WELLFRAME PRIVACY POLICY

Last updated on September 4th, 2020. You can find the previous version in the archive.

OVERVIEW

Welcome to Wellframe! Wellframe is a mobile application that can help you learn about your health, track your health status, and conveniently message with care providers or support staff. Please review our Privacy Policy carefully. If viewing in our mobile application, tap "Accept" to acknowledge that you understand the ways in which Wellframe may process your personal information. You may be asked additional questions to ensure we have your consent to collect and use your personal information for specific purposes. For your convenience, we summarized some highlights of our Privacy Policy below, but you should still review the entire Privacy Policy in detail.

Wellframe may process your personal information for the following purposes:

  • collecting, storing and using your personal information to provide you with the service accessed through this mobile application. We may use third parties to help provide this service to you on our behalf and may share your personal information with them for this purpose, including our cloud host provider. These third parties are contractually bound to protect your personal information;
  • disclosing your personal information to your sponsor such as your insurer, healthcare provider, or other healthcare professional;
  • transferring your personal information to and hosting your personal information in data centers within the United States of America;
  • de-identifying your personal information (so it no longer identifies you) and using the resulting information in aggregated or non-aggregated form for product improvement, marketing, research, and to provide services to our customers; and
  • meeting our legal obligations.

If you do not agree to your Personal Information being processed for these purposes, or with any other terms of our Privacy Policy (see below) please do not use our mobile application.

INFORMATION COLLECTION AND USE

This Privacy Policy is designed to inform users how Wellframe, Inc. ("Wellframe," “we,” “our,” or “us”) collects and uses your information through our applications, websites, and other services (collectively, the "Service"). Personal Information is information that identifies you, including health information, as categorized below. Some information may fall under multiple categories. By tapping “Accept” at the end of this Privacy Policy, you consent to Wellframe collecting and using your information as described below. You may have been invited to use the Service from a sponsoring third party such as your healthcare provider, health insurance provider, employer, care manager, or as part of a clinical study (your “Sponsor”). It is your choice whether or not to provide us with such information but if you decline, you may not be able to use part or all of our Service as some information is necessary. You can change some privacy settings at any time by going into the mobile application settings.

What information Wellframe collects

  1. Information you provide: We may ask and collect information such as your name, email address, phone number, address, birthdate, and gender to register your account. We use this information to manage your account, verify your identity, and deliver to you the Services. Additionally, we collect the content of the communications you make through the use of our Services.
  2. Information we receive from third parties: We may receive information about you, including what is listed in other categories, from your Sponsor. This information may include demographic information, medical history, health insurance information, or other information that your Sponsor has decided to share with us. We use this information to fulfill contractual obligations to your Sponsor and to deliver the Service to you. The collection, processing, and sharing of this information is controlled by your Sponsor.
  3. Health Information: Since we are a health related application, we collect information about your health. This category can include diagnoses, symptoms, medical procedures, medications, discharge dates, clinical notes, physical characteristics, and provider information. We use this information to provide the Service to you such as using your medication information to provide medication notifications.
  4. Communications: We collect the content of communications you make through our Service including the communications of your Sponsor to you. This content can include information under other categories as well as any other information you decide to share through our Service. We use this content to provide you a record of your communications as well as use it in de-identified form as discussed below.
  5. Integration data: We may use automated methods to track data from your other apps, fitness wearables, biometric monitoring devices, and other integrations that you have allowed to communicate with our Service. This integration data is then contained in our application for both you and your Sponsor to see and use.
  6. Website activity: Whenever you visit our websites, regardless of whether you have an account, we also receive and record information such as your browsing activities on our site, your IP address, cookie information, and the pages you request. Website activity is used for security, content improvements, and marketing. For more information on what is collected via our website, please see our Cookie Policy.
  7. Analytics information: We may collect usage data about how you use our Service such as how you use the application, what content you read and favorite, content of messages within our Service, and device information. We use this analytics information to improve the Service for you and other users.
  8. Log files: To maintain security and protect both our Service and your data, we collect information such as IP addresses, server requests, login events, device information, crash reports, usage activity, or other information to discover and respond to events to protect our product from security threats, fraud, or other illegal activity. We may also use this information to enforce our EULA, compliance, and other legal obligations. Where feasible we limit the identifiable and sensitive information contained in these log files. 
  9. If you contact us regarding questions, issues, or requests regarding the use of our Service, our support team may view your Personal Information, as well as any additional information you provide, in order to assist. We may also ask follow-up questions to gather more information as necessary to address your issue. This information is stored as a record of your support request.
  10. Optional information: We may also ask and collect additional information, with your consent, that is not necessary for use of our Services such as product feedback, surveys, usage analytics, and testimonials. We use this information to improve and market our Service. Your Sponsor may request this information as well to improve their products and services. You have the right to object to processing of your personal data for direct marketing purposes by contacting help@wellframe.com or by using the “unsubscribe” button in the email. 

Sharing

Wellframe does not rent, lease, or sell your Personal Information. Wellframe shares your Personal Information to provide the Service, with your consent, or when legally required. We share your Personal Information with your Sponsor as per our agreement with your Sponsor that allows you to use the Service. Your Sponsor may share your Personal Information or direct us to share your Personal Information to third parties such as your Sponsor’s affiliates or service providers. Contact your Sponsor to learn more about how they use your Personal Information.

To provide the Service, we may also share your Personal Information with our cloud hosting provider and other third party providers for additional functionality, to communicate with you, measure performance, or improve our product. In response to a legal process, such as a law enforcement action or a subpoena, we may be required to share your Personal Information, as well. Finally, we may transfer your Personal Information to an entity or individual that attempts or does acquire, buy, or merge with all or part of Wellframe, or through some other business reorganization.

