Privacy Policy
This Privacy Policy was last updated on January 19, 2024.
MediFind takes its users’ privacy seriously. This Privacy Policy describes how MediFind protects the personal information of users of this website (the “Site”) and the services related to or offered on the Site (hereinafter, the “Services”). If you do not agree with this Privacy Policy, do not access or use this Site or our Services or interact with any other aspect of our business.
1. Scope of Privacy Policy
This Privacy Policy covers the following:
- The type of personal information collected by MediFind and its partners through the Services and the purposes for which this personal information is used;
- How MediFind collects, stores, and uses your personal information; and
- The rights you have with respect to how MediFind collects, stores and shares your personal information.
In this Privacy Policy, “personal information” means information that identifies, relates to, describes, is reasonably capable of being associated with, or could reasonably be linked (directly or indirectly) with an individual or household. Sometimes, you may have heard “personal information” referred to as “personal data” or “personally identifiable information” or “PII.” These terms generally mean the same thing.
2. Personal Information Collected by MediFind.
When you use the Services, we may collect certain personal information from you, your devices, and your interaction with the Services. Personal information collected may include some or all of the following:
- User Contact and Demographic Data: In connection with your registration to use the Services you may provide your name, email address, physical address, birth date, gender, and health information.
- Medical Information: When you use our Services, you may provide more personal information. For example, when you enter information about conditions and/or diagnoses, we may collect personal information regarding you, your symptoms and/or other matters to help us to deliver the Services to you. In addition, we may collect personal information in connection with promotions and events that are offered by us or by our partners and affiliates.
- Web and Email Analytics: We may store details of your visits to our websites (such as pages visited, browser details and/or your IP address) and your interactions with our Services and/or any emails that we send to you. This information may include IP addresses, browser type, internet service provider (ISP), referring/exit pages, the files viewed on our site (e.g., HTML pages, graphics, etc.), operating system, date/time stamp, and/or clickstream data to analyze trends in the aggregate and administer the site.
- Device Information: We may collect information from or about the devices that you use to access our Services, depending on the permissions you’ve granted. We may associate the information we collect from your different devices, which helps us to provide consistent Services across your devices.
- Categories of Data Treated as Sensitive Under Certain Privacy Laws: We may collect health information such as information about conditions and/or diagnoses, symptoms, and health care providers with which you book visits and related visit information.
- Social Network Data. If you use social networking connection functions offered through the Services, we may access all of your social network profile personal information that you have made available to be shared and to use it in accordance with this Privacy Policy.
3. How MediFind Uses Personal Information
MediFind may use the personal information we collect about and from you:
- To provide you with the Services or with products, or other materials that you request;
- To communicate with you about our Services or certain products and promotions;
- To customize your experience with our Services, including by providing you with relevant advertising on our Services.
- To advertise our and our affiliates’ and customers’ products and services.
- To allow us and our third-party advertisers and retailers and their affiliates to communicate with you to deliver relevant information or offers.
- To protect the security and integrity of our Services.
- To enforce our legal rights or defend legal claims.
- To monitor and report compliance issues.
- To report aggregate information to Our advertisers and others.
- Otherwise with your consent.
- Otherwise as permitted or required by law.
4. How and When MediFind May Share or Disclose Personal Information
MediFind may share personal information with third parties in the following circumstances:
- Service Providers.We rely on third-party service providers to perform a variety of contractual services on our behalf. To do so, we may need to share personal information with them.
- Third parties. We have agreements with third parties, including marketers, advertisers and other health service providers. With appropriate consent when required, we may share your Personal Information with third party marketing partners, and they may contact you by email, telephone, postal mail or other common communication methods with marketing and promotional messages about their products or services. Sometimes we will give you the option to receive further communications from one of our advertising partners. When you provide consent to receive communications from that third-party advertiser, your personal information will be managed by that third party’s own privacy policy.
- Other Parties When Required by Law or as Necessary to Protect MediFind. There may be instances when we disclose your information to other parties:
- There may be instances when we disclose your information to other parties:
- To To comply with the law or respond to legal process or a request for cooperation by a government entity.
-
- To prevent fraud or verify and enforce compliance with the policies governing our Services.
-
- Where permitted by law, to protect the rights, property, or safety of MediFind, or any of our respective affiliates, business partners, customers or employees.
Before we produce information, we will attempt to notify affected users and give them an opportunity to object unless notification is prohibited by law or if we believe that notification would create a risk of harm or be otherwise counterproductive.
- There may be instances when we disclose your information to other parties:
- Other Parties With Your Consent. In addition to the disclosures described in this Privacy Policy, we may share personal information with third parties when you consent to or request such sharing.
