Our company is committed to protecting your privacy and we take great care with your personal information. This policy will help you understand how we use and protect your data. If you have any questions, feel free to contact us at firstname.lastname@example.org. Thank you for using Florie!
Effective Date: September 30, 2022
2.1 Personal Information Generally
Most of our Services require us to learn more about you so that we can best meet your needs. When you access the Services, we may ask you to voluntarily provide us certain information that personally identifies you or could be used to personally identify you (“Personal Information”) as a necessary component of executing your commands within our Services. Personal Information includes (but is not limited to) the following categories of information: (1) personal contact data (such as your e-mail address, phone number, and the name, address, and phone number of your practice or organization); (2) professional data (such as your specialty, degree, insurance plans accepted, and certification(s)); (3) contact information of the colleague(s) or patient(s) with whom you choose to interact on your computing or mobile device; (4) insurance plans that you wish to accept; and (5) other identifying information that you voluntarily choose to provide to us, including without limitation unique identifiers such as passwords, networks that you may wish to initiate or join, and Personal Information in emails or letters that you send to Florie customer service. We may also collect additional information, which may be Personal Information, as otherwise described to you at the point of collection or pursuant to your consent. For example, if you wish to share an image from your computing or mobile device with a colleague or patient through one of our Services, we will need to “collect” the image in order to encrypt it and transmit it on your behalf. You may still access and use some of the Services if you choose not to provide us with any Personal Information, but features of the Services that require your Personal Information will not be accessible to you.
2.2 Billing, Collection and Payment Information
2.3 Traffic Data
We also may automatically collect certain data when you use the Services, such as (1) IP address; (2) domain server; (3) type of device(s) used to access the Services; (4) web browser(s) used to access the Services; (5) referring webpage or other source through which you accessed the Services; (6) geolocation information; and (7) other statistics and information associated with the interaction between your browser or device and the Services (collectively “Traffic Data”). Depending on applicable law, some Traffic Data may be Personal Information.
2.4 HIPAA and PHI
Under a federal law called the Health Insurance Portability and Accountability Act (“HIPAA”), some demographic, health and/or health-related information that Florie collects as part of providing the Services may be considered “protected health information” or “PHI.” Specifically, when Florie receives identifiable information about your patient, this information is considered PHI.
We collect information (including Personal Information and Traffic Data) when you use and interact with the Services, and in some cases from third party sources. Such means of collection include:
4.1. Tracking Tools
We may use tools outlined below in order to provide our Services to, advertise to, and to better understand users.
Web Beacons: “Web Beacons” (a.k.a. clear GIFs or pixel tags) are tiny graphic image files embedded in a web page or email that may be used to collect information about the use of our Services, the websites of selected advertisers and the emails, special promotions or newsletters that we send. The information collected by Web Beacons allows us to analyze how many people are using the Services, using selected publishers’ websites or opening emails, and for what purpose, and also allows us to enhance our interest-based advertising (discussed further below).
Website Analytics: We may use third-party website analytics services in connection with the Services, including, for example, to register mouse clicks, mouse movements, scrolling activity and text typed into the Site. We use the information collected from these services to help make the Services easier to use and as otherwise set forth in Section 5 (Use of Information). These website analytics services generally do not collect Personal Information unless you voluntarily provide it and generally do not track your browsing habits across websites that do not use their services.
Mobile Device Identifiers: As with other Tracking Tools, mobile device identifiers help Florie provide location-specific Services to patient and provider users alike. Mobile device identifiers are data stored on mobile devices that may track mobile device and data and activities occurring on and through it, as well as the applications installed on it. Mobile device identifiers enable collection of Personal Information (such as media access control, address and location) and Traffic Data. That said, Florie is committed to:
Cross Device Matching: To determine if users have interacted with content across multiple devices and to match such devices, we may analyze device activity data and/or rely on your information (including demographic, geographic and interest-based data). To supplement this analysis, our software may analyze de-identified data.
4.2. Tracking Tools
Certain Tracking Tools may collect information when you use the Services, such as IP address, mobile device ID, operating system, browser, web page interactions, and geographic location. While these Tracking Tools help Florie learn more about our users’ demographics and internet behaviors, they are fully de-identified during the collection process so that patient identities can never be established or tracked by Florie employees or third-party vendors.
4.3. Options for Opting out of Cookies and Mobile Device Identifiers
Some web browsers (including some mobile web browsers) allow you to reject Cookies or to alert you when a Cookie is placed on your computer, tablet or mobile device. You may be able to reject mobile device identifiers by activating the appropriate setting on your mobile device. Although you are not required to accept Florie’s Cookies or mobile device identifiers, if you block or reject them, you may not have access to all features available through the Services.
You may opt out of receiving certain Cookies and certain trackers by visiting the Network Advertising Initiative (NAI) opt out page or the Digital Advertising Alliance (DAA) consumer opt-out page, or by installing the DAA’s AppChoice app (for iOS; for Android) on your mobile computing device. When you use these opt-out features, an “opt-out” Cookie will be placed on your computer, tablet or mobile computing device indicating that you do not want to receive interest-based advertising from NAI or DAA member companies. If you delete Cookies on your computer, tablet or mobile computing device, you may need to opt out again. For information about how to opt out of interest-based advertising on mobile devices, please visit http://www.applicationprivacy.org/expressing-your-behavioral-advertising-choices-on-a-mobile-device. You will need to opt out of each browser and device for which you desire to apply these opt-out features.
