Services are Intended for Individuals within the United States.
Our Services are intended for individuals located within the United States. We do not knowingly collect any information from an individual located within the European Union or market to individuals residing in the European Union. By accessing the Services from the European Union or other regions of the world with laws governing data collection and use that may differ from U.S. law, you are consenting to the transfer of your personally identifiable information outside of those regions to the United States and acknowledge that you may not have the same protections.
We Collect Personal Information From and About You.
We collect information that you provide. We collect user-provided information. When you register for an account to use our Services or at any later time, you may provide certain personally identifiable and financial information such as: your name; password; age; gender; physician information, including the name of your primary care physician, cardiologist or prescribing physician and your physician’s order or prescription for you to receive our Services; email address; postal mailing address; zip code; credit or debit card number and expiration date; billing address; and home/mobile telephone number. We also collect health data about you through the use of our ECG monitoring device.
We collect device and mobile information. We collect device identifiers. We may also collect information about your location. QT Medical's servers may also automatically record certain information from your browser such as your Internet Protocol (IP) address, browser type, internet service provider (ISP), referring or exit pages, click stream data, operating system, and the dates and times that you visit our Website. This information is collected in order for us to provide Services; we do not sell this information to third parties.
Data, Diagnostic & Login Information. You may be able to create, upload, publish, transmit, distribute, display, store, submit or share information, data, text, graphics, messages or other materials using our Services (this is collectively referred to below as “Data”). This Data may be stored and maintained on our servers.
We Collect Information In a Variety of Ways.
We collect information directly from you. We collect information when you register for an account or use the Services. We collect information if you contact us through our Website or App.
We collect information about you passively. We use tracking tools like browser cookies, web beacons, and pixels. We do this on our website and in emails we send to you. We collect information about users over time when they use our Website and Services. This includes usage and browser information. We may have third parties collect Non-Protected health information (PHI) this way.
We Use Information As Disclosed and Described Here.
We use information to respond to your requests or questions. We use your information to respond to your questions. This includes questions about our Services or your relationship with us.
Health Information. We use your information for the provision, coordination or management of your health care, including consultations between health care providers relating to your care and referrals for health care from one health care provider to another. For example, copies of your ECG monitoring reports may be shared with your primary care physician or other treating practitioner pursuant to your request or otherwise as required by law. We may also disclose health information about you to other providers, or other doctors, nurses, technicians, health students, volunteers, or other personnel who are involved in taking care of you.
Payment Information. We use financial information to manage your account, to provide the Services, and to collect payment for the Services. We may use a third-party service provider to manage credit card processing. If we do so, such a service provider will not be permitted to store, retain, or use Billing Information except for the sole purpose of credit card processing on our behalf.
We use information to improve our products and services. We use your information to improve our Website and app. We use your information to customize your experience with us. We also use your information to serve you specific content that is most relevant to you.
De-Identified Information. We use aggregated, de-identified information to support our administrative, management or other business purposes. We may also use your information in a de-identified, anonymous way in conjunction with an analytics service to monitor and analyze use of the Services, for the Services’ technical administration, to increase the Services’ functionality and user-friendliness, to offer new or additional service lines and features, and to monetize business intelligence. We use de-identified information for commercial purposes for which we receive compensation from third parties.
According to Section 164.514(a) of the HIPAA Privacy Rule, we follow the standard for de-identification of protected health information (PHI) with the removal of 18 types of identifiers in 164.514(b)(2)(i):
(B) All geographic subdivisions smaller than a State, including street address, city, county, precinct, zip code, and their equivalent geocodes, except for the initial three digits of a zip code if, according to the current publicly available data from the Bureau of the Census:
(1) The geographic unit formed by combining all zip codes with the same three initial digits contains more than 20,000 people; and
(2) The initial three digits of a zip code for all such geographic units containing 20,000 or fewer people is changed to 000.
(C) All elements of dates (except year) for dates directly related to an individual, including birth date, admission date, discharge date, date of death; and all ages over 89 and all elements of dates (including year) indicative of such age, except that such ages and elements may be aggregated into a single category of age 90 or older;
(D) Telephone numbers;
(E) Fax numbers;
(F) Electronic mail addresses;
(G) Social security numbers;
(H) Medical record numbers;
(I)Health plan beneficiary numbers;
(J) Account numbers;
(K) Certificate/license numbers;
(L) Vehicle identifiers and serial numbers, including license plate numbers;
(M) Device identifiers and serial numbers;
(N) Web Universal Resource Locators (URLs);
(O) Internet Protocol (IP) address numbers;
(P) Biometric identifiers, including finger and voice prints;
(Q) Full face photographic images and any comparable images; and
(R) Any other unique identifying number, characteristic, or code, except as permitted by paragraph (c) of this section;
We Combine Information.
