- Information We Collect and How We Collect It
We may collect the following information from and about users of our Services:
Information you provide to us. We may collect information you provide to us directly – for example, when you create a User Account, submit feedback, answer research questions, interact with 24/7 DCT customer support, or use the Services. This includes contact information, such as name, home and billing address, email address, and telephone number; demographic information such as date of birth, gender, race/ethnicity; payment details like billing address and credit or debit card number (for payment purposes only); identity-verification information; health-related information, such as information about your medical history, medical conditions, treatment options, physician referrals, prescriptions, lab results, lifestyle and personal preferences, health insurance information, or other related health information, such as your physical and emotional characteristics; other information, such as Social Security Number, audio, images, and video of you; log-in credentials (if you create a User Account); and any other information you choose to provide to us about yourself or others. Note: if you choose to allow other apps on your device to share information with our Services, we may collect information from those other apps (for example, photos, health information, and/or audio clips).
Information about your use of the Services. We may collect information related to your use of and interaction with the Services, such as communications with Providers through the Services, whether you are a current user, product interests, User Materials, and information related to your inquiries or requests.
Information we collect automatically. When you interact with the Services, we may automatically collect information such as traffic data, logs, referring/exit pages, web page requests, location data, frequency and/or date and time of your activities on the Services, error information, clickstream data, IP address, usage data, and information about your Internet connection, device (such as a mobile device ID), connection speed, operating system, and/or browser. We may also collect information about your online activities over time and across third-party websites or other online services. Some of this data is collected using cookies and similar technologies. To learn more about these technologies and your choices regarding them, please see the section below titled “Your Data Choices”.
Information we receive from social media services and other sources. We may collect information about you if you use any of the other websites we operate or the other services we provide. We may collect information from public sources, advertisers, partners, and other third parties (such as third party intermediaries, including Providers and the Pharmacies). We may also collect information about you through a social media or other third-party account, such as Facebook or Google (each, a “Third-Party Account”). For example, if you access the Services or create a User Account through a Third-Party Account, you may allow us to have access to certain information in your Third-Party Account. This may include your name, profile picture, gender, networks, user IDs, list of friends, location, date of birth, email address, photos, videos, people you follow and/or who follow you, and/or your posts or “likes.” Social media sites and other third-party sites, such as Facebook and Google, have their own policies for handling your information. For a description of how these sites may use and disclose your information, including any information you make public, please consult the sites’ privacy policies. We have no control over how any third-party site uses or discloses the personal information it collects about you. We may combine information we receive from social media services and other sources with other information we collect from and about you.
- How We Use Your Information
We may use the information we collect in the following ways:
- To provide, maintain, improve, manage and optimize our Services.
- To facilitate the provision of telehealth services to you by the Medical Groups and its Providers, the Labs, the Pharmacies and/or other health care providers, including for purposes of treatment, case management, patient engagement, medication management, and coordination of care, and to ensure that such Medical Groups, Providers, Labs, Pharmacies and/or other health care providers have the services and support necessary for health care operations.
- To communicate with you about the Services, your use of the Services, including by responding to your inquiries and requests and providing customer support or by sending you communications on behalf of your Provider and other health care providers to meet your needs.
- To verify your identity and administer your User Account.
- To process your payments and fulfill your orders.
- To research and analyze the effectiveness and functionality of our Services and better understand our user base. If we publish or provide the results of this research to others, such research will be presented in a de-identified and aggregate form such that individual users cannot be identified, unless you give us your consent to be identified.
- To implement security features.
- To provide you with technical support and customer service and troubleshoot any technical issues or errors.
- In accordance with applicable legal requirements, advertise and market our Services and those of our third-party partners to you, including on third-party websites (subject to any opt-out preferences you have communicated to us).
- To personalize the Services, including engaging in analysis and research regarding use of the Services to better understand your interests and needs and measuring the effectiveness of advertising and content we serve to you and others to deliver and customize relevant advertising and content to you.
- To comply in good faith with our policies and any procedures, laws, and regulations which apply to us where it is necessary for our legitimate interests or the legitimate interests of others.
- To protect the safety, rights, property or security of 24/7 DCT, our users, employees, third parties, members of the public and/or our Services.
- For any other purpose with your consent.
We may aggregate, de-identify and/or anonymize any information collected through the Services so that such information is no longer reasonably capable of being associated with you. We may use aggregated or anonymized information for any purpose, including for research and marketing purposes, and we may also share such information for any purpose with any third parties, at our discretion.
- How We Disclose Your Information
We may disclose your personal information under the following circumstances:
- To our employees and other personnel to provide you with the Services, provide customer support, and for similar purposes.
