Privacy Policy

Policy Effective Date: Effective January 1, 2020

Your Privacy Matters

Vessel Health’s number one priority is your trust. Your privacy is essential to earning and keeping that trust. This tenet drives all of the decisions we make, as well as how we gather, use and store any information we acquire from you. We created this Privacy Policy to be as clear and direct as possible about how we gather and use your non-public personal information and other types of personal information (“Personal Information”) and to assist you in exercising your privacy rights.

Introduction

Vessel Health Technology Inc and its affiliates (“Vessel”, “Vessel Health”, “we”, “us” and/or “our”) currently offer automated medical information aggregation, a product for viewing that information, and may offer additional products and services in the future (collectively, the “Services”), through Vessel Health’s website, www.vesselhealth.io (“Site”) and any future mobile applications (“App”). This Privacy Policy describes how Vessel Health treats your Personal Information when you use or evaluate our Site, App and/or Services.

For the purpose of this Privacy Policy, a “User” is an individual who creates an account on our Site or App to view our free healthcare management and data visualization software and/or to understand or evaluate our Services; and a “Client” is an individual who has connected or requested a connection to their medical information from a third party Healthcare Organization.

Our Privacy Policy, and Terms of Use collectively govern your use or evaluation of our Site, App and Services.

Information Collection

The categories of information we collect depend on whether you are a current or former User, and/or Client. Examples of instances when we collect Personal Information include:

  • when you answer questions on the Site or in the App to determine what services or features we might recommend if you were to become a Client,
  • when you register to open an account either as a User or a Client,
  • when you contact us with questions through the site, app, or email, or
  • when you become a Client.

Wherever Vessel Health collects Personal Information, we endeavor to provide a link to this Privacy Policy and other relevant terms, such as our Website Terms of Use.

Information We Collect from Users

We collect Personal Information from Users, including but not limited to your:

  • name, e-mail address, telephone number, zip code, Internet Protocol address, birth date;
  • medical information, as shared by your healthcare provider(s) in your patient portal;
  • insurance information, as shared by your insurance company (or companies) in your user account on their website;
  • pharmacy, medication, and financial information, as shared by your pharmacy (or pharmacies) in your user account on their website;
  • link to our Services (medical, insurance, pharmacy, or lab information), any challenge and/or security questions associated with those accounts and any information contained in those accounts Note: Vessel may store login credentials used to link Account Information (as defined below). If you choose to link to our Services, we user that information to aggregate, access and retrieve your Account Information. Any Account Information that we store or transmit to a third-party service provider is stored and transmitted via end-to-end encryption, and any credentials are additionally encrypted at rest.

Information We Collect from Clients

If you choose to become a Client, in addition to the information we collect from you as a User, described above, we will ask you for certain additional Personal Information, including but not limited to:

  • your and your family members’ full legal name, contact information, address, birth date, citizenship, marital status; and
  • your healthcare objectives, diagnoses, providers, and associated clinical and/or medical information as provided to you by healthcare organizations you have visited;

Information We Collect when Acting As a User’s or Client’s Authorized Agent

The primary goal of Vessel Health is to aggregate information from accounts at across medical institutions and/or healthcare organizations in one place on our Site or in our App; in enabling this functionality, Vessel Health acts as an agent to retrieve the User or Client account information maintained by such third-party healthcare organizations or medical institutions with which the User or Client has a legally-binding relationship (“Account Information”). This Account Information may include account balances, appointments, and all provided clinical or medical information from the linked healthcare organizations or medical institutions.

By choosing to use our Services to aggregate and analyze your Account Information, you expressly authorize and direct Vessel Health, on your behalf, to electronically retrieve all Account Information associated with the username and password that you use to link the account. Vessel Health may store login credentials used to link Account Information. Any Account Information that Vessel Health receives is read-only. Account Information may be processed by Vessel Health in order to display that information in a user-friendly way. Original data is always available and can be disclosed or shared upon request to support@vesselhealth.io. Vessel Health does not and will not update any records or Account Information as it is stored in the linked Organizations. As in, any additional data, Personal Information, or Account Information provided to Vessel Health via user interaction, automated or manual integration will not get transmitted back to linked Organizations.

Information Regarding Children

Due to the nature of our business, our Services are not made available to minors. Except for beneficiary information as described above, Vessel Health does not knowingly solicit Personal Information from or about children under the age of 18.