De-identified Information

In addition to the categories and uses above, we may remove the identifiable parts of your Personal Information to create de-identified or pseudonymized information (“De-identified Information”). De-identified Information may be combined with other information into aggregated datasets. We use De-identified Information in the following ways:

  1. We may license, sell or otherwise share De-identified Information with institutional clients, partners, investors and contractors for any purposes related to our business practices.
  2. Product Improvement: We may use De-identified Information for product improvement including the Service as well as third-parties to evaluate their products or services.
  3. Research: We may use De-identified Information for research whether scientific, marketing, or business in nature. This research may be made public through publications such as within a scientific journal.

STORAGE AND RETENTION

Your Personal Information will be stored in our cloud hosting provider’s data centers within the United States. We retain your Personal Information for as long as reasonably necessary to provide you the Service or to comply with legal obligations. For details about where and how long your Sponsor stores your Personal Information, please contact your Sponsor. We may retain De-identified Information indefinitely.

CONFIDENTIALITY AND SECURITY

Wellframe has a legal duty to protect your Personal Information. We have put in place reasonable physical, technical, and administrative controls designed to safeguard against the unauthorized access, maintain data security, and correctly use your Personal Information. Third party service providers undergo a vetting process and sign confidentiality agreements before we utilize them to provide the Service. Some of these security measures rely upon you. Please keep your login credentials secret, avoid public WiFi networks, and log out of any shared devices. If you ever suspect a security issue with your account, help@wellframe.com immediately.

CHILDREN

Our Service is not directed to children. Wellframe does not knowingly collect Personal Information from children under the age of 13 except with permission of a child’s parent or legal guardian through our caregiver account feature. If we find that we collected Personal Information from a child under the age of 13 without proper consent, we will immediately delete that Personal Information.

RIGHTS TO PERSONAL INFORMATION

You or an authorized agent, such as a parent or caretaker, may request access, changes, or deletions to your Personal Information and request information about our collection, use and disclosure of such information by contacting us at help@wellframe.com or (844) 452-4085. We use best efforts to keep our records as accurate and complete as possible. You can help us maintain the accuracy of your information by notifying us of any changes to your Personal Information as soon as possible. We will not discriminate against you for exercising your rights but your rights to access, change, or delete your Personal Information are not absolute. Some requests may need to go through your Sponsor and your Sponsor may deny, modify, or fulfill the request themselves. We may require you to verify your identity before fulfilling the request such as through asking you to log into the app, providing a verification code, answering security questions, or some other means. We may also deny your request when required by law or if the request would likely reveal Personal Information about a third party..

PRIVACY SHIELD

Wellframe complies with the EU-US Privacy Shield Framework (“Privacy Shield”) set forth by the US Department of Commerce, regarding the collection, use and retention of Personal Information from European Union and the United Kingdom to the United States in reliance upon Privacy Shield. Wellframe has certified to the Department of Commerce that it adheres to the Privacy Shield Principles with respect to such information. If Wellframe transfers your Personal Information to a third-party, Wellframe remains responsible and will remain liable under the Privacy Shield principles if the third party processes your Personal Information in a manner inconsistent with the Privacy Shield principles. The Federal Trade Commission ("FTC") has jurisdiction over Wellframe’s compliance with the Privacy Shield principles. Wellframe is subject to the investigatory and enforcement powers of the FTC. If there is any conflict between the policies in Wellframe's Privacy Policy, and the Privacy Shield principles, the Privacy Shield principles shall govern. To learn more about the Privacy Shield program, and to review our certification page, please visit https://www.privacyshield.gov/.

For EU and UK users, Wellframe commits to responding to your inquiry or complaint about your Personal Information within thirty (30) days. If your privacy complaints remain unresolved, Wellframe has further committed to referring them to the JAMS EU-US Privacy Shield Program, an alternative dispute resolution provider located in the United States. The services of JAMS are provided at no cost to you and are available at https://www.jamsadr.com/eu-us-privacy-shield. Please note that if your complaint is not resolved through these channels, as a last resort and under limited circumstances, a binding arbitration option may be available before a Privacy Shield panel.

GENERAL

The Service may contain links or deep links to other websites, open search results, public feeds, or curated channels all of which are independent from Wellframe. Wellframe has no control and is not responsible for the content, privacy practices, or advertisements on third party websites or for any loss or damage incurred in connection with your use of such links or dealings with the operators of these non-Wellframe websites. Users are encouraged to review the privacy statements of each third party website. Wellframe is not responsible for any disclosures you make to third parties regarding your Personal Information, including family members or friends. 

CHANGES TO THIS PRIVACY POLICY

We may update this Privacy Policy from time to time by posting a new version online and within our application. You should check this page occasionally to review any changes as well as within the settings section of our app. If we make any material changes affecting you, as determined by Wellframe, we will notify current users by providing notice through the Wellframe app or via email. We may request your consent to the new terms; otherwise your continued use of the Service, or continued provision of Personal Information to us, will be subject to the terms of the then-current Privacy Policy. 

CONTACT

If you have questions or suggestions about this Privacy Policy, please email Wellframe at help@wellframe.com or write to us at:

Wellframe, Inc. 

ATTN: Privacy Officer

470 Atlantic Ave. Floor 8 

Boston, MA 02210, USA

Copyright © 2012-2020 Wellframe Inc. All Rights Reserved. Legal Notices