- Business transfers. If and when MediFind is involved in a merger, acquisition, or any form of transfer or sale of some or all of its business, whether as a going concern or as part of bankruptcy, liquidation, or similar proceeding, we may share your personal information in connection with that transaction.
5. Right to Opt-Out
You may opt-out:
- From all future use and disclosure of your personal information for direct marketing purposes by requesting the removal of Your Personal Information from MediFind’s database by submitting a request through our Feedback page; or
- From receiving future marketing-related e-mails from MediFind by clicking on the “opt-out” link in any e-mail sent to You by MediFind.
Please note that if you opt-out as described above, MediFind will not be able to remove Your Personal Information from the databases of Our affiliates or unaffiliated third parties with whom We have already shared Your Personal Information as of the date of Your opt-out request. Please also note that if you do opt-out of receiving marketing-related messages from us, MediFind may still send administrative messages to you.
Once you have submitted an opt-out request, we will not ask you to reauthorize the sale of your Personal Data for at least 12 months. However, you may change your mind and opt back in to Personal Data sales at any time by creating a new profile for yourself.
6. Cookies
Information Collected Automatically: Like many other websites, we may also gather information in connection with your use of the website or Service through the use of cookies and other similar technologies such as server logs, pixel tags, web beacons, user website activity and JavaScript (collectively, “Cookies”) to enable us to recognize your web browser or device and tell us how and when you visit and use our Service, to analyze trends, to learn about our user base, and to operate and improve our Service. Cookies are small pieces of data—usually text files—placed on your computer, tablet, phone, or similar device when you use that device to visit our Service. We may also supplement the information we collect from you with information received from third parties, including third parties that have placed their own Cookies on your device(s). Please note that because of our use of Cookies, the Service does not support “Do Not Track” requests sent from a browser at this time.
We use the following types of Cookies:
Essential Cookies. Essential Cookies are required for providing you with features or services that you have requested. For example, certain Cookies enable you to log into secure areas of our Service. Disabling these Cookies may make certain features and services unavailable.
Functional Cookies. Functional Cookies are used to record your choices and settings regarding our Service, maintain your preferences over time and recognize you when you return to our Service. These Cookies help us to personalize our content for you, greet you by name, and remember your preferences (for example, your choice of language or region).
Performance/Analytical Cookies. Performance/Analytical Cookies allow us to understand how visitors use our Service such as by collecting information about the number of visitors to the Service, what pages visitors view on our Service and how long visitors are viewing pages on the Service.
You can decide whether or not to accept Cookies through your internet browser’s settings. Most browsers have an option for turning off the Cookie feature, which will prevent your browser from accepting new Cookies, as well as (depending on the sophistication of your browser software) allow you to decide on acceptance of each new Cookie in a variety of ways. You can also delete all Cookies that are already on your computer. If you do this, however, you may have to manually adjust some preferences every time you visit a site, and this may cause some services and functionalities to not work.
To explore what Cookie settings are available to you, look in the “preferences” or “options” section of your browser’s menu. To find out more information about Cookies, including information about how to manage and delete Cookies, please visit http://www.allaboutcookies.org/.
7. Third-Party Links and Websites
Our Services and related websites may link to the websites of other companies and/or individuals. Further, certain functionalities on the Services may involve the distribution of your information to third-party websites. These third-party websites may collect information about users on those websites, and this Privacy Policy does not extend to these external websites and third parties. Please refer directly to these third parties and websites regarding their privacy policies.
8. Security and Retention of Information
MediFind takes reasonable steps to protect personal information from unauthorized use, access, and disclosure. However, no transmission of information via the Internet nor electronic storage solution can be entirely secure, so please be aware that we cannot guarantee absolute security. When disclosing any Personal Information, You should remain mindful of the fact that it is potentially accessible to the public, and consequently, can be collected and used by others without Your consent. Accordingly, You should consider carefully if You want to submit sensitive information that You would not want disclosed to the public and should recognize that Your use of the Internet and this Site is solely at Your risk. You, alone, are ultimately responsible for maintaining the secrecy for all Your Personal Information. MediFind has no responsibility or liability to anyone for the security of Your Personal Information transmitted via the Internet. MediFind urges all of its users to be careful and responsible whenever they are on-line.
If You have any reason to believe that Your interaction with MediFind through this Site is no longer secure, please immediately notify Us of this problem through the Feedback feature of this Site.
We will retain your information for as long as necessary to fulfill the purposes outlined in this Privacy Policy unless a longer retention period is required or permitted by law.
