NOTE: This privacy policy applies only to non-Protected Health Information ("PHI") received by Swellbox's consumer-facing personal health record app. If you would like to learn more about our PHI policies in relation to our API products please contact For our Chatbot or Request Wizard privacy policy please click here.

Privacy Policy

Date Last Revised: February 28th, 2017

We are committed to maintaining the confidentiality, integrity and security of the personal information of our users. Swellbox, Inc. ("Swellbox", "we", "our" or "us") provides this Privacy Policy to inform you of our policies and procedures regarding the collection, use and disclosure of personal information of users of (the "Site"), including the Service provided through the Site. Unless otherwise defined herein, terms used in this Privacy Policy have the same meanings as in our Terms of Services Agreement, also accessible at website, and in which this Privacy Policy is incorporated.

This Privacy Policy only applies to personal information that you provide to us on the Site, or to which you provide us with access through the Service, including Healthcare Information about you, your spouse, dependents and other persons covered by your Healthcare Sources, and that is retrieved by the Service (collectively, "Personal Information"). Personal Information includes information about you that can be used to contact or identify you, such as your name, address, phone number, sms, mms or email address as well as Healthcare Information about you and others at your Healthcare Sources that is provided to or retrieved by the Service.

We value our privacy and security standards to guard against identity theft, to prevent unauthorized access or disclosure, and to provide secure and confidential treatment for your Personal information. We regularly re-evaluate these standards and adapt them as necessary to deal with new challenges. We engage a third party service vendor to review and test (and monitor) our systems and procedures that use and store your Personal Information.

We may update this privacy statement to reflect changes to our information practices. If we make any material changes we will notify you by email (sent to the e-mail address specified in your account) and/or by means of a notice on this Site prior to the change becoming effective. We encourage you to periodically review this page for the latest information on our privacy practices.

  1. We will share your personal information with third parties only in the ways that are described in this privacy statement. Swellbox uses and discloses your Personal Information as follows:

    • to analyze the Site's usage and improve the Site including the Service;
    • to deliver to you the Service and any administrative notices, Alerts and communications relevant to your use of the Site, including the Service;
    • to send you newsletters
    • to fulfill your requests for certain products and services;
    • for market research, project planning, troubleshooting problems, information processing, detecting and protecting against error, fraud or other criminal activity;
    • to third-party contractors that provide services to Swellbox and that are bound by these same privacy restrictions;
    • to enforce Swellbox's Terms of Service Agreement; and
    • as otherwise set forth in this Privacy Policy.

    As used in this Policy, the terms "using" and "processing" information (or derivatives of such terms) include using cookies on a computer, subjecting information to statistical or other analysis, and using or handling information in any other way, including collecting, storing, evaluating, modifying, deleting, using, combining, disclosing and transferring information within our organization or among our affiliates.

  2. Our primary goals in collecting information are to enable us to deliver the Service to you, to provide and improve our Site including the Service, and to enable users to enjoy and easily navigate the Site.

    Certain areas and features of the Site are available to you without registration or the need to provide to us any information. However, other features of the Site or the Service may require the provision of Personal Information, as detailed below.

  3. When you register with us through the Site, we will ask you for Personal Information such as name and email address. We use this Personal Information to create a Swellbox account ("Account"). We also use your Personal Information primarily to provide the Service and to administer your Account and inquiries.

    As a registered Account Holder of the Service, you will grant Swellbox access to your and/or your dependents' Healthcare Information which may include details on doctor visits and notes, immunizations, medications, lab results, insurance claims, etc., to the extent any of them are available, of which some or even all may be very sensitive in nature, stored at third party Healthcare Sources so that Swellbox can retrieve such information for your and your authorized users' use via the Service. Your authorized users are either those individuals to whom you provide your Account login information, including your username and password information, or users that you give permission to access your account (via an e-mail invite through our site) with their own login and password, so that they can use the Service on your behalf and/or alongside you. These authorized users may include, for example, a physician or adult family member. You are also able to, in certain cases, see what medical services have been provided, view prescription details regarding amounts and dosage, what was paid by your insurance, and also see where your prescriptions were filled. While using the service you may be able to print out any available medical forms you may need for reimbursement, tag events/treatments within the application to better organize information, and attach and store external files in designated areas of the site.

