- Key Definitions
- Aggregate Information: information that has been combined with that of other users and analyzed or evaluated as a whole, such that no specific individual may be reasonably identified.
- Anonymized Information: information that has been stripped of a person's Registration Information and other identifying data such that a person cannot reasonably be identified as any one individual.
- Individual-Level Information: information about a single individual sufficient to identify that individual, which may be but which is not necessarily tied to, Registration Information.
- Personal Information includes the following types of information:
- Registration Information: information a patient provides about him/herself when registering for and/or purchasing ProveIt! Services (e.g. name, email, address, user ID and password, and payment information, as applicable).
- Self-Reported Information: all information about oneself that a person enters into surveys, forms, or features while signed in to one's ProveIt! account, including health-related information and other information.
- Web Behavior Information: information on how a person uses the ProveIt! website (e.g. browser type, domains, page views) collected through log files, cookies, and web beacon technology.
- Service or Services: ProveIt!'s products, software, mobile applications, and website (including but not limited to text, graphics, images, and other material and information) as accessed from time to time by the user, regardless if the use is in connection with an account or not.
The following are ProveIt!’s core privacy principles:
- ProveIt! collects and handles information (i) to provide, analyze and improve ProveIt!’s Services, as ProveIt! reasonably believes is permitted by laws and regulations, including for marketing and advertising purposes; (ii) to protect the security and safety of the company, its employees, and its customers, as ProveIt! reasonably believes is permitted by laws and regulations; (iii) to comply with laws and regulations ProveIt! is subject to; and (iv) for research purposes, the results of which could be used to further combat the Opiod Crisis (provided that only Aggregate Information or Anonymized Information will be provided to any third-party without a person's explicit consent).
- ProveIt! will not sell, lease, or rent a person's Individual-Level Information to any third-party for any reason without that person's explicit consent.
- ProveIt! understands and respects the sensitive nature of the information a person may provide to ProveIt!, including information about said person's medical history. To that end, ProveIt! strives to be transparent in its collection, use, and disclosure of this information and to ask for a person's explicit consent to share such sensitive information with third-parties. Please see below to learn more about ProveIt!’s sharing and consent practices.
- ProveIt! is committed to providing a secure and safe environment for ProveIt!’s Services.
- What Information ProveIt! Collects
- Information A Person Provides Directly to ProveIt!
- Registration Information. When a person registers an account with ProveIt!, creates a login in connection with ProveIt!’s Services, or purchases ProveIt!’s Services, ProveIt! collects personal information, such as a person's name, date of birth, billing and shipping address, payment information (e.g., credit card), and contact information, such as a person's email and phone number.
- Self-Reported Information. Any person has the option to provide ProveIt! with additional information about him/herself through surveys, forms, features or applications. For example, a person may provide ProveIt! with information about his/her medical history.
- Blogs. ProveIt!’s website may offer links to publicly accessible blogs, social media sites, or community forums. Each user should be aware that any information he/she provides in these areas may be read, collected, and used by others who access them. Please note that whenever you post something publicly, it may sometimes be impossible to remove the information, for example, if someone has taken a screenshot of your posting. Please exercise caution before choosing to share personal information publicly on blogs, social media sites, community forums, or in any other posting. Note also that you may be required to register with a third-party application to post a comment. To learn how the third-party application uses your information, please review their privacy statement.
- Third-party services (e.g., social media). If a person uses a third-party site, such as Facebook or Twitter, in connection with ProveIt!’s Services to communicate with another person (e.g., to share information from ProveIt!’s website), then in addition to that person's name and contact information, ProveIt! may also collect other information (e.g., a person's profile picture, network, gender, username, user ID, age range, language, country, friends lists, or followers) depending on said person's privacy settings on the third-party site. ProveIt! does not control third-party site's information practices, and encourages users to review their privacy policies and the user's settings on those sites carefully.
