Version Date: November 5, 2020

 

PRIVACY POLICY

 

GENERAL

 

Welcome to the family of websites and services provided by Proficient, Inc. (“Company” or “we” or “us” or “our”). We respect the privacy of its users (“user” or “you”) that use one or more of our websites (e.g. https://profhealthprd.wpengine.com/, https://www.mdinterconnect.com/, https://*.rapidconnect.us, https://*.proficienthealth.com, https://*.proficienthealth.net), and through all other media forms, media channels, technology, software, products, services, and mobile applications related or connected thereto (collectively, the “Website”). The following privacy policy (“Privacy Policy”) is designed to inform you, as a user of the Website, about the types of information that we may gather about or collect from you in connection with your use of the Website. It also is intended to explain the conditions under which we use and disclose that information, and your rights in relation to that information. Changes to this Privacy Policy are discussed at the end of this document. Each time you use the Website, however, the current version of this Privacy Policy will apply. Accordingly, each time you use the Website you should check the date of this Privacy Policy (which appears at the beginning of this document) and review any changes since the last time you used the Website.

 

In addition to this Privacy Policy please review our Terms of Use which govern your use of the Website. By using the Website, you acknowledge that you have read and understood our Privacy Policy and our Terms of Use and accept our collection, use and disclosure of your information and data, and other activities, as described below. If you do not agree to the terms of this Privacy Policy, please do not use the Website.

 

We are a private company, established in the U.S.A., registered at 301 S Elm St, Suite 905,      Greensboro, NC 27401, United States (“Physical Notice Address”) with the contact email address legal@proficienthealth.com (“Email Notice Address”) and for the purposes of the General Data Protection Regulation (“GDPR”) we are the data processor.

 

The Website is hosted in the United States of America and is subject to U.S. state and federal law. You agree to abide by the applicable laws of applicable states and U.S. federal law concerning your use of the Website and your agreements with us. Any persons accessing our Website from any jurisdiction with laws or regulations governing the use of the Internet, including personal data collection, use and disclosure, different from those of the jurisdictions mentioned above may only use the Website in a manner lawful in their jurisdiction. If your use of the Website would be unlawful in your jurisdiction, please do not use the Website.

 

BY USING OR ACCESSING THE WEBSITE, YOU ARE ACCEPTING THE PRIVACY POLICY AND ALL APPLICABLE CHANGES TO IT, AS WELL AS THE PRACTICES DESCRIBED IN THIS PRIVACY POLICY.

 

GATHERING, USE AND DISCLOSURE OF NON-PERSONALLY-IDENTIFYING INFORMATION

 

Users of the Website Generally

“Non-Personally-Identifying Information” is information that, without the aid of additional information, cannot be directly associated with a specific person. “Personally-Identifying Information,” by contrast, is information such as a name or email address that, without more, can be directly associated with a specific person. Like most website operators, We gather from users of the Website Non-Personally-Identifying Information of the sort that Web browsers, depending on their settings, may make available. That information includes the user’s Internet Protocol (IP) address, operating system, browser type and the locations of the websites the user views right before arriving at, while navigating and immediately after leaving the Website. Although such information is not Personally-Identifying Information, it may be possible for us to determine from an IP address a user’s Internet service provider and the geographic location of the visitor’s point of connectivity as well as other statistical usage data. We analyze Non-Personally-Identifying Information gathered from users of the Website to help us better understand how the Website is being used. By identifying patterns and trends in usage, we are able to better design the Website to improve users’ experiences, both in terms of content and ease of use. From time to time, We may also release the Non-Personally-Identifying Information gathered from Website users in the aggregate, such as by publishing reports on trends in the usage of the Website.

 

Web Cookies

A “Web Cookie” is a string of information which assigns you a unique identification that a website stores on a user’s computer, and that the user’s browser provides to the website each time the user submits a query to the website. We use cookies on the Website to keep track of services you have used, to record registration information regarding your login name and password, to record your user preferences, to keep you logged into the Website and to facilitate purchase procedures. We also use Web Cookies to track the pages that users visit during each Website session, both to help us improve users’ experiences and to help us understand how the Website is being used. As with other Non-Personally-Identifying Information gathered from users of the Website, We analyze and disclose in aggregated form information gathered using Web Cookies, so as to help Company, its partners and others better understand how the Website is being used.

