Notice of Privacy Practices

Your privacy is important to us. This privacy policy explains how AZOVA, INC. (“we”, “us”, “our” or “Company”) looks after your personal information when you visit one of our websites (www.AZOVA.com, www.AZOVA.co, www.azovahealth.com and www.vaxigo.com), together our “Sites”) or the AZOVA and Vaxigo mobile device applications (the “Apps”), or when you engage with us to use the products or services that we provide. This privacy policy also tells you about how we may use that information, with whom we may share it and the rights and choices that may be available to you. Our privacy policy also describes the measures we take to protect the security of the personal information. We also tell you how you can reach us to answer any questions you may have about our privacy practices.

1. IMPORTANT INFORMATION AND WHO WE ARE

About AZOVA

Via our Sites and Apps, AZOVA provides a platform for healthcare professionals and pharmacists to build digital health businesses, including telemedicine clinics and other digital clinics and to conduct e-commerce transactions and a platform for patients to obtain in-office, e-visit, house call, mobile or onsite clinic consultations from any healthcare professional or pharmacist, and to access laboratory, vaccination, imaging center or other medical products and services and to upload, request and share health information (collectively known as the “Services”)

Purpose of this Privacy Policy

This privacy policy aims to give you information on how AZOVA collects and processes your personal data through your use of its Sites and Apps (together the “Application”), including any data you may provide via the Application or when you engage with the Application to use its Services. It is important that you read this privacy policy together with any other privacy policy or fair processing notice we may provide on specific occasions when we are collecting or processing personal data about you so that you are fully aware of how and why we are using your data. This privacy policy supplements other notices and Notice of Privacy Practices and is not intended to override them.

If you do not agree to the terms of this privacy policy, including with respect to (a) the collection and processing of health information (as defined below), (b) the collection and processing of your geo-location data, (c) our cookies policy, (d) cross-border transfer of data and (e) California privacy rights, and (f) marketing, please do not click “Get Started” or “Signup” and do not use the Application.

Controller

Unless you are advised otherwise, AZOVA Inc. is the data controller for the Application and in relation to information you provide when using our Services, and is the company responsible for processing your data.

We have appointed a data protection officer (“DPO”) who is responsible for overseeing questions in relation to this privacy policy. If you have any questions about this privacy policy, including any requests to exercise your legal rights, please contact the DPO using the contact details set out at the end of this privacy policy.

Children Under 18

Our Application is intended for use by persons 18 years of age and older. Under no circumstances should the Application be used by children under 14 years of age, and we will not knowingly collect personal information from any person we know to be in this age group. If you are using the Application for the benefit of a child, please do not provide information relating to such child unless you have obtained the child’s parents’ or guardians’ consent, including their consent to this privacy policy. If you discover that your child has been using the Application without your consent, or that someone has been using the Application for or on behalf of your child without your consent, please email us at privacy@azova.com and we will take reasonable steps to delete the child’s information from our active databases.

2. PERSONAL INFORMATION WE COLLECT

When you contact us through the Application, correspond with us or otherwise use our services, we may collect a range of personal data:

  • Identity Data, including first name, last name, username or similar identifier, title, date of birth and gender;
  • Contact Data, including address, email address and telephone numbers;
  • Medical Data, including information about your physical and mental health, symptoms and treatments;
  • Financial and Transaction Data, including payment details and other information about services you have purchased from us;
  • Technical Data, including internet protocol (IP) address, your login data, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform and other technology on the devices you use to access the Application and our Services;
  • Usage Data, including information about how you use the Application and our Services;
  • Marketing and Communications Data, including your preferences in receiving marketing from us and our third parties and your communication preferences; and
  • Location Data, consisting of location and similar data sent from your devices. You can turn off this functionality at any time by turning off the location services settings for the Application on the device. If you use these services, you consent to us and our licensees’ transmission, collection, retention, maintenance, processing and use of your location data and queries to provide and improve location-based products and services.