    By providing Swellbox with your Access Information, you understand that Swellbox, as your agent and on your behalf, will access, retrieve, import and store your and/or your dependents' (as designated by you) Personal Information including Healthcare Information from such Healthcare Sources, in order to make it available and viewable through the Service. Depending on the Healthcare Source to which you provide Swellbox access as your agent, Healthcare Information that is posted to the Healthcare Source will be viewable by you, your authorized users and Swellbox via the Service. If the Healthcare Source becomes unavailable or terminates Swellbox's access to the Healthcare Source, any Healthcare Information from that Healthcare Source may no longer be available or viewable via the Service.

    We will collect the first and last name of your physician and attempt to match it to contact information from a separate available data source (which may not always be accurate) to make it easier for you to locate the numbers you need. You are also able to send this information to yours or a family member's phone so that you may easily access it. If you wish to have it sent to your phone we will ask for yours or your family members' mobile number so that we may send you or your family member an SMS message with the information you requested.

    If you choose to use our referral service to tell a friend about our site, we will ask you for your friend’s name and email address. We will automatically send your friend a one-time email inviting him or her to visit the site. Swellbox stores this information for the sole purpose of sending this one-time email and tracking the success of our referral program.

    You may also provide personal information about other people, such as their name, date of birth and gender. This information is only used for the sole purpose of completing your request or for whatever reason it may have been provided.

    You may terminate the Service's access to any Healthcare Source at any time by emailing

    Other online services, such as the Healthcare Sources, follow different rules regarding the use or disclosure of your Personal Information. We encourage you to read the privacy policies and terms of service of the other online services you use.

    We also use your Personal Information to contact you, including to provide you Alerts and other information that may be of interest. If you decide at any time that you no longer wish to receive such communications from us, please follow the unsubscribe instructions provided in any of the communications or update your preferences via the Account section of the Site. (See "You Can Change or Delete Your Information," below.)

    We may use your Personal Information to improve the quality and value of the Site including the Service (for example, to deliver information to you according to your preferences or restrictions) and to analyze and understand how our Site and Service are used.

    From time to time we may request other Personal Information to provide you with other benefits of the Service. In such instances, you will be given the opportunity to provide or to decline to provide that information, and it will be used only for the stated purpose.

  4. We collect other information that you provide as part of registration and the administration of your Account (e.g., zip code (on its own), city and state and individual preferences) ("Non-Identifying Information"). We also may publicly display on the Site certain Healthcare Information that is Non-Identifying Information.

    Certain Non-Identifying Information (e.g., your zip code) would be considered part of your Personal Information if it were combined with other identifiers (e.g., combining your zip code with your street address) in a way that enables you to be identified, but would be considered Non-Identifying Information when they are taken alone or combined only with other non-identifying information. We may combine such Non-Identifying Information and aggregate it with similar information collected from other Swellbox Account Holders to attempt to provide you with a better experience, to improve the quality and value of the Service and to analyze and understand how our Site and Service are used.

  5. When you visit the Site, our servers automatically record information sent by your browser ("Log Data"). This Log Data may include information such as your computer's Internet Protocol ("IP") address, pages of our Site that you visit, the time spent on those pages, information you search for on our Site, access times and dates, and other statistics. We may aggregate, analyze and evaluate such information for the same purposes as stated above regarding other Non-Identifying Information. We use this information to monitor and analyze use of the Site including the Service, to increase their functionality and ease of use, and to better tailor it to our users' needs. We also use this information to verify that users meet the criteria required to process their requests and for the Site's technical administration.

  6. When you visit the Site, we may collect technical and navigational information, such as computer browser type, IP address, pages visited, and average time spent on our Site. This information may be used, for example, to alert you to software compatibility issues, or it may be analyzed to improve our Web design and functionality.

    We Swellbox, Inc. and our partners use technologies such as cookies or similar technologies to analyze trends, administer the website, track users' movements around the website, and to gather demographic information about our user base as a whole. Users can control the use of cookies at the individual browser level.

