Privacy Policy

This Privacy Policy Applies to the Sites and Apps Where It Appears.

This policy describes how QT Medical, Inc. (“we” or “our” or “QT Medical”) treats personal information. It applies to information we collect on our Website and App where it is posted. Read this policy to learn about what we do and your choices. By interacting with us, you consent to our privacy practices. We value the privacy of our users and visitors and make it a priority to protect any personally identifiable information that we collect, use, or disclose. This Privacy Policy is incorporated into and is subject to our Terms of Service.

Scope of Privacy Policy.

QT Medical provides electrocardiogram (ECG) data acquisition, cloud storage and diagnostics services (the “Services”) through our website portal and mobile application. By using the Services, you consent to our collection and use of your Protected Health Information (as defined under the Health Information Portability and Accountability Act of 1996 and its implementing regulations, “HIPAA”) and certain Personal Information as described in this Privacy Policy. Except as set forth in this Privacy Policy, your Protected Health Information and/or Personal Information will not be used for any other purpose without your consent. We acknowledge that in certain cases, we may be a Business Associate under HIPAA and will not use or disclose Protected Health Information collected through your use of the Services for any purpose that, where applicable, would violate HIPAA. We also do not actively collect Personal Information for the purpose of sale of such information in a way that specifically identifies you as an individual (i.e., we do not sell customer lists).

Services are Intended for Individuals within the United States.

Our Services are intended for individuals located within the United States. We do not knowingly collect any information from an individual located within the European Union or market to individuals residing in the European Union. By accessing the Services from the European Union or other regions of the world with laws governing data collection and use that may differ from U.S. law, you are consenting to the transfer of your personally identifiable information outside of those regions to the United States and acknowledge that you may not have the same protections.

We Collect Personal Information From and About You.

We collect information that you provide. We collect user-provided information. When you register for an account to use our Services or at any later time, you may provide certain personally identifiable and financial information such as: your name; password; age; gender; physician information, including the name of your primary care physician, cardiologist or prescribing physician and your physician’s order or prescription for you to receive our Services; email address; postal mailing address; zip code; credit or debit card number and expiration date; billing address; and home/mobile telephone number. We also collect health data about you through the use of our ECG monitoring device.

Automatically collected information. When you visit our Website, whether or not you register for an account, QT Medical may send one or more cookies to your computer. Cookies remember information about your activities on a website. Please review your web browser "Help" file to learn the proper way to modify your cookie settings. However, if you remove cookies, you may not have access to certain services or features available on the Website. Third party content displayed in connection with the Services may also contain cookies set by such third party. QT Medical does not control these cookies and you should check the privacy policy of such third party to see whether and how it uses cookies. We will not use cookies to store your personal information.

We collect device and mobile information. We collect device identifiers. We may also collect information about your location. QT Medical's servers may also automatically record certain information from your browser such as your Internet Protocol (IP) address, browser type, internet service provider (ISP), referring or exit pages, click stream data, operating system, and the dates and times that you visit our Website. This information is collected in order for us to provide Services; we do not sell this information to third parties.

Data, Diagnostic & Login Information. You may be able to create, upload, publish, transmit, distribute, display, store, submit or share information, data, text, graphics, messages or other materials using our Services (this is collectively referred to below as “Data”). This Data may be stored and maintained on our servers.

We may collect information about you from your healthcare providers. As part of the Services and our provision of healthcare, we may collect information about you from your treating providers. We will collect only the information necessary to provide the Services and will safeguard such information in accordance with the terms of this Privacy Policy.

We Collect Information In a Variety of Ways.

We collect information directly from you. We collect information when you register for an account or use the Services. We collect information if you contact us through our Website or App.

We collect information about you passively. We use tracking tools like browser cookies, web beacons, and pixels. We do this on our website and in emails we send to you. We collect information about users over time when they use our Website and Services. This includes usage and browser information. We may have third parties collect Non-Protected health information (PHI) this way.

We Use Information As Disclosed and Described Here.

We use information to respond to your requests or questions. We use your information to respond to your questions. This includes questions about our Services or your relationship with us.

Health Information. We use your information for the provision, coordination or management of your health care, including consultations between health care providers relating to your care and referrals for health care from one health care provider to another. For example, copies of your ECG monitoring reports may be shared with your primary care physician or other treating practitioner pursuant to your request or otherwise as required by law. We may also disclose health information about you to other providers, or other doctors, nurses, technicians, health students, volunteers, or other personnel who are involved in taking care of you.

Payment Information. We use financial information to manage your account, to provide the Services, and to collect payment for the Services. We may use a third-party service provider to manage credit card processing. If we do so, such a service provider will not be permitted to store, retain, or use Billing Information except for the sole purpose of credit card processing on our behalf.

