Privacy and Notice of Privacy Policy (NPP)
Sniffle, Inc. (“Sniffle,” “we” or “us”) values your privacy. Sniffle offers a Telemedicine Platform and Service (the “Services”). This Privacy Statement applies to our Mobile Applications, website https://www.sniffle.com (the “Site”), and any services accessible through the Mobile Applications or the Site. Through the Services, participating healthcare professionals and their staff (“Healthcare Providers” or “Providers”) can provide healthcare services to patients with whom they have a professional relationship. In this Privacy Statement (“Statement”), we describe how we collect, use, and disclose information that we obtain about visitors to our Site and users of our Services.
By visiting the Site or using our Services, you agree that your personal information, including individually identifiable health information, will be handled as described in this Statement. Your use of our Site and Services, and any dispute over privacy, is subject to this Statement and the Sniffle Terms of Use, including its applicable limitations on damages and the resolution of disputes. The Sniffle Terms of Use are incorporated by reference into this Statement.
WHAT INFORMATION DO WE COLLECT ABOUT YOU AND WHY?
We may collect information about you directly from you and from third parties, as well as automatically through your use of our Site or Services.
Information We Collect Directly From You.
Users may browse the informational areas of the Site without registering as a user. However, registration is required to use the Services. Once a Healthcare Provider has registered with us, subscribed to our Service and has been verified, the Healthcare Provider can then invite Patients to use the Services. After receiving an invite, the Patient would then need to register for a Sniffle account to use the Services.
Healthcare Provider Registration. To register, Healthcare Providers must provide certain information about themselves and their practices including: the Healthcare Provider’s name, license number and state of licensure date of birth, gender, physical mailing address, email address, mobile and work phone; the Healthcare Provider’s practice name, physical address, phone number and fax number; and a user id and password. We may also collect certain optional information, including: middle name or initial, bank account or other payment information and other contact details, picture and communication preferences. Providers are responsible for ensuring that all information provided to us upon registration is complete and accurate.
Patient Registration. Patients must provide certain information, including: name, date of birth, gender, address, email, mobile and work phone, as well as a user id and password. We may also collect certain optional information, including: middle name or initial, home phone and other contact info, pharmacy name and contact details, other demographic information, health insurance information, credit card number and billing details, picture and communications preferences. In addition, the Patient can communicate other health-related information via the Services and/or directly to the Healthcare Provider during an audio/video consultation. Patients are responsible for ensuring that all information provided to us upon registration is complete and accurate.
Other. We also collect other information that you submit on our Site, such as comments and blog postings (see “User Generated Content” section below). You must submit your name to post a comment to our blog and you may submit other optional information as well.
Information We Collect From Healthcare Providers. Certain features and services are available to Patients because their Healthcare Providers use the Services. Healthcare Providers may provide Patient names and e-mail addresses to us so we may communicate with Patients on their Provider’s behalf about the availability of certain services.
Information We Collect Automatically. We may automatically collect the following information about your use of Mobile Applications, the Site, or Services through cookies, web beacons, and other technologies: your domain name; your browser type and operating system; web pages you view; links you click; your IP address; a time and date stamp and the length of time you visit our Site and/or use our Services; the referring URL, or the webpage that led you to our Site; and your browser type. We may combine this information with other information that we have collected about you, including, where applicable, your user name, name, and other personal information. Please see the section titled “Our Use of Cookies” below for more information about our use of cookies and other tracking mechanisms.
HOW WE USE YOUR INFORMATION
We use the information that we gather about you for the following purposes:
To provide the Services.
To communicate with you about your use of the Services, to respond to your inquiries, to provide technical support and assistance and for other customer-service purposes.
To communicate with you regarding the availability of Services on behalf of your Healthcare Provider.
To send you reminders and other information related to your care on behalf of your Healthcare Provider, your memberships and benefits.
To tailor the content and information that we may send or display, to offer location customization, and personalized help and instructions, and to otherwise personalize your experiences while using Mobile Applications, the Site or the Services.