    Some of our pages utilize framing techniques to serve content from our partners while preserving the look and feel of our site. Please be aware that you are providing your personal information to these third parties and not to

  7. From time to time we may provide you the opportunity to participate in surveys, contests or sweepstakes (collectively, "Promotions") on our Site. If you decide to participate, we will request certain Personal Information from you. Participation in these Promotions is completely voluntary and you have a choice whether or not to disclose the requested information. We use this information to administer your participation in each Promotion.

  8. We may post Account Holders' feedback, testimonials, comments and suggestions ("Feedback") on the Site. If the Feedback contains Personal Information, we will obtain an Account Holder's consent via email prior to posting the Feedback in conjunction with such Account Holder's Personal Information. To request removal of your personal information from our testimonials, comments or suggestions, contact us at In some cases, we may not be able to remove your personal information, in which case we will let you know if we are unable to do so and why.

  9. Aggregate Information and Non-Identifying Information. We may share aggregated information that does not contain Personal Information and we may otherwise disclose Non-Identifying Information and Log Data with third parties for enhancement of features of the Service, industry analysis, demographic profiling and other purposes. Any aggregated information shared in these contexts will not contain your Personal Information. We may aggregate Personal Information and disclose such data only in a non-personally identifiable manner to: (1) advertisers and other third parties for their marketing and promotional purposes, such as the number of users who received a test; (2) organizations approved by Swellbox that conduct research on healthcare-related topics; and; (3) other users of the Service for purposes of comparison of healthcare-related issues or costs relative to the broader community. Such information does not identify you individually. Access to your Account information, Healthcare Information and any other Personal Information you provide is strictly restricted and only used in accordance with specific internal procedures and safeguards, in order to operate, develop, improve and deliver the Service.

    Service Providers. We may employ third party companies and individuals to facilitate our Site including the Service, to provide the Service on our behalf, to perform Site-related services (such as sending e-mail messages on our behalf or hosting and operating a particular feature of the Service) or to assist us in analyzing how our Site and Service are used. These third parties have access to your Personal Information only to perform these tasks on our behalf. Our contracts with these third parties outline the appropriate use and handling of your information and prohibit them from using any of your Personal Information for purposes unrelated to the service they're providing. We require such third parties to maintain the confidentiality of the information we provide to them.

    Compliance with Laws and Law Enforcement. In certain situations, Swellbox, Inc. may be required to disclose personal data in response to lawful requests by public authorities, including to meet national security or law enforcement requirements. Notwithstanding the foregoing, Swellbox reserves the right (and you authorize Swellbox) to share or disclose your Personal Information when Swellbox determines, in its sole discretion, that the disclosure of such information is necessary or appropriate: (1) to enforce our rights against you or in connection with a breach by you of this Privacy Policy or the Terms of Service Agreement; (2) to prevent prohibited or illegal activities; or (3) when required by any applicable law, such as to comply with a subpoena, rule regulation, or other legal process; when we believe in good faith that disclosure is necessary to protect our rights, protect your safety or the safety of others, investigate fraud, or respond to a government request.

    Business Transfers. Swellbox may sell, transfer or otherwise share some or all of its assets, including your Personal Information, in connection with a merger, acquisition, reorganization or sale of assets or in the event of bankruptcy. You will be notified via email and/or prominent notice on our Web site of any change in ownership or uses of your personal information, as well as any choices you may have regarding your personal information.

    Social Media Widgets. Our Web site includes Social Media Features, such as a link to our Facebook page as well as our Twitter account. These Features when clicked may collect your IP address, and may set cookies to enable it to function properly. Your interactions with these Features are governed by the privacy policy of the company providing it.