 

COMPANY USERS WHO DO NOT WISH TO HAVE WEB COOKIES PLACED ON THEIR COMPUTERS SHOULD SET THEIR BROWSERS TO REFUSE WEB COOKIES BEFORE ACCESSING THE WEBSITE, WITH THE UNDERSTANDING THAT CERTAIN FEATURES OF THE WEBSITE MAY NOT FUNCTION PROPERLY WITHOUT THE AID OF WEB COOKIES. WEBSITE USERS WHO REFUSE WEB COOKIES ASSUME ALL RESPONSIBILITY FOR ANY RESULTING LOSS OF FUNCTIONALITY. 

 

Web Beacons

A “Web Beacon” is an object that is embedded in a web page or email that is usually invisible to the user and allows website operators to check whether a user has viewed a particular web page or an email. We may use Web Beacons on the Website and in emails to count users who have visited particular pages, viewed emails and to deliver co-branded services. Web Beacons are not used to access users’ Personally-Identifying Information, rather they are a technique we may use to compile aggregated statistics about Website usage. Web Beacons collect only a limited set of information, including a Web Cookie number, time and date of a page or email view and a description of the page or email on which the Web Beacon resides. You may not decline Web Beacons. However, they can be rendered ineffective by declining all Web Cookies or modifying your browser setting to notify you each time a Web Cookie is tendered, permitting you to accept or decline Web Cookies on an individual basis.

 

Analytics

We may use third-party vendors, including Google, who use first-party cookies (such as the Google Analytics cookie) and third-party cookies (such as the DoubleClick cookie) together to inform, optimize and serve ads based on your past activity on the Website, including Google Analytics for Display Advertising. The information collected may be used to, among other things, analyze and track data, determine the popularity of certain content and better understand online activity. If you do not want any information to be collected and used by Google Analytics, you can install an opt-out in your web browser (https://tools.google.com/dlpage/gaoptout/) and/or opt out from Google Analytics for Display Advertising or the Google Display Network by using Google’s Ads Settings (www.google.com/settings/ads).

 

Aggregated and Non-Personally-Identifying Information

We may share aggregated and Non-Personally Identifying Information we collect under any of the above circumstances. We may also share it with third parties and our affiliate companies to develop and deliver targeted advertising on the Website and on websites of third parties. We may combine Non-Personally Identifying Information we collect with additional Non-Personally Identifying Information collected from other sources. We also may share aggregated information with third parties, including advisors, advertisers and investors, for the purpose of conducting general business analysis. For example, we may tell our advertisers the number of visitors to the Website and the most popular features or services accessed. This information does not contain any Personally-Identifying Information and may be used to develop website content and services that we hope you and other users will find of interest and to target content and advertising.

Mobile Device Additional Terms

  • Mobile Device. If you use a mobile device to access the Website or download any of our applications, we may collect device information (such as your mobile device ID, model and manufacturer), operating system, version information and IP address.
  • Geo-Location Information. Unless we have received your prior consent, we do not access or track any location-based information from your mobile device at any time while downloading or using our mobile application or our services, except that it may be possible for us to determine from an IP address the geographic location of your point of connectivity, in which case we may gather and use such general location data.
  • Push Notifications. We send you push notifications if you choose to receive them, letting you know when someone has sent you a message or for other service-related matters. If you wish to opt-out from receiving these types of communications, you may turn them off in your device’s settings, with the understanding that without these types of communications features of our applications may not function properly. If you choose to turn off these features in your device’s settings, you assume all responsibility for any resulting loss of functionality.
  • Mobile Analytics. We use mobile analytics software to allow us to better understand the functionality of our mobile software on your phone. This software may record information, such as how often you use the application, the events that occur within the application, aggregated usage, performance data and where the application was downloaded from. We do not link the information we store within the analytics software to any Personally-Identifying Information you submit within the mobile application.