To send offers and other promotional communications to Healthcare Providers;
To display advertising on Mobile Applications and the Site.
To better understand how users access and use our Services, both on an aggregated and individualized basis, in order to improve our Mobile Applications, the Site, and the Services and to respond to user desires and preferences, and for other research and analytical purposes.
HOW WE SHARE YOUR INFORMATION
We may share the information that we collect about you, including personally identifiable information, as follows:
Healthcare Providers. As a Patient, your information will be shared with Healthcare Providers as directed and consented to by you. Our Services make your Assessments and related information available to your Healthcare Provider. We will not make information available to Healthcare Providers other than those with whom you have requested that we share your Assessments. We will enter into a Business Associate Agreement (BAA) with each Healthcare Provider which governs how we may use and disclose your Protected Health Information that we create, maintain, receive, or transmit on behalf of the Healthcare Provider, This Statement does not address how Healthcare Providers will use and disclose information obtained using Sniffle. If you would like this information, you should ask your Healthcare Provider directly for a copy of his/her Notice of Privacy Practices.
Service Providers. We may disclose the information we collect from you to third-party vendors, service providers, contractors or agents who perform functions on our behalf.
Business Transfers. If we are acquired by or merged with another company, if substantially all of our assets are transferred to another company, or if we are a part of a bankruptcy proceeding, we may transfer the information we have collected from you to the other Company.
In Response to Legal Process. We also may disclose the information we collect from you in order to comply with the law, a judicial proceeding, court order, or other legal process, such as in response to a subpoena in compliance with applicable privacy laws.
To Protect Us and Others. We also may disclose the information we collect from you, to the extent permitted by law, where we believe it is necessary to investigate, prevent, or take action regarding illegal activities, suspected fraud, situations involving potential threats to the safety of any person, violations of our Terms of Use or this Statement, or as evidence in litigation in which Sniffle is involved.
Aggregate and De-Identified Information. We may share aggregated or de-identified information about users with third parties for marketing, advertising, research or similar purposes.
YOUR STATE PRIVACY RIGHTS
State consumer privacy laws may provide their residents with additional rights regarding our use of their Personal Information. If you are a resident of California, Colorado, Connecticut, Nevada, Virginia, Washington, or Utah, state laws may permit you to request access to, request the correction of, request that we not sell (transfer), and request the deletion of information that we collect about you.
To make requests related your information under these laws, you may contact us by sending an email to info@sniffle.com. You may also make requests and changes to your information in the account management section of the Site.
For residents of California, if you would like an authorized agent to submit a privacy request on your behalf, the authorized agent must provide proof of their registration with the California Secretary of State, as well as proof that you gave the authorized agent written permission to submit the request(s) on your behalf. We may also require you to verify your identity with us.
We expect that all collection, use and disclosure of your information will occur in the United States and will be governed by United States law; however, some information may travel over the Internet outside of the United States. Even if some information does travel outside the United States, You agree that the laws of the United States will apply.
NPP (Notice of Privacy Practices)
This notice describes how medical information about you may be used and disclosed and how you can get access to this information. Please review it carefully.
Your Rights
You have the right to:
- Get a copy of your paper or electronic medical record
- Correct your paper or electronic medical record
- Request confidential communication
- Ask us to limit the information we share
- Get a list of those with whom we’ve shared your information
- Get a copy of this privacy notice
- Choose someone to act for you
- File a complaint if you believe your privacy rights have been violated
Your Choices
You have some choices in the way that we use and share information as we:
- Tell family and friends about your condition
- Provide disaster relief
- Include you in a hospital directory
- Provide mental health care
- Market our services and sell your information
- Raise funds
Other Uses and Disclosures
We may use and share your information as we:
- Treat you
- Run our organization
- Bill for your services
- Help with public health and safety issues
- Do research
- Comply with the law
- Respond to organ and tissue donation requests
- Work with a medical examiner or funeral director
- Address workers’ compensation, law enforcement, and other government requests
- Respond to lawsuits and legal actions
Your Rights
When it comes to your health information, you have certain rights. This section explains your rights and some of our responsibilities to help you.
