Patient User Privacy Policy

We at eyecbetter Corp (“we”, “us”, “the Company”, or “eyecbetter”) value your privacy and are committed to keeping your personal data confidential.

EyeCBetter uses your collected data solely in the context of providing the our application (“App”) and EyeCBetter electronic health record program (collectively, the “Platform”), principal care management

(“PCM”) services, remote therapeutic monitoring (“RTM”) services, remote physiological monitoring (“RPM”) services including all relevant content and functionality associated with the Platform and the PCM; RTM; RPM; services (collectively, the “Services”) for use by qualified clinical staff including care managers, nurses, and, physicians (“Provider Users”) to provide services and care to patients (“Patient Users”). If you are reading this Patient User Privacy Policy, you are a Patient User.

Privacy Policy Applicability

This Patient User Privacy Policy applies to personal data that EyeCBetter collects from Patient Users of the EyeCBetter Platform and the Services (“Personal Data”). The term “Personal Data” includes any information that can be used on its own or with other information in combination to identify or contact one of our users. Some of the Personal Data we collect and transmit may be considered “health data” (i.e., data related to your physical or mental health), “protected health information” or “PHI” (i.e., information that relates to your past, present, or future physical or mental health or condition(s); the provision of health care to you; or the past, present, or future payment for the provision of health care to you), and/or medical records as defined by state law.

The eyecbetter application is specifically designed to not collect identifiable information stored on your device such as telephone number, email address, IMEI (device identifier), physical address, contacts, or any portion of your name.

For your information to be collected with this application you must login using a unique user ID and password provided to you by the care coordinator at eyecbetter. Prior to receiving the unique ID and password you would have already reviewed and signed a PATIENT USER TERMS OF USE (the “Terms”) opting into the program that disclosed what data are collected, who is collecting the data, how data will be managed and how the data will be used.

We believe that privacy and transparency about the use of your Personal Data are of utmost importance. Therefore, our privacy practices are intended to comply with the Health Insurance Portability and Accountability Act (“HIPAA”) and relevant state law related to the use and disclosure of medical records, where applicable. Additionally, in this Patient User Privacy Policy, we provide you detailed information about our collection, use, maintenance, and disclosure of your Personal Data. The Patient User Privacy Policy explains what kind of information we collect, when and how we might use your Personal Data, how we protect Personal Data, and your rights regarding your Personal Data.

For additional information related to how we use and disclose your Personal Data, health data, PHI, and/or medical records data, please contact our Privacy Officer at Privacy@EyeCBetter.com

Note regarding third-party sites: Our Services may contain links to other sites that are not operated by EyeCBetter. If you click a third-party link, you will be directed to that third party’s site. We strongly advise you to review the privacy policy(ies) of every site you visit. EyeCBetter has no control over and assumes no responsibility for the content, privacy policies, or practices of any third-party sites or services. This Patient User Privacy Policy does not apply to your use of or access to any third-party sites or services.

Agreement to Patient User Privacy Policy Terms

By accessing and/or using the Services and Platform, you are acknowledging that you have read and agree to the terms of this PATIENT USER Privacy Policy. If you do not agree, you must immediately cease using the Services and Platform.

Patient User Privacy Policy Updates

Please note that we occasionally update this Patient User Privacy Policy, and it is your responsibility to stay up to date with any amended versions. Any revisions to the Patient User Privacy Policy will be posted on the Patient User login page(s) of the Platform. Any changes to this Patient User Privacy Policy will be effective immediately upon providing notice via the Patient User login page(s) and will apply to all Personal Data that we maintain, use, and disclose. If you continue to use the Services and Platform following such notice, you are agreeing to those changes.

Account Deletion

If at any point you no longer agree to the use and disclosure of Personal Data, as described in this Patient User Privacy Policy, you can delete your user account on the Platform (“User Account”) by sending a deletion request to your ordering provider and techsupport@EyeCBetter.com with the following information:

     • Practice name

     • Provider name

    • Medical Record Number (MRN)

    • Provide a statement that you are requesting account deletion and disenrollment.