- Among our subsidiaries and affiliates, including our ultimate holding company and its subsidiaries, for business purposes.
- To third party service providers with which we contract to help us deliver our Services and perform certain business and administrative functions, such as customer service, email management, payment processing, analytics, legal services, auditing, hosting the Services, and IT support (“Service Providers”). These Service Providers may also include the Medical Groups and its Providers, and other health care organizations, the Labs, and the Pharmacies.
- To our vendors that provide services to enable us to promote and advertise the Services and the products and/or services offered via the Services, such as ad platforms or ad-retargeting services, as well as to comply with contact removal requests or requirements, such as mailing list removal services, do not call registries, and similar services.
- To the Medical Groups and its Providers, the Pharmacies or the Labs to enable them to provide health care and related services to you via the Services, including (i) to schedule and fulfill appointments, (ii) to enable the sending of messages through our Services, and (iii) for other treatment, payment or health care operations purposes, including pharmacy and laboratory services.
- If we sell, transfer, or otherwise share some or all of our assets with a third party in the event of a merger, sale, divestiture, restructuring, reorganization, dissolution, or other similar transaction, or in the event of bankruptcy, if your information is among the assets transferred. We may also share your information in diligence leading up to a potential corporate transaction.
- Where we have your consent or you have otherwise directed us to do so. For example, if you request us to share your information with a third party, you have consented to this disclosure.
- Your Data Choices
Cookies and similar technologies. When you interact with the Services, we (and third parties acting on our behalf) may automatically collect certain information about your browser, device, and use of the Services through cookies, pixel tags, web beacons, local storage, and other similar technologies. Cookies are small text files stored on your browser or device, which allow us to provide certain features of the Services, personalize your user experience, and advertise our Services to you.
Tailored advertising. We may engage third parties to serve tailored advertisements for our Services on our behalf on third-party websites and applications.
“Do Not Track” signals. “Do-not-track” (“DNT”) is a setting offered by some web browsers. DNT signals are not yet uniform, so we, like many other website operators, do not currently recognize or respond to DNT signals.
Location information. You can choose whether or not to allow our Services to collect real-time information about your device’s location through the device’s privacy settings. If you do not authorize us to collect location information, some parts of our Services may be inaccessible or not function properly.
Social media and other Third-Party Accounts. To control the information you share with us when you follow us, like our posts, or otherwise interact with us on social media, you can adjust your social media account settings related to how your information is shared. If you access the Services or create a User Account through a Third-Party Account, please consult the settings in the applicable Third-Party Account to control how the provider of the Third-Party Account shares information with us.
Push notifications: If your device is configured to receive push notifications, we may send you push notifications. If you no longer wish to receive these types of communications, you may turn them off through your device settings.
Other choices. You can review and change certain of your information by logging onto our Services and visiting your User Account. Depending on your jurisdiction of residence, you may have certain rights to access, delete, or correct your information. Your rights will be subject to applicable exceptions, and we will need to verify your identity before processing your request. If you would like to submit a request relating to your data, please email us at email@example.com
Please note that if you delete your User Account, medical providers, including Providers, and other affiliates may still have the right to retain information under applicable law, regulations, or their own retention policy. We may not accommodate a request to change information if we believe the change would violate any law or legal requirement or cause the information to be incorrect.
- Protected Health Information
When you set up a User Account with 24/7 DCT, you are creating a direct customer relationship with 24/7 DCT that enables you to access and/or utilize the Services. As part of that relationship, you provide information to 24/7 DCT, including but not limited to, your name, email address, shipping address, phone number and certain transactional information that are not “protected health information” or “medical information.”
The Medical Groups and its affiliated Providers have adopted a Medical Group Notice of Privacy Practices that describes how they use and disclose PHI. By accessing or using the Services to interact with a Medical Group and/or Provider, you acknowledge that you have received and agreed to the Medical Group Notice of Privacy Practices from your Medical Group and/or Provider(s).
Where 24/7 DCT collects, uses, and discloses Protected Information on behalf of your Medical Group or Provider, such processing on behalf of your Medical Group or Provider shall be consistent with the Medical Group Notice of Privacy Practices and as permitted in 24/7 DCT’s agreements with the Medical Groups or Provider, except to the extent you have expressly authorized additional uses and disclosures. We may use PHI for purposes of treatment, payment, and health care operations, including to communicate with you, to provide requested services, to provide information to your Medical Groups or Providers, pharmacies, and insurers, to obtain payments for our services, and to communicate with your Medical Groups or Providers, pharmacies, and benefits program. We may combine your PHI with other information about you, including information from other sources, such as from your Medical Groups or Providers, pharmacies, insurers or benefits program, in order to maintain an accurate record of our users. We may use your PHI to contact you for any services or products offered by 24/7 DCT or the Medical Groups.
