Scope
We care about your online privacy. This Privacy Policy (the “Policy”) describes our practices with respect to collection, use, disclosure and protection of your information when you visit www.telesesh.com (the “Platform”).
Note that this Policy is only valid on our Platform, not any third party networks, even if they are referenced on our Platform. It is your responsibility to familiarize yourself and comply with any relevant third party networks.
If you visit our Platform, that signifies your legal acceptance of the Policy. You must exit the Platform if you do not agree with any provision(s) of this Privacy Policy. We reserve the right to change this Policy at any time at our sole discretion. The effective dateof the last update is at the top of this page, so visit it occasionally to see if there are any changes.
2. Collection of User Data
We collect the following PHI( Personal Health Information)and Personal Informationduring the intake portion of onboarding and throughout your use of our Services:
- Name
- Health history
- Payment Information
- Credit card
- Stripe
- Communications: if you contact us for any reason, we will receive whatever information you voluntarily provide(e.g., your feedback, ratings and reviews).
- Your Devices: device identifiers, phone manufacturer and carrier, browser,IP address, operating system version, mobile advertising identifiers, application installations.
- Platform Interaction: we see what content our Platform users access, when and how they interact with the Platform content/pages.
We store this information securely within our HIPAA and FERPA compliant application, which is hosted on secure, encrypted servers.
3. Use Of Data
We use the collected datafor the following purposes:
- To communicate with you, including sending appointment reminders and therapy-related newsletters (with an opt-out option)
- To provide the services and/or information that you have asked for.
- To respond to a court order, regulatory request or legal process.
- To enforce our rights, carry out our obligations, prevent fraud, facilitate disputes between users.
- To accomplish any other purpose for which the information was provided.
4. Data Sharing
We only share your PHI and Personal Information in the following circumstances:
- With your explicit consent via a signed authorization form
- With your therapist to facilitate treatment
- With MailChimp, a secure email marketing platform, for sending appointment reminders and newsletters (you may opt-out at any time)
We do not sell or share your PHI or Personal Information with any third parties for marketing or advertising purposes.
Access to your PHI and Personal Information is strictly limited to authorized personnel who need this information to provide Services to you. All access is password-protected and logged for auditing purposes.
5. HIPAA Policy
Your Rights and Choices Under HIPAA and other applicable laws, you have the right to:
- Access and receive a copy of your PHI andPersonal Information
- Request corrections to your PHI and Personal Information
- Request restrictions on how we use or disclose your PHI and Personal Information
- Request confidential communications
- Receive an accounting of disclosures of your PHI and Personal Information
- File a complaint if you believe your privacy rights have been violated
6. Disclosure of Data
In addition to sharing your data as described above, we may disclose the collected personal informationas follows:
- In case there is a sale, merger or other transfer in the ownership of our Platform, thesuccessor will receive personal information about our Platform users along with the assets transferred.
- To our contractors, business partners, third party service providers and other entities or individuals who provide support for our Platform. For example, integration and API partners.
- If we decide that disclosure is appropriate to protect the property, safety, rights of the Platform, its users or the public.
- Aggregated, anonymized informationthat does not identify any particular user can be disclosed without restriction.
7. Cookie Policy
Cookies are small bits of text dataplaced on your device when you visit sites. Cookies record data about your activity, such as which pages you view and what you click on. Cookies assist our Platform to recognize your device when you return. For example, cookies can help us to remember your preferences, username, analyze the performance of our Platform and recommend content that may be most relevant to your interests.
Here are the reasons we may use cookies:
- Analytics. This type of cookies shows us which pages users view, which links are popular, etc. These cookies only provide anonymized information that does not identify anybodypersonally. This information is then bundled with the similar information from the other users, so that we can analyze the general usage patterns.
- Essential cookies. These are necessary to provide the services that you have asked for.Without these essential cookies, our Platform would not be able to operate. They are necessary to enable users to navigate through the Platform and use its main features. E.g., essential cookies identify registered users so that they can access member-only areas of the site. Essential cookies keep users logged in. If a subscriber disables essential cookies, that subscriber won’t be able to get to all of the content that a subscription entitles them to. These cookies don’t collect information that could be utilized for the purposes of marketing or figuring out what places on the internet you have visited.
- To improve your browsing experience. This type of cookies enables the site to remember users’ preferences and settings, such as geographic region or language. They can also be used to restrict the number of times an ad is shown, to remember which forms you have already filled in, so that you don’t have to do it again.
- To implement tracking technology on our Platform. This tracking does not use your personal information; it uses deidentified data (i.e., data that cannot be tiedspecifically to you). We will not combine this data with your other personal information without your prior express permission.
There is a way to turn off cookies by going to your browser’s Helpor Settings menu. However, keep in mind that disablingcookies may limit your use of the Platformand/or delay or affect the way in which it operates.