 

Third-Party Hosting

Company contracts with a third party to maintain and host the Website. Therefore, any information you submit, including personal information, will be placed and stored on a computer server maintained by this third-party host. The third party has agreed to implement technology and security features and strict policy guidelines to safeguard the privacy of your personal information from unauthorized access or improper use.

COLLECTION, USE AND DISCLOSURE OF PERSONALLY-IDENTIFYING INFORMATION

Company Disclosures

 

We will disclose Personally-Identifying Information under the following circumstances:

  • By Law or to Protect Rights. When we believe disclosure is appropriate, we may disclose Personally-Identifying Information in connection with efforts to investigate, prevent or take other action regarding illegal activity, suspected fraud or other wrongdoing; to protect and defend the rights, property or safety of Company, our users, our employees or others; to comply with applicable law or cooperate with law enforcement; to enforce our Terms of Use or other agreements or policies; in response to a subpoena or similar investigative demand, a court order or a request for cooperation from a law enforcement or other government agency; to establish or exercise our legal rights; to defend against legal claims; or as otherwise required by law. In such cases, we may raise or waive any legal objection or right available to us.
  • Third-Party Service Providers. We may share your Personally-Identifying Information, which may include your name and contact information (including email address) with our authorized service providers that perform certain services on our behalf. These services may include providing customer service and supporting the Website’s functionality. These service providers may have access to personal information needed to perform their functions but are not permitted to share or use such information for any other purpose.

 

Changing Personally-Identifying Information; Account Termination 

You may at any time review or change your Personally-Identifying Information by going to your account settings (if applicable) or contacting us using the contact information below.  Upon your request, we will deactivate or delete your account and contact information from our active databases. Such information will be deactivated or deleted as soon as practicable based on your account activity and accordance with our deactivation policy and applicable law. To make this request, either go to your account settings (if applicable) or contact us as provided below. We will retain in our files some Personally-Identifying Information to prevent fraud, to troubleshoot problems, to assist with any investigations, to enforce our Terms of Use and to comply with legal requirements as is permitted by law. Therefore, you should not expect that all your Personally-Identifying Information will be completely removed from our databases in response to your requests. Additionally, we keep a history of changed information to investigate suspected fraud with your account. We do not recommend you send an e-mail message to explain the correction or change because email is considered a nonencrypted (and therefore nonsecure) form of communication, and it can be accessed and viewed by others without your knowledge and permission. For that reason, to protect your privacy, please do not use email to communicate information that you consider confidential.

 

General Use

As it is in our legitimate interests to be responsive to you and to ensure the proper functioning of our Website and provide you with a user-friendly experience, we use the Personally-Identifying Information in the file we maintain about you, and other information we obtain from your current and past activities on the Website (1) to deliver the products and services that you have requested; (2) to improve the Website, our services, and our marketing endeavors;  (3) to manage your account and provide you with customer support; (4) to develop and display content and advertising tailored to your interests on the Website and other sites; (5) to resolve disputes and troubleshoot problems; (6) to measure consumer interest in our services; (7) to inform you of updates; (8) to customize your experience which may include serving you specific content or ads that we deem are relevant to you; (9) manage risk, to detect, prevent, and/or remediate fraud or other potentially prohibited or illegal activities and otherwise protect us against error or other criminal activity; (10) to manage and protect our information technology infrastructure to enforce our Terms of Use; (11) for internal business purposes; to comply with our legal and regulatory obligations and (12) for purposes disclosed at the time you provide your information or as otherwise set forth in this Privacy Policy. At times, we may look across multiple users to identify problems. In particular, we may examine your Personally-Identifying Information to identify users using multiple user IDs or aliases. We may compare and review your Personally-Identifying Information for accuracy and to detect errors and omissions.

 

COLLECTION AND USE OF INFORMATION BY THIRD PARTIES GENERALLY

Company contractually prohibits its contractors, affiliates, vendors and suppliers from disclosing Personally-Identifying Information received from us, other than in accordance with this Privacy Policy. However, third parties are under no obligation to comply with this Privacy Policy with respect to Personally-Identifying Information that users provide directly to those third parties, or that those third parties collect for themselves. These third parties include advertisers, providers of games, utilities, widgets and a variety of other third-party applications accessible through the Website. We neither own or control the third-party websites and applications accessible through the Website. Thus, this Privacy Policy does not apply to information provided to or gathered by the third parties that operate them. Before visiting a third party website, or using a third-party application, whether by means of a link on the Website, directly through the Website or otherwise, and before providing any Personally-Identifying Information to any such third party, users should inform themselves of the privacy policies and practices (if any) of the third party responsible for that website or application, and should take those steps necessary to, in those users’ discretion, protect their privacy.

