Introduction
FutureSight Inc. (dba Medibanx) ("Medibanx", "we," "us") respects your privacy and is committed to protecting it through our compliance with this privacy policy (the “Privacy Policy”).
This Privacy Policy is effective Jan 20th, 2023 and governs our practices to the collection, use and disclosure of Personal Information (as defined below) that we collect from individuals in connection with the Medibanx Service (as defined below) or when you interact with our website [site address] (the “Site”)
Please read this Privacy Policy carefully to understand our policies and practices for collecting, processing, and storing your Personal Information. If you do not agree with our policies and practices, do not register for and use the Medibanx Service. By using the Medibanx Service or providing Personal Information through our Site, you indicate that you understand, accept, and consent to the practices described in this Privacy Policy. This Privacy Policy may change from time to time (see Changes to Our Privacy Policy section below). Your continued use of the Medibanx Service or the Site after we make changes indicates that you accept and consent to those changes, so please check the Privacy Policy periodically for updates.
Background and the Medibanx Service
Medibanx provides security, privacy and agency to patients to manage their records as they see fit. In addition, Medibanx provides a system for which researchers and industry can anonymously interact with patients' records and compensate patients for the value of their records.
To better understand this Privacy Policy, Medibanx has set out some basic definitions to use when reading and interpreting it:
- Disclosure: making Personal Information available to a third party for that party’s own use.
- Personal Health Information means information that relates to the physical or mental care of an individual, including diagnostic, treatment, and care information.
- Personal Information means information about an identifiable individual, including Personal Health Information about that individual.
- _Transfer: _making Personal Information available to a third party for processing, storage or otherwise, solely to be used on behalf of Medibanx.
- _Use: _the treatment, handling, and management of Personal Information by and within Medibanx.
- Users: means individuals who use the Medibanx Service.
Accountability
Medibanx is responsible for Personal Information under our possession and control. We have designated a Privacy Officer to be responsible for our compliance with this Privacy Policy and applicable privacy legislation. Medibanx will make known, upon request, the title and contact information of the person or persons designated to oversee Medibanx’s compliance with this Privacy Policy.
Medibanx is responsible for Personal Information in its possession or custody, including information that has been transferred to a third party for processing. Medibanx shall use contractual or other means to provide a comparable level of protection while the information is being processed by a third party.
Medibanx shall implement policies and practices to give effect to these principles, including:
- implementing procedures to protect Personal Information;
- implementing an internal process to receive and respond to complaints and inquiries relating to this Privacy Policy; and
- training staff and communicating to staff information about the organization’s policies and practices.
Personal Information We Collect About You and How We Collect It
We collect your Personal Information from you directly when you voluntarily provide it to us by using the Medibanx Service or our Site. For example, we may ask you to provide Personal Information in the following circumstances:
- in connection with the Medibanx Service, including when you open an account in order to use the Medibanx Service;
- in using the Site, for example your name and email address on our Contact Us page so we can respond to your correspondence;
- when you send us a question or comment by email; or
- otherwise use features of our Site that asks for Personal Information.
We may also collect Personal Information about you from other sources. For example, we may collect your Personal Health Information from your Health Care Provider(s) when you provided us with a Patient Consent form. We may receive Personal Information from your banking institutions regarding payments we make to you for contributing your relevant medical data.
Personal Information that Medibanx collects includes, but is not limited to:
- Information that you provide when you contact us to ask a question or request information about our company or services, or otherwise submit Personal Information to us with your communications or through our website contact form.
- Personal Information of our Users collected through the Medibanx Service. This includes:
- Contact information: such as your name, e-mail address, address, birthdate, phone number, and your health insurance number
- Personal Health Information when you onboard to use the Medibanx Service, such as your medical conditions, treatment information, surgeries, allergies, blood type, and your family doctor’s contact information; and
- Personal Health Information obtained from your Health Care Providers, including medical records and information pertaining to my medical care, history and payment or billing for such medical care; test results radiology studies.
- Technical information, including your login information, device type, time zone setting, and usage details ; and
- Service requests and inquiries.
Non-Personal Information
Non-Personal Information (“NPI”) means information that is aggregated, anonymized or otherwise cannot be linked with any individual. Medibanx collects NPI through automated technologies or interactions. For example, when you use the Site, we may automatically collect:
- Usage details - when you access and use the Site, we may automatically collect certain details of your access to and use of the Site, including traffic data, location data, logs, and the resources that you access and use on or through the Site.