Get an electronic or paper copy of your medical record.
You can ask to see or get an electronic or paper copy of your medical record and other health information we have about you. Ask us how to do this. We will provide a copy or a summary of your health information, usually within 30 days of your request. We may charge a reasonable, cost-based fee.
Ask us to correct your medical record
- You can ask us to correct health information about you that you think is incorrect or incomplete. Ask us how to do this.
- We may say “no” to your request, but we’ll tell you why in writing within 60 days.
Request confidential communications
- You can ask us to contact you in a specific way (for example, home or office phone) or to send mail to a different address.
- We will say “yes” to all reasonable requests.
Ask us to limit what we use or share
- You can ask us not to use or share certain health information for treatment, payment, or our operations. We are not required to agree to your request, and we may say “no” if it would affect your care.
- If you pay for a service or health care item out-of-pocket in full, you can ask us not to share that information for the purpose of payment or our operations with your health insurer. We will say “yes” unless a law requires us to share that information.
Get a list of those with whom we’ve shared information
- You can ask for a list (accounting) of the times we’ve shared your health information for six years prior to the date you ask, who we shared it with, and why.
- We will include all the disclosures except for those about treatment, payment, and health care operations, and certain other disclosures (such as any you asked us to make). We’ll provide one accounting a year for free but will charge a reasonable, cost-based fee if you ask for another one within 12 months.
Get a copy of this privacy notice
You can ask for a paper copy of this notice at any time, even if you have agreed to receive the notice electronically. We will provide you with a paper copy promptly.
Choose someone to act for you
- If you have given someone medical power of attorney or if someone is your legal guardian, that person can exercise your rights and make choices about your health information.
- We will make sure the person has this authority and can act for you before we take any action.
File a complaint if you feel your rights are violated
- You can complain if you feel we have violated your rights by contacting us using the information on page 1.
- You can file a complaint with the U.S. Department of Health and Human Services Office for Civil Rights by sending a letter to 200 Independence Avenue, S.W., Washington, D.C. 20201, calling 1-877-696-6775, or visiting www.hhs.gov/ocr/privacy/hipaa/complaints/.
- We will not retaliate against you for filing a complaint.
Your Choices
For certain health information, you can tell us your choices about what we share. If you have a clear preference for how we share your information in the situations described below, talk to us. Tell us what you want us to do, and we will follow your instructions.
In these cases, you have both the right and choice to tell us to:
- Share information with your family, close friends, or others involved in your care
- Share information in a disaster relief situation
- Include your information in a hospital directory
If you are not able to tell us your preference, for example if you are unconscious, we may go ahead and share your information if we believe it is in your best interest. We may also share your information when needed to lessen a serious and imminent threat to health or safety.
In these cases we never share your information unless you give us written permission:
- Marketing purposes
- Sale of your information
- Most sharing of psychotherapy notes
In the case of fundraising:
We may contact you for fundraising efforts, but you can tell us not to contact you again.
Our Uses and Disclosures
How do we typically use or share your health information?
We typically use or share your health information in the following ways.
Treat you
We can use your health information and share it with other professionals who are treating you.
Example: A doctor treating you for an injury asks another doctor about your overall health condition.
Run our organization
We can use and share your health information to run our practice, improve your care, and contact you when necessary.
Example: We use health information about you to manage your treatment and services.
Bill for your services
We can use and share your health information to bill and get payment from health plans or other entities.
Example: We give information about you to your health insurance plan so it will pay for your services.
How else can we use or share your health information?
We are allowed or required to share your information in other ways – usually in ways that contribute to the public good, such as public health and research. We have to meet many conditions in the law before we can share your information for these purposes. For more information see: www.hhs.gov/ocr/privacy/hipaa/understanding/consumers/index.html.
