Date Last Revised: February 28th, 2017
We value our privacy and security standards to guard against identity theft, to prevent unauthorized access or disclosure, and to provide secure and confidential treatment for your Personal information. We regularly re-evaluate these standards and adapt them as necessary to deal with new challenges. We engage a third party service vendor to review and test (and monitor) our systems and procedures that use and store your Personal Information.
We may update this privacy statement to reflect changes to our information practices. If we make any material changes we will notify you by email (sent to the e-mail address specified in your account) and/or by means of a notice on this Site prior to the change becoming effective. We encourage you to periodically review this page for the latest information on our privacy practices.
- The Sharing of Your Information
- Our Limited Collection and Use of Your Information
- The Collection and Use of Personal Information
- Non-Identifying Information May Be Used With Personal Information to Improve Your Experience
- Log Data is Used to Improve Our Service
- Online Session Information is Only Used to Improve Your Experience
- You May Opt to Provide Personal Information for Site Promotions
- Swellbox Feedback
- Limited Information Sharing and Disclosure to Third Parties
- Third Party Services
- You Can Change or Delete Your Information
- The Security of Your Personal Information is Important to Us
- Email Communications from Us
- International Transfer is Possible
- Third Party Advertisers Will Not Be Given Your Personal Information Without Your Consent
- Our Policy Toward Children
- You are Responsible for Maintaining the Confidentiality of your Username and Password
- Contacting Us
We will share your personal information with third parties only in the ways that are described in this privacy statement. Swellbox uses and discloses your Personal Information as follows:
- to analyze the Site's usage and improve the Site including the Service;
- to deliver to you the Service and any administrative notices, Alerts and communications relevant to your use of the Site, including the Service;
- to send you newsletters
- to fulfill your requests for certain products and services;
- for market research, project planning, troubleshooting problems, information processing, detecting and protecting against error, fraud or other criminal activity;
- to third-party contractors that provide services to Swellbox and that are bound by these same privacy restrictions;
- to enforce Swellbox's Terms of Service Agreement; and
As used in this Policy, the terms "using" and "processing" information (or derivatives of such terms) include using cookies on a computer, subjecting information to statistical or other analysis, and using or handling information in any other way, including collecting, storing, evaluating, modifying, deleting, using, combining, disclosing and transferring information within our organization or among our affiliates.
Our primary goals in collecting information are to enable us to deliver the Service to you, to provide and improve our Site including the Service, and to enable users to enjoy and easily navigate the Site.
Certain areas and features of the Site are available to you without registration or the need to provide to us any information. However, other features of the Site or the Service may require the provision of Personal Information, as detailed below.
When you register with us through the Site, we will ask you for Personal Information such as name and email address. We use this Personal Information to create a Swellbox account ("Account"). We also use your Personal Information primarily to provide the Service and to administer your Account and inquiries.
As a registered Account Holder of the Service, you will grant Swellbox access to your and/or your dependents' Healthcare Information which may include details on doctor visits and notes, immunizations, medications, lab results, insurance claims, etc., to the extent any of them are available, of which some or even all may be very sensitive in nature, stored at third party Healthcare Sources so that Swellbox can retrieve such information for your and your authorized users' use via the Service. Your authorized users are either those individuals to whom you provide your Account login information, including your username and password information, or users that you give permission to access your account (via an e-mail invite through our site) with their own login and password, so that they can use the Service on your behalf and/or alongside you. These authorized users may include, for example, a physician or adult family member. You are also able to, in certain cases, see what medical services have been provided, view prescription details regarding amounts and dosage, what was paid by your insurance, and also see where your prescriptions were filled. While using the service you may be able to print out any available medical forms you may need for reimbursement, tag events/treatments within the application to better organize information, and attach and store external files in designated areas of the site.