- Data Retention
We keep your information for the time necessary for the purposes for which it is processed. The length of time for which we retain information depends on the purposes for which we collected and use it and your choices, after which time we may delete and/or aggregate it. We may also retain and use this information as necessary to comply with our legal obligations, as necessary for our legitimate business interests, to resolve disputes, and to enforce our agreements.
- Data Security
We have implemented measures designed to secure your information from accidental loss and from unauthorized access, use, alteration, and disclosure. We use encryption technology for information sent and received by us. However, transmitting information via the Internet is not completely secure, so although we take steps to protect your information, we cannot guarantee complete security. You share information with us at your own risk.
The safety and security of your information also depends on you. Where we have given you (or where you have chosen) a password that enables you to access certain parts of our Services, you are responsible for keeping this password confidential. We ask you not to share a password with anyone.
- Third Parties
- Minors’ Information
Our Services are not directed to children under the age of eighteen (18) without parental consent. We do not knowingly collect information for individuals under the age of 18 (including, for children under the age of 13, “personal information” as defined in the U.S. Children’s Online Privacy Protection Act) without the verifiable consent of that child’s parent or guardian. If we learn that we have received any information for an individual under the age of 18, we process and delete that information as required by applicable law. If you are aware of a child providing personal information to us without parental consent, please contact us using the information below.
- Additional Information for California Residents
11.1. Categories of Personal Information 24/7 DCT Collects
- Identifiers such as name, phone number, mailing address, email address, and User Account information (such as username and password), IP address, online identifiers, and device identifiers;
- Financial information such as payment card number, and insurance information such as insurance policy number, if you use insurance to purchase a Service or product;
- Health and medical information, such as your medical history and information we derive from health symptoms and health information;
- Protected characteristics such as your age, gender, religion, race and ethnicity;
- Commercial information such as purchase history;
- Internet or other electronic network activity information such as information about domain names, landing pages, browsing activity, content or ads viewed and clicked, dates and times of access, pages viewed, forms you complete, search terms, and uploads or downloads;
- Professional or employment-related information such as the name and address of the company you work for, in connection with insurance requests;
- Audio and visual information, such as audio, video, and images of you;
- Geolocation information such as your precise or approximate location; and
- Other personal information, such as date of birth and any other personal information you share with us.
11.2. Using and Sharing Personal Information
We may use any of the categories of personal information for the purposes stated in Section 3 above with the third parties listed below, to provide you with the Services, and to other parties with your consent. We share your personal information with the following affiliated and non-affiliated parties, for any of the purposes in Section 3 above:
- Our affiliates.
- Service Providers (as defined above and in the CCPA) that provide us with services to support our operations, such as customer service, email management, analytics, and IT providers.
- A third party, including another company, during the negotiations for and if we undergo a merger, acquisition, bankruptcy, or other transaction in which that third party assumes control of our business (in whole or in part).
- Government authorities and law enforcement, if we are required to disclose personal information in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.
- Other third parties, for purposes of fulfilling our legal obligations under applicable law, regulation, court order, or other legal process, such as preventing, detecting, and investigating security incidents and potentially illegal or prohibited activities; protecting the rights, property, or safety of you, us, or another party; enforcing any agreements with you; responding to claims; and resolving disputes.
- With your consent, or as otherwise directed by you.
The CCPA sets forth certain obligations for businesses that “sell” (as defined in the CCPA) personal information to third parties. Based on our understanding of the definition of “sell,” we do not “sell” your personal information and have not done so in the prior 12 months from the effective date of this Policy.
11.3. Your CCPA Rights
If you are a California resident, the CCPA allows you to make certain requests about your personal information. Specifically, the CCPA allows you to request us to:
- Inform you about the categories of personal information we collect or disclose about you; the categories of sources of such information; the business or commercial purpose for collecting your personal information; and the categories of third parties with whom we share/disclose personal information;
- Provide access to and/or a copy of certain personal information we hold about you;
- Delete certain personal information we hold about you; and
- Provide you with information about the financial incentives that we offer to you, if any.
The CCPA further provides you with the right not to be discriminated against (as provided for in applicable law) for exercising your rights. Please note that certain information may be exempt from such requests under California law. For example, we need certain information in order to provide the Services to you.
For security and legal reasons, we reserve the right to refuse requests that require us to access third-party websites or services. We also reserve the right to verify your identity to our satisfaction before responding to your request. When verifying requests, our verification standards vary depending on the sensitivity of the request. If we cannot verify your identity, we may deny your request. In some cases, we may require additional information, in which case we will contact you.
- Contacting Us