Healow International Privacy Notice

International Privacy Notice

Effective Date: May 31, 2024

Last Updated: May 31, 2024

What is in this Privacy Notice:

1. Introduction :

1.1. Privacy Notice. This privacy notice ("Privacy Notice") informs you what Personal Data healow, LLC ("healow", "we", "us" or "our") collects and how healow uses such Personal Data when you use our websites, mobile apps or other means where we may collect your Personal Data and from which this Privacy Notice is linked (collectively, "Site"). This Privacy Notice also provides information about how healow collects and uses business contact and customer Personal Data in connection with the services we provide through the use of our product, Sunoh.ai ("Services"). This Privacy Notice is applicable to individuals in countries other than the United States. If you are in the United States, please see our US Privacy Notice.

Patient Information. This Privacy Notice does not describe how patient information is collected or used by our customers who use our Services. We process such Personal Data on our customer's behalf. As a result, our customers determine the purpose for which the information was collected and how we should use it. Please see the applicable customer privacy notice for more information on their privacy practices.

Assistance. If you are having issues viewing, accessing, or understanding this Privacy Notice, please contact us at 508-475-0450 or at privacy@healow.com

2. The Personal Data We Collect :

2.1 Customer Privacy Practices. When we receive information for our own purposes, such as the contact or billing information of our customers, the processing of that information is described by this Privacy Notice. When we receive or process information on behalf of one of our customers, the privacy practices that apply to the processing of that information is governed by our customer's privacy notice.

2.2 Our Processing Activities. The following table outlines different categories of Personal Data collected, the legal basis used for the collection (if applicable), and the purposes of such collection of Personal Data.

Context Types of Personal Data Primary Purpose and Legal Basis for Collection and Use of Personal Data
Account Information We collect your name and contact information when you create an account on our Sites or through the Services. We also collect information relating to the actions that you perform while logged into your account. We have a legitimate interest in providing account related functionalities to our users. Accounts can be used for easy appointment registration and schedule follow-up appointments, to view previous conversations with the patient, see former and current treatment plans, and to save medication history. In addition to having a legitimate interest in using this information, we also use this information to perform and complete our contractual obligations with our customers. If you choose not to provide us with your Personal Data, we will be unable to allow you to register an account.
Customer Information We collect the name, and contact information, of our customers and partners as well as their employees with whom we may interact. We have a legitimate interest in contacting our customers and communicating with them concerning normal business administration such as projects, services, and billing. In addition, we use this information to perform and complete our contractual obligations with our customers. If you choose not to provide us with your Personal Data, we may be unable to provide you with Services.
Demographic Information We collect Personal Data, such as your age or location. We have a legitimate interest in understanding our users and providing tailored services.
Email Interconnectivity If you receive email from us, we use certain tools to capture data related to when you open our message, click on any links or banners it contains and make purchases. We have a legitimate interest in understanding how you interact with our communications to you.
Events If you attend one of our promotional events, we may collect your contact information, including your name, phone number, email address, and physical address. We have a legitimate interest in gathering such information to allow you to attend the event, expand our business, and provide you with information about our Services.
Feedback/Support If you provide us feedback or contact us for support through our webform or chat functionality we may collect your name and email address, as well as any other content that you send to us, in order to reply. We have a legitimate interest in receiving, and acting upon, your feedback or issues. If you choose not to provide us with your Personal Data, we will be unable to respond to your inquiries.
Mailing List When you sign up for one of our mailing lists we collect your email address or postal address. We share information about our products and services with individuals that consent to receive such information. We also have a legitimate interest in sharing information about our products or services.
Location Data When you use the Services or Sites we collect your location from the GPS, Wi-Fi, and/or cellular technology in your device to determine your location to efficiently provide you with the Services. We have a legitimate interest in ensuring our Services operate efficiently and providing tailored services for our users. In some contexts, our use is also based on your consent to provide us with geolocation.
Mobile Devices We collect information from your mobile device such as unique identifying information broadcast from your device when visiting our Sites on mobile devices. We have a legitimate interest in identifying unique visitors, and in understanding how users interact with us on their mobile devices.
Order Placement We collect your name, billing address, email address, phone number, and credit card number when you place an order for the Service. We use your information to perform our contract to provide you with products or services.
Partner Promotion We collect information that you provide as part of a co-branded promotion with another company or medical provider. We have a legitimate interest in fulfilling our promotions. If you choose not to provide us with your Personal Data, we will be unable to provide you with promotional materials and opportunities.
Surveys When you participate in a survey, we collect information that you provide through the survey. If the survey is provided by a third party service provider, the third party's privacy notice applies to the collection, use, and disclosure of your information. We have a legitimate interest in understanding your opinions, and collecting information relevant to our organization. We also collect information from individuals who consent to participate in our surveys.
Sweepstakes or contests When you participate in a sweepstakes or contest we collect information about you which includes contact information to notify you if you are selected. We have a legitimate interest in operating the sweepstakes. In some contexts we are also required by law to collect information about those that enter into our sweepstakes, and we have a legitimate interest in complying with those laws.
Technology on Our Website for Targeted Advertising We may allow third parties to place technology on our websites (e.g., a cookie or a pixel) that allows them to track you. The third party might also collect data over time and across other websites. They use this data to serve advertisements tailored to your interests, which may include advertisements about our products or services. Where required by law, we base the use of third-party tracking technologies upon consent. Our partnerships with third-party service providers allow us to enhance our web content. We permit cookies on our website to participate in behavior-based advertising, which allows us to tailor our advertisements to better suit users' interests. See our Cookie Preference Center for more information.
Your Use of Our Sites We use technology to monitor how you interact with our Sites. This may include which links you click on, or information that you type into our online forms. Some of these technologies may use "cookies." Cookies are small pieces of information that a website sends to a computer's hard drive while a website is viewed. Other types of data we track include your IP address, the website that referred you to our Sites, and data about the device you use to visit our Sites. Where required by law, we base the use of analytics tracking technologies upon consent. We have a legitimate interest in making our Sites operate efficiently. We also use it to understand how you interact with our Sites to improve them and understand your preferences. Finally, we use this information to help detect and prevent fraud. Please understand that if you choose to turn of essential tracking technologies, our website may not function properly.