- Device information** **- we may collect information about your device and Internet connection, including the device's unique device identifier, IP address, operating system, browser type, mobile network information, and the device's telephone number.
The technologies we use for this automatic data collection may include:
- Cookies. A cookie is a small file placed on your computer or device. It may be possible to refuse to accept mobile cookies by activating the appropriate setting on your smartphone. However, if you select this setting you may be unable to access certain parts of the Site.
- Web beacons. Pages of the Site and our emails may contain small electronic files known as web beacons (also referred to as clear gifs, pixel tags and single-pixel gifs) that permit the Company, for example, to count users who have visited those pages or opened an email and for other related app statistics (for example, recording the popularity of certain app content and verifying system and server integrity).
See the section below entitled “_How do We Collect, Use and Share NPI?_” for more information.
How Do We Use Your Personal Information?
Medibanx collects and uses Personal Information for the following purposes:
- to provide the Medibanx Service to you, including registering your account, and authenticating you when you log in to your account;
- to establish and maintain responsible commercial relations and to communicate with you in order to provide the Medibanx Service;
- to respond to your questions that you send us by email or through our Site;
- to improve the Medibanx Service, and help us develop new services, tools and product features;
- to process payments to you for contributing to Medibanx;
- to send you marketing messages, such as general or personalized notices and promotional messages, or to send news about Medibanx;
- to support our business functions such as internal business processes, marketing and advertising;
- to understand, research and improve our services;
- to meet any legal or regulatory requirements;
- to comply with applicable laws; and
- for any other reasonable purposes for which you may have provided your express consent or in which your consent can be reasonably implied.
Data Retention
Except as otherwise permitted or required by applicable law or regulation, we will only retain your Personal Information for as long as necessary to fulfill the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements. Under some circumstances we may anonymize or aggregate your Personal Information so that it can no longer be associated with you. We reserve the right to use such anonymous and de-identified data for any legitimate business purpose without further notice to you or your consent.
Limiting Collection
When collecting Personal Information, Medibanx will limit the collection of Personal Information to that which is necessary to fulfill the purposes identified in this Privacy Policy. We will be open and transparent about the information that is being collected by communicating the purpose of collection.
Do We Disclose or Transfer Your Personal Information to Others?
Medibanx will maintain the strict confidentiality of all Personal Information collected and will not sell, transfer, or otherwise disclose any of your Personal Information to any third party without your knowledge and consent except for the purposes outlined in this Privacy Policy.
We may transfer your Personal Information with our third-party service providers that help us with our business operations or to support the Medibanx Service (such as our electronic medical records platform provider, our payment processor, or service providers who provide us with marketing services ). Such service providers are contractually obligated to keep Personal Information confidential, to use it only for the purposes for which we disclose it to them, and to process the Personal Information with the same standards set out in this Privacy Policy. Please note that any banking or payment information will be stored by our payment processor intermediaries and our payment processors will have the sole and complete responsibility for the storage of such banking and payment information.
We may disclose Personal Information that we collect or you provide as described in this Privacy Policy to our subsidiaries and affiliates.
We may also disclose your information, including Personal Information, in the event we sell or transfer all or a portion of our business or assets (including corporate reorganization, merger or amalgamation with another entity, dissolution or liquidation).
From time to time we may disclose your Personal Information to third parties under the following limited circumstances:
- when necessary to protect our safety, property or other rights, our representatives, customers and users of the Medibanx Service, including to detect and prevent fraud;
- with your consent; or
- when otherwise required or permitted by law.
How Do We Collect, Use and Share NPI?
Medibanx uses NPI in an ongoing effort to better understand and serve our Users and to improve the content and functionality of our Site.
In addition, Medibanx may use Personal Information, on an aggregated de-identified basis, for research purposes to improve our Site and/or the Medibanx Service. This aggregated de-identified information does not identify any individual and therefore is considered and treated as NPI under this Privacy Policy.
Specific Uses of NPI by Medibanx:
- To conduct internal research on our customers and potential problems to better understand and serve them, including usage patterns, demographics, interests and behaviors.
- To diagnose or service technology problems reported by our users or engineers that are associated with the IP addresses controlled by a specific web company or ISP.
- We use anonymized and aggregated information about Users interaction with our Site to test our systems, data analysis, developing new services and improving and/or personalizing your experience on our Site.
