This Privacy Policy (“Privacy Policy”) explains how Zerigo Health, a Delaware corporation with company offices in San Diego, CA, including and any of its subsidiaries and affiliates, (“hereinafter referred to as “Zerigo Health” or “We”) collects information, from Users (hereinafter referred to as “User(s),” or “You,” “Your”) of (a) any Zerigo Health websites, web page(s) and/or landing page(s), including, without limitation, the Zerigo Health website at www.zerigohealth.com, (all of which are hereinafter referred to as “Zerigo Health’s Websites”) as well as those that relate in any way to the Zerigo Health Home Light Therapy Handheld Device (the “Zerigo Health Device”), (b) the Zerigo Health Mobile Application (“the Zerigo Health Mobile App”) and all other mobile applications owned and/or operated by or on behalf of Zerigo Health. The Zerigo Health Mobile App, the Zerigo Health Device, and ZerigoCare Guide services are collectively referred to herein as “the Zerigo Health System.” Zerigo Health’s Websites and the Zerigo Health Mobile App are referred to individually and collectively as “Zerigo Health’s Websites and/or Apps”.In addition to explaining how Zerigo Health collects information about you, this Privacy Policy also describes how Zerigo Health stores, uses, protects, and discloses information collected on Zerigo Health’s Websites and/or Apps and through the Zerigo Health System, as well as from the User’s physician and/or other health care provider, employers, and insurers.Before accessing, visiting, and using Zerigo Health’s Websites and/or Apps and/or providing Zerigo Health with any personal information as described in this Privacy Policy, you acknowledge that you have read, understand, and agreed to all of the terms and conditions set forth in this Privacy Policy. Zerigo Health reserves the right, at any time and in its sole discretion, to modify or change this Privacy Policy.The definitions and defined terms contained in the Zerigo Health Website and Mobile Application’s Terms of Use (hereinafter referred to as “Terms”) are incorporated herein by reference and available at: https://www.zerigohealth.com/terms-of-use.
HOW ZERIGO HEALTH COLLECTS INFORMATION ABOUT YOU
For the reasons set forth below, Zerigo Health collects information about you (including identifiable and non-identifiable data) through your access to and/or use of Zerigo Health’s Websites and/or the Zerigo Mobile App, including, without limitation, (i) information you provide while using Zerigo Health’s Websites and/or the Zerigo Health Mobile App,including during online chat sessions, (ii) information you disclose to a ZerigoCare Guide or other Zerigo Health personnel, (iii) information you disclose to your physician and/or other health care provider, and/or (iv) information input by your physician and/or other health care provider through the Zerigo Health Physician Portal.When you use Zerigo Health’s Websites and/or Apps, as well as the Zerigo Health System, Zerigo Health collects information about your use. For example, Zerigo Health may use a software tool that makes a record of your activity on Zerigo Health’s Website or landing pages. Zerigo Health may also use “cookies”, “pixels” and/or other types of files or software code when you access Zerigo Health’s Websites and/or App to collect IP addresses, device type, device identifiers, browser types, browser language, web pages accessed, URLs, platform type, the clicks, domain names, landing pages, the amount of time spent on particular pages, the date and time of activity on Zerigo Health Websites, and other similar information. Zerigo Health may associate this information with your User ID for our internal use only. If you so desire, you may adjust the settings on your web browser to limit the type of cookies allowed.If you acquire and use the Zerigo Health System, Zerigo Health collects personal information, including Protected Health Information (“PHI”) and other information about you, through your use. In addition, Zerigo Health collects PHI and other information about you through your communication with ZerigoCare Guides (as more fully described in the Terms of Use), from your physician and/or other health care providers.The Zerigo Health Mobile App accesses other software, functions and features of your smart phone or other authorized device that are necessary for the operation of the Zerigo Health Device including, without limitation, the camera, microphone, calendar, messaging, and email functions.
