Updated: January 1, 2018
Curadux and our affiliates may collect information about you when you use our applications, websites, other products and services, and through other interactions and communications you have with us (collectively "Services"). We use this information to provide, maintain, protect, and improve our Services.2.1 Personal Information
We may collect "Personal Information", which is data that you provide that could reasonably be used to identify you, such as your name, phone number, email address, mailing address, billing information, or other similar data. You are not required to provide Personal Information, but if you choose not to provide it, we may be unable to deliver our services.2.2 Content Information
We may collect “Content Information”, which is data that you create and provide while using our Services, such as information about your personal health, surveys, meetings, updates, messages, uploaded files, actions you take, and other similar types of information. We use Content Information to display to Care Guides and other Supporters who you have authorized to access such information.2.3 Technical Information
We may collect “Technical Information”, which is data about your usage of our Services, such as your IP address, device, browser, and other similar types of information contained in server logs and related sources. We use Technical Information to understand how you and other users are using and interacting with our Services, so we can optimize and improve our Services. We also use this information to protect you and other users from external and inside security threats, and to resolve technical issues that inevitably arise in the context of software development.2.4 Cookie Information
We may collect and combine information about you from third-party sources in order to personalize and enhance our Services.
We are serious about protecting your information and have taken reasonable steps to protect your information from both external and internal security threats.3.1 Physical Premises
Your information must physically reside somewhere and those premises must be protected. We currently host your information in the physical data centers operated by Amazon Web Services which has developed one of the premier data security regimes in the world and can provide a level of protection for your information that we simply cannot provide on our own at this time.3.2 Data Encryption
We employ a variety of technical safeguards to protect your information. We encrypt your stored data (data at rest), and we currently encrypt all traffic sent to or from our servers (data in transit) using an Wildcard SSL Certificate issued by DigiCert which features the maximum 256-bit encryption with the SHA-2 hashing algorithm.3.3 Employee Security
We limit internal access to our Services so employees and consultants can only access information that they need to know. We require all employees and consultants to sign non-disclosure agreements and all consultants are required to meet minimum privacy standards. We currently log and monitor all API calls to our servers so we can audit and detect any irregularities.3.4 Vendor Security
We require third-party vendors to sign non-disclosure agreements and/or to meet certain minimum privacy standards. We have also sought to limit our reliance on third-party vendors to the maximum extent possible in order to minimize external risks to your information.
We generally use your information only to provide, maintain, protect, and improve our Services, and we do not disclose your information to other parties except for the following purposes:4.1 Personnel
We may share your information with Care Guides, who operate as independent contractors, in order for them to deliver our Services to you.4.3 Members & Supporters
If you are a Member of Curadux, we may share information your provide with Supporters who you invite to participate in the Services. You are not required to invite any Supporters. If you are a Supporter, we may share information your provide with the Member you are supporting, as well as other Supporters the Member has invited to participate in our Services.4.4 Service Providers
We may share your information with third party service providers who we use to deliver our Services. For example, we use third party services to operate our website, to process payments, to account for financial transactions, and other related business functions.4.5 Notifications
We may use your information in order to provide email and SMS notifications as part of our Services, as well as to keep you informed about our products, services, and promotions. You can turn these notifications on or off on our website.4.6 Research
To evaluate and improve our Services, we may periodically ask you to voluntarily complete a survey. We may also use your information to aggregate the results surveys to gain a better understanding of the needs and preferences of our users, and share non-personally identifiable statistical information about our Services with third-parties.4.7 Others Purposes
If we send you promotional emails or other similar communications, we will provide you with the ability to "opt-out of" receiving such communications. You may not opt-out of important formal notices concerning the operation of our website, and legal and other related notices concerning your relationship to our website.5.2 Deleting Information
If you have provided information in connection with your use of our Services, upon your request, we will delete your Personal Information from our databases. Please understand it may be impossible to remove this information completely, due to backups and records of deletions. In addition, please understand that, if you request deletion of your information, you may be unable to use our Services.5.3 Limitations
If your Curadux membership is sponsored by a Covered Entity (a health plan, a healthcare clearinghouse, or a healthcare provider), as defined by the Health Insurance Portability and Accountability Act (“HIPAA”), we may need to collect certain “Personal Health Information” (“PHI”). You hereby agree that Curadux may use and/or disclose your PHI between Curadux and the Covered Entity in order to for us to create an account and provide you with our Services. Curadux may disclose your PHI either directly to a Covered Entity or indirectly through an electronic health record, benefits verification, or some other health information exchange platform in which Curadux participates. Once the information above is released, the information may be subject to re-disclosure by Curadux or a Covered Entity and may not be protected under the privacy rules promulgated under HIPAA. The Covered Entity will provide you with a copy of your PHI for which this authorization is being sought upon your written request. The Covered Entity may not condition treatment, payment, enrollment, or eligibility for benefits (as applicable) on whether you agree to this authorization. This authorization will remain in effect until you revoke it, and no further use or disclosure of your PHI is permitted. You may revoke this authorization at any time. This revocation must be in writing, and submitted to the following address: Curadux, P.O. Box 12043, Austin, Texas 78711, United States of America.7. General
Enter the SMS code we just sent to XXX-XXX-0000
We are about to send you an automated phone call with your verification code. This call will only be made once.