Privacy Policy

Updated: January 1, 2018

1. Overview

Curadux values your privacy and we’ve developed this Privacy Policy so you know what information we collect about you, how we use it, who we share it with, how we store it, and how you can control it.

2. Collection and Uses of Information

Curadux and our affiliates may collect information about you when you use our applications, websites, other products and services, and through other interactions and communications you have with us (collectively "Services"). We use this information to provide, maintain, protect, and improve our Services.

2.1 Personal Information

We may collect "Personal Information", which is data that you provide that could reasonably be used to identify you, such as your name, phone number, email address, mailing address, billing information, or other similar data. You are not required to provide Personal Information, but if you choose not to provide it, we may be unable to deliver our services.

2.2 Content Information

We may collect “Content Information”, which is data that you create and provide while using our Services, such as information about your personal health, surveys, meetings, updates, messages, uploaded files, actions you take, and other similar types of information. We use Content Information to display to Care Guides and other Supporters who you have authorized to access such information.

2.3 Technical Information

We may collect “Technical Information”, which is data about your usage of our Services, such as your IP address, device, browser, and other similar types of information contained in server logs and related sources. We use Technical Information to understand how you and other users are using and interacting with our Services, so we can optimize and improve our Services. We also use this information to protect you and other users from external and inside security threats, and to resolve technical issues that inevitably arise in the context of software development.

2.4 Cookie Information

We may collect information through the use of "cookies" or other similar technologies. We use this information to make your life easier by allowing our Servers to remember your preferences and details you've already entered so you don't have to enter the same information twice and for other similar purposes. We never use cookies to track your web browsing activity after you've left our website and most browsers will allow you to block cookies in the settings options if you'd prefer not to use them.

2.5 Third-Party Information

We may collect and combine information about you from third-party sources in order to personalize and enhance our Services.

3. Protection of Information

We are serious about protecting your information and have taken reasonable steps to protect your information from both external and internal security threats.

3.1 Physical Premises

Your information must physically reside somewhere and those premises must be protected. We currently host your information in the physical data centers operated by Amazon Web Services which has developed one of the premier data security regimes in the world and can provide a level of protection for your information that we simply cannot provide on our own at this time.

3.2 Data Encryption

We employ a variety of technical safeguards to protect your information. We encrypt your stored data (data at rest), and we currently encrypt all traffic sent to or from our servers (data in transit) using an Wildcard SSL Certificate issued by DigiCert which features the maximum 256-bit encryption with the SHA-2 hashing algorithm.

3.3 Employee Security

We limit internal access to our Services so employees and consultants can only access information that they need to know. We require all employees and consultants to sign non-disclosure agreements and all consultants are required to meet minimum privacy standards. We currently log and monitor all API calls to our servers so we can audit and detect any irregularities.

3.4 Vendor Security

We require third-party vendors to sign non-disclosure agreements and/or to meet certain minimum privacy standards. We have also sought to limit our reliance on third-party vendors to the maximum extent possible in order to minimize external risks to your information.

4. Disclosure of Information

We generally use your information only to provide, maintain, protect, and improve our Services, and we do not disclose your information to other parties except for the following purposes:

4.1 Personnel

We may share your information with Curadux employees, independent contractors, or strategic partners in order to deliver, manage, and support our Services, provided they agree to protect your information according to the rest of this Privacy Policy.

4.2 Care Guides

We may share your information with Care Guides, who operate as independent contractors, in order for them to deliver our Services to you.

4.3 Members & Supporters

If you are a Member of Curadux, we may share information your provide with Supporters who you invite to participate in the Services. You are not required to invite any Supporters. If you are a Supporter, we may share information your provide with the Member you are supporting, as well as other Supporters the Member has invited to participate in our Services.

4.4 Service Providers

We may share your information with third party service providers who we use to deliver our Services. For example, we use third party services to operate our website, to process payments, to account for financial transactions, and other related business functions.

4.5 Notifications

We may use your information in order to provide email and SMS notifications as part of our Services, as well as to keep you informed about our products, services, and promotions. You can turn these notifications on or off on our website.

4.6 Research

To evaluate and improve our Services, we may periodically ask you to voluntarily complete a survey. We may also use your information to aggregate the results surveys to gain a better understanding of the needs and preferences of our users, and share non-personally identifiable statistical information about our Services with third-parties.

4.7 Others Purposes

We may share your information in accordance with the terms of, and to enforce, our Terms of Use, to protect our operations or customers, or to comply with legitimate legal processes or law enforcement purposes. We may also share your information for purposes of national security, law enforcement, or other issues of public importance, if necessary or appropriate. Additionally, in the event of a reorganization, merger, or sale we may transfer any and all of your information to the relevant third party.

5. Control of Information

5.1 Opt-Out

If we send you promotional emails or other similar communications, we will provide you with the ability to "opt-out of" receiving such communications. You may not opt-out of important formal notices concerning the operation of our website, and legal and other related notices concerning your relationship to our website.

5.2 Deleting Information

If you have provided information in connection with your use of our Services, upon your request, we will delete your Personal Information from our databases. Please understand it may be impossible to remove this information completely, due to backups and records of deletions. In addition, please understand that, if you request deletion of your information, you may be unable to use our Services.

5.3 Limitations

Our Privacy Policy applies only to information collected through our website, and does not apply to non-website information or information Curadux obtains from other sources.

6. HIPAA Authorization

If your Curadux membership is sponsored by a Covered Entity (a health plan, a healthcare clearinghouse, or a healthcare provider), as defined by the Health Insurance Portability and Accountability Act (“HIPAA”), we may need to collect certain “Personal Health Information” (“PHI”). You hereby agree that Curadux may use and/or disclose your PHI between Curadux and the Covered Entity in order to for us to create an account and provide you with our Services. Curadux may disclose your PHI either directly to a Covered Entity or indirectly through an electronic health record, benefits verification, or some other health information exchange platform in which Curadux participates. Once the information above is released, the information may be subject to re-disclosure by Curadux or a Covered Entity and may not be protected under the privacy rules promulgated under HIPAA. The Covered Entity will provide you with a copy of your PHI for which this authorization is being sought upon your written request. The Covered Entity may not condition treatment, payment, enrollment, or eligibility for benefits (as applicable) on whether you agree to this authorization. This authorization will remain in effect until you revoke it, and no further use or disclosure of your PHI is permitted. You may revoke this authorization at any time. This revocation must be in writing, and submitted to the following address: Curadux, P.O. Box 12043, Austin, Texas 78711, United States of America.

7. General

From time to time, we may change our Privacy Policy. We will post notice of the new Policy from the privacy link on our Website. Your use of our website following any such change constitutes your agreement to follow and be bound by our Privacy Policy, as changed. If you want to know what data we have collected about you, change or correct any data we have collected about you, or express any other concerns about our use of your data, please call us at 855-5-CURADUX or email us at [email protected]