 

SECURITY

We take the security of your Personally-Identifying Information seriously and use reasonable electronic, personnel and physical measures to protect it from loss, theft, alteration or misuse.  However, please be advised that even the best security measures cannot fully eliminate all risks. We cannot guarantee that only authorized persons will view your information. We are not responsible for third-party circumvention of any privacy settings or security measures. Please note that emails and other communications you send to us through our Website are not encrypted, and we strongly advise you not to communicate any confidential information through these means. Transmitting your personal information to us is at your own risk.

We are dedicated to protect all information on the Website as is necessary. However, you are responsible for maintaining the confidentiality of your Personally-Identifying Information by keeping your password confidential. You should change your password immediately if you believe someone has gained unauthorized access to it or your account. If you lose control of your account, you should notify us immediately.

 

CHILDREN

The Children’s Online Privacy Protection Act (“COPPA”) protects the online privacy of children under 13 years of age. We do not knowingly collect or maintain Personally-Identifying Information from anyone under the age of 13, unless or except as permitted by law. Any person who provides Personally-Identifying Information through the Website represents to us that he or she is 13 years of age or older. If we learn that Personally-Identifying Information has been collected from a user under 13 years of age on or through the Website, then we will take the appropriate steps to cause this information to be deleted. If you are the parent or legal guardian of a child under 13 who has become a member of the Website or has otherwise transferred Personally-Identifying Information to the Website, please contact us using our contact information below to have that child’s account terminated and information deleted.

 

CALIFORNIA SPECIFIC PRIVACY RIGHTS

This section applies with respect to any users located in the State of California. For California residents, pursuant to the California Consumer Privacy Act of 2018, as amended (“Consumer Privacy Act”), you may (i) elect to opt out of the sale of your “personal information” (as defined by the Consumer Privacy Act) by us, (ii) request that Company and its service providers delete any of your personal information collected, (iii) request that Company deliver to you, free of charge, any of your personal information collected over the past 12 months preceding the request, and (iv) request certain information regarding any collection, sale, and disclosure of your personal information over the past 12 months preceding the request (including the categories of personal information collected, sold, and/or disclosed for a business purpose, the categories of sources from which the information was collected, the business or commercial purpose for collecting or selling the information, the categories of third parties with whom the information was shared, and the specific pieces of the information collected). 

You may opt out of the sale of your personal information by emailing legal@proficienthealth.com: DO NOT SELL MY PERSONAL INFORMATION.  Requests may be submitted and the foregoing rights may be exercised upon notice to us at, and questions or concerns about this Privacy Policy may be directed to, at our Email Notice Address with “California Privacy Rights” as the subject line or mail us a letter to us at our Physical Notice Address. You must include your full name, email address, and postal address in your request.

We will honor these rights to the extent required by the Consumer Privacy Act. Any requests submitted must be verified by us before we will respond, and to enable this verification we may require you to provide us information confirming your identity, which may include any username or password information, and the personal information matching that which we have in our records. You may submit requests through an authorized agent given authority through a power of attorney form or other authorization acceptable to and verified by us. We will not discriminate against users based on their exercise of any of the rights under the Consumer Privacy Act, provided that the CCI may charge different prices to users based on the value of the data they provide.

The types of personal information collected in the last 12 months and how this information has been shared are as described in this Privacy Policy.

In addition, California Civil Code Section 1798.83, also known as the “Shine The Light” law, permits our users who are California residents to request and obtain from us, once a year and free of charge, information about the Personally-Identifying Information (if any) we disclosed to third parties for direct marketing purposes in the preceding calendar year. If applicable, this information would include a list of the categories of the Personally-Identifying Information that was shared and the names and addresses of all third parties with which we shared Personally-Identifying Information in the immediately preceding calendar year. If you are a California resident and would like to make such a request, please submit your request in writing to our privacy officer as listed below. Under Section 1798.83, we currently do not share any personal information with third parties for their direct marketing purposes.

