top of page

PRIVACY POLICY

Last Updated: October 11, 2022

modMD, PC (“Company” or “we” or “us” or “our”) is committed to protecting your privacy. This Privacy Policy (this “Policy”) describes how we collect, use, store, secure, and disclose your personal information when you access or use modmd.com (the “Website”) or our mobile application (“Mobile App”), and when you transmit information to us electronically or in hard copy in relation to our testing or related services (our “Services”). Our Website and Mobile App are sometimes collectively referred to as our “Platform”.

This Privacy Policy is in addition to and does not replace our Notice of Privacy Practices, which explains how we handle personally identifiable health information. We may revise this Policy from time to time. All updates will be posted on this web page. If we make any material changes in the way your personal information is handled, we will notify you by email (sent to the email address specified in your account) or by means of a notice on our Website prior to the change becoming effective.

By using our Services, you agree to the collection, use, disclosure, and procedures this Privacy Policy describes. Beyond the Privacy Policy, your use of our Services is also subject to our Terms of Service.

If you are a California resident, please also review our California Resident Privacy Notice for more information about the types of personal information we collect and disclose, as well as how to exercise your rights under California law.

ACCEPTANCE OF THIS PRIVACY POLICY

Before you use our Services, please read our Terms of Service.  By accepting the Terms of Service, you agree with our privacy practices as described in this Policy. If you do not agree with the terms of this Policy, please do not access the Platform or use our Services.

 

TYPES OF PERSONAL INFORMATION WE COLLECT AND HOW WE USE IT

Depending on the Services used, or which parties are involved, we process and store different combinations of personal information as set forth in this Policy.

PERSONAL INFORMATION COLLECTED FROM PARTICIPANTS

Through our test order process and via our Platform, we may collect and process personal information of a participant, including the following categories:

  • Personal details (including first and middle name, last name, birth date and/or age)

  • Address, email, and phone number

  • Gender, Ethnicity and nationality

  • Social Security Number

  • Valid government-issued identification document

  • CDC card

  • Covid-19 Vaccination card

  • Symptoms and other medical information, medical history

  • Sample material

  • Insurance/Payment Information (where provided); and

  • Test results and findings

  • Unique Identifier (often in the form of a barcode)

 

Such collected personal information is used to provide the Services and test results and to perform billing. All the collected personal information will be stored for as long as stated in the applicable consent form, or if none stated, at our discretion. The personal information will be processed by the Company for the performance of the specific analysis requested by the payor, and for informing the payor of the results of such analysis, all on the basis of the consent provided by the participant. Your phone number may be used to send voice and/or text
notifications relating to the Services you have engaged, including SMS and other reminders to complete your user profile. By calling or texting these modMD numbers (LA Dispatch: 833-663-6310, NY Dispatch: 833-663-6320, ATL Dispatch: 877-663-6369,  Tech Help: 833-663-6348), customers agree to receive text messages, If you no longer wish to receive text messages, you may opt out at any time by replying "STOP". 

PERSONAL DATA GENERATED BY TESTING RESULTS

After Services are carried out, a report may be prepared with the results of the Services. All the Services that you engage comprise a history that will be stored with us as required by applicable law.

WHAT IF YOU DON'T WANT TO PROVIDE YOUR PERSONAL DATA?

Failure to provide the data listed above does not entail any consequence other than the impossibility of using the Services.

PERSONAL INFORMATION COLLECTED FROM PAYORS

In order to provide the Services requested (including billing, etc.), we may collect and process the following personal information from payors:

  • Business details (including name, address)

  • Phone and fax number

  • Email address

  • Payment information (where provided)

 

All the payor information will be stored as long as the Company is providing Services to any of payor’s participants. Such payor information will be processed to inform the payor of the participants’ test results, any other requests from the payor, and for invoicing. All of such processing is for the purpose of performing a contract as between the Company and the payor to provide the Services.

We may also use personal information to share marketing information about our Services, and to do so, we may process your contact information or information about your interaction with our Services to send you marketing communications, provide you with information about events, webinars, or other materials, deliver targeted marketing to you, and keep you updated about our Services. You can opt-out of our marketing activities at any time by using the “unsubscribe” link in any email communications or by contacting privacy@modmd.com.

 

PERSONAL INFORMATION COLLECTED FROM VISITORS TO THE WEBSITE

Generally, individuals are able to visit our Website without disclosing personal information. Data is collected from the Website only to the extent technically necessary. For example, in some cases we may recognize personal data like the IP address as well as non-personal data like the name of the visitor’s Internet service provider, the website from which the visitor came to our Website, the pages that the visitor views on the Website, and what the visitor clicks on any given page. This data could possibly identify an individual, but the Company does not use it to do so.