THE TYPE OF INFORMATION ABOUT YOU THAT ZERIGO HEALTH COLLECTS
1. Protected Health Information (PHI)
Zerigo Health may create, collect, receive, maintain, store, transmit, disclose and/or use PHI about you. Your PHI may include, without limitation, the following: (i) the identity of physicians and/or other health care providers that have examined and/or treated you, (ii) diagnostic and symptom information about you including, without limitation, any skin conditions such as psoriasis, eczema, or vitiligo, (iii) prescriptions, treatment plans and treatment protocols applicable to your skin conditions, (iv) medical imaging and photographs providing information about your skin conditions, including photographs of your treatment progress that you take using the camera on your smart phone, (v) laboratory and other test results relating to your skin conditions, (vi) information about your use of the Zerigo Health System (vii) information you input into Zerigo Health’s Websites and/or the Zerigo Health Mobile App, (viii) information you disclose to a ZerigoCare Guide or other Zerigo Health personnel, (ix) information you disclose to your physician and/or other health care provider about your symptoms, diagnoses and treatment progress before, during, and/or after your use of the Zerigo Health System, (x) information about your treatment experience and outcomes during and/or after using the Zerigo Health System, (xi) information obtained from other third parties including insurance providers and employers.In most instances, when Zerigo Health creates, collects, receives, maintains, stores, transmits, discloses and/or uses your PHI, we are doing so for the purposes of treatment. For example, your physician or other health care provider may send us your prescription or may provide you with a hard copy prescription that you provide to Zerigo Health. We may communicate with your physician if he or she makes any changes to your treatment plan or treatment protocol.
2. Personal Information
The personal information, including PHI, about you that Zerigo Health collects and stores may include, without limitation, your full name, email addresses, physical addresses, age, date of birth, Zerigo Health App username and password, phone numbers, employer, social security number, gender, geographic information, health insurance plan information (including, insurance identification numbers) device identifiers, and other information that you provide when you are using Zerigo Health Websites and/or the Zerigo Health Mobile App, communicating with Zerigo Health personnel, and/or that you provide to your physician and/or health care providers which they then communicate to Zerigo Health. In addition, when you access the Zerigo Health Mobile App, Zerigo Health may access or collect other information through your device’s camera functions including photographs selected by You, and Your location information. Zerigo Health may also collect your devices’ identification information, including MAC addresses and IP addresses.
3. Zerigo Health Device User Support Information
Zerigo Health may collect and store: (i) the contact information you provide to Zerigo Health personnel including the ZerigoCare Guides, (ii) information about your use of the Zerigo Health Websites and/or Apps, and the Zerigo Health System, (iii) identification information such as your user ID and password, (iv) any of the other types of information described above in this Privacy Policy, and (v) notes, recordings, and/or communications between you and Zerigo Health personnel.
4. Text Message and Similar Notifications
Zerigo Health may collect and store the information you provide, including your telephone number, and may send text message notifications directly to your mobile device. Text message communications require the use of public networks and/or third-party service providers. Zerigo Health may send text messages to your mobile device to provide You with information about the Zerigo Health System, the Zerigo Health Mobile App, and/or information about other Zerigo Health products or services. You are able to manage delivery of text messages from your text application or from your device’s settings.