  10. Google Maps

    As part of the Service, Swellbox provides access to Google Maps to access location-related information about Healthcare Sources. If you access and use Google Maps as a part of the Service, you understand and agree that your use of Google Maps will be subject to Google's Privacy Policy, accessible at

  11. Upon request Swellbox, Inc. will provide you with information about whether we hold any of your personal information. Your Personal Information is yours. You can remove it anytime you want. All Account Holders may review, update, correct, delete inaccuracies, or delete their Account information by contacting us or by making edits via the Account section of the Site. You are able to review, update, correct, or delete inaccuracies of any family member listed within your account. However, there are limitations on what you can do to Healthcare Information originating from your professional Healthcare Sources such as insurance companies, your doctor and the like. You may be able to add notes related to such information in certain instances. While you may not be able to edit such information, you can always delete it.

    If you completely delete all your Personal Information, your Account may become deactivated and you may not be able to use the Service.

    We will retain your and your family member's information, including Personal Information, for as long as your Account is active or as needed to provide you the Service. If you would like to delete your entire Account from our system, you can choose to do so under "Settings" while logged in. You may also contact us at with a request that we delete such information. We will use commercially reasonable efforts to honor your request. Upon such request, your information including your Personal Information will be permanently expunged from our primary production servers and further access to your Account will not be possible. We will also promptly disconnect any connection we had established on your behalf to your Healthcare Sources, and delete all Access Information and other Submitted Material. Your data may also remain on a backup server or media. Swellbox keeps these backups to ensure our continued ability to provide the Service to you in the event of malfunction or damage to our primary production servers. We may retain an archived copy of your records as required by law or for legitimate business purposes. We also reserve the right to use any aggregated data derived from your Personal Information. We will respond to your request to access within a reasonable timeframe.

  12. Swellbox is very concerned with safeguarding your information. While we cannot guarantee the security of your Personal Information including your Healthcare Information under all circumstances, we take steps to protect your Personal Information including your Healthcare Information from loss, misuse, or unauthorized alteration by using industry-recognized security safeguards, coupled with carefully developed security procedures and practices. Whenever we download or receive transmitted sensitive information, such as Healthcare Information from Healthcare Sources, that information is encrypted during transmission (encryption does not pertain to transmissions Swellbox sends to you directly via e-mail, text or other direct communication- see section 13). When you enter sensitive information or otherwise provide Swellbox with access to sensitive information (such as login information and Access Information), we encrypt that information using secure socket layer technology (SSL). In some cases, we also encrypt certain sensitive information, such as Account passwords, where it is stored on our systems. In addition, Swellbox tests the Site periodically for any failure points that would allow hacking.

    However, please remember that the Internet is not a 100% secure environment, and therefore Swellbox cannot and does not guarantee that information you provide through the Service may not be accessed, disclosed, altered, or destroyed by breach of any of our physical, technical, or managerial safeguards.

    We will make any legally required disclosures of any breach of the security, confidentiality, or integrity of your unencrypted electronically stored "personal data" (as defined in applicable state statutes on security breach notification) to you via email or posting on this Site in the most expedient time possible and without unreasonable delay, insofar as consistent with: (1) the legitimate needs of law enforcement; or (2) any measures necessary to determine the scope of the breach and restore the reasonable integrity of the data system.

    Safeguarding information to help protect you from identity theft is a top priority. To that end, we do not and will not, at any time, request your credit card information, your login information or national identification numbers in a non-secure or unsolicited e-mail or telephone communication. If you receive such a request that appears to be from us, do not respond, delete the request, and notify us at For more information about identity theft and "phishing," visit the Federal Trade Commission's website.

    We reserve the right to access, read, copy, delete, and disclose (in a manner consistent with this policy and the Terms of Service Agreement) information on our systems and equipment, and to inspect any and all files stored or transmitted to our equipment.

    Swellbox accesses your Healthcare Information at your Healthcare Sources as your agent and with your authorization. Swellbox is not a "covered entity" under the Health Insurance Portability and Accountability Act of 1996 and the regulations promulgated thereunder ("HIPAA"). Nor is Swellbox a "business associate" as defined by the HIPAA Privacy Rule with any Healthcare Source since Swellbox acts as your agent when receiving and storing your Healthcare Information. HIPAA does not apply to the receipt or transmission of Healthcare Information by Swellbox.