Cookies: We may use cookies and similar tracking technologies to personalize your experience on our Website. Most web browsers are set to accept cookies by default. If you elect to opt out of accepting cookies from our site, you can set your browser to remove or reject browser cookies. Please note that if you choose to remove or reject cookies, this could affect the availability and functionality of our Services.  Our servers may also automatically record information created by your use of our Website and we may use visitor logs to compile anonymous statistics. This aggregate information is collected sitewide and contains anonymous website statistics and is not considered personal information.

“Do Not Track”: Some browsers incorporate a "Do Not Track" (DNT) or similar feature that signals to digital services that a visitor doesn’t want to have their online activity tracked. Because there is not yet an accepted standard for how to respond to DNT signals, we and our service providers (like many digital service operators) do not respond to DNT signals.

PERSONAL INFORMATION COLLECTED FROM VISITORS ON OUR MOBILE APP

Data is collected from the Mobile App only to the extent technically necessary to render Services. For example, in some cases we may recognize personal data like device ID, IP address, as well as non-personal data like the name of the visitor’s Internet service provider, the pages that the visitor views in the Mobile App, and what the user clicks on any given page. This data could possibly identify an individual, but the Company does not use it to do so.

We may also collect the data referenced above under "Personal Data Collected from Participants" from the Mobile App. Personal and sensitive data relating to COVID-19 may be collected from the Mobile App to directly support the public health emergency, and may only be used to support COVID-19-related efforts or epidemiological research.

Barcodes: We may use barcodes to uniquely identify a user and to transmit a user’s identity from one user to another user where the barcode is intentionally shared from one user’s Mobile App display and read by another user’s mobile camera, to be used in a supervisory capacity to confirm that certain of the PII from the former user meets the criteria for physical interaction monitored by the second user, via another instance of the Mobile App.  

Camera: The camera is used in certain situations as a barcode scanner to pull up patient records. This choice to utilize the camera is yours, and is not required to use the application.

 

Accessing and Saving Data from your Mobile Device: Our Mobile App will ask for your permission to use images from your photo gallery or PDF files from your device storage to read and write data to external storage for uploading your government-issued ID, insurance documentation, and vaccine records to our Platform. In the case that you choose to upload your information to our Platform, the Mobile App will ask for your consent to read and write your data. This choice is yours, and is not required to use the application.

 

PERSONAL INFORMATION COLLECTED FROM JOB APPLICANTS

If you apply for a position with us, we may collect your resume, contact information, employment and education history, and other related information. We may also receive information from references you identify and other third parties (for instance, background checks where permitted by applicable law).

PERSONAL INFORMATION PROVIDED VOLUNTARILY

We may collect personal information that you voluntarily provide to use, such as inquiries through our Platforms, information you provide about your business, etc., and is used only for the purpose of addressing the request received. In cases where social media services may be used, we do not have any influence on the storage and processing of providing personal information via the respective social media service. You are encouraged to review those privacy policies before sending us personal information via a social media service.

USE OF YOUR DATA

By engaging our services, we use your personal data to achieve the following purposes:

Registration on our Platform: we need to register you on our Platform. In this way, we can confirm your identity, control access, execution, and quality of the Services you engage.

Execution of contracted Services: we need your personal data to be able to perform the Services you engage accurately, record your history of Services performed, analyze your results, collect complaints or suggestions, and maintain communication. In addition, when you are covered by insurance, it may be necessary to share the type of Services requested and the date of completion, in accordance with the requirements of your insurer. Also, depending on what type of Services requested, it may be necessary to share the material collected with contracted laboratories, always respecting your privacy - only strictly necessary data may be shared and exclusively as needed for the performance of the Service.

To fulfill a legal obligation: There is a wide variety of legal obligations arising from the laws applicable to our activity (e.g. health, tax laws, etc), in addition, there are several supervisory authorities whose inspections we are also subject to. For this reason, after the Services are performed, your data must be stored with us for the period established by law.

INFORMATION WE SHARE

The Company may disclose your personal information as follows:

  • Our service providers, vendors, and other processors. We may share your personal information with our service providers, business partners, or other vendors that help us provide our Services to you. Such entities will be given access as is reasonably necessary to provide our Services, and only under contractual obligations that are at least as restrictive as this Policy and in compliance with applicable privacy laws. Agents, vendors, and service providers who may have access to protected health information and other special categories of personal data are contractually obligated to protect the privacy and security of such information. We may share payment information with our third party payment processor. 