We use different methods to collect data from and about you including through:

  • Direct interactions, such as you filling in forms on the Application or corresponding with us by post, phone, email or otherwise, or when our representatives meet with you in person; and
  • Automated technologies or interactions, as you interact with our Application, we may automatically collect Technical Data about your equipment, browsing actions and patterns.

3. AUTOMATIC DATA COLLECTION

We will only use your personal data when the law allows us to. Most commonly, we will use your personal data in the following circumstances:

  • Where we need to perform a contract we are about to enter into or have entered into with you;
  • Where it is necessary for our legitimate interests (or those of a third party) and your interests and fundamental rights do not override those interests;
  • Where we need to comply with a legal or regulatory obligation; or
  • Where it is necessary in order to protect a vital interests which is essential for your life or the life of another person.

Generally, we do not rely on consent as a legal basis for processing your personal data, other than in relation to sending third party direct marketing communications to you via email or text message. You have the right to withdraw consent to marketing at any time.

We use your personal information to respond to your enquiries, operate the Application, deliver the Services you have requested and pursue breaches of the Terms of Use and other policies. We may also use it to develop and improve our products and services as well as for internal purposes, such as auditing, data analytics and research. We will not sell, rent or lease the data we capture to third parties, but we may disclose it in the circumstances set out below in “Disclosure to third parties”.

We have set out below, in a table format, a description of all the ways we plan to use your personal data, and which of the legal bases we rely on to do so. We have also identified what our legitimate interests are where appropriate.

Purpose/Activity Type of Data Lawful basis for processing including basis of legitimate interest
To respond to an expression of interest in our services. a) Identity
(b) Contact
(c) Technical
(d) Marketing and Communications
Necessary for our legitimate interests (to respond to potential sales enquiries).
To register an account on the Application. (a) Identity
(b) Contact
(c) Transaction
Performance of a contract.
To provide you with medical services. (a) Identity
(b) Contact
(c) Transaction
(d) Medical
(e) Location
Performance of a contract.
To provide reports to your doctor and other medical professionals. (a) Identity
(b) Contact
(c) Medical
Performance of a contract.
To report concerns about your vital interests to other medical professionals. (a) Identity
(b) Contact
(c) Medical
To protect your vital interests.
To administer and protect our business, services and the Application, including troubleshooting, data analysis, testing, system maintenance, support, reporting and hosting of data, co-operate with regulators or comply with a legal obligation, and deal with disputes and legal claims. (a) Identity
(b) Contact
(c) Transaction
(d) Technical
(e) Usage
(f) Medical
(g) Location
(a) Necessary for our legitimate interests (for running our business, provision of administration and IT services, network security, to prevent fraud and in the context of a business reorganisation or group restructuring exercise).
(b) Necessary to comply with a legal obligation.
To use data analytics to improve our Application, products/services, marketing, customer relationships and experiences. (a) Technical
(b) Usage
(c) Location
Necessary for our legitimate interests (to define types of customers for our products and services, to keep our Website or App updated and relevant, to develop our business and to inform our marketing strategy).
To make suggestions and recommendations to you about goods or services that may be of interest to you. (a) Identity
(b) Contact
(c) Technical
(d) Usage
(e) Location
Necessary for our legitimate interests (to develop our products/services and grow our business).

When using the Application, your personal information will be visible to all healthcare providers with whom you register for an appointment, send a secure message to or with whom you interact or share your personal information with in any way on the Application. Your vaccination history and your medical history will be shared with all healthcare professionals or pharmacists with whom you register for an appointment and that, if you register for any service with a school on the Application, your vaccination records will be shared with that school. Your personal information may be shared with healthcare professionals located in other states and jurisdictions for purposes of virtual consults and medical record sharing as is necessary to carry out patient care on your behalf. If your health care provider discloses your PHI, he or she will obtain your consent for such disclosure, to the extent required by state law.