- Customer service. When a person contacts ProveIt! to correspond about ProveIt!’s Service, ProveIt! may collect information to track and respond to said person's inquiry, investigate any breach of ProveIt!’s Terms of Service, Privacy Statement, or applicable laws or regulations, and analyze and improve ProveIt!’s Services.
When a person accesses ProveIt!’s Service by or through a mobile device, ProveIt! may receive, collect, and/or store a unique identification number associated with said person's device or ProveIt!’s mobile application, mobile carrier, device type, model and manufacturer, mobile device operating system brand and model, phone number, and, depending on a person's mobile device settings, a person's geographical location data, including GPS coordinates (e.g. latitude and/or longitude) or similar information regarding the location of said person's mobile device.
- Other Types of Information. ProveIt! is always working to enhance its Services with new products, applications, and features that may result in the collection of new and different types of information. ProveIt! will update its privacy statement, as needed.
- Open a person's account, process payments, communicate with a person, and implement his/her requests;
- Host ProveIt!’s website, run ProveIt!’s mobile application(s), authenticate a person's visits, provide custom, personalized content and information, and track a person's usage of ProveIt!’s Services;
- Conduct analytics to improve and enhance ProveIt!’s Services;
- Offer new products or services to a person;
- Implement online marketing campaigns and to measure the effectiveness of marketing and targeted advertising;
- Conduct surveys or polls, and obtain testimonials;
- Process and deliver testing results;
- Perform research and development activities, which may include, for example, conducting data analysis and research in order to develop new or improve existing products and Services, and performing quality control activities.
- ProveIt! uses mobile analytics software to allow ProveIt! to better understand the functionality of mobile applications and/or software on a person's phone or other mobile device. This software may record information such as how often a person uses the application, the events that occur within the application, aggregated usage, performance data, and where the application was downloaded from. ProveIt! does not link the information ProveIt! stores within the analytics software to any personally identifiable information a person submits within the mobile application.
- When Consent Is Provided, ProveIt! May Use A Person's Individual-Level Information for Research. ProveIt! may provide a person the opportunity to participate in ProveIt! Research. “ProveIt! Research” refers to research that utilizes a person's Individual-Level Information that is aimed at publication in peer-reviewed journals, research funded by the federal government, and/or research that may be sponsored by, conducted on behalf of, or in collaboration with third-parties, such as non-profit foundations, academic institutions or pharmaceutical companies. ProveIt! Research may study a specific group or population, identify potential areas or targets for curbing the Opiod Crisis, conduct or support the development of devices to diagnose, predict, or treat medical or other health conditions, work with public, private, and/or non-profit entities on Opiod Crisis prevention, or otherwise create, commercialize, and apply new knowledge to improve health care. ProveIt! Research will only use Individual-Level Information for research as provided in consent documents provided by ProveIt! at the time such consent is sought. Without a person's explicit consent, ProveIt! will only use Aggregate Information and/or Anonymized Information for research.
- ProveIt! Shares Information with Third-Parties.
- General Service Providers. ProveIt! shares the information described Section 3 with its service providers, as necessary to provide their services to ProveIt!. Service providers are third-parties (other companies or individuals) that help ProveIt! to provide, analyze, and improve ProveIt!’s Services. NOTE: Our service providers act on ProveIt!'s behalf. While ProveIt! implements procedures and contractual terms to protect the confidentiality and security of a person's information, ProveIt! cannot guarantee the confidentiality and security of a person's information due to the inherent risks associated with storing and transmitting data electronically.
- Other Third Parties. ProveIt! may share Aggregate Information and/or Anonymized Information with third-parties. This Aggregate Information is different from Individual-Level information. Individual-Level Information consists of data about a single individual's medical history or other traits/characteristics information. For example, Aggregate Information may include a statement that “30% of users between the ages of 25 and 30 share a certain proclivity to opioid overdose,” without providing any data or testing results specific to any individual user. ProveIt! will ask for a person's consent to share Individual-Level Self-Reported Information with any third-party other than ProveIt!’s service providers as necessary for ProveIt! to provide the Services to its users.