We use information to improve our products and services. We use your information to improve our Website and app. We use your information to customize your experience with us. We also use your information to serve you specific content that is most relevant to you.

We use cookies. We may use "cookies" information to: (a) remember some of your information so that you will not have to re-enter it during your visit or the next time you visit the Website; and (b) monitor aggregate information such as total number of visitors and pages viewed.

We use information to communicate with you for notice and other transactional purposes. We might also contact you about this Privacy Policy or our Terms of Service. We may also disclose your Personal Information or Protected Health Information in connection with a merger, acquisition, corporate re-organization, a sale of all or a substantial portion of our assets or stock, including any due diligence exercise carried out in relation to the same, provided that the information disclosed continues to be used for the purposes permitted by this Privacy Policy by the entity acquiring the information.

We use information for security purposes. We use your information to protect our company and our users. We also use your information to protect our Website and app. We may use your information to prevent, discover, and investigate violations of our Privacy Policy or Terms of Service.

De-Identified Information. We use aggregated, de-identified information to support our administrative, management or other business purposes. We may also use your information in a de-identified, anonymous way in conjunction with an analytics service to monitor and analyze use of the Services, for the Services’ technical administration, to increase the Services’ functionality and user-friendliness, to offer new or additional service lines and features, and to monetize business intelligence. We use de-identified information for commercial purposes for which we receive compensation from third parties.

According to Section 164.514(a) of the HIPAA Privacy Rule, we follow the standard for de-identification of protected health information (PHI) with the removal of 18 types of identifiers in 164.514(b)(2)(i):

(A) Names;

(B) All geographic subdivisions smaller than a State, including street address, city, county, precinct, zip code, and their equivalent geocodes, except for the initial three digits of a zip code if, according to the current publicly available data from the Bureau of the Census:

  • (1) The geographic unit formed by combining all zip codes with the same three initial digits contains more than 20,000 people; and
  • (2) The initial three digits of a zip code for all such geographic units containing 20,000 or fewer people is changed to 000.

(C) All elements of dates (except year) for dates directly related to an individual, including birth date, admission date, discharge date, date of death; and all ages over 89 and all elements of dates (including year) indicative of such age, except that such ages and elements may be aggregated into a single category of age 90 or older;

(D) Telephone numbers;

(E) Fax numbers;

(F) Electronic mail addresses;

(G) Social security numbers;

(H) Medical record numbers;

(I)Health plan beneficiary numbers;

(J) Account numbers;

(K) Certificate/license numbers;

(L) Vehicle identifiers and serial numbers, including license plate numbers;

(M) Device identifiers and serial numbers;

(N) Web Universal Resource Locators (URLs);

(O) Internet Protocol (IP) address numbers;

(P) Biometric identifiers, including finger and voice prints;

(Q) Full face photographic images and any comparable images; and

(R) Any other unique identifying number, characteristic, or code, except as permitted by paragraph (c) of this section;

Retention. We will keep your Personal Information and Protected Health Information for as long as it remains necessary for the identified purpose or as required by law, which may extend beyond the termination of our relationship with you. We may retain certain data as necessary to prevent fraud or future abuse, or for legitimate business purposes, such as analysis of aggregated, non-personally-identifiable data, or account recovery. All retained Personal Information and Protected Health Information will remain subject to the terms of this Privacy Policy.

We Combine Information.

We combine information that we have collected offline with information we collect online. We combine information that we have collected from your healthcare providers and across other third party sites. We combine information collected across devices, such as computers and mobile devices. We also combine information we get from third parties with information we already have.

We May Share Information With Third Parties.

We share information with our business partners. We may share your information with companies that provide services to us, including outside contractors or agents who help us manage our information activities, but they may only use your information to provide us with a specific service and not for any other purpose. These third parties enter into agreements with us to protect your information.

Healthcare Providers. When you access the Services through a health care provider and permit access to such healthcare provider, the provider may access and use the information you submit through the Services so they can provide health-related services to you. We may sign agreements with such health care providers to help protect the privacy and security of your information. We may share your information with other healthcare providers who have a treatment relationship with you for treatment purposes.

We share non-personally identifiable information. We may de-identify information about you or aggregate it with other information from other users in a manner that cannot be used to identify you and share that information with other parties.

We will share information if we think we have to in order to comply with the law or to protect you or ourselves. We will share information to respond to a court order or subpoena. This includes but is not limited to, the sharing of your information for public health activities (e.g., to prevent or control disease, injury or disease), law enforcement reasons, coroners and medical examiners, national security and intelligence activities, lawsuits and disputes, inmate health reasons, or serious security threats. Note that genetic information, HIV-related information, and alcohol and/or substance abuse records, mental health records, and other specially-protected health information may enjoy special confidentiality protections under applicable state and federal law. Any disclosures we make for this information will be in accordance with applicable laws. We will also share information if a government agency or investigatory body requests it. This includes U.S. and non-U.S. law enforcement or regulatory authorities. We may also share information when permitted by law to protect our company, the Services, and our Website.