 

Questions or Concerns

If you have any questions or concerns after reading this Patient User Privacy Policy, please do not

hesitate to contact us at Privacy@EyeCBetter.com. We appreciate your feedback.

COLLECTION, MAINTAINCE, AND USE OF PERSONAL DATA

What Personal Data Does EyeCBetter Collect?

We collect and maintain four types of information from our Patient Users: (i) demographic data; (ii) medical data; (iii) support data; and (iv) technology data. Each category of data is explained in depth below.

Demographic Data: EyeCBetter collects demographic data from Patient Users, which may include, but not be limited to, your name, birth year, gender, height, weight, phone number, and e-mail address. The collection of this demographic data is primarily used to create your patient account which is used to securely provide the Services.

Medical Data: In addition to demographic information, we will collect information regarding your health conditions, including, but not limited to, images, age, gender, weight, height, medical history, symptoms, and communications between you and your healthcare provider who is ordering services to you.

Personal Data: In addition to medical information, we collect information on behavior, preferences, opinions, location, travel, activity, and other measures relevant to health. The Personal Data may be freely provided by you as you answer questions. Or collected automatically (passively), such as by a sensor, when using this Application.

Personal Data may be collected using the following and similar services:

Seewell Assessment or Survey

EyeCBetter creates surveys or assessments that collect information from you by soliciting responses to questions. These questions will be presented in surveys that we ask to you initiate voluntarily or in response to a prompt programmed by the us. 

Camera, Video and Audio

EyeCBetter may create an assessment that requests that you take a picture, record a video or audio. You will have the opportunity to grant or withhold permission for the Applications to access the camera or microphone.

We collect this information to provide you with the Services and to provide your health care provider (i.e., the Provider User associated with your account) with the information required to address medical care through the Platform.

Support Data: If you contact us for support or to lodge a complaint, we may collect technical or other information from you through log files and other technologies, some of which may qualify as Personal Data (e.g., IP address). Such information will be used for the purposes of troubleshooting, customer support, software updates, and improvement of the Platform and related Services in accordance with this Patient User Privacy Policy. Calls with EyeCBetter may be recorded or monitored for training, quality assurance, customer service, and reference purposes.

Technology Data: Data which may include IP address (or proxy server), device and application identification numbers, location, browser type, Internet service provider and/or mobile carrier, the pages, and files you viewed, your searches, your operating system and system configuration information, and date/time stamps associated with your usage. This information is used to analyze overall trends, help us provide and improve our Services, and ensure the proper functioning and security of the Platform and Services.

How Will EyeCBetter Use Your Personal Data?

EyeCBetter processes your Personal Data based on legitimate business interests, the fulfillment of our Services to you, compliance with our legal obligations, and/or your consent. We only use or disclose your Personal Data when it is legally mandated or where it is necessary to fulfill those purposes described in this Patient User Privacy Policy. Where required by law, we will ask for your prior consent before disclosing your Personal Data to a third party.

More specifically, EyeCBetter processes your Personal Data for the following legitimate business purposes:

To provide Services;
To fulfill our obligations to you under the Patient User Terms of Use;
To communicate with you about and manage your User Account;
To properly store and track your data within our system;
To respond to lawful requests from public and government authorities, and to comply with applicable state/federal law, including cooperation with judicial proceedings and court orders;
To protect our rights, privacy, safety, or property, and/or that of you or others by providing proper notices, pursuing available legal remedies, and acting to limit our damages;
To handle technical support and other requests from you;
To enforce and ensure your compliance with our Patient User Terms of Use or the terms of any other applicable services agreement we have with you;
To manage and improve our operations and the Platform, including the development of additional functionality;
To evaluate the quality of service you receive, identify usage trends, and improve your user experience;
To keep our Platform safe and secure;
To send you information about changes to our terms, conditions, and policies;
To allow us to pursue available remedies or limit the damages that we may sustain; and
To enable you to connect with or share Personal Data with the authorized Provider User, which enables that Provider User to monitor your progress and overall condition as he/she deems appropriate.

