Our Service is intended for use by individuals who are at least 18 years of age or such older age as may be required by applicable state laws in the jurisdiction in which an individual utilizes the Service. The Service is not designed or intended to attract, and is not directed to, children under eighteen (18) years of age, let alone thirteen (13) years of age. If we obtain actual knowledge that we have collected personal information through the Platform from a person under thirteen (13) years of age, we will use reasonable efforts to refrain from further using such personal information or maintaining it in retrievable form.
Furthermore, if you are under eighteen (18) years of age, then you (or your parent or legal guardian) may at any time request that we remove content or information about you that is posted on the Platform. Please submit any such request (“Request for Removal of Minor Information”) to either of the following:
For each Request for Removal of Minor Information, please state “Removal of Minor Information” in the email or letter subject line, and clearly state the following in the body of the request:
We will not accept any Request for Removal of Minor Information via telephone or facsimile. ScoreBlue is not responsible for failing to comply with any Request for Removal of Minor Information that is incomplete, incorrectly labeled or incorrectly sent.
Please note that we are not required to erase or otherwise eliminate, or enable erasure or elimination of such content or information in certain circumstances, such as, for example, when an international, federal, state, or local law, rule or regulation requires ScoreBlue to maintain the content or information; when the content or information is stored on or posted to the Site by a third party other than you (including any content or information posted by you that was stored, republished or reposted by the third party); when ScoreBlue MD anonymizes the content or information, so that you cannot be individually identified; when you do not follow the aforementioned instructions for requesting the removal of the content or information; and when you have received compensation or other consideration for providing the content or information.
The foregoing is a description of ScoreBlue’ voluntary practices concerning the collection of personal information through the Service from certain minors, and is not intended to be an admission that ScoreBlue is subject to the Children’s Online Privacy Protection Act, the Federal Trade Commission’s Children’s Online Privacy Protection Rule(s), or any similar international, federal, state, or local laws, rules, or regulations.Protected Health Information
When you set up an account with ScoreBlue, you are creating a direct customer relationship with ScoreBlue that enables you to access and/or utilize the various functions of the Platform and the Service as a user. As part of that relationship, you provide information to ScoreBlue, including but not limited to, your name, email address, shipping address and phone number, that we do not consider to be “protected health information”or “medical information”.
The Medical Groups and Providers have adopted a Notice of Privacy Practices that describes how they use and disclose Protected Information. By accessing or using any part of the Service, you are acknowledging receipt of the Notice of Privacy Practices from your Medical Group and Provider(s).
ScoreBlue may retain your information for as long as it believes necessary; as long as necessary to comply with its legal obligations, resolve disputes and/or enforce its agreements; and/or as long as needed to provide you with the products and/or services of the Service or ScoreBlue. ScoreBlue may dispose of or delete any such information at any time, except as set forth in any other agreement or document executed by ScoreBlue or as required by law.Jurisdictional Issues
You may request at any time that ScoreBlue provide you with an opportunity to review andchange your personal information (i.e., information that would allow someone to specifically identify you or contact you physically or online such as your name, physical address, telephone number, email address or SSN) collected through the Service or to no longer use your personal information to provide you with any products or services. Please submit any such request (“Request Concerning Personal Information”) to anyone of the following:
For each Request Concerning Personal Information, please state “Your Personal Information” in the email or letter subject line, and clearly state the following in the body:
We will use reasonable efforts to deal with your request within a reasonable time. If you send a Request Concerning Personal Information by mail, then please do so by U.S. Certified Mail, Return Receipt Requested to allow for confirmation of mailing, delivery and tracking. ScoreBlue will not accept a Request Concerning Personal Information via telephone or facsimile. ScoreBlue is not responsible for any Request Concerning Personal Information that is incomplete, incorrectly labeled, or incorrectly sent.
You are solely responsible for the accuracy and content of your personal information, and for keeping your personal information current and correct.California Residents
Residents of the State of California have the right to request from certain businesses with whom the California resident has an established business relationship a list of all third parties to which the business, during the immediately preceding calendar year, hasdisclosed certain personally identifiable information for direct marketing purposes. We are only required to respond to a customer request once during any calendar year. To obtain this information, you should send a written request to su[email protected] with the subject heading “California Privacy Rights.” In your request, please attest to the fact thatyou are a California resident and provide a current California address for our response. Please be aware that not all information sharing is covered by the California Privacy Rights requirements and only information on covered sharing will be included in our response.Miscellaneous
We strive to use reasonable physical, technical and administrative measures to protect information under our control. However, you must keep your Account password secure and your Account confidential, and you are responsible for any and all use of your Account. If you have reason to believe that the security of your Account has been compromised, please notify us immediately in accordance with the “Contacting Us” section below.
