This policy is effective as of January, 2023.
I. Who is InSite Health?
InSite Health works to transform psychiatry into the accessible, human, and empowering experience it should be.
InSite Health is not a medical group or a health care provider. InSite provides its users with the ability to obtain a telemedicine consultation provided by independent medical practitioners including, but not limited to, MCCD Psychiatry Services, PLLC and the members of its affiliated covered entity (“Medical Group”), an independent medical group with a network of United States based health care providers (each, a “Provider”). Medical Group (or your own medical provider if you do not use a Medical Group Provider) is responsible for providing you with a Notice of Privacy Practices describing its collection and use of your health information, not InSite Health.
Key Term – Definition
- “Personal Information” – Any information relating to an identified or identifiable individual and any information listed here.
- our “Platform” – Our Website
- “Products” – Any products available for purchase on our Platform.
- our “Services” – Any services provided through our Platform.
- our “Website(s)” – Our websites, including: www.insitehealth.net
- “InSite,” “InSite Health,” “we,” “us,” or “our” – InSite Health, Inc.
- You visit or use our Platform, including our Website;
- We communicate in e-mail, text message, and other electronic messages between you and us; and
- We communicate in person, such as on the phone or through a telehealth visit.
III. Personal Information
What is Personal Information?
Personal information is information from and about you that may be able to personally identify you. We treat any information that may identify you as personal information. For example, your name and e-mail address are personal information.
What types of Personal Information do we collect?
We may collect and use the following personal information (hereinafter, collectively referred to as “Personal Information”):
- Categories of Personal Information
Specific Types of Personal Information Collected
- Personal Identifiers
a real name, birth date, e-mail address, home address, shipping address, or Patient ID.
- Information that identifies, relates to, describes, or is capable of being associated with a particular individual
name, username or online identifier, physical characteristics or description, telephone number, credit card number, debit card number, or any other financial information, state ID number, driver’s license number, medical conditions, insurance policy number, family medical history, and medications currently taking or prescribed,
- Characteristics of protected classifications under California or federal law.
Race, Color, Age, National origin, Sex/Sexual orientation, Medical Conditions, Marital Status, Veteran/Military Status, or Disability
- Biometric information
Photos, video, psychological characteristics, behavioral characteristics, and voice
- Internet or other electronic network activity information
IP address, device mode, device ID, OS version, device language, operating system, browser type, browsing history, search history, and information regarding a consumer’s interaction with an Internet Web site, application, or advertisement.
- Geolocation data
Physical location or movements, local time, and local time zone.
Some Personal Information we collect may constitute PHI under HIPAA. As set forth above, your Provider will provide you with a Notice of Privacy Practices describing their collection and use of your health information, not InSite Health. We will only collect and use PHI for the purposes of providing the Services and we only collect the minimum amount necessary to fully perform and provide the Services on our Platform. We may combine your PHI with Personal Information that we have either obtained from you or through a third-party, such as your Provider, health insurer, employee benefits program, or other health care providers. PHI will only be used and disclosed as outlined in the Notice of Privacy Practices and as permitted by HIPAA and other applicable law.
How do we collect your Personal Information?
We collect most of this Personal Information directly from you. For example, when we speak to you by phone, text message, and e-mail. Additionally, we will collect information from you when you visit our Platform and fill out forms or purchase our Services.
We may also collect Personal Information in the following ways:
- From third-party apps you choose to connect your mobile device to, such as Apple Health or Google Fit.
- When you make payments through the Platform. We do not collect or store financial account information, though we may receive transaction identifiers and summary information that does not include credit card or bank account numbers.
- When You Contact Us. When you contact InSite Health directly, such as when you contact our Customer Support team, we will receive the contents of your message or any attachments you may send to us, as well as any additional information you choose to provide.
We will also collect information automatically as you navigate through our Platform. We use the following technologies to automatically collect data:
- DoubleClick. We also may use DART cookies for ad serving through Google’s DoubleClick, which places a cookie on your computer when you are browsing the web and visit a site using DoubleClick advertising (including some Google AdSense advertisements). This cookie is used to serve ads specific to you and your interests (”interest based targeting”). The ads served will be targeted based on your previous browsing history (For example, if you have been viewing sites about visiting golf, you may see golf advertisements when viewing a non-related site, such as on a site about health care). You can opt-out of this ad serving on all sites using this advertising by visiting here.