  • Supervisory personnel. With your permission you may share relevant PII with supervisory personnel via a technical exchange between Mobile Apps enabled with a physical barcode scan, to confirm that certain of the PII from the sharing user meets the criteria for physical interaction monitored by the receiving user.  The minimum PII is transmitted for the receiving user to make a determination of whether further physical interaction is appropriate.

  • Change of control. We may share your personal information as part of a purchase, transfer, or sale of the Services or the company (for example, a corporate restructuring, merger or consolidation with, or sale of substantially all of our assets to a third party).

  • Safety and legal compliance. We may share your personal information if we believe that such disclosure is necessary to comply with any applicable laws, regulations, legal processes, or requests by public authorities (e.g., law enforcement, tax authorities, etc.); protect you, us, or other users’ rights or property, or to protect our Services, comply with or enforce our terms, agreements or policies. Such disclosure may be to parties outside your country of residence.

  • Your consent or express actions. We will share personal information when we have your consent to do so.

  • Our HIPAA Notice of Privacy Practices further describes how medical information about you may be used and disclosed and how you can get access to this information.

 

CHILDREN’S INFORMATION

Our Website are directed towards adults and are not designed for, intended to attract, or directed towards children under the age of 16. If you are under the age of 16, you must obtain the authorization of a responsible adult (parent or legal guardian) before accessing or using our Platform. If we become aware that we have collected any personal information from children under 16 without appropriate authorization, we will promptly remove such information from our databases.

THIRD-PARTY INFORMATION

You agree that you have provided notice to, and obtained consent from, any third party individuals whose personal information you supply to us, including with regard to (a) the purposes for which such third party’s personal information has been collected; (b) the intended recipients or categories of recipients of the third party’s personal information; (c) which of the third party’s information is obligatory and which information, if any, is voluntary; and (d) how the third party can access and, if necessary, rectify the information held about them.

LINKED WEBSITES

Our Platform may contain links to external websites. We do not maintain these sites and are not responsible for the privacy practices of sites that we do not operate. Please refer to the specific privacy policies posted on these sites.

INFORMATION ACCESS, UPDATES, AND CHOICE

You can update, amend or delete the personal information we store about you by contacting us at privacy@modmd.com.  Company email correspondence will include instructions on how to update certain personal information and how to unsubscribe from our emails and postal mail correspondence.  We will take reasonable steps, such as confirmation emails, to verify your identity before granting access to your personal information.

If you are a California resident, please review our California Resident Privacy Notice for more information about how to exercise your rights under California law.

RETENTION

We store your personal information for as long as we need it to provide you our Services, to serve the purpose(s) for which your personal information was processed, or as necessary to comply with our legal obligations, resolve disputes, or enforce our agreements to the extent permitted by law.

We store information used for marketing purposes indefinitely until you unsubscribe. Once you unsubscribe from marketing communications, we add your contact information to our suppression list to ensure we respect your unsubscribe request. Also, we retain any information collected via cookies, clear gifs, flash cookies, webpage counters and other technical or analytics tools up to one year from expiry of the cookie or the date of collection.

SECURITY MEASURES                   

We use reasonable technical, administrative and physical measures to protect information contained in our system against misuse, loss or alteration. Information that you provide through our Website is encrypted using industry-standard Secure Sockets Layer (SSL) technology, with the exception of information you send via email. Your information is processed and stored on controlled servers with restricted access, and in compliance with the Security Rule of the Health Insurance Portability and Accountability Act of 1966 (HIPAA). Unfortunately, no method of electronic transmission is 100% secure, so we cannot ensure or warrant the security of any information you transmit to our Platform, and you do so at your own risk. Please do not submit any personal health information or credit card information via email.

Please recognize that protecting your personal information is also your responsibility. You should keep your username, password, ID numbers, or other access credentials secure as we cannot secure personal information that you release on your own or that you request us to release. If we receive instructions using your log-in information we will consider that you have authorized the instructions.

INTERNATIONAL TRANSFERS OF DATA

Our Services are hosted in the United States and intended for visitors located within the United States. If you choose to use the Services from the European Union or other regions of the world with laws governing data collection and use that may differ from U.S. law, then please note that you are transferring your personal information outside of those regions to the United States for storage and processing. Also, we may transfer your data from the U.S. to other countries or regions in connection with storage and processing of data, fulfilling your requests, and operating the Services. By providing any information, including personal information, on or to the Services, you consent to such transfer, storage, and processing.

CONTACT US

If you have any questions regarding this Policy or our privacy practices, you may contact us at:
modMD, PC
208 Lincoln Boulevard
Venice CA 90291
privacy@modmd.com

bottom of page