Help with public health and safety issues
We can share health information about you for certain situations such as:
- Preventing disease
- Helping with product recalls
- Reporting adverse reactions to medications
- Reporting suspected abuse, neglect, or domestic violence
- Preventing or reducing a serious threat to anyone’s health or safety do research. We can use or share your information for health research.
Comply with the law
We will share information about you if state or federal laws require it, including with the Department of Health and Human Services if it wants to see that we’re complying with federal privacy law.
Respond to organ and tissue donation requests
We can share health information about you with organ procurement organizations.
Work with a medical examiner or funeral director
We can share health information with a coroner, medical examiner, or funeral director when an individual dies.
Address workers’ compensation, law enforcement, and other government requests
We can use or share health information about you:
- For workers’ compensation claims
- For law enforcement purposes or with a law enforcement official
- With health oversight agencies for activities authorized by law
- For special government functions such as military, national security, and presidential protective services
Respond to lawsuits and legal actions
We can share health information about you in response to a court or administrative order, or in response to a subpoena.
Our Responsibilities
- We are required by law to maintain the privacy and security of your protected health information.
- We will let you know promptly if a breach occurs that may have compromised the privacy or security of your information.
- We must follow the duties and privacy practices described in this notice and give you a copy of it.
- We will not use or share your information other than as described here unless you tell us we can in writing. If you tell us we can, you may change your mind at any time. Let us know in writing if you change your mind.
For more information see: www.hhs.gov/ocr/privacy/hipaa/understanding/consumers/noticepp.html.
Changes to the Terms of this Notice
We can change the terms of this notice, and the changes will apply to all the information we have about you. The new notice will be available upon request, in our office, and on website.
Other Instruction for Notice
- Date of this Notice
- Questions can be forwarded to the Privacy Officer at Info@Sniffle.com or you may call 800.510.1389
OUR USE OF COOKIES AND OTHER TRACKING MECHANISMS
We use cookies and other tracking mechanisms to track information about your use of Mobile Applications, the Site, or Services. We may combine this information with other information we collect from you.
Cookies. Cookies are alphanumeric identifiers that we transfer to your device for record-keeping purposes. Some cookies allow us to make it easier for you to navigate Mobile Applications, the Site, and Services, while others are used to enable a faster log-in process or to allow us to track your activities through Mobile Applications, at the Site, and the Service. Most web browsers automatically accept cookies, but if you prefer, you can edit your browser options to block them. The Help portion of the toolbar on most browsers will tell you how to prevent your device from accepting cookies, how to have the browser notify you when you receive a cookie, or how to disable cookies altogether. Visitors to our Site who disable cookies may be able to access certain public areas of the Site, but the Services will not function.
Clear GIFs (a.k.a. web beacons, web bugs or pixel tags). Clear GIFs are tiny graphics with a unique identifier, similar in function to cookies. In contrast to cookies, which are stored in your device’s memory or drive, clear GIFs are embedded invisibly on web pages. We may use clear GIFs (in connection with Mobile Applications or the Site to, among other things, track the activities of visitors, help us manage content, and compile statistics about usage. We and our third-party service providers may also use clear GIFs in e-mails to our customers, to help us track e-mail response rates, identify when our e-mails are viewed, and track whether our e-mails are forwarded.
Third Party Analytics. We use automated devices and applications, such as Google Analytics, MixPanel, and Braze and Apple analytics, to evaluate usage of our Site and Services and to help us personalize content on our Site and Services. See, “How Google uses data when you use our partners’ sites or apps”, (located at www.google.com/policies/privacy/partners/, or any other URL Google may provide from time to time). We also may use other analytic means to evaluate our Services. We use these tools to help us improve our Services, performance and user experiences. These entities may use cookies and other tracking technologies to perform their services. We do not share your personal information with these third parties.