2.3 Duration of Processing: The duration of the processing depends on the specific processing activity as outlined above in 2.2 and takes into account the legal basis of processing and the purpose of the processing activity. We do not process your Personal Data longer than is needed to fulfill our purposes of processing or legal obligations.

2.4 Lawful Basis for Canadian Data Collections: If you are located in Canada, our lawful basis for processing your data is generally consent. If you would like specific information about your lawful basis of processing in this jurisdiction, please contact us as indicated in the Contact Information section.

3. How We Collect Your Personal Data :

3.1 Collection: healow may collect Personal Data in the following ways described below.

3.2 Information You Provide to healow: healow collects Personal Data when you use and interact with the Services, such as when you:

  • Communicate with healow about our Services whether by letter, e-mail, online chat window, or telephone.
  • Complete and submit forms to us on our Sites (e.g., to authenticate yourself to verify your authorized use of the Services, to register for our events, or to subscribe to our newsletters).
  • Visit our offices or interact with our sales staff.
  • Visit our Sites or use our Services and provide us Personal Data.
  • Interact with us on social media and provide us Personal Data.

3.3 Information that healow Collects Automatically: When you use the Services or Sites, healow may automatically collect Personal Data subject to the settings of your device that you use to access the Services or Sites. We may also collect information from your device to facilitate your use of certain features of the Services. healow may use this data to analyze trends and statistics to improve your online experience or our customer service. Please see the table in 2.2 for more information on automatic collection of information.

3.4 Information from Other Sources: healow may collect Personal Data from other sources such as the Internet and other publicly available sources and databases, data aggregators, marketing companies, and other third parties, including sources from which you authorize us to obtain Personal Data about you on your behalf. If you authorize a third party to send us information, and you later decide that you no longer want us to obtain that information, you may need to contact that third party source directly and request them to stop transmitting information to us.