9663 Santa Monica Blvd, Suite 647
Beverly Hills CA, 90212
Last Updated: September 10, 2020
WE AT BELUGA HEALTH, P.A. ("We", "Us", or "Beluga") VALUE YOUR PRIVACY AND ARE COMMITTED TO KEEPING YOUR ("You/Your") PERSONAL DATA CONFIDENTIAL. WE USE YOUR DATA SOLELY IN THE CONTEXT OF PROVIDING A WEB PORTAL ("WEB PORTAL") AND VARIOUS RELATED SERVICES DEFINED BELOW ("SERVICES") TO SUPPORT THE DELIVERY OF REMOTE CLINICAL CARE AND PRESCRIPTION SERVICES BY QUALIFIED PHYSICIANS ("PROVIDER USERS") TO PATIENTS OF BELUGA HEALTH ("PATIENT USERS"). YOU ARE EITHER A PATIENT USER OR A PROVIDER USER. THE SERVICES INCLUDE, IN ADDITION TO THE WEB PORTAL, THE FACILITATION OF (1) SECURE INFORMATION COLLECTION, (2) SHORT MESSAGE SERVICE ("SMS") AND MULTIMEDIA MESSAGING SERVICE ("MMS") COMMUNICATIONS BETWEEN PATIENTS AND PROVIDERS, AND (3) ELECTRONIC PRESCRIBING OF MEDICATIONS.
SOME OF THE PERSONAL DATA WE COLLECT AND TRANSMIT WILL, IN SOME CIRCUMSTANCES, BE CONSIDERED "HEALTH DATA" (data related to a Patient User's physical or mental health) or "Protected Health Information" (information that relates to the past, present, or future physical or mental health or condition of a Patient User; the provision of health care to a Patient User; or the past, present, or future payment for the provision of health care to a Patient User). THEREFORE, OUR PRIVACY PRACTICES ARE INTENDED TO COMPLY WITH THE HEALTH INSURANCE PORTABILITY AND ACCOUNTABILITY ACT ("HIPAA") AND WITH STATE LAW RELATED TO HEALTH DATA, WHERE APPLICABLE. FOR ADDITIONAL INFORMATION RELATED TO YOUR HEALTHCARE INFORMATION, PLEASE CONTACT OUR PRIVACY OFFICER AT [email protected]
BY SUBMITTING YOUR PERSONAL DATA THROUGH THIS WEB PORTAL OR THROUGH THE SERVICES, YOU ARE ACKNOWLEDGING THAT YOU HAVE READ AND AGREE TO THE TERMS OF THIS POLICY. IF YOU DO NOT AGREE, PLEASE DO NOT LOG INTO OR ACCESS THE WEB PORTAL AND DO NOT SUBMIT ANY PERSONAL DATA TO US.
UPON PROVIDING NOTICE, AND SHALL APPLY TO ALL INFORMATION WE MAINTAIN, USE, AND DISCLOSE. IF YOU CONTINUE TO USE THE SERVICES FOLLOWING SUCH NOTICE, YOU ARE AGREEING TO THOSE CHANGES.
What Personal Data do We collect? The types of Personal Data We collect are described below.
Demographic Data We collect demographic information, such as Your name, birth year, gender, phone number, and e-mail address. Primarily, the collection of Your Personal Data assists us in creating Your account ("User Account") if You are a Provider User, which You can use to securely receive the Services. If You are a Patient User, the collection of Your Personal Data assists us in securely providing you with the Services.
Payment Data If you make payments via our Services, We may require that You provide to Us Your financial and billing information, such as billing name and address, credit card number or bank account information.
For Patient Users: Health Data In addition to demographic information, We will collect information regarding Your health conditions, allergies, medical history, symptoms, and communications between You and the Provider User providing healthcare services to You via the Services. We collect this information to provide You with the Services.
For Provider Users: Device, Telephone, and ISP Data We use common information-gathering tools, such as log files, cookies, web beacons, and similar technologies to automatically collect information, which may contain Personal Data, from Your computer as You navigate Our Services, or interact with emails We have sent You. The information We collect may include Your IP address (or proxy server), device and application identification numbers, location, browser type, Internet service provider and/or mobile carrier, the pages and files You viewed, Your searches, Your operating system and system configuration information, and date/time stamps associated with Your usage. This information is used to analyze overall trends, to help Us provide and improve Our Services and to guarantee their security and continued proper functioning.