Advertising. We may use network advertisers, such as AdRoll, to advertise our Site and Services on other websites, and we may do so based on your visits to our Site and to other third party Sites. These entities may use cookies and other tracking technologies to perform their services. We do not share your personal information with these third parties. Our Site does not currently respond to browser “Do-Not-Track requests; however, you may find out more about targeted advertising in general, and opt out of targeted ads from many ad networks, including AdRoll, through the National Advertising Initiative (“NAI”) website, or the Digital Advertising Alliance (“DAA”) website.
USER GENERATED CONTENT
We may invite you to post content on our Site, including your comments. Sniffle cannot prevent such information from being used in a manner that may violate this Statement, the law, or your personal privacy. As a result, YOU SHOULD NEVER POST ANY SENSITIVE INFORMATION TO OUR SITE THAT YOU ARE NOT COMFORTABLE SHARING PUBLICALLY (E.G., PERSONAL MEDICAL DETAILS). Sniffle is not liable to you or any other person for any content or information you post to our Site or the use or disclosure of such content or information by other users or third parties.
THIRD-PARTY LINKS
Mobile Applications, the Site, and Services may contain links to third-party websites. Any access to and use of such linked websites is not governed by this Statement, but instead are governed by the privacy statements and policies of those third-party websites. We are not responsible for the practices of third-party websites.
PATIENT HEALTH INFORMATION
Sniffle provides Services to healthcare providers. The privacy and security of Patients’ individually identifiable health information provided to Physicians through Sniffle in connection with the Services may be protected by federal law (HIPAA, the HITECH Act, and their regulations) and state privacy laws. This health information is “protected health information” (“PHI”) or protected health information in an electronic format (“ePHI”). PHI and ePHI may be used and disclosed by Sniffle as necessary to provide Services, for our own management and operations, to meet our legal obligations, and for any other purpose for which Patients have given consent. We may share PHI or ePHI with third parties for these purposes in compliance with applicable law. We may de-identify PHI or ePHI and aggregate it for purposes of monitoring and improving our products and services, for benchmarking purposes, and to provide customized services or technologies our customers.
SECURITY OF YOUR PERSONAL INFORMATION
We have implemented reasonable technical, physical, administrative, and organizational safeguards to protect the information we collect from loss, misuse, and unauthorized access, disclosure, alteration, and destruction. Please be aware that despite our efforts, no data security measures can guarantee 100% security. You should take steps to protect against unauthorized access to your password, phone, Mobile Applications, and computer by, among other things, signing off and deleting cookies after using a shared computer, choosing a robust password that nobody else knows or can easily guess, and keeping your log-in and password private. We are not responsible for any lost, stolen, or compromised passwords or for any activity on your account via unauthorized password activity.
ACCESS TO YOUR PERSONAL INFORMATION
You may modify registration information that you have submitted by logging into your account and updating your profile information. Please note that copies of information that you have updated, modified or deleted may remain viewable in cached and archived pages of the Site for a period of time.
MARKETING EMAILS
We may send periodic promotional or informational emails to Healthcare Providers. Healthcare Providers may opt-out of such communications by following the opt-out instructions contained in the e-mail. Please note that it may take up to 10 business days for us to process opt-out requests. If you opt-out of receiving emails about recommendations or other information we think may interest you, we may still send you e-mails about your account or any Services you have requested or received from us.
CONTACT US
We encourage you to contact us if you have any questions or concerns regarding the privacy aspects of our Services or would like to make a complaint. You may write us at 800-510-1389 or Sniffle, Inc., 400 West Capitol Avenue, Suite 1700, Little Rock AR 72201, Attention: Privacy Officer.
CHANGES TO THIS STATEMENT
This Statement is current as of the Effective Date set forth above. We may without notice change this Statement from time to time, so please be sure to check back periodically. We will post any changes to this Statement on this, or a similar, page. If we make any changes to this Statement that materially affect our practices with regard to the personal information we have previously collected from you, we will endeavor to provide you with notice in advance of such change, such as by highlighting the change on our Site, or emailing the email address of record for your account.