4. Use of Information Collected By healow :

healow uses the Personal Data collected for the following purposes:

  • Provide Services to our customers and their authorized users.
  • To improve user experience with our Sites and Services.
  • To communicate with you about requested information.
  • To respond to user service requests, user questions and concerns, and administer user accounts.
  • To verify your identity, register you, administer your account, or provide you the information, products, and Services that you request.
  • To provide services to our customers, which include medical providers.
  • To communicate with users about our products, Services, and related issues.
  • To identify if you may be interested in any of the Services or our business partners' products and services, which may include marketing and promotional materials.
  • To administer fees and provide users with invoices or resolve billing issues.
  • To ensure the security and integrity of our Services and Sites.
  • To perform internal analytics for the purposes of development and improvement of the Sites and Services.
  • To verify and maintain the quality of our Services, improve the Services, or develop new services.
  • In the event of a business transaction if we are exploring or going through a business transition or financial transaction, such as a merger or acquisition.
  • To comply with law or other regulatory obligations.

5. Disclosing Your Information:

We may disclose your Personal Data for the following reasons:

  • Internal Sharing: healow may disclose Personal Data to its affiliates (including parents, entities under common ownership, and subsidiaries). We share this information to provide the Services to you and create efficient internal processes.
  • With Our Service Providers: healow discloses Personal Data to service providers that process Personal Data on our behalf for the purpose of operating our business. The business operations that service providers assist us with include data analytics, marketing, creating better client and customer experiences with our products and Services, management and maintenance of Services and Sites, process customer or client requests or questions, payment processing and Services fulfilment, and data hosting.
  • With Our Customers: healow may disclose Personal Data to its customers pursuant to our contractual obligations with our customers. We share this information to provide the Services.
  • Compliance with Law: To the extent permitted by law, healow will disclose Personal Data to government authorities or third parties pursuant to a legal request, subpoena, or other legal process. healow may also use or disclose your Personal Data as permitted by law to perform charge verifications, apply, or enforce the Service's terms of use or terms and conditions, or protect healow's rights, interests, or property as well as those of healow affiliates, customers, or Service users. We are legally required to disclose this information, when applicable.
  • Business Transaction: If healow sells all or part of its business, makes a sale or transfer of assets, or is otherwise involved in a merger or business transfer, healow may transfer your Personal Data to a third party as part of that transaction. If we decide to sell or merge part of our business, then we may be required to provide the other party with Personal Data necessary to complete the transaction.
  • Consent: healow may disclose your Personal Data to other third parties when we have your consent or direction to do so.

6. Your Choices and Rights :

Your Rights. Subject to certain exceptions, some jurisdictions give you a right to make the following choices regarding your Personal Data:

  • Access To Your Personal Data: You may request access to your Personal Data or confirmation that we have information about you. In certain limited circumstances, you may also request to receive access to your Personal Data in a portable, machine-readable format.
  • Changes To Your Personal Data: We rely on you to update and correct your Personal Data. Our Sites and Services allow you to modify or delete your account profile. If our Sites or Services do not permit you to update or correct certain information, you can contact us at the address described below in order to request that your Personal Data be modified. You may ask us to correct Personal Data that is inaccurate or incomplete. Note that we may keep historical Personal Data in our backup files as permitted by law.
  • Deletion Of Your Personal Data: You may request that we delete your Personal Data. If required by law, we will grant a request to delete information, but you should note that in many situations we must keep your Personal Data to comply with our legal obligations, resolve disputes, enforce our agreements, or for another business purpose.
  • Objection to or Restriction of Certain Processing: In certain circumstances, you may object to (or block) the processing of your Personal Data, or request that we restrict processing of your Personal Data, by following the instructions described below.
  • Promotional Emails: You may choose to provide us with your email address for the purpose of allowing us to send free newsletters, surveys, offers, and other promotional materials to you, as well as targeted offers from third parties. You can stop receiving promotional emails by following the unsubscribe instructions in emails that you receive. If you decide not to receive promotional emails, we may still send you Service-related communications.
  • Revocation Of Consent: Where we process your Personal Data based upon consent, you may have a right to revoke your consent. Please note, if you revoke your consent for the processing of Personal Data then we may no longer be able to provide you services.
  • Additional Information: If you are located in Brazil, you may also have a right to ask for more information about third parties with whom we have shared your Personal Data as well as information about the possibility of denying consent for processing and the consequences of such denial.