How will We use Your Personal Data?
We process Your Personal Data for purposes based on legitimate business interests, the fulfillment of Our Services to You, compliance with Our legal obligations, and/or Your consent. We only use or disclose Your Personal Data when it is legally mandated or where it is necessary to fulfill the purposes described herein. Where required by law, We will ask for Your prior consent before using or disclosing Personal Data.Specifically, We process Your Personal Data for the following legitimate business purposes:
Where is Your Personal Data processed?
Personal Data Beluga collects through the Services will be stored on secure servers in the United States. Personal Data may be transmitted to third parties, which parties may store or maintain the data on their secure servers on Our behalf. These third parties are not permitted to transfer Your Personal Data outside of the United States.
Will We share Your Personal Data with anyone else?
For Patient Users: Yes, with the Provider User with whom You connect via the Services.
We will share information you provide to Us via the Services with the Provider User with whom connect via the Services. If, at any point, you want to deny access to one or more Provider Users, you can do so by emailing [email protected]
Yes, with third parties that help us power Our Services Beluga has a limited number of service providers and other third parties ("Business Partners") that help Us run various aspects of Our business. These Business Partners are contractually bound to protect Your Personal Data and to use it only for the limited purpose(s) for which it is shared with Us. Business Partners' use of Personal Data may include, but is not limited to, the provision of services such as data hosting, IT services, customer service, and payment processing.
Yes, with third parties that provide advisory services We may share Your Personal Data with Our lawyers, auditors, accountants, or banks when We have a legitimate business interest in doing so.
Yes, with third parties in the event of a reorganization, merger, sale, joint venture, assignment, transfer, or other disposition of all or any portion of Beluga's corporate entity, assets, or stock (including in connection with any bankruptcy or similar proceedings) If We share Your Personal Data with a third party other than as provided above, You will be notified at the time of data collection or transfer, and You will have the option of not permitting the transfer.
How long do We retain Personal Data?
We will retain Your Personal Data for as long as You maintain a User Account or use Our Services and up to five (5) years after the account is closed or Services are terminated. The exact period of retention will depend on the type of Personal Data, Our contractual obligation to You, and applicable law. We keep Your Personal Data for as long as necessary to fulfill the purpose for which it was collected, unless otherwise required or necessary pursuant to a legitimate business purpose outlined herein. At the end of the applicable retention period, We will remove Your Personal Data from Our databases and will request that Our Business Partners remove Your Personal Data from their databases. If there is any data that We are unable, for technical reasons, to delete entirely from Our systems, We will put in place appropriate measures to prevent any further processing of such data. We retain anonymized data indefinitely.
NOTE: Once We disclose Your Personal Data to third parties, We may not be able to access that Personal Data any longer and cannot force the deletion or modification of any such information by the parties to whom We have made those disclosures. Written requests for deletion of Personal Data other than as described should be directed to [email protected]
We use essential cookies to provide user authentication. and other technologies to, among other things, better serve You with more tailored information, and to facilitate eﬃcient and secure access to the Services. We only use essential cookies. Essential cookies are those necessary for Us to provide Services to You.
We may also collect information using pixel tags, Web beacons, clear GIFs or other similar technologies. These may be used in connection with some Web Portal pages and HTML-formatted email messages to, among other things, track the actions of users and email recipients, and compile statistics about usage and response rates.
For Provider Users: How can You "Opt Out" of Cookies?
If You prefer, You can usually choose to set Your browser to remove cookies and reject cookies. If You enable a do not track ("DNT") signal or otherwise configure Your browser to prevent Beluga from collecting any cookies, You will no longer be able to access the Web Portal.
How do We protect Your Personal Data?
Beluga is committed to protecting the security and confidentiality of Your Personal Data. We use a combination of reasonable physical, technical, and administrative security controls to maintain the security and integrity of Your Personal Data, to protect against any anticipated threats or hazards to the security or integrity of such information, and to protect against unauthorized access to or use of such information in Our possession or control that could result in substantial harm or inconvenience to You. However, Internet data transmissions, whether wired or wireless, cannot be guaranteed to be 100% secure. As a result, We cannot ensure the security of information You transmit to Us. By using the Services, You are assuming this risk.