If you are under the age of 18, please do not submit any Personal Information to Vessel Health. If we learn that we have collected Personal Information directly from a minor, we will delete such information from our files.

If a parent or guardian becomes aware that his or her child under the age of 18 has directly provided us with Personal Information without his or her consent, he or she should contact us at support@vesselhealth.io and we will delete such information from our files.

Other Ways We Collect Information

Other means by which we collect Personal Information include the following:

  • Automatic Data Collection. We may collect certain information when you use our Services. This information may include your Internet protocol (“IP”) address, cookie identifiers, mobile carrier, mobile advertising and other unique identifiers, details about your browser, operating system or device, location information, Internet service provider, pages that you visit before, during and after using the Services, information about the links you click, and other information about how you use the Services. Information we collect may be associated with accounts and other devices.
  • Anonymized or aggregated Information. Vessel Health’s Site and App record certain anonymized or aggregated information about your use or evaluation of our Services. Anonymized or aggregated information is used for a variety of functions, including the measurement of Users’ interest in and use of various portions or features of the Site and App. Anonymized or aggregated information is not Personal Information, and we may use such information in a number of ways, including internal analysis and research. We may share this information with third-parties for our purposes in an anonymized or aggregated form that is designed to prevent anyone from identifying you.
  • Cookies and Pixels. Similar to other consumer internet services, Vessel Health uses cookies, a small piece of computer code that enables our Web servers to “identify” Users, each time an individual initiates a session on our Site. A cookie is set in order to identify you and tailor the Site to you. Cookies do not store any of the Personal Information that you provided to us; they are simply identifiers. You may delete cookie files from your own hard drive at any time through your browser settings. However, cookies may be necessary to provide access to much of the content and many of the features of the Site.
  • Pixel Tags. Along with cookies, we may use “pixel tags,” also known as “web beacons,” which are small graphic files that allow us to monitor the use of our Sites. A pixel tag can collect information such as the IP address of the computer that downloaded the page on which the tag appears; the URL of the page on which the pixel tag appears; the time the page containing the pixel tag was viewed; the type of browser that fetched the pixel tag; and the identification number of any cookie on the computer previously placed by that server.
  • Site and App Activity. Vessel Health may also use third-party tracking technology, such as Google Analytics, to record similar information regarding you and your activity on our Site and App. “Do Not Track” Technology. We do not collect Personal Information about your online activities over time and across different web sites or online services. Therefore, our Site does not respond to Do Not Track (“DNT”) signals. We do not knowingly authorize third-parties to collect Personal Information about your online activities over time and across different web sites or online services.
  • Surveys. We may contact you to participate in surveys. If you decide to participate, you may be asked to provide certain information which may include Personal Information.

How we use Information

No Renting, Selling or Trading Out Identifiable Information

We will never rent, sell or trade your identifiable (as defined by HIPAA identification procedures) Personal Information to anyone. Ever. We reserve the right to rent, sell, license, or trade your medical information in a de-identified manner for business purposes.

User Personal Information

We use your Personal Information for a variety of business purposes, such as to help you evaluate our Services, offer you new products or services, enhance our Services, and for research and internal analysis.

Client Personal Information

Vessel Health stores, processes, and maintains Personal Information related to you for a variety of business reasons such as to provide client support, analyze and improve our Services, offer new products or services and provide our Services to Clients in accordance with the rules of regulatory bodies. As a User, you may choose not to provide such information to us, but if you choose not to provide such information, you will not be able to become a Client.

Cross-Device Tracking

Your browsing activity may be tracked across different websites and different devices or apps. For example, we may attempt to match your browsing activity on your mobile device with your browsing activity on your computer. To do this, we may analyze your browsing patterns, geo-location and device identifiers to match the information of the browser and devices that appear to be used by the same person.

Social Media and Links to Other Web Sites and Applications

This Privacy Policy and these terms apply only to Vessel Health operated Services and applications. Please note that our Site and Apps may contain links to other websites, applications, social media accounts, and information for your convenience that are not operated or controlled by Vessel Health. Vessel does not control Linked Third-Party websites or their privacy practices, which may differ from those set out in this Privacy Policy. Vessel Health does not endorse or make any representations about Linked Third-Party information. Any Personal Information you choose to give to Linked Third-Parties is not covered by this Privacy Policy. We encourage you to review the privacy policy of any company or website before submitting your Personal Information. Some third-parties may choose to share their users’ Personal Information with us; that sharing is governed by that company’s privacy policy, not this Privacy Policy.