6.2 Exercising Your Rights: Please note, not all of the rights described above are absolute, and they do not apply in all circumstances. In some cases, we may limit or deny your request because the law permits or requires us to do so, or if we are unable to adequately verify your identity. You may exercise the rights described above through our online portal or by contacting us as indicated in the Contact Information section below. If you disagree with our denial of a request, you may appeal our decision by contacting us with the subject line "Appeal."

7. Data Transmissions to Other Countries:

7.1 Transfer Information: As a multi-national company, we transmit information between and among our affiliates and other third parties in accordance with this Privacy Notice. As a result, your Personal Data may be processed in a foreign country where privacy laws may be less stringent than the laws in your country. Nonetheless, where possible we take steps to treat Personal Data using the same privacy principles that apply pursuant to the law of the country in which we first received your Personal Data. By submitting your Personal Data to us you agree to the transfer, storage, and processing of your Personal Data in a country other than your country of residence including, but not necessarily limited to, the United States and India.

7.2 Requests: If you would like more information concerning our attempts to apply the privacy principles applicable in one jurisdiction to data when it goes to another jurisdiction you can contact us as indicated in the Contact Information section. You may also request a copy of any Standard Contractual Clauses (or equivalent) we use for the transfer of your data outside of the United Kingdom, which includes the categories of Personal Data transferred by contacting us as indicated in the Contact Information section.

8. Security of Personal Data: :

8.1 Security: healow has reasonable safeguards in place to help protect the Personal Data healow collects from loss, misuse, and unauthorized access, disclosure, alteration, and destruction of Personal Data. Although healow attempts to protect the Personal Data in our possession, no security system is perfect, and healow cannot promise that your Personal Data will remain absolutely secure in all circumstances.

8.2 Breach Notification: Pursuant to applicable law, healow may be required to send you notice of known or suspected security breaches that impact your Personal Data. In the event that healow must provide a notice of a security breach to you, healow will send security breach notices to the contact information contained in your account information unless healow is required by law to notify you using another method. Otherwise, if healow needs, or is required, to contact you concerning any event that involves information about you we may do so by e-mail, telephone, or mail.

9. Retention of Personal Data :

healow will retain your Personal Data as needed to fulfill the purposes for which it was collected. healow will retain and use your Personal Data as necessary to comply with healow's business requirements, legal obligations, resolve disputes, protect our assets, and enforce our agreements.

10. Links to Third Party Websites :

Our Sites may contain certain links to third party websites. healow is not responsible or liable for the privacy practices or content found on these websites. You should check the privacy notice and policies of each website you visit. Links to third party websites are provided solely for your convenience and any use or submission of data to such websites shall be at your sole risk.

11. Children's Privacy :

Our Sites are not directed toward individuals under the age of 18. We do not promote our Sites or Services to individuals under 18, and we do not knowingly collect any Personal Data through our Sites from individuals under 18.

12. Changes to the Privacy Notice:

healow may change this Privacy Notice at any time. Unless we say otherwise, changes will be effective upon the last updated date at the top of this Privacy Notice. Please check this Privacy Notice regularly to ensure that you are aware of any changes. We may try to notify you of material changes to this Privacy Notice, which if we do, may be by means such as by posting a notice directly on the Sites, by sending an e-mail notification (if you have provided your e-mail address to us), or by other reasonable methods.

13. Contact Information:

If you have any questions, concerns, or complaints related to this Privacy Notice, please contact the healow Chief Privacy Officer at:
healow, LLC
2 Technology Drive
Westborough, MA 01581
Attn: Chief Privacy Officer
privacy@healow.com

If you have any questions, concerns, or complaints related to Security, please contact the healow Chief Information Security Officer at:

healow, LLC
2 Technology Drive
Westborough, MA 01581
Attn: Chief Information Security Officer
ciso.office@healow.com

These e-mail addresses are monitored only for privacy- and security-related inquiries. If you are a patient and have a question related to accessing your patient portal or have other healthcare specific questions, please contact your healthcare provider.

14. Complaints :

If you are not satisfied with our response, the following remedies may be available to you:

  • If you are in the United Kingdom or European Union, you may have a right to lodge a complaint with your local supervisory authority.
  • You may also contact our Chief Privacy Officer at privacy@healow.com, who will address your compliant according to applicable law.