- As Required by Law. Under certain circumstances a person's information may be subject to disclosure pursuant to judicial or other government subpoenas, warrants, or orders, or in coordination with regulatory authorities. ProveIt! may be required to disclose personal data in response to lawful requests by public authorities, including to meet national security or law enforcement requirements. ProveIt! will preserve and disclose any and all information to law enforcement agencies or others if required to do so by law or in the good faith belief that such preservation or disclosure is reasonably necessary to (a) comply with legal or regulatory processes (such as a judicial proceeding, court order, or government inquiry) or obligations that ProveIt! may owe pursuant to ethical and other professional rules, laws, and regulations; (b) enforce the ProveIt! Terms of Service and other policies; (c) respond to claims that any content violates the rights of third-parties; or (d) protect the rights, property, or personal safety of ProveIt!, its employees, its users, its clients, and the public. In the event of items (a) through (d) above, ProveIt! will notify its users through the contact information its users have provided to ProveIt! in advance, unless doing so would violate the law or a court order. NOTE: If a person is participating in ProveIt! Research, ProveIt! will withhold disclosure of a person's personal information involved in such research in response to judicial or other government subpoenas, warrants or orders in accordance with any applicable Certificate of Confidentiality that ProveIt! has obtained from the National Institutes of Health (NIH). There are limits to what the Certificate of Confidentiality covers so please visit the Certificates of Confidentiality Kiosk( http://grants.nih.gov/grants/policy/coc/index.htm).
*Last Modified: June 5, 2018.
- Important Information
- Security Measures. ProveIt! takes seriously the trust a person places in it. To prevent unauthorized access or disclosure, to maintain data accuracy, and to ensure the appropriate use of information, ProveIt! uses a range of physical, technical, and administrative measures to safeguard a person's Personal Information. In particular, all connections to and from ProveIt’s website are encrypted using Secure Socket Layer (SSL) technology, and data at rest encryption is utilized. Please recognize that protecting a person's Personal Information is also said person's responsibility. ProveIt! asks each user to be responsible for safeguarding his/her password and other authentication information he or she uses to access our Services. A person should not disclose his/her authentication information to any third-party and should immediately notify ProveIt! of any unauthorized use of a person's password. ProveIt! cannot secure Personal Information that a person release on said person's own or that a person requests ProveIt! to release. Any information collected through the Service may be stored and processed in the United States or any other country in which ProveIt! or its subsidiaries, affiliates, or service providers maintain facilities; therefore, a person's information may be subject to the laws of those other jurisdictions which may be different from the laws of said person's country of residence.
- Linked Websites. ProveIt! provides links to third-party websites operated by organizations not affiliated with ProveIt!. ProveIt! does not disclose a person's information to organizations operating such linked third-party websites. ProveIt! does not review or endorse, and is not responsible for, the privacy practices of these organizations. We encourage each user to read the privacy statements of each and every website that he ore she visits. This Privacy Statement applies solely to information collected by ProveIt!.
- Children's Privacy. ProveIt! is committed to protecting the privacy of children as well as adults. Neither ProveIt! nor any of its Services are designed for, intended to attract, or directed toward children under the age of 13. A parent or guardian, however, may consent to the use of Services on behalf of a child under the age of 13, create an account for, and provide information related to, his or her child. The parent or guardian assumes full responsibility for ensuring that the information that he/she provides to ProveIt! about his or her child is kept secure and that the information submitted is accurate.
- Changes to this Privacy Statement. ProveIt! reserves the right, at any time and without notice, to add to, change, update, or modify this Privacy Statement, simply by posting such change, update, or modification on the website, mobile application, and/or account login pages and without any other notice to others. Any such change, update, or modification will be effective immediately upon posting.
- Contact Information. If you have questions about this Privacy Statement, please email email@example.com.