Last Updated: May 18, 2020
Table of Contents
- Collection of Your Personal Information
- How We Share and Use Information
- Your Choices
- Access to Your Information
- International Users
- Business and Professional Users
- California Disclosures
- Contact Us
- Effective Date
In general, the Conversa Services are provided to individual users on behalf of a Conversa Customer, which may be a healthcare provider, insurer, employer, or other entity.
PLEASE NOTE – If you use Conversa Services that are made available to you by a Conversa Customer, we will share the information you provide, including your chat sessions, with the Conversa Customer.
The personal information in the Services is subject to applicable privacy and security laws. Where the Services are made available by a Conversa Customer that is subject to a federal medical privacy law called HIPAA (Health Insurance Portability and Accountability Act), that law will also apply.
Collection of your Personal Information
- Information Collected from All Visitors to our Website
As background, cookies are small text files that websites can send to your browser, which your computer stores, that can automatically collect server domain names, IP addresses, type of computer, type of browser, and information about what pages are visited. We may use both session cookies and persistent cookies. You can set your browser to decline cookies or notify you before accepting cookies, although if you decline them, the website may not function properly. Web beacons, which are small bits of code embedded invisibly in web pages or emails, can be used to communicate with cookies, count visitors, and understand usage patterns. Web log data may include visitors’ IP address, browser data, operating system, prior web page, pages visited and how long visits lasted, links clicked on, and similar statistics.
If you visit our website from a mobile device, our site may collect certain information sent by your mobile browser, such as device identifier, user settings, your device’s operating system, and information about your visit and use of the site.
- Information Collected about Patients Who Use Conversa Services
Your signup process may vary depending on the Conversa Customer that has made the Services available to you. For example, some Conversa Customers place a link on their websites that their users can click to reach a webpage to start using the Services. Other Conversa Customers may talk to their users in person about whether the users would like to use the Services, and, if so, the Conversa Customer initiates the enrollment process based on the user’s input. Or, the Conversa Customer may give us certain information about you so that we can contact you to initiate Services. This information may include your name, email address, phone number, gender, age, whether you prefer to receive invitations to chat sessions via text or email, and other relevant information, depending on how the Services are deployed. A Conversa Customer that is your healthcare provider may also give us with certain medical information, which may come from your electronic health record, to help us provide you the appropriate type of Services. For example, the automated chat sessions used with patients who have diabetes are different from those used with patients recovering from knee surgery.
If you use the Services, you will receive regular invitations to start an automated chat session. These invitations will come to you by email or text. (See below for more information about these emails or texts.) Once you click on a link in that email or text, you’ll be taken to a website where you’ll be asked automated questions and you’ll select answers based on your experience. For example, you might be asked if your knee pain today is better than, worse than, or the same as yesterday. Your responses to the questions you’re asked in these automated chat sessions will be part of the personal information we collect.
How We Share and Use Information
We use information about our users to perform and provide the Services, to improve and expand the Services, and, for related business operations, such as communicating with you.
Disclosures of personal information about our users can be grouped as follows:
1) Routine disclosures
- As noted above, personal information you share with us, including your responses in chat sessions, will be disclosed to the Conversa Customer that is making the Services available to you. In some cases, the Conversa Customer will receive all the information you provide, whereas in other cases, the Conversa Customer will receive a summary of the information you provide
- We will share personal information with vendors that help us provide the Services, subject to contractual limitations imposed on the vendors and applicable law.
- We may share statistical and/or anonymous information with third parties for research and analysis, marketing or business operations, or similar purposes.
2) Disclosures we might make under unusual circumstances
- We will make disclosures of personal information where we have a reasonable belief that the disclosures are required by law. This may include disclosures in response to subpoenas, court orders, and discovery requests, as permitted by applicable law.
- We may report what appears to be illegal or fraudulent conduct to law enforcement authorities.
- We may disclose personal information if we reasonably believe the disclosure is needed to respond to a threat of physical harm or to defend or assert legal rights.
Except as explained here, we will not share your personal information with third parties unless you specifically authorize us to do so.
Conversa gives you important choices about your personal information, including:
- Whether you want to use the Services;
- Whether you want to receive informational emails or newsletters from us, if applicable;
- Whether you want to discontinue the Services at any time—you can simply ignore the invitations to chat sessions you will receive, or you can unsubscribe through the unsubscribe methods we provide.
- Where applicable, whether you want to receive the invitation to each chat session via ordinary email or text message (SMS).
Important note about privacy and security—ordinary email and text messages are not considered secure. That’s why we won’t include any details about your health in the invitations to automated chat sessions that we send by email or text. Instead, your email or text invitation to a chat session will take you to a dedicated website where the actual session discussing your health will take place. In some cases, the chat sessions will be available by text invitations only, whereas in other cases, you can choose whether you want to receive chat invitations by email or by text.
By agreeing to use the Services, which involve sending you invitations to individual chat sessions by ordinary email or text messages, as applicable, you are indicating that you understand that ordinary email or text may not be secure and you nonetheless want to receive your invitations to chat sessions via ordinary email or text messages.
Your Rights Regarding Personal Information
You may have certain rights under applicable privacy law to access, amend, delete, or make do-not-sell requests regarding the personal information we have collected about you. Most Conversa Customers require that these requests be handled through them. If you’d like to exercise your rights regarding your personal information, you should contact the Conversa Customer making the Services available to you. You may also contact us at firstname.lastname@example.org. but please be aware that we may direct you to send your request to the Conversa Customer.
We are committed to maintaining the security of personal information. We use reasonable and appropriate technical, administrative, and physical controls to protect personal information from loss, misuse, or alteration. If we share personal information with vendors, we subject them to contractual and legal controls regarding the protection, use, and disclosure of the information. However, because there is always some risk that unauthorized or illegal access to your information could occur or that data sent over the Internet could be intercepted, we cannot guarantee absolute data security.
In general, Conversa users must be 18 years of age or older. However, some Conversa Customers make the Services available to users who are 16 years of age or older. Check with the Conversa Customer making the Services available to you about age-based eligibility.
Business and Professional Users
California law requires websites to explain certain online practices regarding tracking of visitors. Some web browsers have a “Do Not Track” feature that lets a user have the browser notify websites that the user does not want to have his or her online activities tracked. Our website and Services currently do not respond to such browser-initiated signals.
Conversa does not disclose personal information to third parties for their direct marketing purposes.
Conversa does not sell personal information, as defined by the California Consumer Privacy Act (CCPA), and therefore we do not have a mechanism for you to instruct us not to sell your personal information. Where a Conversa Customer makes the Services available to you, Conversa acts as a service provider, as defined by the CCPA, to that Customer. Conversa follows the instructions provided by Conversa Customers with respect to CCPA consumer rights. If you would like to exercise the rights afforded you as a California consumer under the CCPA, please contact the Conversa Customer that is making the Services available to you.