Does EyeCBetter Use Personal Data for Analytics?

EyeCBetter may use third-party service providers to monitor and analyze the use of the Platform as part of our Services. The analytics services we use may include but are not limited to: Microsoft Power BI.

Where Is Personal Data Processed?

The Personal Data we collect through the Platform will be stored on secure servers in the United States. Personal Data may be transmitted to third parties, which parties may store or maintain the data on their secure servers. These third parties are not permitted to transfer your Personal Data outside of the United States.

With Whom Does EyeCBetter Share Personal Data?

We may share your personal information with the following categories of individuals/entities:

Business Partners and Vendors: We share Personal Data with a limited number of partners, service providers, and other persons/entities who help run our business (“Business Partners”). Specifically, we may employ third-party companies and individuals to facilitate our Services, provide Services on our behalf, perform Service-related functions, or assist us in analyzing how our Services are used. Our Business Partners are contractually bound to protect your Personal Data and to use it only for the limited purpose(s) for which it is shared. Business Partners’ use of Personal Data may include, but is not limited to, the provision of services such as data hosting, IT services, customer services, and payment processing.

Our Advisors: We may share your Personal Data with third parties that provide advisory services to EyeCBetter, including, but not limited to, our lawyers, auditors, accountants, and banks (collectively, “Advisors”). Personal Data will only be shared with Advisors if EyeCBetter has a legitimate business interest in the sharing of such data.

Provider Users: To use the Services, Patient Users must be affiliated with one or more Provider Users. As part of the Services, we will share your Personal Data with your specified Provider User(s). If at any point you want to disenroll from the program, you must contact your ordering provider and email techsupport@EyeCBetter.com.

Third Parties Upon Your Direction or Consent: You may direct EyeCBetter to share your Personal Data with third parties. Upon your request and consent, we may share such Personal Data with those third parties that you identify. Third Parties Pursuant to Business Transfers: In the event of a reorganization, merger, sale, joint venture, assignment, transfer, or other disposition of all or any portion of EyeCBetter’s corporate entity, assets, or stock (including in connection with any bankruptcy or similar proceedings), we may share your Personal

Data with a third party.

Government and Law Enforcement Authorities: If reasonable and necessary, we may share your Personal Data to (i) comply with legal processes or enforceable governmental requests, or as otherwise required by law; (ii) cooperate with third parties in investigating acts or omissions that violate this Patient User Privacy Policy or the Patient User Terms of Use; or (iii) bring legal action against someone who may be violating the Patient User Terms of Use or who may be causing intentional or unintentional injury or interference to the rights or property of EyeCBetter or any third party, including other users of our Services.

How Long Does EyeCBetter Retain Personal Data?

EyeCBetter retains your Personal Data only as long as necessary and as required for our business operations, the provision of Services, archival purposes, and/or to satisfy legal requirements. The exact period of retention will depend on: (i) the amount, nature, and sensitivity of the Personal Data; (ii) the personal risk of harm for unauthorized use or disclosure; (iii) the purposes for which we process your Personal Data, including whether those purposes can be achieved through other means; and (iv) business operations and legal requirements. In general, EyeCBetter will not retain your data after your User Account is closed (the “Retention Period”); however, the above factors may extend or decrease this

Retention Period.

At the end of the applicable Retention Period, we will remove your Personal Data from our databases and will require that our Business Partners remove any identifiable Personal Data from their databases. If there is any data that we are unable to delete entirely from our systems for technical reasons, we will put in place appropriate measures to prevent any further processing of such data. Please note that once we disclose your Personal Data to third parties, we may not be able to access that Personal Data and we cannot force the deletion or modification of such information by third parties.

