web Beacons: The Services and our e-mails may contain small electronic files known as web beacons (also referred to as clear gifs, pixel tags and single-pixel gifs) that permit us, for example, to count users who have visited those pages or opened an e-mail and for other related Services statistics.
- Social Ad Platforms: We may also use Google Analytics, Facebook, Twitter and LinkedIn’s functionality of re-marketing through their tracking cookies and pixel-based retargeting services. This means that if you provided your consent to Google, Facebook, Twitter or LinkedIn (the “Social Ad Platforms”) to be provided with personalized commercial offers, you may be served with ads (including advertisements of third parties) based on your access to the Services, outside of the Services and across the internet. In such event, the Social Ad Platforms, will place cookies on your web browser and use such cookies to serve you ads based on past visits to our Services.
- Mobile Device Identifiers. Mobile device identifiers helps Violet learn more about our users’ demographics and internet behaviors. Mobile device identifiers are data stored on mobile devices that may track mobile device and data and activities occurring on and through it, as well as the applications installed on it. Mobile device identifiers enable collection of Personal Data (such as media access control, address and location, and tracking data, including without limitation IP address, domain server, type of device(s) used to access the Services, web browser(s) used to access the Services, referring webpage or other source through which you accessed the Services, other statistics and information associated with the interaction between your browser or device and the Services).
- Cross Device Matching. To determine if users have interacted with content across multiple devices and to match such devices, we may work with partners who analyze device activity data and/or rely on your information (including demographic, geographic and interest-based data). To supplement this analysis, we may also provide de-identified data to these partners. Based on this data, we may then display targeted advertisements across devices that we believe are associated or use this data to further analyze usage of Services across devices.
CHANGING YOUR DATA COLLECTION SETTINGS
We strive to provide you with choices regarding the Personal Information you provide to us. You may need to adjust the settings on your computer and/or device to restrict the collection of information by the Services, but this may prevent you from accessing all of the features of the Services.
- Location Information: You can choose whether or not to allow the Services to collect and use real-time information about your device’s location through the device’s privacy settings. If you block the use of location information, some parts or all of the Services may be inaccessible or not function properly.
- Social Ad Platforms: If you wish to opt-out of re-targeting and tracking functionality of the Social Ad Platforms, you may do so through each platform directly. PLEASE NOTE that these tracking and targeting by Social Ad Platforms, is provided pursuant to your engagement with the Social Ad Platforms and the actual nature and scope of Personal Information collection and processing performed by such Social Ad Platforms may not be fully known to us. If you would like to learn more or make further inquiries with respect to such nature or scope, please refer to each Social Ad Platforms directly.
You can decide whether or not to accept Cookies through your internet browser’s settings. Most browsers have an option for turning off the Cookie feature, which will prevent your browser from accepting new Cookies, as well as (depending on your browser software) allow you to decide on acceptance of each new Cookie in a variety of ways. You may also be able to reject mobile device identifiers by activating the appropriate setting on your mobile device. You can also delete all Cookies that are already on your computer. Although you are not required to accept Violet’s Cookies, if you block, reject, or delete them, you may have to manually adjust some preferences every time you visit a site and some of the Services and functionalities may not work.
To explore what Cookie settings are available to you, look in the “preferences” or “options” section of your browser’s menu. To find out more information about Cookies, including information about how to manage and delete Cookies, please visit http://www.allaboutcookies.org/.
THIRD-PARTY AUTOMATIC INFORMATION COLLECTION
When you use the Services or its contents, certain third parties may use automatic information collection technologies to collect information about you or your device. These third parties may include:
- Advertisers, ad networks and ad servers;
- Analytics companies;
- Your mobile device manufacturer;
- Your mobile service provider; and/or
- Your Internet provider.
These third parties may use tracking technologies to collect information about you when you use the Services. The information they collect may be associated with your Personal Information or they may collect information about your online activities over time and across different websites, mobile applications and other online sites. They may use this information to provide you with interest-based (behavioral) advertising or other targeted content. We do not control these third parties’ tracking technologies or how they may be used. If you have any questions about an advertisement or other targeted content, you should contact the responsible provider directly.