Mobile Computing

Vessel Health provides websites and online resources that are specifically designed to be compatible for use with mobile computing devices. Mobile versions of our website are governed by the provisions hereunder related to the Site and may require that you log in with an account. In such cases, information about the use of each mobile version of the website may be associated with your accounts. In addition, we may enable individuals to download tools, such as an application, widget or other tool, that can be used on mobile or other computing devices. Some of these tools may store information on mobile or other devices. These tools may transmit Personal Information to Vessel Health to enable you to access your account information and to enable us to track the use of these tools. Some of these tools may enable users to e-mail reports and other information from the tool. We may use Personal Information or non-identifiable information transmitted to us to enhance these tools, to develop new tools, for quality improvement and as otherwise described in this Privacy Policy or in other notices we provide.

Promotional Activity

We may run sweepstakes and contests. Contact information you provide may be used to reach you about the sweepstakes or contest and for other Vessel Health promotional or marketing purposes. In some jurisdictions, we are required to publicly share some winner information.

Information Sharing and Onward Transfer

We will not share or disclose your Personal Information (whether you are a current or former User and/or Client) to any nonaffiliated third-parties except:

  • To Protect Ourselves or Others. We may share your Personal Information as required by law, such as when we reasonably believe it is necessary or appropriate to investigate, prevent, or take action regarding illegal activities, suspected fraud, front running or scalping, situations involving potential threats to the personal safety of any person, if we believe doing so is required or appropriate to: comply with law enforcement or national security requests and legal process, such as a court order or subpoena; to protect your, our or others’ rights, property, or safety; enforce our policies or contracts; or collect amounts owed to us.
  • Affiliates. Vessel Health may share your Personal Information among affiliated Vessel Health entities in connection with the provision of Services to Clients and Users.
  • Service Providers. There are certain circumstances in which we may share your Personal Information with non-affiliated third-party service providers, including to perform certain business and technology related functions and to support the provision of the Services. We may share your Personal Information with non-affiliated third-party service providers for the provision of services, which includes but is not limited to the following: mailing information; data processing and storage; payment processing; identification verification and fraud detection; customer support; and marketing.
  • Business Partners. We may provide Personal Information to business partners with whom we jointly offer products or services. For example, we may share the information required to become a Client with a third party who helps us acquire Account Information from a Linked Organization.
  • Disclosure in the Event of Merger, Sale, or Other Asset Transfers. If we are involved in a merger, acquisition, financing due diligence, reorganization, bankruptcy, receivership, purchase or sale of assets, or transition of service to another provider, then your Personal Information may be transferred as part of such a transaction, as permitted by law and/or contract.

Your Choices and Opting Out

General. You have certain choices about the use and disclosures of your Personal Information, as set out in this Privacy Policy.

You may decline to provide Personal Information to Vessel Health. Declining to provide Personal Information may disqualify you from using Vessel Health Services, Site, and App features that require certain Personal Information.

Opting-Out - Obtaining and Withdrawing Consent

Where you have consented to Vessel Health’s use of your Personal Information, you may withdraw that consent at any time and opt out by contacting us by email, phone or physical mail via the contacts indicated under the “Questions and Contacting Us” section below. Additionally, before we use Personal Information for any new purpose we will provide information regarding the new purpose. Even if you opt out, we may still collect and use non-personal information regarding your activities on our Services and for other legal purposes as described above.

Email and Telephone Communications.

Vessel Health may use your Personal Information to communicate with you regarding our Services or to tell you about blog posts or Services that we believe will be of interest to you. If you decide at any time that you no longer wish to receive marketing communications from us, please follow the “unsubscribe” instructions provided in the communications or contact us at support@vesselhealth.io. Please note that you cannot opt-out of administrative communications such as regulatory, billing or service notifications, or updates to our Terms or this Privacy Policy.

We process requests to be placed on do-not-mail, do-not-phone and do-not-contact lists as required by applicable law.

Mobile Devices.

We may send you push notifications through our mobile application. You may at any time opt-out from receiving these types of communications by changing the settings on your mobile device. We may also collect location-based information if you use our mobile applications. You may opt-out of this collection by changing the settings on your mobile device.

Accessing Your Personal Information

Users or Clients may contact us at support@vesselhealth.io to request information about how to access your Personal Information.

