Floe Interactive is the controller of your information with registration number 633892 and registered office at The Black Church, St. Mary’s Place, Dublin 7, Ireland D07 P4AX.
The Agreement applies to any registered or a non-registered patient or other user of the Services (“User”), including a doctor, therapist, coach, or other healthcare specialist, professional or provider using the Services in connection with a healthcare-related practice or other organization (“Service Provider”).
BY USING OR OTHERWISE ACCESSING THE SERVICES, AND/OR BY REGISTERING WITH US, YOU AGREE TO THIS AGREEMENT. IF YOU DO NOT AGREE, YOU CANNOT USE THE SERVICES.
As further described below, we collect and maintain a range of data in order to provide Services to you and maintain safe and secure Services. Access to your Personal Information (described below) is limited to (a) Floe Interactive Limited employees and subcontractors who help with our business operations (such as to host our website platform, provide payment, billing or similar services, or perform anti-fraud functions), and (b) Service Providers with whom you elect to share information (such as a doctor).
Effective Date and Modifications
2. Information We Collect
We collect a range of Personal Information and usage statistics to maintain a high-quality user experience and deliver superior customer service. We request some information directly from you during registration. We gather other pieces of data indirectly from website traffic, your computer hardware and Internet connection, or your activities within the Services, communications, and usage.
Information You Voluntarily Provide
- If you register with any Services we offer, we may collect your username and password, contact information (e.g., name, email address, address, and phone number), and payment information (credit card, etc.).
- We also collect other information you provide to the Services and the transactions you perform (e.g., Account information and preferences, content, and other materials). Note that certain content that you may provide (such as picture files) could contain associated metadata information about the content.
- We will generally store communications between you and Floe Interactive Limited.
Information That Is Passively Collected
- We collect traffic and analytics information through the Services such as your IP address, mobile device identifier, browser information, site usage information, use of different features and functionality, and other information that assists us in monitoring and improving the Services. Our Services may maintain log files that contain similar information regarding use of the Services (or links in communications).
- We may collect certain types of information through “cookies,” which are described in Section 8 below.
Information That We Do Not Collect
- We do not collect, store or record any audio or video data created between Users, Service Providers and anyone else using Frankie Health for video and/or voice communication. The audio and video data is encrypted and not accessible to us or any third party.
HIPAA and Protected Health Information
To that end, before any PHI that you provide is shared with a Service Provider, you may be asked to affirmatively authorize Floe Interactive Limited to do so. By providing such authorization, you are permitting Floe Interactive Limited to release your Personal Information, including PHI, to those specified Service Provider(s) pursuant to HIPAA. Your authorization is entirely voluntary, but without authorization, Floe Interactive Limited will not be able to share your information with selected Service Providers.
3. How we use your information
We maintain appropriate physical, electronic, standard security practices, including encryption, passwords and physical security measures, and managerial procedures to protect the security and confidentiality of your personal data. Only a limited number of our internal staff are authorised to access, delete or modify your data. We will make reasonable efforts to ensure that your privacy interests are protected. We use Personal Information for legitimate business purposes as allowed by applicable law, such as to:
- Provide you with the Services, including your interactions with Service Providers and customer support;
- Comply with third party contracts;
- Help you efficiently access your information after you sign in;
- Remember information so you will not have to re-enter it during your visit or the next time you visit the Services;
- Provide personalized content and information to you and others, which could include online ads or other forms of marketing;
- Provide, improve, test, and monitor the effectiveness of the Services;
- Develop and test new products and features;
- Monitor metrics such as total number of visitors, traffic, and demographic patterns; or
- Diagnose or fix technology problems.
4. Sharing of information
We are not in the business of selling Personal Information about our users to third parties without your consent. Parties with whom we may share your information are:
We may either employ or contract with third party companies for the purposes of operating our Services, enhancing our Services, or fulfilling your requests (such as hosting online platforms, anti-fraud functions, billing, collections, registration, customer support, or email delivery). In order for these third party companies to carry out their services, your personal Information and other data collected may be shared with these third party companies, but our contracts with these third parties prohibit them from using any of your Personal Information for purposes unrelated to the services they are providing to us.