HOW WE USE YOUR INFORMATION
- Operate, maintain and improve the Services;
- Provide you with the Services and its contents, and any other information, products or services that you request from us;
- Send you reminders, technical notices, updates, security alerts, support and administrative messages and marketing messages;
- Fulfill and manage customer orders;
- Request customer feedback;
- Enable user-to-user communications;
- Answer your questions and respond to your requests;
- Ensure that content from our Services is presented in the most effective manner for you and for your computer or device for accessing the Services;
- Carry out our obligations and enforce our rights arising from any contracts entered into between you and us, including the Terms and Conditions; and
- Notify you when there are changes to any services we offer or provide though the Services.
- Usage and Analytics
- Estimate our audience size and usage patterns;
- Perform analytics and conduct customer research;
- Analyze advertising effectiveness; and
- Communicate and provide additional information that may be of interest to you about us and our business partners.
- Location: We will use location data for the following reasons:
- To provide our Services targeted to your geographical area;
- To display information that is relevant to your particular location.
HOW WE DISCLOSE YOUR PERSONAL INFORMATION
The Personal Information you provide to us whether voluntarily or automatically, may be used and disclosed without limitations, in the following instances:
- With vendors who provide services for us (who are required to protect the Personal Information);
- To report or collect on debts owed to us;
- To a prospective buyer or buyer of Violet, or other successor in the event of a merger, divestiture, restructuring, reorganization, dissolution or other sale or transfer of some or all our assets;
- As part of bankruptcy, liquidation or similar proceeding;
- To comply with legal requirements for the enforcement of law, regulations, court orders, subpoena, a warrant during the course of a legal proceedings or otherwise;
- To protect and safeguard our copyright, trademarks, legal rights, intellectual property rights or safety; or
- In response to a subpoena, or similar legal process, including to law enforcement agencies, regulators, and courts in the United States.
HOW WE DISCLOSE YOUR NON-PERSONAL INFORMATION
We may also disclose Non-Personal Information:
- For the same reasons, we might share Personal Information;
- With our advertisers for their own analysis and research;
- To facilitate targeted content and ads; or
- With Third-Party Ad Servers to place our ads on the Services and on third-party websites or mobile applications.
HOW TO ACCESS, UPDATE, WITHDRAW CONSENT OR DELETE YOUR INFORMATION
If the laws applicable to you grant you such rights, you may ask to access, correct, or delete your Personal Information that is stored in our systems or that we otherwise control. You may also ask for our confirmation as to whether or not we process your Personal Information or ask to withdraw any consent you have previously provided to Violet in connection with our use and processing of your Personal Information. Subject to the limitations in law, you may request that we update, correct, or delete inaccurate or outdated information. You may also request that we suspend the use of any Personal Information the accuracy of which you contest while we verify the status of that data.
If you wish to exercise any of these rights or withdraw your consent, please contact us at: email@example.com. When handling these requests, we may ask for additional information to confirm your identity and your request. Please note, upon request to delete your Personal Information, we may retain such data in whole or in part to comply with any applicable rule or regulation and/or response or defend against legal proceedings versus us or our affiliates, or as we are otherwise permitted under such law applicable to you. While we strive to honor all reasonable requests, please be aware that we backup the data to prevent accidental or malicious destruction of your information. Information on backup servers may take some time to be completely deleted from the system. If you request that we remove you from our system and delete all your information, please note that you may still receive materials while your request is being processed.
SECURITY AND DATA RETENTION
The security of your Personal Data is important to us. We seek to protect your Personal Data from unauthorized access, use and disclosure using appropriate physical, technical, organizational and administrative security measures based on the type of Personal Data and how we are processing that data. We endeavor to follow generally accepted industry standards to protect the Personal Data submitted to us, both during transmission and in storage. For example, the Services use industry standard Secure Sockets Layer (SSL) technology to allow for the encryption of Personal Data. We store and process your information on our servers in the United States and abroad. We maintain what we consider industry standard backup and archival systems. You should also help protect your data by appropriately selecting and protecting your password and/or other sign-on mechanism; limiting access to your computer or device and browser; and signing off after you have finished accessing your account. Although we work to protect the security of your account and other data that we hold in our records, for example, by making good faith efforts to store Personal Data in a secure operating environment that is not open to the public, please be aware that no method of transmitting data over the Internet or storing data is completely secure. We cannot and do not guarantee the complete security of any data you share with us, and except as expressly required by law, we are not responsible for the theft, destruction, loss or inadvertent disclosure of your information or content.