5. Technical and Usage Information from Your Devices
Zerigo Health may collect and store information about your mobile device or your computer system, including MAC address, IP address and mobile device ID. Zerigo Health may also collect usage statistics about your interactions with Zerigo Health’s Websites and/or Apps. This information is typically collected through the use of server log files or web log files (“Log Files”), mobile device software development kits and tracking technologies like browser cookies to collect and analyze certain types of technical information. In addition, as described above, Zerigo Health may retain a record of your activity on Zerigo Health’s Websites and the information viewed.WHERE ZERIGO HEALTH STORES INFORMATION ABOUT YOUAll or some portion of Your personal information, including PHI, and other information about You as described above may be stored on (i) the Zerigo Health Device, (ii) Your computer, or mobile device that You use to access Zerigo Health’s Websites or and/or the Zerigo Health Mobile App, and (iii) Zerigo Health’s information network, including, without limitation, “cloud” storage providers.HOW ZERIGO HEALTH USES INFORMATION ABOUT YOUZerigo Health uses your PHI, and the other information collected about you as described above, for a variety of purposes as permitted by, required by, and/or in accordance with applicable law, including, but not limited to, the following:
1. In connection with your physician’s and/or other health care provider’s treatment of you;
2. To provide You with information, and to answer any questions that you may have, about the Zerigo Health Mobile App, the Zerigo Health Device, the Zerigo Health System and/or other medical devices, products and/or services which are, or may be, offered or sold by Zerigo Health;
3. To obtain a prescription from your physician and/or other health care provider so that you may acquire and use the Zerigo Health System;
4. To provide you with information as needed for you to acquire and use the Zerigo Health System;
5. To assist you in obtaining reimbursement from health insurers for your use of the Zerigo Health System although Zerigo Health has no control over insurers’ coverage decisions;
6. To obtain information from you about your medical condition and treatments;
7. To manage the operation of the Zerigo Health System and the Zerigo Health Mobile App;
8. To make improvements to the Zerigo Health System, the Zerigo Health Mobile App, and/or other Zerigo Health products and/or services;
10. In a de-identified format for the purposes of clinical research in compliance with applicable law;
11. In an identifiable format if authorized by you for use within clinical research, in compliance with applicable law;
12. To communicate with you about the Zerigo Health System, the Zerigo Health Mobile App, and/or other products or services offered by Zerigo Health;
13. For internal quality assessment, business improvement, and product development;
14. For customer service trending and analysis;
15. For patient treatment adherence, longitudinal efficacy studies, and retention analysis;
16. For treatment, payment, or health care operation purposes as defined in HIPAA; and/or
17. For any other purpose not prohibited by applicable law.
HOW ZERIGO HEALTH DISCLOSES INFORMATION ABOUT YOU
Permitted Sharing of Your Personal Information
Zerigo Health may disclose your PHI and/or other information about you, as described above, as permitted by, required by, and/or in accordance with applicable law including, without limitation: (a) to your physician and/or other health care provider; (b) to persons and/or entities, authorized by you in writing to receive such information , such as your health insurer; and (c) to third parties who perform services on Zerigo Health’s behalf. Zerigo Health will not sell or rent Your personal information to any other company or organization.
Sharing Personal Information with Your Health Care Provider
Zerigo Health discloses information about your use of the Zerigo Health System and the Zerigo Health Mobile App to your physician and/or other health care provider including progress reports, treatment adherence and, if provided, photographs of your treatment sites.
Sharing Personal Information with Third Parties
To facilitate the provision of services, Zerigo Health may share some personal information, including PHI, with third parties that we engage to perform services or functions on our behalf. For example, Zerigo Health may use vendors to ship You the Zerigo Health Device. To facilitate the shipping of the device, Zerigo Health will provide the shipping vendor with Your name and address. When Zerigo Health shares Your personal information with our third-party partners, we do not authorize them to use, share or disclose Your personal information with others for purposes other than the provisions of services that they have been retained to provide.
De-Identified and Aggregate Data
Once personal information, including PHI, has been fully de-identified so that it cannot be tied to any specific individual, it is no longer considered personal information or PHI. Zerigo Health de-identifies personal information and compiles this data to create anonymous aggregate statistics. This aggregate data is used to help Zerigo Health to continually improve the user experience and to better understand the efficacy of the Zerigo Health System in the treatment of medical conditions.
Zerigo Health may disclose de-identified treatment information to third parties to the extent not prohibited by applicable law.
Disclosure Required Under Law
Zerigo Health may disclose or report information about you as permitted by, required by, and/or in accordance with applicable law: (i) if we have a good faith belief that we are required to disclose the information in response to legal process (for example, a court order, search warrant or subpoena); (ii) to comply with applicable laws, (iii) if we believe that Zerigo Health’s Websites and/or Apps are being used to commit a crime, including, without limitation, to report such criminal activity or to exchange information with other companies and organizations for the purposes of fraud protection and credit risk reduction, (iv) if we have a good faith belief that there is an emergency that poses a threat to the health or safety of a person or the general public, and/or (v) in order to protect the rights or property of Zerigo Health.
If Zerigo Health sells all or a portion of our business, we may transfer all of your information that we collect as described above including, without limitation PHI, and/or other information about you, to the successor organization as permitted by, and in accordance with, applicable law.