Safeguards The information collected by Beluga and stored on secure servers, is protected by a combination of technical, administrative, and physical security safeguards, such as authentication, encryption, backups, and access controls. If Beluga learns of a security concern, We may attempt to notify You and provide information on protective steps, if available, through the e-mail address that You have provided to Us or the phone number you have provided Depending on where You live, You may have a legal right to receive such notices in writing.
You are solely responsible for protecting information entered or generated via the Services that is stored on Your device and/or removable device storage. Beluga has no access to or control over Your device's security settings, and it is up to You to implement any device--level security features and protections You feel are appropriate (e.g., password protection, encryption, remote wipe capability, etc.). We recommend that You take any and all appropriate steps to secure any device that You use to access Our Services.
NOTWITHSTANDING ANY OF THE STEPS TAKEN BY US, IT IS NOT POSSIBLE TO GUARANTEE THE SECURITY OR INTEGRITY OF DATA TRANSMITTED OVER THE INTERNET. THERE IS NO GUARANTEE THAT YOUR PERSONAL DATA WILL NOT BE ACCESSED, DISCLOSED, ALTERED, OR DESTROYED DESPITE THE IMPLEMENTATION OF OUR PHYSICAL, TECHNICAL, OR ADMINISTRATIVE SAFEGUARDS. THEREFORE, WE DO NOT AND CANNOT ENSURE OR WARRANT THE SECURITY OR INTEGRITY OF ANY PERSONAL DATA YOU TRANSMIT TO US AND YOU TRANSMIT SUCH PERSONAL DATA AT YOUR OWN RISK.
How can You Protect Your Personal Data?
In addition to securing Your device, as discussed above, We will NEVER send You an e-mail requesting confidential information such as account numbers, usernames, passwords, or social security numbers, and You should NEVER respond to any e-mail requesting such information. If You receive such an e-mail purportedly from Beluga, DO NOT RESPOND to the e-mail and DO NOT click on any links and/or open any attachments in the e-mail, and notify Beluga support at [email protected]
For Provider Users: You are responsible for taking reasonable precautions to protect Your user ID, password, and other User Account information from disclosure to third parties, and You are not permitted to circumvent the use of required encryption technologies. You should immediately notify Beluga at [email protected] if You know of or suspect any unauthorized use or disclosure of Your user ID, password, and/or other User Account information, or any other security concern.
Your rightsYou have certain rights relating to Your Personal Data, subject to local data protection laws. These rights may include:
Where the processing of Your Personal Data by Beluga is based on consent, You have the right to withdraw that consent without detriment at any time or to exercise any of the rights listed above by emailing Beluga at [email protected]
How can You update, correct, or delete Personal Data?
You can change Your e-mail address and other contact information by contacting [email protected] If You are a Provider User, and You need to make changes or corrections to other information, You may change your password within the account settings on the Web Portal dashboard. Please note that in order to comply with certain requests to limit use of Your Personal Data, We may need to terminate Your account and/or Your ability to access and use the Services, and You agree that We will not be liable to You for such termination or for any refunds of prepaid fees paid by You. You can deactivate Your account or request termination of Services by contacting [email protected]
Although We will use reasonable efforts to do so, You understand that it may not be technologically possible to remove from Our systems every record of Your Personal Data. The need to back up Our systems to protect information from inadvertent loss means a copy of Your Personal Data may exist in a non-erasable form that will be diﬃcult or impossible for Us to locate or remove.
Can You "OPT-OUT" of receiving communications from Us?
We pledge not to market third party services to You without Your consent. We may send e-mails to You regarding Your Beluga account and/or services. You can choose to filter these account and services e-mails using Your e-mail client settings or, if you are a Patient User, by emailing [email protected], but We do not provide an option for You to opt out of these e-mails.
Information submission by minors
We do not knowingly collect Personal Data from individuals under the age of 18 and the Services are not directed to individuals under the age of 13. We request that these individuals not provide Personal Data to Us. If We learn that Personal Data from users less than 18 years of age has been collected, We will deactivate the account and take reasonable measures to promptly delete such data from Our records. If You are aware of a user under the age of 13 using the Services, please contact Us at [email protected]
If You are a resident of California, under the age of 18 and have registered for an account with Us, You may ask Us to remove content or information that You have posted to Our Services.
California residents may request and obtain from Us, once a year, free of charge, a list of third parties, if any, to which We disclosed their Personal Data for direct marketing purposes during the preceding calendar year and the categories of Personal Data shared with those third parties. If You are a California resident and wish to obtain that information, please submit Your request by sending Us an email at [email protected] with "California Privacy Rights" in the subject line.