- Facebook Pixel and Instagram. We use Facebook Pixel and Instagram, a web analytics and advertising service provided by Facebook Inc. (“Facebook”) on our Platform. With its help, we and our customers can keep track of what users do after they see or click on a Facebook or Instagram advertisement, keep track of users who access our Platform or advertisements from different devices, and better provide advertisements to our target audiences. The data from Facebook Pixel and Instagram is also saved and processed by Facebook. Facebook can connect this data with your Facebook or Instagram account and use it for its own and others advertising purposes, in accordance with Facebook’s Data Policy which can be found at https://www.facebook.com/about/privacy/. Please click here if you would like to withdraw your consent for use of your data with Facebook Pixel https://www.facebook.com/settings/?tab=ads#_=_.
- Google Ads (AdWords). Google Ads (AdWords) remarketing service is provided by Google Inc. You can opt-out of Google Analytics for Display Advertising and customize the Google Display Network ads by visiting the Google Ads Settings page: http://www.google.com/settings/ads. Google also recommends installing the Google Analytics Opt-out Browser Add-on – https://tools.google.com/dlpage/gaoptout– for your web browser. Google Analytics Opt-out Browser Add-on provides visitors with the ability to prevent their data from being collected and used by Google Analytics. For more information on the privacy practices of Google, please visit the Google Privacy Terms web page: https://policies.google.com/privacy?hl=en.
- Yahoo. We use Yahoo cookies, pixels, and tags to uniquely identify browsers and devices to assist in personalizing your experience while on our Platform and to understand how you interact with our Platform. For more information on the services Yahoo provides, please visit here.
- Other third party tools. We use other third party tools that allow us to track the performance of our Platform. These tools provide us with information about errors, app and website performance, and other technical details we may use to improve our Platform and/or the Services. For more information related to these third-party analytics providers please review How do we collect your Personal Information?.
How do we use your Personal Information?
We may use your Personal Information for the following purposes:
- Operate, maintain, supervise, administer, and enhance our Platform or the Services, including monitoring and analyzing the effectiveness of content on the Platform, aggregate site usage data, and other usage of the Platform and/or the Services such as assisting you in completing the registration process.
- Provide our Products and Services to you, in a custom and user-friendly way.
- Provide you with information, Products, or Services that you request from us or that may be of interest to you.
- Promote and market our Platform and/or the Services to you. For example, we may use your Personal Information, such as your e-mail address, to send you news and newsletters, special offers, and promotions, or to otherwise contact you about Products or information we think may interest you. We also may use the information that we learn about you to assist us in advertising our services on third party websites. You can opt-out of receiving these e-mails at any time as described below.
- To provide you notices or about your account.
- Contact you in response to a request.
- To notify you about changes to our Platform and/or the Services or any Products we offer or provide through them.
- Fulfill any other purpose for which you provide it.
- To carry out our obligations and enforce our rights arising from any contracts entered into between you and us, including for billing and collection.
- Anonymize and aggregate information for analytics and reporting.
- To respond to law enforcement requests, court orders, and subpoenas and to carry out our legal and contractual obligations.
- Authenticate use, detect fraudulent use, and otherwise maintain the security of our Platform and the safety of others.
- To administer surveys and questionnaires.
- To provide you information about goods and services that may be of interest to you, including through newsletters.
- Any other purpose with your consent.
How do we share your Personal Information?
We may share Personal Information with third parties in certain circumstances or for certain purposes, including:
- Our business purposes. We may share your Personal Information with our affiliates, vendors, service providers, and business partners, including our data hosting and data storage partners, analytics and advertising providers, technology services and support, and data security advisors. We may also share your Personal Information with professional advisors, such as auditors, law firms, and accounting firms.
- Your healthcare providers or family. With your consent, we may share your information, including information collected from your use of our Platform, with your health care providers and/or family members (e.g., immediate family or friends) that you designate to receive your information.
- With your consent. We may share your Personal Information if you request or direct us to do so.
- Compliance with law. We may share your Personal Information to comply with applicable law or any obligations thereunder, including cooperation with law enforcement, judicial orders, and regulatory inquiries.
- Business Transfer. We may share your Personal Information to a buyer or other successor in the event of a merger, divestiture, restructuring, reorganization, dissolution, or other sale or transfer of some or all of our assets, whether as a going concern or as part of a bankruptcy, liquidation, or similar proceeding, in which Personal Information held by us about our users are among the assets transferred.
- De-identified information. We may also disclose de-identified information, so that it cannot be reasonably used to identify any individual, with third parties for marketing, advertising, research, or similar purposes.
- To improve our Platform. We may use your Personal Information for internal testing, research, analysis, and product development, including to develop and improve our website/application, and to develop, improve, or demonstrate our products and services.
- To market our products and services. We may share your Personal Information with affiliates and third parties to market our products and services.
- To market third party products and services. We may share your Personal Information with affiliates and third parties to market their products or services to you if you have not opted out of these disclosures. For more information on opting out, see your choices about How we share your Personal Information.