We may share information with a successor to all or part of our business, as permitted by law. If part of our business is sold, we may include user information as part of that transaction. Where legally required, we will give you prior notice and if you have the legal right to do so, allow you to object.

At your direction. You may be able to share Personal Information and Protected Health Information with third parties through use of the Services. The privacy policies of these third parties are not under our control and may differ from ours. The use of any information that you may provide to any third parties will be governed by the privacy policy of such third party or by your independent agreement with such third party, as the case may be. If you have any doubts about the privacy of the information you are providing to a third party, we recommend that you contact that third party directly for more information or to review its privacy policy.

We may share information for other reasons we may describe to you.

You Have Certain Choices About How We Use Your Information.

Restrictions on personal information. You may decline to enter any or all of your personally identifiable information, in which case we may not be able to provide to you some of the features and functionality of the Services. If you register for an account for Services, you may update, or correct, your account information and preferences at any time by going to your account settings page. To protect your privacy and security, we take reasonable steps to verify your identity before granting you access to your account or making corrections to your information. However, you are SOLELY responsible for maintaining the secrecy of your unique account and password information at all times. Most browsers are initially set up to accept cookies, but you can choose to configure your browser to refuse all cookies or to indicate when a cookie is being sent.

You can opt out of certain marketing. To stop receiving our marketing communications please email us at privacy@qtmedical.com or follow the instructions in any message you get from us. If you opt out of marketing emails you will continue to receive messages from us about your relationship with us where permitted by law.

Access and amendment of your information. Upon request, we will provide you with a copy of the Personal Information we have on file for you. To request this information, please contact us using the contact information at the bottom of this Privacy Policy. If you notice any errors that you are not able to update yourself, you may contact us using the contact information provided at the bottom of this Privacy Policy, and request that we correct your information. If we determine that the information is inaccurate and we are the source of the error, we will correct the information. Because we collect information about you from a variety of sources, we may ask you to contact the source of the information to correct the information.

Our Website and App Are Not Intended for Children.

Our Website and Services are meant for adults age eighteen (18) years or older.

We Use Standard Security Measures.

We use appropriate and reasonable security measures as required by relevant law including but not limited to HIPAA, CCPA, HITECH and Standard of Privacy of Individually Identifiable Health Information. We are adopting required safeguards such as Security Management Process (risk analysis, risk management, sanction policy and information system activity review), Security Official, Security Incident, Contingency Plans (data backup plan, disaster recovery plan and emergency mode operation plan). The Internet is not 100% secure.  We cannot promise you that your use of our Website and App will be completely safe. We encourage you to use caution when using the Internet.

QT Medical uses certain physical, administrative , and technical safeguards to help protect your personal information. These safeguards comply with the current security standards under the Health Insurance Portability and Accountability Act of 1996 ("HIPAA"). If QT Medical learns of a security systems breach, then it may attempt to notify you electronically within 60 days following the discovery, so that you can take appropriate protective steps. QT Medical may post a notice on or through Services if a security breach occurs. Depending on where you live, you may have a legal right to receive notice of a security breach in writing.

We May Store and Use Information Inside the United States.

Information we collect may be stored and processed in the United States. If you live outside of the United States, you understand and agree that we may transfer your information to the United States. The United States may not afford the same level of protection as the laws in your country. By submitting your information you agree to the processing of it in the U.S. as permitted by law.

California Residents.

According to California Consumer Privacy Act, California has thicker threshold for privacy protection. If you reside in California, you have the right to ask us one time each year if we have shared personal information with third parties for their direct marketing purposes. To make a request, please send us an email at privacy@qtmedical.com or write to us at the address below.

You Can Contact Us About This Policy and Your Information.

If you have any questions about this Privacy Policy or our data practices, you may email us at privacy@qtmedical.com. You can also write or call us at:

QT Medical, Inc.

Attn: Brett Chien, PhD
1360 Valley Vista Dr., Suite 203, Diamond Bar, CA 91765
(909)323-0007

We will not take action against you for filing a complaint. If you have a complaint concerning our compliance with applicable privacy laws, we will investigate your complaint and take appropriate measures. You may also file a complaint with respect to our use and disclosure of your personal health information to the United States Department of Health and Human Services Office for Civil Rights at https://ocrportal.hhs.gov/ocr/smartscreen/main.jsf.

We May Update This Policy.

This Privacy Policy may be updated from time to time without further notice to you and this will be reflected by a "Last modified" date above. Please revisit this page to stay aware of any changes. By continuing to use the Services, you are consenting to the terms of the then-current Privacy Policy.