  • Vessel Health provides all Clients with continuous access via the Site which contains information about account status, securities positions and balances.
  • Clients can access or amend their Personal Information at any time by signing in to their Vessel Health account via our Site or App. Amending your Personal Information in Vessel Health does not guarantee that that information will be conveyed to any healthcare providers or Linked Organizations.
  • Your requests will be processed in line with local laws, including without undue delay and in accordance with any required time frames. Although Vessel Health makes good faith efforts to provide individuals with access to their Personal Information, there may be circumstances in which we are unable to provide access, including but not limited to: where the information contains legal privilege, would compromise others’ privacy or other legitimate rights, where the burden or expense of providing access would be disproportionate to the risks to the individual’s privacy in the case in question or where it is commercially proprietary. If we determine that access should be restricted in any particular instance, we will endeavor to provide you with an explanation of why that determination has been made within one month of the request, a contact point for any further inquiries and any other legally required information. To protect your privacy, we will take commercially reasonable steps to verify your identity before granting access or making any changes to your Personal Information.

Retention and Deletion

Vessel Health retains the Personal Information we receive as described in this Privacy Policy for as long as you use our Site, App, or Services or as necessary to fulfill the purpose(s) for which it was collected, to provide our Services, resolve disputes, establish legal defenses, conduct audits, pursue legitimate business purposes, enforce our agreements, or as otherwise required to comply with contracts and comply with all applicable laws.

You may request deletion of Personal Information by contacting us at support@vesselhealth.io and providing us enough information to identify your account and prove that you are the owner of the identified account. However, due to regulatory recordkeeping obligations we may retain information related to you and your account, as well as any data related to your trades, in accordance with applicable laws. After processing a Personal Information deletion request, in no case will we share your individual medical data unless required by regulators or other government bodies, to support processing of settlement of your transactions, or in accordance with applicable laws.

Security

Vessel Health takes reasonable steps, endeavoring to use appropriate technical or organizational measures, to protect your Personal Information from loss, misuse, unauthorized access, alteration, disclosure, or destruction. However, no Internet, email, or electronic operating system that enables the transmission of data is ever fully secure or error free; therefore, we cannot ensure or warrant the security of any information you transmit to us.

Other Important Information

California Privacy Rights

California law permits Users and Clients who are California residents to request and obtain from us once a year, free of charge, a list of the third-parties to whom we have disclosed their Personal Information (if any) for their direct marketing purposes in the prior calendar year, as well as the type of Personal Information disclosed to those parties. Vessel Health does not share Personal Information with third-parties for their own marketing purposes.

The California Consumer Privacy Act permits certain Users (users of our financial planning services who have shown no indication of becoming a Client) who are California residents to request and obtain from us twice a year, free of charge, information related to Personal Information we have collected in the 12 months preceding the request. The California Consumer Privacy Act also gives Users the right to request permanent deletion of Personal Information, which Users can do by following the procedure above.

Vessel Health does not sell your identifiable data. Vessel Health ensures that all Third Parties that may have access to your Healthcare Information will be contractually obligated to make no attempt to re-identify you based off of any information shared. Full names and contact information will not be shared, or will only be shared in accordance with HIPAA de-identification standards. You have the right to request information from us regarding whether we share certain categories of your Personal Information with third parties for Vessel Health’s business purposes. To the extent we share your Personal Information in this way, you may request information related to (i) the categories of information we disclosed to third parties for such purpose during the 12 months and (ii) the names and addresses of third parties that received such information.

Changes to this Privacy Policy

We may update this Privacy Policy from time to time as we deem necessary at our sole discretion. If there are any material changes to this Privacy Policy, we will notify you as required by applicable law.

Vessel Health encourages you to review this Privacy Policy periodically to be informed regarding how we are using and protecting your information and to be aware of any policy changes. Your continued relationship with Vessel Health after the posting or notice of any amended Privacy Policy shall constitute your agreement to be bound by any such changes. Any changes to this Privacy Policy will take effect immediately after being posted or otherwise provided by us. Each version of this Privacy Policy will be identified on this page by its effective date.

This document constitutes Vessel Health’s complete Privacy Policy for Vessel Health Technology Inc and its affiliates and the Services, Site and App.

Questions and Contacting Us

If after reviewing this Privacy Policy, you would like to submit a request, opt-out or you have any questions or privacy concerns, please contact us by email at support@vesselhealth.io or via physical mail at:

Vessel Health Technology

52 Manchester St

San Francisco, CA 94110