EyeCBetter and its Business Partners reserve the right to continue using de-identified data indefinitely, even after Personal Data has been removed from EyeCBetter’s databases. We may continue to disclose de-identified data to third parties in a manner that does not reveal personal information, as described in this Patient User Privacy Policy. Our continued use of de-identified data will comport with applicable law.

What Happens to Personal Data Submitted by Minors?

EyeCBetter does not knowingly collect Personal Data from individuals under the age of 18. Additionally, our Services are not directed to individuals under the age of 18. We request that these individuals not provide Personal Data to us. If we learn that Personal Data from users under the age of 18 has been collected, we will deactivate the User Account associated with that data and take reasonable measures to promptly delete such data from our records. If you are aware of a user under the age of 18 accessing the Services or Platform, please contact us at techsupport@EyeCBetter.com

If you are a resident of California under the age of 18 and have registered for a User Account with us, you may ask us to remove content or information that you have posted to our Platform.

PATIENT USER RIGHTS

What Rights Do Patient Users Have Concerning Their Personal Data?

As a user of EyeCBetter’s Services and Platform, you have certain rights relating to your Personal Data.

These rights are subject to local data protection and privacy laws, and may include the right to:

Access Personal Data held by EyeCBetter; Erase/delete your Personal Data, to the extent permitted by applicable data protection and privacy laws and to the extent technologically feasible;

Receive communications related to the processing of your Personal Data; Restrict the processing of your Personal Data to the extent permitted by law; Object to the further processing of your Personal Data, including the right to object to marketing;

Request that your Personal Data be transferred to a third party, if possible;

Receive your Personal Data in a structured, commonly used, and machine-readable format; and/or Rectify inaccurate personal information and, considering the purpose of processing the Personal Data, ensure it is complete.

Where the processing of your Personal Data by EyeCBetter is based on consent, you have the right to withdraw that consent at any time. If you would like to withdraw your consent or exercise any of the above rights, please contact us at techsupport@EyeCBetter.com

Should you decide to delete your User Account entirely, you may do so by contacting your ordering provider and emailing techsupport@EyeCBetter.com By terminating your User Account, you agree that you will not be able to access any information previously contained in your User Account. You further understand that it may not be technologically possible to remove all your Personal Data from our systems.

PROTECTION OF PERSONAL DATA

Is Personal Data Secure?

EyeCBetter understands the importance of data confidentiality and security. We use a combination of reasonable physical, technical, and administrative security controls to: (i) maintain the security and integrity of your Personal Data; (ii) protect against any threats or hazards to the security or integrity of your Personal Data; and (iii) protect against unauthorized access to or use of such information in our possession or control that could result in substantial harm to you.

While EyeCBetter uses reasonable security controls, we cannot guarantee or warrant that such techniques will prevent unauthorized access to your personal DATA. EYECBETTER IS UNABLE TO GUARANTEE THE SECURITY OR INTEGRITY OF PERSONAL DATA TRANSMITTED OVER THE INTERNET, AND THERE IS NO GUARANTEE THAT YOUR PERSONAL DATA WILL NOT BE ACCESSED, DISCLOSED, ALTERED, OR DESTROYED BY BREACH OF ANY OF OUR PHYSICAL, TECHNICAL, OR ADMINISTRATIVE SAFEGUARDS. ACCORDINGLY, WE DO NOT AND CANNOT ENSURE OR WARRANT THE SECURITY OR INTEGRITY OF ANY PERSONAL DATA YOU TRANSMIT TO US. You assume the risk that unauthorized entry or use, hardware or software failure, and other factors may compromise the security of your personal DATA at any time.

What Safeguards Does EyeCBetter Have in Place to Secure Personal Data? 

EyeCBetter stores Personal Data on secured servers and uses a combination of technical, administrative, and physical safeguards to protect your personal information. Such safeguards include, but are not limited to, authentication, encryption, backups, and access controls.