Selected Service Provider(s)
We may share Personal Information (including PHI) with selected Service Provider(s) where we are authorized to do so as described above.
Government, Courts, and Law Enforcement
We may access, preserve, and share information about you, without consent, to government or law enforcement officials or private parties as we in good faith believe necessary or appropriate to respond to claims and legal process (including, but not limited to, subpoenas), to comply with applicable laws, to protect the property and rights of Floe Interactive Limited, you or a third party, to protect the safety of the public or any person, or to prevent or stop activity we may consider to pose a risk of being, or is illegal, unethical or legally actionable. This may include responding to legal requests from jurisdictions outside of Ireland where we have a good faith belief that the response is required by law in that jurisdiction, affects users in that jurisdiction, and is consistent with internationally recognized standards.
In the event that we receive a subpoena or other order issued by or under authority of a court of competent jurisdiction compelling the disclosure of any PHI, (unless prohibited by law) we will attempt to notify you or the Service Provider with whom you have a relationship of the subpoena or order prior to disclosing the information in order to provide an opportunity to intervene or otherwise prevent the disclosure. A Service Provider shall be responsible for any fees and expenses reasonably incurred by Floe Interactive Limited in responding to a subpoena seeking records of that Service Provider, its personnel, or its patients.
We may also access, preserve and share information when we have a good faith belief it is necessary to: detect, prevent and address fraud and other illegal activity; to protect ourselves, you and others, including as part of investigations; and to prevent death or imminent bodily harm. Information we receive about you may be accessed, processed and retained for an extended period of time when it is the subject of a legal request or obligation, governmental investigation, or investigations concerning possible violations of our terms or policies, or otherwise to prevent harm.
Parties with Whom You May Choose to Share Your Information
If you voluntarily share or submit any information to be shared with other parties or the public, or link it to any social media platforms or the public, that information may become available to those parties or the public.
Using and Sharing Anonymized Data
We may de-identify and anonymize Personal Information so it is no longer associated with any individual(s) in order to use it for other purposes, such as aggregating the data for statistical analysis.
5. Protection of your information
Although we implement reasonable administrative, physical and electronic security measures designed to protect your Personal Information from unauthorized access, we cannot ensure the security of any information you transmit to or guarantee that this information will not be accessed, disclosed, altered, or destroyed. We will make any legally required disclosures of any breach of the security, confidentiality, or integrity of your Personal Information. To the extent the law of your jurisdiction allows for notification of a breach via e-mail or conspicuous posting through the Services, you agree to accept notice in that form.
5. Protection of your information
If you live in the EEA, you have certain rights in relation to your information that we process. While some of these rights apply generally, others apply only in certain circumstances. To exercise your rights or to submit a question, you can email us at firstname.lastname@example.org.
- Access. You have the right to request a copy of your information that we process. You may exercise this right in "privacy settings" section in your user account. If you require additional access, please email us at email@example.com.
- Correction. If you discover that we hold inaccurate information about you, you have a right to ask us to correct that information. You can correct account information by logging into your account. For other corrections, please email us at firstname.lastname@example.org.
- Erasure. You have the right to request that we delete your information. We may refuse this request if (a) the information is still necessary for the purposes that we collected or processed it or (b) we still have a legal basis to process it, even after you’ve withdrawn consent. You can exercise this right in the “Privacy Settings” section of your user account or you can email us at email@example.com.
- Restriction. You have the right, in some cases, to restrict the processing of your information, such as where you have exercised your right to object and we are reviewing your objection. For more information, please email us at firstname.lastname@example.org.
- Objection. You have the right to object to us using your information based on our legitimate interests described above. In such cases, we will cease processing your information unless we have compelling legitimate grounds to continue processing or where it is needed for legal reasons. Where we use your data for direct marketing, you can always object by using the unsubscribe link in such communications, changing your account settings or, if you do not have an account, you can email us at email@example.com.