HOW ZERIGO HEALTH PROTECTS YOUR PERSONAL INFORMATION INCLUDING PHI
Zerigo Health protects the personal information it has collected about you, including PHI, by using industry standard security precautions against loss, unauthorized access, destruction, misuse, modification, or disclosure. Zerigo Health complies with the HIPAA Security Rule requirements applicable to medical device providers (as defined in HIPAA).
Even though Zerigo Health takes precautions to maintain the confidentiality of your information, it is important to keep in mind that any information that you provide via Zerigo Health’s Websites, the Zerigo Health Mobile App, by e-mail, text messaging (SMS and/or MMS), or by other means may not be secure and may be susceptible to third party interception. As a result, you understand and agree that you transmit information to us at your own risk, and that we are not liable for any data breaches. Please refer to the warranty disclaimer and limitation of liability provisions in the Zerigo Health Terms of Use.
You may be required to register for an account to access Zerigo Health Websites and/or the Zerigo Health Mobile App. You will be required to download the Zerigo Health Mobile App to your smart phone in order to be able to use the Zerigo Health System. You will be provided with or asked to create a username and password, and to provide information relevant to your account. You are responsible for securing the confidentiality of your username and password and any other account access credentials and/or information used to identify you. When choosing a password, select a combination of letters and numbers that isn’t likely to be guessed or discovered by someone. It is important that you protect and maintain the security of your account and that you immediately notify us of any unauthorized use of your account.
To help prevent unauthorized access, maintain data accuracy, and to protect against the inappropriate use of the information we collect, store, and transmit, Zerigo Health has implemented a range of technical, physical, and administrative safeguards. In accordance with HIPAA, and other applicable laws, we apply reasonable and appropriate measures to safeguard the confidentiality, integrity, and availability of all personal information, including PHI, that Zerigo Health uses, maintains, stores and/or discloses as part of the services it provides. However, as indicated above, no website, mobile application or internet transmission is completely secure. Unauthorized access, hacking, data loss, data breach, or other types of data misuse may occur. Accordingly, any transmission of your PHI, insurance information, and/or any other information about you provided by you, your physician, and/or other health care provider to Zerigo Health is at your own risk. You acknowledge and agree that Zerigo Health will not be liable for any harm or damage to you or anyone else for any unauthorized access, hacking, data loss, data breach, or other type of data misuse.
RIGHT OF ACCESS TO PHI ABOUT YOU THAT ZERIGO HEALTH MAINTAINS
You may choose to decline to share certain personal information with Zerigo Health. In addition, You may choose to revoke Your consent for Zerigo Health to use Your personal information for purposes other than those pertaining to your care and treatment, payment for services and other healthcare operations.
To exercise Your right to revoke consent, contact Zerigo Health, in writing, at:
Zerigo Health Privacy Officer
12651 High Bluff Drive, Suite 300
San Diego, CA 92130
Phone: 877-738-6041
Email: privacy@zerigohealth.com
You also have the right to access, inspect, and receive a copy of Your personal information maintained by Zerigo Health in Your designated record set. The exercise of this right is more fully explained in the Zerigo Health Notice of Privacy Practices. To exercise this right, submit a written request to Zerigo Health at the above contact and address. Zerigo Health may charge a reasonable, cost-based fee to cover the expense of providing the requested copies.
As described above, some of the PHI about you that Zerigo Health collects and stores originates from your physician and/or other health care provider in connection with their providing medical treatment to you, and through other written and/or oral communications relative to your medical treatment. Accordingly, Zerigo Health has no authority or means of permitting you to review and/or request changes of such information, and any such requests will have to be directed to the specific physician and/or other health care providers.
NOTICE OF MATERIAL MODIFICATIONS OR CHANGES TO OUR PRIVACY POLICY
Zerigo Health may make modifications or changes to this Privacy Policy from time to time. erigo Health may, but is not required to, send you notice of such modifications or changes by email, message and/or other written communication. You will be notified of modifications and changes to the Privacy Policy through a change in the Date of Last Revision at the top of the first page of this Privacy Policy. You should always check the Date of Last Revision at the top of this Privacy Policy prior to using Zerigo Health Websites and/or the Zerigo Health Mobile App to see if the Date of Last Revision has been changed. By continuing to use Zerigo Health’s Websites and/or the Zerigo Health Mobile App, after the Date of Last Revision, you agree on behalf of yourself, your minor child and/or any person or entity for whom you are acting to the terms of the revised Privacy Policy with all such modifications and/or changes, and that such revised Privacy Policy shall supersede and replace any prior version applicable to your prior use.