Withdrawing Your Consent
Where you have provided your consent to the collection, use, and disclosure of your personal information, you may have the legal right to withdraw your consent under certain circumstances. To withdraw your consent, if applicable, contact us by email at support@medibanx.com. Please note that if you withdraw your consent, we may not be able to provide you with a particular feature or service. We will explain the impact to you at the time to help you make your decision.
How Do We Protect Your Personal Information?
Medibanx protects your Personal Information by security safeguards appropriate to the sensitivity of the information. We use physical, electronic, and administrative measures designed to secure your personal information from accidental loss and from unauthorized access, use, alteration, and disclosure. We store all information you provide to us on Google Cloud Platform’s HIPAA compliant cloud storage with limited access to only key personnel who are legally bound to confidentiality agreements. Although we take reasonable and appropriate measures to protect the security of your Personal Information, no data transmission over the Internet can be guaranteed to be completely secure.
We also take reasonable steps to ensure that our employees, contractors and vendors are aware of the importance of maintaining the confidentiality of Personal Information and have signed confidentiality/non-disclosure agreements with them as applicable. We endeavour to limit access to Personal Information to those personnel that require access to such personal information on a ‘need to know’ basis in order to perform their obligations.
The safety and security of your information also depends on you. You are solely responsible for maintaining the secrecy of your username, password, and any other account information. We ask you not to share your password with anyone.
How May I Access and Correct my Personal Information
It is important that the Personal Information we hold about you is accurate and current. Please keep us informed if your Personal Information changes. By law you have the right to request access to and to correct the Personal Information that we hold about you.
If you want to review, verify, correct, or withdraw consent to the use of your Personal Information you may also send us an email at support@medibanx.com to request access to, correct, or delete any personal information that you have provided to us. We may not accommodate a request to change information if we believe the change would violate any law or legal requirement or cause the information to be incorrect.
We may request specific information from you to help us confirm your identity and your right to access, and to provide you with the personal information that we hold about you or make your requested changes. Applicable law may allow or require us to refuse to provide you with access to some or all of the Personal Information that we hold about you, or we may have destroyed, erased, or made your personal information anonymous in accordance with our record retention obligations and practices. If we cannot provide you with access to your Personal Information, we will inform you of the reasons why, subject to any legal or regulatory restrictions.
We will provide access to your Personal Information, subject to exceptions set out in applicable privacy legislation. Examples of such exceptions include:
- Information protected by solicitor-client privilege.
- Information that is part of a formal dispute resolution process.
- Information that is about another individual that would reveal their personal information or confidential commercial information.
- Information that is prohibitively expensive to provide.]
If you are concerned about our response or would like to correct the information provided, you may contact our Ian Taylor at support@medibanx.com.
Electronic Communications
We comply with the CAN-SPAM Act and we will not send you electronic communications in contravention of this law. You may have also opted in to receive email communications from us. If you opted-in to receive such communications, we may use the information to: communicate with you regarding our products, and promotions; provide you with other information that you request; and/or improve our product and service offerings.
You will always have the opportunity to “unsubscribe” from receiving any of our e-mail or other communications at any time and we will ensure that our emails include instructions on how to unsubscribe if you no longer wish to receive future emails from us. At any time, may opt-out of contact from us by clicking on the unsubscribe link in the email. If you decide to unsubscribe, we will only contact you for the purposes allowed under applicable law.
Links to Other Sites
Our Site may contain links to other websites that are independently owned and operated by third parties. These other websites may have their own privacy policies and are not governed by this Privacy Policy. We are not responsible for the privacy practices, or the content of any websites owned and operated by any third parties. Other websites may collect and treat information collected differently, so we encourage you to carefully read and review the privacy policy of each website you visit.
Children Under the Age of 18
Only individuals 18 or older may use the Medibanx Service. A parent or a legal guardian of individuals under the age of 18 may register for an account on behalf of minor.
Changes to the Privacy Policy
Medibanx reserves the right to modify and amend this Privacy Policy from time to time in its sole discretion. Any such amendment(s) will be posted on our website at https://medibanx.com.
We include the date the Privacy Policy was last revised at the top of the page. You are responsible for periodically visiting this privacy policy to check for any changes.
Contact Information and Challenging Compliance
We welcome your questions, comments, and requests regarding this Privacy Policy and our privacy practices. Please contact us at:
Ian Taylor
We have procedures in place to receive and respond to complaints or inquiries about our handling of personal information and our compliance with this policy and with applicable privacy laws. To discuss our compliance with this policy, please contact our Privacy Officer using the contact information listed above.