When we say “personal data” we mean any information that can be used on its own or combined with other information to identify or contact you. This may include your contact information, health information, and usage information as explained in more detail below. In general, we use your personal data to provide our services to you and for our internal business purposes. We share your personal data in limited circumstances, such as with your healthcare provider, pursuant to your consent, or in ways permitted or required by law. You may have certain rights to your personal data, depending on what data it is and where you live. We describe those rights in further detail below.
We collect personal data, which means any information that can be used on its own or combined with other information to identify or contact you. We collect personal data when you register for, browse or use our app and website, connect with us on social media, or share additional information with us through an integrated service. This information may come directly from you, from your providers or other third parties, and from our use of data collection technologies on our app and website.
Depending on your relationship with us, we may collect the following categories of personal data about you:
We collect identifiers, such as your name, phone number, IP address and other online identifiers, and email address. This assists us in creating your user account, which you can use to receive the services, and providing customer support.
Protected classifications and demographic data:
We collect certain classifications and demographic information, such as your birth date, gender, height, and weight.
If you make payments via our app, we may ask you to provide your financial and billing information, such as billing name and address, credit card number or bank account information. While we may ask for this information, we rely on a third-party processor to collect and process payments. We also maintain records of the services purchased and your purchase history and tendencies.
We use common information-gathering tools, such as log files, cookies, web beacons, and similar technologies to automatically collect information, which may contain personal data, from your computer or mobile device as you navigate our services or interact with emails we have sent you. The information we collect may include your browser type, Internet service provider and/or mobile carrier, the pages and files you viewed, your searches, your operating system and system configuration information, and date/time stamps associated with your usage. This information is used to analyze overall trends, to help us provide and improve our services and to guarantee their security and continued proper functioning.
We collect your geolocation data based on your IP address and other information made available through your device depending on your device settings.
We may also collect inferences drawn from any of the information identified in this subdivision to create a profile about a consumer reflecting the consumer’s preferences, characteristics, psychological trends, predispositions, behavior, attitudes, intelligence, abilities, and aptitudes.
We may collect information regarding your racial/ethnic origin, genetic data, and health information (including your health conditions, medical history, symptoms, and communications about your health between you and the provider providing healthcare service). We collect this information to provide you with the services and to provide your healthcare provider providing healthcare services through the app with the information required to provide medical treatment.
We may process your personal data based on legitimate business interests, the fulfillment of our services to you, compliance with our legal obligations, and/or your consent. We may use or disclose your personal data when it is legally mandated or where it is necessary to fulfill those purposes described herein. Where required by law, we will ask for your prior consent before doing so.
Specifically, we process your personal data for the following legitimate business purposes:
We may also take steps to de-identify your personal data so that it no longer can be used to identify you. We may use such de-identified information for any lawful purposes.
The Antidote app is “native” to your device, meaning some information you enter into the app is stored directly on the device you use to access the app. We may also store some of your personal data on Antidote and third-party servers located in the United States. Please contact us if you want more information about what data is stored on your device and what data is stored on our servers or third-party servers.
We may disclose your personal data to the following parties:
We may disclose your information with other professionals that have or are treating you, such as medical groups, hospitals, health care providers (doctors, nurses, etc.) and others involved in providing you with medical care. We may also use or share information about you to coordinate services such as prescriptions, lab work or imaging. In some cases, we may disclose information through a health information exchange, which helps Antidote and other institutional treatment providers communicate and optimize your care. In addition to disclosures for treatment and to a health information exchange facilitating treatment, we may disclose information about you to third parties who may be involved in your care, such as any family members you have designated or in emergency situations, social service agencies, and other community partners. Antidote does not directly provide medical or clinical services and does not directly employ any Providers. However, we will share information you enter into the app, as well as any reports generated by the services based on the information you enter, with Providers involved in your treatment.
We may disclose your personal data with our business partners, who help us provide our services. These business partners are contractually bound to protect your personal data and to use it only for the limited purpose(s) for which it is shared with us. Business Partners’ use of personal data may include, but is not limited to, the provision of services such as data hosting, IT services, customer service, payment processing, session recording and remote access services, performance measurement services, pharmacies or other providers of medication or medical lab testing, data optimization and marketing services, content providers, and our legal and financial advisors. Such service providers may have access to personal data according to their roles and purposes and may only use the information for such purposes.