By providing Swellbox with your Access Information, you understand that Swellbox, as your agent and on your behalf, will access, retrieve, import and store your and/or your dependents' (as designated by you) Personal Information including Healthcare Information from such Healthcare Sources, in order to make it available and viewable through the Service. Depending on the Healthcare Source to which you provide Swellbox access as your agent, Healthcare Information that is posted to the Healthcare Source will be viewable by you, your authorized users and Swellbox via the Service. If the Healthcare Source becomes unavailable or terminates Swellbox's access to the Healthcare Source, any Healthcare Information from that Healthcare Source may no longer be available or viewable via the Service.
We will collect the first and last name of your physician and attempt to match it to contact information from a separate available data source (which may not always be accurate) to make it easier for you to locate the numbers you need. You are also able to send this information to yours or a family member's phone so that you may easily access it. If you wish to have it sent to your phone we will ask for yours or your family members' mobile number so that we may send you or your family member an SMS message with the information you requested.
If you choose to use our referral service to tell a friend about our site, we will ask you for your friend’s name and email address. We will automatically send your friend a one-time email inviting him or her to visit the site. Swellbox stores this information for the sole purpose of sending this one-time email and tracking the success of our referral program.
You may also provide personal information about other people, such as their name, date of birth and gender. This information is only used for the sole purpose of completing your request or for whatever reason it may have been provided.
You may terminate the Service's access to any Healthcare Source at any time by emailing email@example.com
Other online services, such as the Healthcare Sources, follow different rules regarding the use or disclosure of your Personal Information. We encourage you to read the privacy policies and terms of service of the other online services you use.
We also use your Personal Information to contact you, including to provide you Alerts and other information that may be of interest. If you decide at any time that you no longer wish to receive such communications from us, please follow the unsubscribe instructions provided in any of the communications or update your preferences via the Account section of the Site. (See "You Can Change or Delete Your Information," below.)
We may use your Personal Information to improve the quality and value of the Site including the Service (for example, to deliver information to you according to your preferences or restrictions) and to analyze and understand how our Site and Service are used.
From time to time we may request other Personal Information to provide you with other benefits of the Service. In such instances, you will be given the opportunity to provide or to decline to provide that information, and it will be used only for the stated purpose.
We collect other information that you provide as part of registration and the administration of your Account (e.g., zip code (on its own), city and state and individual preferences) ("Non-Identifying Information"). We also may publicly display on the Site certain Healthcare Information that is Non-Identifying Information.
Certain Non-Identifying Information (e.g., your zip code) would be considered part of your Personal Information if it were combined with other identifiers (e.g., combining your zip code with your street address) in a way that enables you to be identified, but would be considered Non-Identifying Information when they are taken alone or combined only with other non-identifying information. We may combine such Non-Identifying Information and aggregate it with similar information collected from other Swellbox Account Holders to attempt to provide you with a better experience, to improve the quality and value of the Service and to analyze and understand how our Site and Service are used.
When you visit the Site, our servers automatically record information sent by your browser ("Log Data"). This Log Data may include information such as your computer's Internet Protocol ("IP") address, pages of our Site that you visit, the time spent on those pages, information you search for on our Site, access times and dates, and other statistics. We may aggregate, analyze and evaluate such information for the same purposes as stated above regarding other Non-Identifying Information. We use this information to monitor and analyze use of the Site including the Service, to increase their functionality and ease of use, and to better tailor it to our users' needs. We also use this information to verify that users meet the criteria required to process their requests and for the Site's technical administration.
When you visit the Site, we may collect technical and navigational information, such as computer browser type, IP address, pages visited, and average time spent on our Site. This information may be used, for example, to alert you to software compatibility issues, or it may be analyzed to improve our Web design and functionality.
Some of our pages utilize framing techniques to serve content from our partners while preserving the look and feel of our site. Please be aware that you are providing your personal information to these third parties and not to www.swellbox.com.
From time to time we may provide you the opportunity to participate in surveys, contests or sweepstakes (collectively, "Promotions") on our Site. If you decide to participate, we will request certain Personal Information from you. Participation in these Promotions is completely voluntary and you have a choice whether or not to disclose the requested information. We use this information to administer your participation in each Promotion.