9. Certain State Privacy Laws
Residents of certain U.S. states, such as California, Colorado, Connecticut, Virginia, and Utah may have personal information rights under the laws of their state (“State Privacy Laws”). Below, we describe those rights, how to exercise those rights and provide additional information about your personal information.
Information About Our Data Collection
The categories of personal information we collect are described in this Privacy Policy.
Your Rights, How to Exercise Your Rights, and How to Contact Us
You, or your authorized agent, may exercise any of your State Privacy Law rights by emailing MediFind’s Privacy Officer at privacy@medifind.com or by submitting the Feedback Form on our webpage. Before we can implement your request, we’ll need to confirm your identity. To allow us to confirm your identity, you will need to provide your name and additional information.
You can also contact our Privacy Officer at the methods listed above if you have any questions or concerns about this Privacy Policy or our information practices.
Right to Know and Access the Personal Information We Collect and Share
You have a right to request that we disclose the personal information we have collected about you, the categories of personal information we have collected, the sources of the personal information, and the purposes of the collection. Much of that information is set forth in this Privacy Policy. We will disclose and deliver the required information within 45 calendar days of receiving your request. This 45-day period may be extended once by an additional 45 days when reasonably necessary, however we must give you notice of this extension. You may make this request twice a year, free of charge.
Right of Deletion
You may request that we delete the personal information we have collected about you, subject to certain legal exemptions.
To delete your account go to your profile page and press “Delete Account”.
Right of Correction
You have a right to correct any inaccurate personal information we maintain about you.
Right to Non-Discrimination
You have a right not to receive discriminatory treatment for the exercise of privacy rights conferred to you under State Privacy Laws.
Retention
As described above, we retain your information for the period necessary to fulfill the purposes outlined in this Privacy Policy, unless a longer retention period is required or permitted by law.
10. GDPR and UK-GDPR Privacy Notice
If you are a resident of the European Union (“EU”), United Kingdom, Lichtenstein, Norway, or Iceland, you may have additional rights under the EU General Data Protection Regulation (the “GDPR”) or the United Kingdom General Data Protection Regulation (UK-GDPR) with respect to your Personal Data, as outlined below.
For this GDPR Privacy Notice, we use the terms “Personal Data” and “processing” as they are defined in the European Privacy Laws, but “Personal Data” generally means information that can be used to individually identify a person, and “processing” generally covers actions that can be performed in connection with data such as collection, use, storage and disclosure. MediFind will be the controller of your Personal Data processed in connection with the Service. For purposes of this GDPR Privacy Notice, “Personal Data” includes (but is not limited to) Profile data, as defined above.
The following is used to define the profile data:
- Category – Category of Data
- Source – Source of Data
- Purpose – Purpose of Processing
- Grounds – Grounds for Processing (e.g. contractual necessity, legitimateinterest, consent)
- Interest – Specific Legitimate Interest (if applicable)
Profile Data:
- Category: Customer Account Data (e.g. first last name, email, IP address)
Source: Data Subject
Purpose: Analytics
Grounds: Legitimate Interest
Interest: Monitoring and conducting analytics on website & app use, pages/links clicked, traffic demographics, patterns of navigation, on potential security/spam breach, on performance issues, etc. - Category: Customer Account Data (e.g. first last name, email, company)
Source: Data Subject
Purpose: Customer Success Communication
Grounds: Legitimate Interest
Interest: Personalized service and communication s related to the customer’s use of the product. - Category: Customer Account Data
Source: Data Subject
Purpose: Marketing Campaign (email, list creation)
Grounds: Legitimate Interest
Interest: Personalization, market research or direct marketing. - Category: Customer Account Data (e.g. first last name, device type, browser)
Source: Data Subject
Purpose: Product Development
Grounds: Legitimate Interest
Interest: Improving performance, troubleshooting bugs, other internal development needs. - Category: Customer Account Data (e.g. first last name, email, company)
Source: Data Subject
Purpose: Sales Communication
Grounds: Legitimate Interest
Interest: Targeted advertisement or direct marketing. - Category: Customer Account Data(e.g. first last name, email)
Source: Data Subject
Purpose: Using MediFind Products
Grounds: Contractual Necessity
Interest: Contractual Necessity - Category: User Session Data (e.g. utms, logged in, xsrf token)
Source: Data Subject
Purpose: Using MediFind Products
Grounds: Legitimate Interest
Interest: Maintain logged-in state during a single browsing session. Maintain their logged in state across browsing sessions. Enable users to log back in when a new session is started. Prevent cross-site request forgery attacks. Product feature rollout, conducting analysis. Ad performance and conversion tracking. Personalization of Web Content
How and With Whom Do We Share Your Data?