We may share your personal data with third parties that provide use services, including but not limited to, our lawyers, auditors, accountants, or banks, when we have a legitimate business interest in doing so.
We may share your personal data in the event of a reorganization, merger, sale, joint venture, assignment, transfer, or other disposition of all or any portion of Antidote’s corporate entity, assets, or stock (including in connection with any bankruptcy or similar proceedings).
If we share your personal data with a third party other than as provided above, you will be notiﬁed at the time of data collection or transfer, and you will have the option of not permitting the transfer.
We will retain your personal data for as long as you maintain a user account and for the amount of time required to fulfill our legal obligations or other business purpose. At the end of the applicable retention period, we will remove your personal data from our databases and will request that our business partners remove your personal data from their databases. If there is any data that we are unable, for technical reasons, to delete entirely from our systems, we will put in place appropriate measures to prevent any further processing of such data.
By default, we use several persistent cookies for purposes of session and user authentication, security, keeping the user’s preferences (such as regarding default settings), monitoring performance of our services, and generally providing and improving our services.
If you would prefer not to accept cookies, most browsers will allow you to adjust your settings to notify you when you receive them, automatically reject them or disable existing ones. Depending on your mobile device and operating system, you may not be able to block and delete all cookies.
Deleting cookies does not delete Local Storage Objects (LSOs) such as Flash Objects and HTML5 Local Storage or Session Storage. If you use Google Chrome, you can learn more about locally stored data in your browser, and how to control at: https://www.google.com/chrome/privacy/.
Please note that deleting our cookies or disabling future cookies may prevent you from accessing certain areas or features of our services or may otherwise adversely affect your user experience.
Most web browsers let you choose whether to accept cookies. Most also let you delete cookies already set. The choices available, and the mechanism used, will vary from browser to browser. Such browser settings are typically found in the “options”, “tools” or “preferences” menu. You may also consult the browser’s “help” menu. There are also online tools available for clearing all cookies left behind by the websites you have visited, such as www.allaboutcookies.org. Usually, deletion of cookies will anonymize the information associated with the pixel and a website will not receive any further associated information.
We are committed to protecting the security and conﬁdentiality of your personal data. We use a combination of reasonable physical, technical, and administrative security controls to maintain the security and integrity of your personal data, to protect against any anticipated threats or hazards to the security or integrity of such information, and to protect against unauthorized access to or use of such information in our possession or control that could result in substantial harm or inconvenience to you. However, internet data transmissions, whether wired or wireless, cannot be guaranteed to be 100% secure. As a result, we cannot ensure the security of information you transmit to us.
You are responsible for taking reasonable precautions to protect your user ID, password, and other user account information from disclosure to third parties, and you are not permitted to circumvent the use of required encryption technologies. You should immediately notify us at firstname.lastname@example.org. If you know of or suspect any unauthorized use or disclosure of your user ID, password, and/or other user account information, or any other security concern.
Depending on where you live or the type of services you obtain from us, you may have certain rights with respect to the personal data we maintain. These rights may include:
If you are a California resident, we may share your personal data with third parties for those third parties’ own marketing purposes. You have a right to request information about these disclosures pursuant to California’s “Shine the Light” law.
To exercise any of the rights listed above by emailing us at email@example.com. You may designate an authorized agent to make a request to exercise your rights on your behalf. Your authorized agent must be able to provide to us proof of your authorization.
For your protection, we may ask you and/or your agent to provide information to help us verify your identity prior to processing your request. For your protection, we reserve the right to deny any request from an agent who does not submit proof that they have been authorized to act on your behalf. We reserve the right to deny your request if we cannot verify your identity. If we deny your request in whole or in part, we will notify you of the denial and provide the reasons for the denial.
We may send emails to you that do not relate to the Services or your account with your consent. You can opt out of such marketing and other commercial emails at any time clicking “unsubscribe.”
The Children’s Online Privacy Protection Act (COPPA) protects the online collection of identifiable information from children under the age of 13. We do not knowingly collect information online from children under the age of 13 without parental consent. When we obtain parental consent, the parent/legal guardian(s) have the right to review or ask us to delete their child’s personal information, as well as to refuse to permit us to further collect or use your child’s personal information. To do any of these, please contact us at firstname.lastname@example.org with your request.
If you are a resident of California under the age of 18 and have registered for an account with us, you may ask us to remove content or information that you have posted to our app.