- Third Party Analytics. We use Google Analytics and Mixpanel to understand and evaluate how visitors interact with our Platform and/or the Services. These tools help us improve our Platform and/or the Services, performance, and your experience. See How do we collect your Personal Information above.
Your choices about how we share your Personal Information.
Each type of web browser provides ways to restrict and delete cookies. Browser manufacturers provide resources to help you with managing cookies. Please see below for more information.
For other browsers, please consult the documentation that your browser manufacturer provides.
If you do not wish to have your e-mail address used by InSite Health to promote our own Products and Services, you can opt-out at any time by clicking the unsubscribe link at the bottom of any e-mail or other marketing communications you receive from us or logging onto your Account Preferences page. This opt out does not apply to information provided to InSite Health as a result of a product purchase, or your use of our Platform and/or the Services. You may have other options with respect to marketing and communication preferences through our Platform.
How do I access and correct my Personal Information?
You may also Contact Us to review and change your Personal Information or to inform us of any changes or errors in any Personal Information we have about you to ensure that it is complete, accurate, and as current as possible or to delete your account. We cannot delete your personal information except by also deleting your account with us. We may also not be able to accommodate your request if we believe it would violate any law or legal requirement or cause the information to be incorrect.
IV. Who may use the Services?
InSite Health operates subject to state and federal regulations, and the Platform and/or the Services may not be available in your state. You represent that you are not a person barred from enrolling for or receiving the Services under the laws of the United States or other applicable jurisdictions in which you may be located. Access to and use of the Platform and/or the Services is limited exclusively to users located in states within the United States where the Platform and/or the Services is available. The Platform and/or the Services are not available to users located outside the United States. Accessing the Platform and/or obtaining the Services from jurisdictions where content is illegal, or where we do not offer the Platform and/or the Services, is prohibited.
V. Children’s Privacy
Our Services include online services that maybe used to facilitate mental health support for a child. A parent or legal guardian can create an account on behalf of a dependent child and attest that they have legal authority to do so. We require that all child accounts be created by a parent or legal guardian, and associated with the parent’s or legal guardian’s account, in order to ensure that we can comply with our notice and consent obligations under COPPA.
During the account registration process, the parent or legal guardian can create a child’s account by following our instructions for doing so and providing certain information about the child,including name, date of birth, email address, and/or mailing address. We may also collect information directly from your child as the child uses our Services, such as when your child interacts with our Platform or during appointments with your child.
When creating an account for a child, parents and legal guardians are asked to review and consent to our COPPA Notice, which provides parents and guardians with direct notice of our information practices before we collect any Personal Information from their child. Parents and guardians give their consent by checking the appropriate boxes on the account registration page. In addition,before we collect Personal Information from a child, we obtain the parent or guardian’s verifiable parental consent through a video conference with the parent or guardian or through another method acceptable under COPPA for obtaining verifiable parental consent.
Ifa parent or legal guardian chooses not to consent to the collection and use of their child’s Personal Information, they may not create an online account for the child. At any time, a parent or legal guardian may revoke their consent. Once consent is revoked, a child may not use any Services online,unless a new consent is obtained.
No Personal Information about a child will be made available to the public or sold. We may share information with our service providers if necessary for them to perform business, professional, or technology services for us, always in accordance with all applicable laws, including HIPAA. You have the right to agree for us to collect and use your child’s Personal Information but still not allow disclosure to third parties unless such disclosure is part of our Services.
In addition to your right to revoke your consent for the collection of your child’s Personal Information, you may request to review the Personal Information we have collected from your child or ask to delete the Personal Information we have collected from your child unless we are required by law to maintain that Personal Information. Please submit your request or any questions to us at [email protected].
VI. Does InSite Health respond to Do Not Track signals?
Some web browsers have a “Do Not Track” feature. This feature lets you tell websites you visit that you do not want to have your online activity tracked. These features are not yet uniform across browsers. Our Platform honors do not track signals from browsers.
VII. Data Security
We have taken steps and implemented administrative, technical, and physical safeguards designed to protect against the risk of accidental, intentional, unlawful, or unauthorized access, alteration, destruction, disclosure, or use. The Internet is not 100% secure and we cannot guarantee the security of information transmitted through the Internet. Where you have been given or you have chosen a password, it is your responsibility to keep this password confidential.
The sharing and disclosing of information via the internet is not completely secure. We strive to use best practices and industry standard security measures and tools to protect your data. However, we cannot guarantee the security of Personal Information transmitted to, on, or through our Services. Any transmission of Personal Information is at your own risk. We are not responsible for the circumvention of any privacy settings or security measures contained on our Platform, in your operating system, or mobile device.
IX. Contact Us
InSite Health, Inc.
E-mail: [email protected]