We share Personal Data with vendors, third party service providers and agents who work on our behalf and provide us or you with services related to the purposes described in this Privacy Policy or our Terms of Service. These parties include:
- Fraud prevention service providers
- Analytics service providers
- Hosting service providers
- Marketing service providers
- Product development service providers
- Customer success providers
- Third party business partners who you access through the Service
We also share Personal Data when necessary to complete a transaction initiated or authorized by you or provide you with a product or service you have requested. In addition to those set forth above, these parties also include:
We also share Personal Data when we believe it is necessary to:
- Comply with applicable law or respond to valid legal process, including requests from law enforcement or other government agencies
- Protect us, our business or our users, for example to enforce our terms of service, prevent spam or other unwanted communications and investigate or protect against fraud
- Maintain the security of our products and services
We also share information with third parties when you give us consent to do so.
Last, if we choose to buy or sell assets, user information is typically one of the transferred business assets. Moreover, if we, or substantially all of our assets, were acquired, or if we go out of business or enter bankruptcy, user information would be one of the assets that is transferred or acquired by a third party, and we would share Personal Data with the party that is acquiring our assets. You acknowledge that such transfers may occur, and that any acquirer of us or our assets may continue to use your Personal Information as set forth in this policy.
How Long Do We Retain Your Personal Data?
We retain Personal Data about you for as long as you have an open account with us or as otherwise necessary to provide you with the Service. In some cases we retain Personal Data for longer if doing so is necessary to comply with our legal obligations, resolve disputes or collect fees owed, or is otherwise permitted or required by applicable law, rule or regulation. Afterwards, we retain some information in a depersonalized or aggregated form but not in a way that would identify you personally.
What Rights Do You Have Regarding Your Personal Data?
You have certain rights with respect to your Personal Data, including those set forth below. For more information about these rights, or to submit a request, please email privacy@medifind.com. Please note that in some circumstances, we may not be able to fully comply with your request, such as if it is frivolous or extremely impractical, if it jeopardizes the rights of others, or if it is not required by law, but in those circumstances, we will still respond to notify you of such a decision. In some cases, we may also need you to provide us with additional information, which may include Personal Data, if necessary to verify your identity and the nature of your request.
- Access: You can request more information about the Personal Data we hold about you and request a copy of such Personal Data by emailing privacy@medifind.com.
- Rectification: If you believe that any Personal Data we are holding about you is incorrect or incomplete, you can request that we correct or supplement such data. You can also correct some of this information directly by emailing privacy@medifind.com.
- Erasure: You can request that we erase some or all of your Personal Data from our systems.
- Withdrawal of Consent: If we are processing your Personal Data based on your consent (as indicated at the time of collection of such data), you have the right to withdraw your consent at any time. Please note, however, that if you exercise this right, you may have to then provide express consent on a case-by-case basis for the use or disclosure of certain of your Personal Data, if such use or disclosure is necessary to enable you to utilize some or all of our Service.
- Portability: You can ask for a copy of your Personal Data in a machine-readable format. You can also request that we transmit the data to another controller where technically feasible.
- Objection: You can contact us to let us know that you object to the further use or disclosure of your Personal Data for certain purposes, such as for direct marketing purposes.
- Restriction of Processing: You can ask us to restrict further processing of your Personal Data.
- Right to File Complaint: You have the right to lodge a complaint about MediFind’s practices with respect to your Personal Data with the supervisory authority of your country or EU Member State.
Transfers of Personal Data: The Service is hosted and operated in the United States (“U.S.”) through MediFind and its service providers, and if you do not reside in the U.S., laws in the U.S. may differ from the laws where you reside. By using the Service, you acknowledge that any Personal Data about you, regardless of whether provided by you or obtained from a third party, is being provided to MediFind in the U.S. and will be hosted on U.S. servers, and you authorize MediFind to transfer, store and process your information to and in the U.S., and possibly other countries. You hereby consent to the transfer of your data to the U.S.
Please note that other countries’ data protection and other laws may not be as comprehensive as those in your country.
11. Collection of Information from Children
We do not knowingly collect personal information online from children under the age of 16. If we learn that a child has provided us with personal information, we will delete it or otherwise comply with applicable law.
12. Contacting Us
If you have any questions about this Privacy Policy, the ways in which we collect and use your personal information, or your choices and rights regarding such use, please email us at privacy@medifind.com.
13. Changes to this Privacy Policy
Please note that we may amend this Privacy Policy from time to time. You should check back for the most current version before relying on any of the provisions in this Privacy Policy. We will provide notice of material changes to the policy, either by posting a notice on our websites, by sending an email, or some other reasonable method.