8. Data Security
Only our administrators are allowed to access our Platform’s password-protected server where your personal information is stored. We utilize SSL. However, any transmission of information over the Internet has its inherent risks, so we cannot guarantee theabsolute security of your personal information. Transmitpersonal information over the Internet at your own risk. We shall not be liable for circumvention of security measures or privacy settings on the Platform. It is your responsibility to keepyour login credentials, if any, confidential.
We retain your PHI and Personal Information only for as long as necessary to provide Services to you and comply with legal and ethical obligations. When no longer needed, we securely destroy or de-identify your information in accordance with HIPAA regulations.
9. Children’s Privacy
Our services are directed to children of all ages. We collect personal information from children only as part of providing therapy services to them. For children under the age of 13, this collection occurs only after obtaining verifiable parental consent.
The personal information we collect from children may include: name, date of birth, health insurance information, medical history, diagnostic information, treatment notes, and other data necessary for therapy. We gather this information from parents/guardians directly as well as from therapy sessions with the child.
We use and disclose children’s personal information only for providing treatment, obtaining payment for services, and conducting our health care operations. These uses are in compliance with the Health Insurance Portability and Accountability Act (HIPAA) and Family Educational Rights and Privacy Act (FERPA), which allow for the collection and use of pediatric health data with parental consent (for children under 13) for treatment purposes.
We do not sell or otherwise disclose children’s personal information to third parties except as described in this Privacy Policy (for example, to the child’s therapist to facilitate treatment) or as required by law. Parents/guardians can request to review or delete their child’s personal information, or refuse further collection, by contacting us at the email below.
We retain children’s personal information only for as long as necessary to fulfill treatment purposes, bill for services, and comply with legal and ethical record-keeping requirements. After such time, we securely dispose of the information in accordance with HIPAA regulations.
10. Users’ Rights, CCPA
- We will not share your personal information with third parties for their direct marketing purposes to the extent it is forbidden by law. If our practices change, we will do so in accordance with applicable laws and will notify you in advance. California law requires that operators of online services disclose how they respond to a Do Not Track signal. Some browsers have incorporated “Do Not Track” features. Most of these features, when turned on, send a signal or preference to the online service that a user visits, indicating that the user does not wish to be tracked. At this time we do not respond to Do Not Track signal.
- You can request disclosure of your information collected by us by writing to the email at the end of this Policy. We will then provide the requested information, its sources and purposes of use, in a portable and easily accessible format within 45 days of the request.
- You have the right to request deletion of your personal information from our systems by submitting a request to the email at the end of this Policy.
- You have the right to nondiscrimination for exercising your rights. That means you cannot be denied goods or services, charged different prices, or provided different quality of goods/services for asserting your legal rights.
11. International Transfer
We process your personal information in the Unites States. This is where it will be transferred to in case you are located somewhere else. By submitting any personal information to us, you agree to its transfer to and processing in the Unites States.
12. EU Users’ Rights
This section of our Privacy Policy applies to the users of our Platform in the European Union. We would like to inform you about your GDPR rights and how we safeguard them.
- Your GDPR rights to be informed, to access, rectify, erase or restrict the processing of your personal information. You have the right to obtain free information about what personal data we have obtained about you, where it is stored, for how long, for what purposes it is used, to whom it was disclosed. You have the right to have us, without undue delay, rectify of inaccurate personal data concerning you. That means you can request we change your personal data in our records, or have your incomplete personal data completed. You have the “right to be forgotten,” i.e. to have us delete your personal information, without undue delay, if the data is no longer necessary in relation to the purposes for which it was collected. However, GDPR gives us the right to refuse erasure if we can demonstrate compelling legitimate grounds for keeping your information.
- GDPR gives you the right to restrict processingif any of the following applies:
i. If you contest the accuracy of your personal data, we will restrict processing it for a period enabling us to verify its accuracy.
ii. The processing is unlawful and you oppose its erasure and request instead the restriction of its use.
iii. We no longer need your personal data for the purposes of the processing, but you require us to restrict processing for the establishment, exercise or defense of legal claims.
iv. You have objected to processing pursuant to Article 21(1) of the GDPR pending the verification whether our legitimate grounds override yours. - Right to data portability. Upon request, we will provide you your personal data in our possession, in a structured, commonly used and machine-readable format. You have the right to transmit that data to another controller if doing so does not adversely affect the rights and freedoms of others.
13. Accessing and Correcting Your Personal Information
You can view and edit some of your account information yourself after logging in. If you terminate account, we may retain some information for as long as necessary to evaluate Platform usage, troubleshoot issues, resolve disputes and collect any fees owed. If you have any questions or wish to ask to access, modify or delete any of your personal data on our Platform, please contact us. Note that we can deny your request if we think it would violate any law or cause the information to be incorrect.