We may post Account Holders' feedback, testimonials, comments and suggestions ("Feedback") on the Site. If the Feedback contains Personal Information, we will obtain an Account Holder's consent via email prior to posting the Feedback in conjunction with such Account Holder's Personal Information. To request removal of your personal information from our testimonials, comments or suggestions, contact us at firstname.lastname@example.org. In some cases, we may not be able to remove your personal information, in which case we will let you know if we are unable to do so and why.
Aggregate Information and Non-Identifying Information. We may share aggregated information that does not contain Personal Information and we may otherwise disclose Non-Identifying Information and Log Data with third parties for enhancement of features of the Service, industry analysis, demographic profiling and other purposes. Any aggregated information shared in these contexts will not contain your Personal Information. We may aggregate Personal Information and disclose such data only in a non-personally identifiable manner to: (1) advertisers and other third parties for their marketing and promotional purposes, such as the number of users who received a test; (2) organizations approved by Swellbox that conduct research on healthcare-related topics; and; (3) other users of the Service for purposes of comparison of healthcare-related issues or costs relative to the broader community. Such information does not identify you individually. Access to your Account information, Healthcare Information and any other Personal Information you provide is strictly restricted and only used in accordance with specific internal procedures and safeguards, in order to operate, develop, improve and deliver the Service.
Service Providers. We may employ third party companies and individuals to facilitate our Site including the Service, to provide the Service on our behalf, to perform Site-related services (such as sending e-mail messages on our behalf or hosting and operating a particular feature of the Service) or to assist us in analyzing how our Site and Service are used. These third parties have access to your Personal Information only to perform these tasks on our behalf. Our contracts with these third parties outline the appropriate use and handling of your information and prohibit them from using any of your Personal Information for purposes unrelated to the service they're providing. We require such third parties to maintain the confidentiality of the information we provide to them.
Business Transfers. Swellbox may sell, transfer or otherwise share some or all of its assets, including your Personal Information, in connection with a merger, acquisition, reorganization or sale of assets or in the event of bankruptcy. You will be notified via email and/or prominent notice on our Web site of any change in ownership or uses of your personal information, as well as any choices you may have regarding your personal information.
Upon request Swellbox, Inc. will provide you with information about whether we hold any of your personal information. Your Personal Information is yours. You can remove it anytime you want. All Account Holders may review, update, correct, delete inaccuracies, or delete their Account information by contacting us or by making edits via the Account section of the Site. You are able to review, update, correct, or delete inaccuracies of any family member listed within your account. However, there are limitations on what you can do to Healthcare Information originating from your professional Healthcare Sources such as insurance companies, your doctor and the like. You may be able to add notes related to such information in certain instances. While you may not be able to edit such information, you can always delete it.
If you completely delete all your Personal Information, your Account may become deactivated and you may not be able to use the Service.
We will retain your and your family member's information, including Personal Information, for as long as your Account is active or as needed to provide you the Service. If you would like to delete your entire Account from our system, you can choose to do so under "Settings" while logged in. You may also contact us at email@example.com with a request that we delete such information. We will use commercially reasonable efforts to honor your request. Upon such request, your information including your Personal Information will be permanently expunged from our primary production servers and further access to your Account will not be possible. We will also promptly disconnect any connection we had established on your behalf to your Healthcare Sources, and delete all Access Information and other Submitted Material. Your data may also remain on a backup server or media. Swellbox keeps these backups to ensure our continued ability to provide the Service to you in the event of malfunction or damage to our primary production servers. We may retain an archived copy of your records as required by law or for legitimate business purposes. We also reserve the right to use any aggregated data derived from your Personal Information. We will respond to your request to access within a reasonable timeframe.