OUR POLICY TOWARD CHILDREN
Zerigo Health Websites and the Zerigo Health Mobile App are not intended for use by children under the age of 13. Zerigo Health does not intend to or knowingly collect any personal information regarding children under the age of 13 unless a parent or guardian approves such collection and provides such information on behalf of the child. Children under the age of 13 should not use the Zerigo Health Websites and the Zerigo Health Mobile App at any time, and only a parent or legal guardian should use the same on behalf of the child. If we learn that we have collected personal information, or PHI, directly from a child under the age of 13, we will delete such information. Notwithstanding the foregoing, Zerigo Health Websites and the Zerigo Health Mobile App may be used for the benefit of any minor child by the child’s parent(s) or legal guardian.
PRIVACY POLICIES OF LINKED SITES
Zerigo Health is not responsible for the privacy practices, security, or the content of any non-Zerigo Health websites or mobile apps that are linked to Zerigo Health’s Websites or the Zerigo Health Mobile App. If you have any questions about how these other websites or mobile apps use your information, you should review their policies and contact them directly. Zerigo Health is not responsible for the actions of third-party advertisers, service providers and/or any other third parties.
YOUR CALIFORNIA PRIVACY RIGHTS
Zerigo Health does not knowingly disclose to third parties any personal information about you as defined in Cal. Civ. Code Section 1798.83 for their use for direct marketing purposes. For further detail review the Cal. Civ. Code Section 1798.83, which sets forth rights held by California residents regarding privacy rights applicable to disclosures to third parties for direct marketing purposes. If you have any reason to believe that Zerigo Health may have made such a disclosure, you may request the information required by Section 1798.83 by contacting Zerigo Health in writing at the contact information provided above.
YOUR WRITTEN AUTHORIZATION RIGHTS
Certain uses or disclosures of your, your minor child, and/or any other person on whose behalf you are acting’s personal information, including PHI, may require your specific written authorization. You agree that your authorization may be effectuated by use of your electronic signature, including your electronic expression of your agreement on Zerigo Health’s Websites and the Zerigo Health Mobile App, to the fullest extent not prohibited by applicable law. If you change your mind after authorizing such a use or disclosure, you may submit a written revocation of the authorization to the above contact information. However, your decision to revoke authorization will not affect or undo any use or disclosure of information that occurred before you notified Zerigo Health of your decision to revoke your authorization.
COMPLAINTS OR QUESTIONS ABOUT PRIVACY POLICY
If you have any questions, comments, or complaints regarding your privacy rights or concern that your privacy rights may have been violated, contact Zerigo Health’s Privacy Officer, in writing, at the contact information provided above.
You will not be penalized or otherwise retaliated against for filing a complaint. To protect your privacy and security, we will also take reasonable steps to verify your identity before granting access or making corrections.
ACCEPTANCE OF THIS PRIVACY POLICY
THIS PRIVACY POLICY IS INCORPORATED INTO AND SUBJECT TO THE TERMS OF USE, AND BY ACCESSING, VISITING AND/OR USING ZERIGO HEALTH’S WEBSITE(S), THE ZERIGO HEALTH MOBILE APP, AND BY USING THE ZERIGO HEALTH SYSTEM, YOU REPRESENT AND WARRANT THAT YOU HAVE READ, UNDERSTOOD, ACCEPTED AND AGREED TO ALL OF THE TERMS AND CONDITIONS SET FORTH ABOVE IN THIS PRIVACY POLICY AND THE TERMS OF USE, ON BEHALF OF YOURSELF, YOUR MINOR CHILD (IF APPLICABLE), AND/OR ANY PERSON OR ENTITY FOR WHOM YOU ARE ACTING.