How Can Patient Users Protect Their Personal Data?

You are solely responsible for preventing unauthorized access to your devices and your User Account by protecting your account credentials and limiting access to your devices. EyeCBetter has no access to or control over your device’s security settings, and it is your responsibility to implement any device-level security features and protections you feel are appropriate (e.g., password protection, encryption, remote wipe capability). We recommend that you take all appropriate steps to secure any device that you use to access our Services and Platform.

Please note that EyeCBetter will never send you an email requesting confidential information, such as account numbers, usernames, passwords, or Social Security Numbers. If you receive a suspicious email from EyeCBetter, please notify us at techsupport@EyeCBetter.com

Further, if you know of or suspect any unauthorized use or disclosure of your User Account information or any other security concern, please notify EyeCBetter immediately.

What If EyeCBetter Experiences a Data or Security Breach?

EyeCBetter takes the security of your Personal Data seriously. In the event of a data or security breach, EyeCBetter will take the following actions: (i) promptly investigate the security incident, validate the root cause, and, where applicable, remediate any vulnerabilities within EyeCBetter’s control which may have given rise to the security incident; (ii) comply with laws and regulations directly applicable to EyeCBetter in connection with such security incident; (iii) as applicable, cooperate with any affected EyeCBetter user or client in accordance with the terms of EyeCBetter’s contract with such user or client; and (iv) document and record actions taken by EyeCBetter in connection with the security incident and conduct a post- incident review of the circumstances related to the incident and actions/recommendations taken to prevent similar security incidents in the future. EyeCBetter will notify you of any data or security breaches as required by and in accordance with applicable law.

What Is EyeCBetter’s Cookie Policy?

The Application does not use “Cookies”.

CALIFORNIA PRIVACY RIGHTS

If you are a California resident, the California Consumer Privacy Act (“CCPA”) may apply to you. Please see the CCPA for an explanation of your rights. 

CALIFORNIA CONSUMER PRIVACY ACT OF 2018

Categories of Personal Information We Collect

ECB collects information that identifies, relates to, describes, references, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular California consumer or household (“personal information”). We may have collected the following categories of personal information from consumers through our websites, apps, services, devices, or other services within the twelve (12) months preceding the effective date of this Privacy Policy:

     • Identifiers such as

               o Name

               o Address

               o Unique personal identifier (e.g., device ID, online identifier)

               o Internet Protocol address

               o Email address

               o Telephone number

               o Account name

               o Other similar identifiers

     • Characteristics of protected classifications under California/federal law (e.g., age, race, sex, medical condition, etc.)

     • Medical information

     • Health insurance information

     • Financial information, including credit card numbers

     • Commercial information (e.g., purchase history)

     • Internet or other electronic network activity information (e.g., browsing history, interaction with our website, etc.)

     • Geolocation data

     • Audio, electronic, visual, thermal, olfactory, or similar information (e.g., call recordings)

     • Professional, employment-related, or other similar information

“Personal information” under the California Consumer Privacy Act does not include information that is

     • publicly available from government records,

     • de-identified or aggregated consumer information,

     • health or medical information covered by the Health Insurance Portability and Accountability Act of 1996 (HIPAA) and the California     Confidentiality of Medical Information Act (CMIA) or clinical trial data, or

     • certain personal or financial information covered under certain sector-specific privacy laws.

Under California Civil Code sections 1798.83-1798.84, California residents are entitled to ask for and

obtain from us an annual list identifying the categories of personal customer information which we shared,

if any, with our affiliates and/or third parties in the preceding calendar year for marketing purposes. This

list will be provided free of charge. Contact information for such affiliates and/or third parties must be

included. If you are a California resident and would like a copy of this notice, please submit a written

request to the following email address: Privacy@eyecbetter.com

YouTube
LinkedIn
Instagram