LAST UPDATED: March 1, 2023
Our Privacy Officer is Brian Weiss.
Note that for purposes of compliance with the requirements of the General Data Protection Regulation (GDPR), the Carebox Corporate Privacy Officer also serves as the Data Protection Officer.
We collect information from you in distinct areas, as outlined below:
- Non-Personally Identifying Information about visitors to our Sites and Applications
- Personally Identifiable Information
- Information you supply when you create an account with user name and password
- Responses to questions you answer in matching / pre-screening questionnaires
- Your requests to be contacted by us and your interaction with our Clinical Trial Navigators
- Only at your request, we will share your referral information with a trial site so they can contact you about a trial you’ve matched
Personally Identifiable Information.
Carebox is solely responsible for collecting and storing all personally identifiable information provided by visitors to our trial information, matching and referral services, through any of our partner web sites, mobile applications, or services (our “Sites and Applications”).
Personally Identifying Information provided by you or a third party that may personally identify you, including without limitation your medical data shall be used only pursuant to this Policy. We do not claim ownership of the Personally Identifiable Information provided to Us in the use of the Service.
Non Personally Identifiable Information.
Non-Personally Identifying Information may be collected by Us in the following ways:
- Information that your browser sends when you visit a website or online service (“Log Data”). This Log Data may include, but is not limited to, your computer’s Internet Protocol address, location, browser type, the web page you were visiting before you access the Service and information you search for using the Service.
- Like many services, We use “cookies” to collect information. A cookie is a small data file that we transfer to your computer’s hard disk for record-keeping purposes. We use “session ID cookies” to enable certain features of the Service, to better understand how you interact with the Service and to monitor web traffic routing and aggregate usage of the Service. You can instruct your browser, by changing its options, to stop accepting cookies or to prompt you before accepting a cookie from the website you visit. If you do not accept cookies, however, you may not be able to use all portions or all functionality of the Service.
- We may use GIFs in order to collect information. Clear GIFs are tiny graphics with a unique identifier, similar in function to cookies. In contrast to cookies, which are stored on your computer’s hard drive, clear GIFs are embedded invisibly on web pages.
- We may use automated devices and applications, such as Google Analytics, to evaluate usage of our Service. We use these tools to help us improve our Services, performance and user experience. We may also engage third parties to track and analyze Service data or provide other services on Our behalf. Such third parties may combine the information that We provide about you with other information that they have collected. This Policy does not cover such third parties’ use of the data.
- Other websites and applications may also place or read cookies on your computer’s browser. Please see below the section “Links to Third Party Sites”.
Links to Third Party Sites
Our Service may contain links to third party websites and applications. However this Policy applies only to the Service. We do not exercise control over providers of information, or over banners, other advertisements or links from within the Service. These other sources may place their own cookies or other files on your computer, collect data or solicit personal information from you, and they follow different rules regarding the use or disclosure of the information that you submit. We encourage you to read the privacy policies and other terms of the other sources before using their services.
How We Use Personally Identifiable Information
How We Use Non Personal Identifiable Information
We use information that is Non-Personally Identifiable Information for the above purposes and in addition in order to (i) take anonymous or aggregate personal information and disclose such data only in a non-personally identifiable manner to organizations approved by Us for marketing, advertising, research, or similar purpose, and (ii) disclose to third party vendors, service providers, contractors or agents who perform functions on Our behalf.
Information Sharing and Disclosure
We may share the information about you, including any information provided by you, as follows:
- Authorized Disclosure. We may make your Personal Content available to third parties that are authorized by you to receive such content.
- Aggregate Information and Non-Identifying Information. We may share aggregated information, including queries and offers generated as a result of your use of the Service, that includes non-identifying information and Log Data, with third parties for industry analysis, demographic profiling and other commercial purposes. Any aggregated information shared in these contexts will not contain your Personal Identifiable Information.
- Combined Information. We may combine certain Personal Identifiable Information with Non Personal Identifiable Information in order to allow us to create information packages and services that are better tailored to your interests and preferences. Among other things, linking this information may allow us generally to improve and personalize the Service. If we combine or link any information with your Personal Identifiable Information, the resulting combination will be treated as Personal Identifiable Information under this Policy.
- Compliance with Laws and Law Enforcement. We cooperate with government and law enforcement officials and private parties to enforce and comply with the law. We will disclose any information about you to government or law enforcement officials or private parties as we, in our sole discretion, believe necessary or appropriate to respond to claims and legal process (including but not limited to subpoenas), to protect our or a third party’s property and rights, to protect the safety of the public or any person, or to prevent or stop any activity we may consider to be, or to pose a risk of being, illegal, unethical, inappropriate or legally actionable.
Deleting Your Personal Content
Personally Identifiable Information may be maintained in our system for seven years from your last interaction with our Sites and Applications or our services. However, we may delete your Personally Identifiable Information at any time as per our policies.
You may at any time review and delete your Carebox account by sending a request to firstname.lastname@example.org, and We will delete your account except if required to be retained by applicable law.
We are concerned with safeguarding your Personal Content. We employ a variety of measures designed to protect your Personal Content from unauthorized access and disclosure. However, we do not promise that any information or private communications will be protected from unauthorized disclosure or use.
You should take steps to protect against unauthorized access to your password, phone, and computer by, among other things, signing off after using a shared computer, choosing a robust password that nobody else knows or can easily guess, and keeping your log-in and password private.
If you receive an e-mail asking you to update your information with respect to the Service, do not reply and please contact us at email@example.com.
Processing or Transfer
We use third party services in delivery of the Service, such as cloud or internet-based storage and data processing solutions. Such third party services are subject to confidentiality obligations and may use your Personal Content only for fulfilling their obligations to Us.
Your Personal Content may be processed, maintained or transferred outside of your state or country, where the privacy laws may not be as protective as those in your jurisdiction.
Our Policy Toward Children
We do not knowingly collect personal information from minors aged 13 or younger. If a parent or guardian becomes aware that his or her child has provided us with personal information without their consent, he or she should contact us at firstname.lastname@example.org.
This Policy was updated in alignment with the General Data Protection Regulation (GDPR) as set forth by the European Union regarding the collection, use, and retention of personal data from European Union member countries. Carebox is a Data Controller as defined in the GDPR and is responsible for ensuring that appropriate GDPR-compliant agreements are in place with all Data Processors that we engage. Carebox has certified that it adheres to the requirements of notice, choice, onward transfer, security, data integrity, access and enforcement.
If you have any concerns or questions about this Policy, please contact us at email@example.com or by phone at +1-877-601-8601 or by writing to:
Privacy Officer (Brian Weiss)
Carebox Healthcare Solutions Inc.
500 Westover Drive, Suite #19356
Sanford, NC 27330