4.4. How Florie Responds to Browser “Do Not Track” (DNT) Signals
Some web browsers (including Safari, Internet Explorer, Firefox and Chrome) incorporate a “Do Not Track” (DNT) or similar feature that signals to websites that a visitor does not want to have his/her online activity and behavior tracked. If a website operator elects to respond to a particular DNT signal, the website operator may refrain from collecting certain Personal Information about the browser’s user. Not all browsers offer a DNT option and there is currently no industry consensus as to what constitutes a DNT signal. For these reasons, many website operators, including Florie, do not proactively respond to DNT signals. For more information about DNT signals, visit http://allaboutdnt.com.
We may use information that is neither Personal Information nor PHI (including non-PHI Personal Information that has been de-identified and/or aggregated) to better understand who uses Florie and how we can deliver a better healthcare experience at our discretion.
We use information, including Personal Information, to provide the Services and to help improve the Services, and to develop new services. Such use may include:
In certain circumstances, and in order to perform the Services, we may disclose certain information that we collect from you:
We may share your and your patients’ Personal Information with Healthcare Providers with whom you choose to interact through the Services. For example, if you invite a Healthcare Provider to join your Florie network, your Personal Information will be shared with such selected Healthcare Providers.
Provided that you choose to use the applicable Services, we may share your and your patients’ Personal Information with applicable Healthcare Providers to enable the flow of referrals to and from your practice.
We do not sell email addresses to third parties.
We do not disclose your mobile phone number to anyone outside of your organization, nor is it disclosed to anyone within your organization with the exception of administrators authorized by your organization to edit your Florie profile.
We may share certain Personal Information and Traffic Data with our partners who perform operational services (such as hosting, billing, fulfillment, data storage, security, insurance verification, or Website analytics) and/or who make certain services, features, or functionality available to our users.
We may make certain information available to search engines if this information is not private, is aggregated or is otherwise non-Personal Information, such as your public Florie profile information and related public data.
We may transfer your information to another company in connection with a merger, sale, acquisition or other change of ownership or control by or of Florie (whether in whole or in part). Should one of these events occur, we will make reasonable efforts to notify you before your information becomes subject to different privacy and security policies and practices.
We also may need to disclose your Personal Information or any other information we collect about you if we determine in good faith that such disclosure is needed to: (1) comply with or fulfill our obligations under applicable law, regulation, court order or other legal process; (2) protect the rights, property or safety of you, Florie or another party; (3) enforce the Agreement or other agreements with you; or (4) respond to claims that any posting or other content violates third-party rights.
We may disclose information that is neither Personal Information nor PHI (including non-PHI Personal Information that has been de-identified and/or aggregated) at our discretion.
You agree that certain information will be available to search engines if this information is not private or is otherwise non-Personal Information, such as your public Florie profile information and related public data. Any information that you enter and approve on your Florie profile page, including but not limited to your name, specialty, practice name, and practice address is available to standard search engines in order to increase your visibility to other Healthcare Providers and prospective patients.
The security of your Personal Information and your patients’ PHI is of the utmost importance to us. We endeavor to meet or exceed generally accepted industry standards to protect the Personal Information and PHI submitted to us, both during transmission and in storage. For example, when you enter sensitive information on our Site, we encrypt that information using Secure Socket Layer (SSL) technology.
In North and South America, we store and process your and your patients’ information on AWS-hosted HIPAA-compliant servers in the United States. In the EU, we store and process your and your patients’ information on separate AWS-hosted GDPR-compliant servers in the EU. We maintain backup and archival processes that meet or exceed industry standards.
Although our encryption and storage protocols store Personal Information in a secure operating environment that exceeds industry standards and is walled off from Florie users and Florie employees alike, neither we nor anyone else can fully guarantee the security of your Personal Information. If at any time during or after our relationship we believe that the security of your Personal Information may have been compromised, we will seek to notify you of that development as promptly as possible under the circumstances. If we have your e-mail address, we may notify you by e-mail to the most recent e-mail address you have provided us in your account profile. Please keep your e-mail address in your account up to date. You can update that e-mail address anytime in your account profile. If you receive a notice from us, you can print it to retain a copy of it. To receive these notices, you must check your e-mail account using your computer or mobile device and email application software.
You consent to our use of e-mail as a means of such notification. If you prefer for us to use your country’s Postal Service to notify you in this situation, please e-mail us at email@example.com.
Please include your address when you submit your request. You can make this election any time, and it will apply to notifications we make after a reasonable time thereafter for us to process your request. You may also use this e-mail address to request a print copy, at no charge, of an electronic notice we have sent to you regarding a compromise of your Personal Information.
If you are a registered user of the Services, you can modify certain Personal Information or account information by logging in and accessing your account. If you wish to close your account, please email us at firstname.lastname@example.org. Florie will delete your account and the related information at your request as soon as reasonably possible. Please note, however, that Florie reserves the right to retain information from closed accounts, including to maintain accurate medical history, comply with law, prevent fraud, resolve disputes, enforce the Agreement and take other actions permitted by law. You must promptly notify us if any of your account data is lost, stolen or used without permission.
The Services are not intended for use by children and children are prohibited from using the Services. Florie does not knowingly collect any information from children, nor are the Services directed to children.
By accessing, using and/or submitting information to or through the Services, you represent that you are not younger than age sixteen (16), and are a health care provider or are employed by and have received express permission from a health care provider not younger than age sixteen (16) to create and receive referrals on their behalf. If we learn that we have received any information directly from a child under age sixteen (16) without his/her parent’s written consent, we will use that information only to respond directly to that child (or his/her parent or legal guardian) to inform the child that he/she cannot use the Services, and we will subsequently delete that information.