- Portability. You have the right in some cases to port your information from us to a new data controller. We can refuse this request if (a) our processing is not based on your consent or our contract with you, or (b) the data are not stored electronically. You can exercise this right through the “Privacy Settings” section in your user account to download your data in XML format. Alternatively, you can email us at firstname.lastname@example.org.
- Withdraw consent. You can withdraw your consent to processing at any time by deactivating your account through the frankie.health website or by e-mailing email@example.com.. Withdrawing your consent does not affect processing that has already occurred. Where you withdraw your consent, we will no longer process your information based on your consent. We may process your information if another legal basis applies, for example, if we are legally obligated to store certain records or if your withdrawal of consent was limited to certain processing activities.
- Complain. You have the right to lodge a complaint with our lead supervisory authority – the Data Protection Commission (www.dataprotection.ie) – or the data protection supervisory authority for your EEA jurisdiction. If you are considering lodging a complaint, we would appreciate the opportunity to try and resolve your issue before you submit your complaint.
You may be able to modify certain features in your Account profile page. In addition, please note the following :
- If we offer any communications by text message, you may opt-out of receiving text messages by replying “STOP” to any text message received. In all promotional emails, you will be given the opportunity to opt-out of receiving such messages in the future by clicking on the link at the bottom of the email that says “unsubscribe.” It may take up to ten (10) business days for us to process your opt-out request.
- Even if you have unsubscribed from receiving promotional emails from us, we may send you other types of important email communications without offering you the opportunity to opt-out of receiving them, such as announcements about the Services and administrative notices (e.g., account verification, payment confirmations, technical and security notices).
7. Retention of data
Information we collect may be retained indefinitely, but we may elect to only retain such information to the extent necessary for business and legal purposes. If you cease being a user, we may retain your Personal Information in the event you wish to rejoin the Services, and for anti-fraud and other purposes.
A “cookie” is a small string of data which often includes an anonymous unique identifier sent to your browser from a website’s computers, and stored on your computer’s hard drive. Each website can send its own cookie to your browser if your browser’s preferences allow it, but (to protect your privacy) your browser only permits a website to access the cookies it has already sent to you, not the cookies sent to you by other sites. These “cookies” and other similar technologies like pixels, web beacons (also known as “clear GIFs”), and local storage may be used to collect information about how you use the Services and provide features to you.
You can configure your browser to accept all cookies, reject all cookies, or notify you when a cookie is set. (Each browser is different, so check the “Help” menu of your browser to learn how to change your cookie preferences.) However, if you reject all cookies, you may not be able to use our Services.
- Access your Account information when you "log in" to our Services;
- Keep track of your website session data; and
- Keep track of certain information that is then aggregated (i.e., not connected to your Personal Information), such as how you use our Services, what web pages you visit, and the frequency and length of those visits.
9. Third party advertisements
10. Change of control
11. Amendment to this policy
12. Children's privacy
We do not knowingly collect or solicit any information from anyone under the age of 16 or knowingly allow such persons to register for the Services. The Services and their content are not directed at children under the age of 16. In the event that we learn that we have collected Personal Information from a child under age 16 without parental consent, we will delete that information as quickly as possible. If you believe that we might have any information from a child under 13, please contact us.
13. How we respond to do not track signals
14. Other websites and services
The Services may be embedded within, or contain links to, other websites or services that we do not own or operate. We are not responsible for the practices employed by such websites or services, including the information or content contained within them. Your use of any third-party website or service is subject to that third party’s own rules and policies, not ours.
You agree that we are not responsible for and do not have control over any third parties that you authorize to access your Personal Information (which authorization may include PHI). If you are using a third-party website or service and you allow them to access your Personal Information you do so at your own risk.
15. International considerations
In certain cases, we transfer and store certain information outside the EEA, such as to the United States. In such cases, we use a legal mechanism known as “standard contractual clauses” to protect information transferred outside the EEA. Standard contractual clauses refer to contracts between companies transferring personal information that contain standard commitments, approved by the European Commission, protecting the privacy and security of the information transferred. To request a copy of the clauses, please email us at firstname.lastname@example.org.
16. How to contact us