Swellbox is very concerned with safeguarding your information. While we cannot guarantee the security of your Personal Information including your Healthcare Information under all circumstances, we take steps to protect your Personal Information including your Healthcare Information from loss, misuse, or unauthorized alteration by using industry-recognized security safeguards, coupled with carefully developed security procedures and practices. Whenever we download or receive transmitted sensitive information, such as Healthcare Information from Healthcare Sources, that information is encrypted during transmission (encryption does not pertain to transmissions Swellbox sends to you directly via e-mail, text or other direct communication- see section 13). When you enter sensitive information or otherwise provide Swellbox with access to sensitive information (such as login information and Access Information), we encrypt that information using secure socket layer technology (SSL). In some cases, we also encrypt certain sensitive information, such as Account passwords, where it is stored on our systems. In addition, Swellbox tests the Site periodically for any failure points that would allow hacking.
However, please remember that the Internet is not a 100% secure environment, and therefore Swellbox cannot and does not guarantee that information you provide through the Service may not be accessed, disclosed, altered, or destroyed by breach of any of our physical, technical, or managerial safeguards.
We will make any legally required disclosures of any breach of the security, confidentiality, or integrity of your unencrypted electronically stored "personal data" (as defined in applicable state statutes on security breach notification) to you via email or posting on this Site in the most expedient time possible and without unreasonable delay, insofar as consistent with: (1) the legitimate needs of law enforcement; or (2) any measures necessary to determine the scope of the breach and restore the reasonable integrity of the data system.
Safeguarding information to help protect you from identity theft is a top priority. To that end, we do not and will not, at any time, request your credit card information, your login information or national identification numbers in a non-secure or unsolicited e-mail or telephone communication. If you receive such a request that appears to be from us, do not respond, delete the request, and notify us at firstname.lastname@example.org. For more information about identity theft and "phishing," visit the Federal Trade Commission's website.
We reserve the right to access, read, copy, delete, and disclose (in a manner consistent with this policy and the Terms of Service Agreement) information on our systems and equipment, and to inspect any and all files stored or transmitted to our equipment.
Swellbox accesses your Healthcare Information at your Healthcare Sources as your agent and with your authorization. Swellbox is not a "covered entity" under the Health Insurance Portability and Accountability Act of 1996 and the regulations promulgated thereunder ("HIPAA"). Nor is Swellbox a "business associate" as defined by the HIPAA Privacy Rule with any Healthcare Source since Swellbox acts as your agent when receiving and storing your Healthcare Information. HIPAA does not apply to the receipt or transmission of Healthcare Information by Swellbox.
By becoming an Account Holder with Swellbox you grant Us permission to send certain Alerts and other communications by email which may contain Healthcare Information downloaded from your Healthcare Sources, such as lab results, visit summaries or other Healthcare Information. These Alerts and communications are sent for your convenience however please keep in mind that these email communications are not encrypted. You may opt-out of receiving such communications by logging into your Account and updating your notification preferences under Settings. We may also allow users to subscribe to email newsletters and from time to time may transmit promotional email. Account Holders have the ability to opt-out of receiving our promotional email and to terminate their newsletter subscriptions by following the instructions in the communication or updating your preferences in your Account. Opting-out in this manner will not end transmission of Service-related emails and certain Alerts.
This Site is not directed to individuals under 18. However, as part of the Service, we may collect Personal Information about your children and dependents from you and your Healthcare Sources.
We do not knowingly collect Personal Information from children under 13. If a parent or guardian becomes aware that his or her child has provided us with Personal Information without their consent, he or she should contact us at email@example.com. If we become aware that a child under 13 has provided us with Personal Information, we will delete such information.
We maintain strict rules to help prevent others from guessing your password. We also recommend that you change your password periodically. Your password must be at least 6 characters in length.
If you believe your username and password have been stolen or been made known to others other than by you, you must contact us immediately at firstname.lastname@example.org, but in any event you should change your password immediately via the Service.
We are not responsible, and you are solely responsible, for access and use of your Account, the Site including the Service through your Account information including your username and password.
If you have a security related concern, please contact us at email@example.com. We will work closely with you to ensure a rapid and personal response to your concerns.