 

California Do Not Track Disclosures

Various third-parties are developing or have developed signals or other mechanisms for the expression of consumer choice regarding the collection of information about an individual consumer’s online activities over time and across third-party websites or online services (e.g., browser do not track signals). Currently, we do not monitor or take any action with respect to these signals or other mechanisms.

 

NEVADA SPECIFIC PRIVACY RIGHTS –  “Do Not Sell My Personal Information”

We may elect to share information about you with third-parties for those third-parties’ direct marketing purposes. Nevada Revised Statutes §§ 603A.300-.360 permits Nevada residents who have supplied personal information (as defined in the law) to us to, under certain circumstances, request and opt out of the sale of your personal information to third-parties for their direct marketing purposes. If this law applies to you, and you wish to make such a request, please provide sufficient information for us to determine if this applies to you, attest to the fact that you are a Nevada resident and provide a current Nevada address for our response. To make such a request, please contact us at our Email Notice Address with “Nevada Privacy Rights” as the subject line or mail us a letter at our Physical Notice Address. You must include your full name, email address, and postal address in your request.

STANDARD CONTRACTUAL CLAUSES

To the extent Company has agreements in place with any affiliates or subprocessors, each who may have access to the personal data, such agreements shall incorporate the EU Commission approved Standard Contractual Clauses (“Standard Contractual Clauses”).

 

DATA TRANSFERS

(a) Onward Transfer. Company will not disclose any personally identifiable information to a third party who is not a Company contractor or agent (“Agent”) except as outlined above. For third parties acting as an Agent, Company will ascertain that the third party follows the Standard Contractual Clauses, is subject to the EU Data Protection Directive, or has entered into an agreement with CCI that is consistent with the applicable or required principles.

 

In the context of an onward transfer, Company has responsibility for the processing of personal information it receives under the Standard Contractual Clauses and subsequently transfers to an Agent on its behalf. Company shall remain liable under the Standard Contractual Clauses principles if its Agent processes such personal information in a manner inconsistent with such principles, unless Company proves that it is not responsible for the event giving rise to the damage.

 

(b) Data transfer to other controllers. Principally, any personally identifiable information is forwarded to other controllers only if required for the fulfillment of a contractual obligation, or if we ourselves, or a third party, have a legitimate interest in the data transfer, or if you have given your consent. Additionally, data may be transferred to other controllers when we are obliged to do so due to statutory regulations or enforceable administrative or judicial orders.

 

(c) Service providers (general). We involve external service providers with tasks such as sales and marketing services, contract management and processing, payment handling, programming, and data hosting. We have chosen those service providers carefully and monitor them on a regular basis, especially regarding their diligent handling of and protection of the data that they store. All service providers are obliged to maintain confidentiality and to comply with the statutory provisions. Service providers may also be our affiliates.

 

USERS OUTSIDE OF THE UNITED STATES

(a) Transfer of Your Information. Our Services are operated in the United States and intended primarily for users located in the United States. While we do market our Services to users outside the United States we do not do so in any material manner. As such, if you are located outside of the United States, please be aware that information we collect, including personal information, will be transferred to, and processed, stored and used in the United States in order to provide the Services to you. Where GDPR applies and our processors of your personal information are located outside the European Economic Area, such transfer will only be to a recipient country that ensures an adequate level of data protection, or with your explicit consent.