If at any time during or after our relationship we believe that the security of your Personal Data may have been compromised, we may seek to notify you of that development. If a notification is appropriate, we will endeavor to notify you as promptly as possible under the circumstances. If we have your e-mail address, we may notify you by e-mail to the most recent e-mail address you have provided us in your account profile. Please keep your e-mail address in your account up to date. You can update that e-mail address anytime in your account profile. If you receive a notice from us, you can print it to retain a copy of it. To receive these notices, you must check your e-mail account using your computer or mobile device and email application software. You consent to our use of e-mail as a means of such notification. If you prefer for us to use the U.S. Postal Service to notify you in this situation, please e-mail us at firstname.lastname@example.org Please include your address when you submit your request. You can make this election any time, and it will apply to notifications we make after a reasonable time thereafter for us to process your request. You may also use this e-mail address to request a print copy, at no charge, of an electronic notice we have sent to you regarding a compromise of your Personal Data.
We retain Personal Data about you consistent with all internal policies and procedures. We may retain Personal Data to comply with our legal obligations, resolve disputes or collect fees owed, or as is otherwise permitted or required by our data retention policies and procedures.
COMPLIANCE WITH APPLICABLE LAWS AND REGULATIONS
We represent and warrant that we will comply with all applicable laws, rules, regulations, directives and guidelines regarding the collection, use and disclosure of data collected from or about Users or specific devices which apply to the services utilized hereunder (collectively, the “Rules”). The term “Rules” shall include, without limitation, (i) United States Federal Trade Commission Laws regarding the collection, use and disclosure of data from or about users and/or specific devices; (ii) the Children’s Privacy Protection Act of 1998 (COPPA); (iii) The California Consumer Privacy Act of 2018 (“CCPA”) and (iv) if applicable, the Rules of any other jurisdiction, including and European Union General Data Protection Regulation (“EU GDPR”), rules, regulations and/or directives promulgated by a pertinent Data Protection Act, and all amendments and updates to them or regulations as replaced or superseded from time to time.
The California Consumer Privacy Act of 2018 (“CCPA”) provides California residents with specific rights regarding their personal information. This section describes your CCPA rights and explains how to exercise those rights. If you have any questions about this section or whether any of the following applies to you, please contact us at email@example.com and indicate “California Rights” in the subject line of your communication.
The Services are not directed to or intended for use by children under 13 years of age. If you are a child under the age of 13, please do not attempt to register for or otherwise use the Services or send us any Personal Data. By accessing, using and/or submitting information to or through the Services, you represent that you are not under the age of 13. As noted in the Terms and Conditions, we do not knowingly collect or solicit Personal Data from children under the age of 13. If we learn that we have received any Personal Data directly from a child under age 13 without first receiving his or her parent’s verified consent, we will use that Personal Data only to respond directly to that child (or his or her parent or legal guardian) to inform the child that he or she cannot use the Services. We will then subsequently delete that child’s Personal Data. If you believe that a child under 13 may have provided us with Personal Data, please contact us at firstname.lastname@example.org
If you are between age thirteen (13) and the age of majority in your place of residence, you may use the Services only with the consent of or under the supervision of your parent or legal guardian. If you are a parent or legal guardian of a minor child, you may, in compliance with the Agreement, use the Services on behalf of such minor child. Any information that you provide us while using the Services on behalf of your minor child will be treated as Personal Data as otherwise provided herein.
If you use the Services on behalf of another person, regardless of age, you agree that Violet may contact you for any communication made in connection with providing the Services or any legally required communications. You further agree to forward or share any such communication with any person for whom you are using the Services on behalf.
UPDATES TO THIS POLICY