  13. By becoming an Account Holder with Swellbox you grant Us permission to send certain Alerts and other communications by email which may contain Healthcare Information downloaded from your Healthcare Sources, such as lab results, visit summaries or other Healthcare Information. These Alerts and communications are sent for your convenience however please keep in mind that these email communications are not encrypted. You may opt-out of receiving such communications by logging into your Account and updating your notification preferences under Settings. We may also allow users to subscribe to email newsletters and from time to time may transmit promotional email. Account Holders have the ability to opt-out of receiving our promotional email and to terminate their newsletter subscriptions by following the instructions in the communication or updating your preferences in your Account. Opting-out in this manner will not end transmission of Service-related emails and certain Alerts.

  14. Your information may be transferred to — and maintained on — computers located outside of your state, province, country or other governmental jurisdiction where the privacy laws may not be as protective as those in your jurisdiction. If you are located outside the United States and choose to provide information to us, Swellbox may transfer Personal Information to the United States and process it there. If you are located in the United States and choose to provide information to us, Swellbox may transfer some Personal Information to a foreign jurisdiction and process it there. Your consent to this Privacy Policy followed by your submission of such information represents your agreement to such transfers.

  15. The Site may provide links to third party sites, services and products. The fact that we provide such a link is not an endorsement, authorization or representation of our affiliation with that third party, nor is it an endorsement of their privacy or information security policies or practices. These third parties may place their own cookies or other files on your computer, collect data or solicit personal information from you. Other sites follow different rules regarding the use or disclosure of the personal information you submit to them. We encourage you to read the privacy policies or statements of the other websites you visit. If you choose to use these separate products or services, disclose information to the providers, or grant them permission to collect information about you, then their use of your information is governed by their privacy policies. You should evaluate the practices of external services providers before deciding to use their services. Swellbox is not responsible for their privacy practices. If you click on a link to a third party site, Swellbox encourages you to check the privacy policy of that site. Swellbox may present links in a format that enables us to keep track of whether these links have been followed and whether any action has been taken on a third party website. We use this information to improve the selection of the third-party offers provided on the Site, and to improve the customized content on the Site.

  16. This Site is not directed to individuals under 18. However, as part of the Service, we may collect Personal Information about your children and dependents from you and your Healthcare Sources.

    We do not knowingly collect Personal Information from children under 13. If a parent or guardian becomes aware that his or her child has provided us with Personal Information without their consent, he or she should contact us at If we become aware that a child under 13 has provided us with Personal Information, we will delete such information.

  17. We maintain strict rules to help prevent others from guessing your password. We also recommend that you change your password periodically. Your password must be at least 6 characters in length.

    You are responsible for maintaining the security of your username and password. You may only provide these credentials to your authorized users that you permit to access and use the Site and Service including your Personal Information on your behalf. If you elect to provide these credentials to such an authorized user, you remain responsible for their access and use of the Site including the Service, as well as their misuse thereof, or other breach of the Terms of Service Agreement and this Privacy Policy.

    If you believe your username and password have been stolen or been made known to others other than by you, you must contact us immediately at, but in any event you should change your password immediately via the Service.

    We are not responsible, and you are solely responsible, for access and use of your Account, the Site including the Service through your Account information including your username and password.

    If you have a security related concern, please contact us at We will work closely with you to ensure a rapid and personal response to your concerns.

  18. If you have any questions about this Privacy Policy, please contact us at or at: 520 White Plains Rd, Ste. 500, Tarrytown, NY 10591; phone 914-703-5060. Please note that, unless we expressly advise you otherwise, the email facilities on the Service do not provide a means for completely secure and private communications. Although every attempt will be made to keep your information confidential, from a technical standpoint, there is still a risk. For that reason, please do not use email to communicate information to us that you consider to be confidential or containing Personal Information.

Log In

Log in
Forgot password?

Sign Up

Start getting your records in less than 2 minutes!

Terms of Service - Privacy Policy

Your records are Secure + Private

We protect your personal information using up to 256-bit Secure Socket Layer (SSL) encryption to create a secure connection to our servers (see that padlock in your browser).

Swellbox is also regularly scanned for potential vulnerabilities by McAfee Secure.

Got it!