(b) Additional Rights Provided to EU Individuals

  • Access and Portability: You have the right to ask us to access the information we hold about you, including personal information, and be provided with certain information about how we use your such information and who we share it with. Where you have provided your personal information to us with your consent, you have the right to ask us for a copy of this data in a structured, machine readable format, and to ask us to share (port) this data to another data controller.
  • Right to deletion: In certain circumstances, you have the right to ask us to delete personal information we hold about you:
    • where you believe that it is no longer necessary for us to hold your data including personal information;
    • where we are processing your personal information on the basis of legitimate interests and you object to such processing and we cannot demonstrate an overriding legitimate ground for the processing;
    • where you have provided your personal information to us with your consent and you wish to withdraw your consent and there is no other ground under which we can process your personal information; or
    • where you believe the personal information we hold about you is being unlawfully processed by us.
  • Restriction: In certain circumstances, you have the right to ask us to restrict (stop any active) processing of your personal information:
    • where you believe the personal information we hold about you is inaccurate and while we verify accuracy;
    • where we want to erase your personal information as the processing is unlawful, but you want us to continue to store it;
    • where we no longer need your personal information for the purposes of our processing, but you require us to retain the data for the establishment, exercise or defense of legal claims; or
    • where you have objected to us processing your personal information based on our legitimate interests and we are considering your objection.

 

In addition, you can object to our processing of your Personal Information based on our legitimate interests and we will no longer process your Personal Information unless we can demonstrate an overriding legitimate ground.

 

To exercise any of these rights above, please contact us at our Email Notice Address.

 

Please note that these rights are limited, for example, where fulfilling your request would adversely affect other individuals, where there are overriding public interest reasons, or where we are required by law to retain your personal information.

 

You can withdraw your consent at any time by contacting us at our Email Notice Address. 

  • Complaints: In the event that you wish to make a complaint about how we process your Personal Information, please contact us in the first instance at our Email Notice Address and we will endeavor to deal with your request as soon as possible. This is without prejudice to your right to raise a complaint with a relevant supervisory authority.

 

DISPUTE RESOLUTION.

Any questions or concerns regarding the use or disclosure of personal information should be directed to us pursuant to the contact information below. We will investigate and attempt to resolve complaints and disputes regarding use and disclosure of personal information in accordance with the principles contained in this Privacy Policy. 

All disputes arising out of or related to this Privacy Policy shall be finally settled under the Rules of Arbitration of the International Chamber of Commerce by one arbitrator appointed in accordance with such rules. The place of arbitration shall be in Guilford County, North Carolina, USA. The arbitration shall be conducted in English. The arbitrator shall award to the prevailing party, if any, as determined by the arbitrators, its reasonable attorneys’ fees and costs, including the costs of the arbitration. Judgment on any arbitral award may be entered in any court having jurisdiction. 

The parties shall keep confidential: (i) the fact that any arbitration occurred; (ii) any awards awarded in the arbitration; (iii) all materials used, or created for use in the arbitration; and (iv) all other documents produced by another party in the arbitration and not otherwise in the public domain, except, with respect to each of the foregoing, to the extent that disclosure may be legally required (including to protect or pursue a legal right) or necessary to enforce or challenge an arbitration award before a court or other judicial authority.

 

IN THE EVENT OF MERGER, SALE, OR BANKRUPTCY

Company reserves the right to transfer all Personally-Identifying Information in its possession to a successor organization in the event of a merger, acquisition, bankruptcy or other sale of all or a portion of Company’s assets. Other than to the extent ordered by a bankruptcy or other court, the use and disclosure of all transferred Personally-Identifying Information will be subject to this Privacy Policy, or to a new privacy policy if you are given notice of that new privacy policy and are given an opportunity to affirmatively opt-out of it. Personally-Identifying Information submitted or collected after a transfer, however, may be subject to a new privacy policy adopted by the successor organization. In the unlikely event of our bankruptcy, insolvency, reorganization, receivership, or assignment for the benefit of creditors, or the application of laws or equitable principles affecting creditors’ rights generally, we may not be able to control how personal information is treated, transferred, or used.

 

PRIVACY POLICY CHANGES

Company may, in its sole discretion, change this Privacy Policy from time to time. Any and all changes to this Privacy Policy will be reflected on this page and the date new versions are posted will be stated at the top of this Privacy Policy. Unless stated otherwise, our current Privacy Policy applies to all information that we have about you and your account. Users should regularly check this page for any changes to this Privacy Policy. Company will always post new versions of the Privacy Policy on the Website. However, we may, as determined in our own discretion, decide to notify users of changes made to this Privacy Policy via email or otherwise. Accordingly, it is important that users always maintain and update their contact information.

CONTACT

If you have any questions regarding our Privacy Policy, please contact our Privacy Officer at the Email Notice Address.