We combine information that we have collected offline with information we collect online. We combine information that we have collected from your healthcare providers and across other third party sites. We combine information collected across devices, such as computers and mobile devices. We also combine information we get from third parties with information we already have.
We May Share Information With Third Parties.
We share information with our business partners. We may share your information with companies that provide services to us, including outside contractors or agents who help us manage our information activities, but they may only use your information to provide us with a specific service and not for any other purpose. These third parties enter into agreements with us to protect your information.
Healthcare Providers. When you access the Services through a health care provider and permit access to such healthcare provider, the provider may access and use the information you submit through the Services so they can provide health-related services to you. We may sign agreements with such health care providers to help protect the privacy and security of your information. We may share your information with other healthcare providers who have a treatment relationship with you for treatment purposes.
We share non-personally identifiable information. We may de-identify information about you or aggregate it with other information from other users in a manner that cannot be used to identify you and share that information with other parties.
We will share information if we think we have to in order to comply with the law or to protect you or ourselves. We will share information to respond to a court order or subpoena. This includes but is not limited to, the sharing of your information for public health activities (e.g., to prevent or control disease, injury or disease), law enforcement reasons, coroners and medical examiners, national security and intelligence activities, lawsuits and disputes, inmate health reasons, or serious security threats. Note that genetic information, HIV-related information, and alcohol and/or substance abuse records, mental health records, and other specially-protected health information may enjoy special confidentiality protections under applicable state and federal law. Any disclosures we make for this information will be in accordance with applicable laws. We will also share information if a government agency or investigatory body requests it. This includes U.S. and non-U.S. law enforcement or regulatory authorities. We may also share information when permitted by law to protect our company, the Services, and our Website.
We may share information with a successor to all or part of our business, as permitted by law. If part of our business is sold, we may include user information as part of that transaction. Where legally required, we will give you prior notice and if you have the legal right to do so, allow you to object.
We may share information for other reasons we may describe to you.
You Have Certain Choices About How We Use Your Information.
Restrictions on personal information. You may decline to enter any or all of your personally identifiable information, in which case we may not be able to provide to you some of the features and functionality of the Services. If you register for an account for Services, you may update, or correct, your account information and preferences at any time by going to your account settings page. To protect your privacy and security, we take reasonable steps to verify your identity before granting you access to your account or making corrections to your information. However, you are SOLELY responsible for maintaining the secrecy of your unique account and password information at all times. Most browsers are initially set up to accept cookies, but you can choose to configure your browser to refuse all cookies or to indicate when a cookie is being sent.
You can opt out of certain marketing. To stop receiving our marketing communications please email us at firstname.lastname@example.org or follow the instructions in any message you get from us. If you opt out of marketing emails you will continue to receive messages from us about your relationship with us where permitted by law.
Our Website and App Are Not Intended for Children.
Our Website and Services are meant for adults age eighteen (18) years or older.
We Use Standard Security Measures.
We use appropriate and reasonable security measures as required by relevant law including but not limited to HIPAA, CCPA, HITECH and Standard of Privacy of Individually Identifiable Health Information. We are adopting required safeguards such as Security Management Process (risk analysis, risk management, sanction policy and information system activity review), Security Official, Security Incident, Contingency Plans (data backup plan, disaster recovery plan and emergency mode operation plan). The Internet is not 100% secure. We cannot promise you that your use of our Website and App will be completely safe. We encourage you to use caution when using the Internet.
QT Medical uses certain physical, administrative , and technical safeguards to help protect your personal information. These safeguards comply with the current security standards under the Health Insurance Portability and Accountability Act of 1996 ("HIPAA"). If QT Medical learns of a security systems breach, then it may attempt to notify you electronically within 60 days following the discovery, so that you can take appropriate protective steps. QT Medical may post a notice on or through Services if a security breach occurs. Depending on where you live, you may have a legal right to receive notice of a security breach in writing.
We May Store and Use Information Inside the United States.
Information we collect may be stored and processed in the United States. If you live outside of the United States, you understand and agree that we may transfer your information to the United States. The United States may not afford the same level of protection as the laws in your country. By submitting your information you agree to the processing of it in the U.S. as permitted by law.
According to California Consumer Privacy Act, California has thicker threshold for privacy protection. If you reside in California, you have the right to ask us one time each year if we have shared personal information with third parties for their direct marketing purposes. To make a request, please send us an email at email@example.com or write to us at the address below.
You Can Contact Us About This Policy and Your Information.
QT Medical, Inc.
Attn: Brett Chien, PhD
1360 Valley Vista Dr., Suite 203, Diamond Bar, CA 91765
We will not take action against you for filing a complaint. If you have a complaint concerning our compliance with applicable privacy laws, we will investigate your complaint and take appropriate measures. You may also file a complaint with respect to our use and disclosure of your personal health information to the United States Department of Health and Human Services Office for Civil Rights at https://ocrportal.hhs.gov/ocr/smartscreen/main.jsf.
We May Update This Policy.