You may send an invitation to join AZOVA’s platform to family members, friends, healthcare professionals, pharmacists. You may also send an invitation to be your “health helper” by means of the Application, so that such supporter will receive alerts regarding your compliance with your health goals, recommended treatment plans or medication regime. By sending such invitation, you represent that you have the right to contact the health helpers and that you consent to our sending your personal information and your health information and medication adhe

4. PERSONAL INFORMATION WE COLLECT BY AUTOMATED MEANS

Sites: We collect information about your use of our Sites (IP address, type of computing or mobile device you use, language of your operating system, the Internet browser you are using, geo-location and use of the Sites) through the use of various technologies, such as cookies, web beacons and navigational data collection (log files, server logs, clickstream).

Apps: When you download and install any of our Apps onto a mobile device, we assign a random number to your App installation. We do not use this number to identify you personally unless you choose to become a registered user of the App. We use this random number in a manner similar to our use of cookies as described in this privacy policy. Because the random number is assigned to your installation of the App itself, it cannot be removed through the settings of your App or your device. If you do not want us to use the random number for the purposes for which we use cookies, please do not install our App. Instead, please use your mobile device browser to access our Sites.

A cookie is a small piece of text that is sent to a visitor’s browser. The browser provides this piece of text to the device of the originating visitor when this visitor returns. We use cookies to help personalize your AZOVA experience. A “persistent” cookie may be used to help save your settings and customizations. Also, if you log in to a Site, such a cookie may be used to recognize you as a valid user so you will not need to login each time you use a Site. Most web browsers automatically accept cookies, but allow you to modify security settings so that you can approve or reject cookies on a case-by-case basis or reject all cookies. You can configure your web browser to remove cookies by following the directions provided in your Internet browser’s “help” section.

Also, you are free to delete any existing cookies at any time. If you delete or disable cookies from our Sites, some parts or functions of the Sites may not work properly for you.

Our Sites may use analytics to create statistical reports. These reports would tell us, for example, how many users visited our Sites, what pages have been browsed, and from what geographic regions users visited the Sites. The information collected through the use of analytics may include, for example, your IP address, the website from which you visited us, the type of device you used and your search query that led you to the Sites. Your IP address is masked on our systems and will only be used on a need-to-know basis to resolve technical issues, to administer our Sites and to understand visitor preferences. Traffic information on our Sites is accessed only by authorized personnel. We do not use any of this information to directly identify visitors. We process personal information for these purposes because we have a legitimate interest in understanding how our Sites are used.

AZOVA use and transfer to any other app of information received from Google APIs will adhere to Google API Services User Data Policy, including the Limited Use requirements.

5. ADVERTISING

We may use how you browse and shop in order to show you ads for AZOVA or our advertising partners that are more relevant to your interests. We may use cookies and other information to provide relevant interest-based advertising to you. Interest-based ads are ads presented to you based on your browsing behavior in order to provide you with ads more tailored to your interests. These interest-based ads may be presented to you while you are browsing our site or third-party sites not owned by AZOVA. We belong to ad networks that may use your browsing history across participating websites to show you interest-based advertisements on those websites. If your browser sends a “do not track” signal or similar mechanism to indicate you do not wish to be tracked or receive interest-based ads, we will comply with your request. You can opt-out of receiving interest-based ads from us at any time by emailing us at support@azovahealth.com. To learn more about interest-based advertisements and your opt-out rights and options, visit the Digital Advertising Alliance and the Network Advertising Initiative websites (aboutads.info and www.networkadvertising.org). Please note that if you choose to opt out, you will continue to see ads on our Sites, but they will not be based on how you browse and shop.

6. INFORMATION WE SHARE

We do not sell, rent, trade or otherwise disclose personal information visitors submit through our Application, except as described in this privacy policy. We may share your information among AZOVA Inc. related entities for the purposes described in this privacy policy. We also may share the information with our marketing and advertising partners, who may communicate with you about other services, events and topics.

Additionally, we may share your information with service providers we have retained to perform services on our behalf (e.g., laboratories, prescription drug providers, and other clinically relevant companies), that help us process orders, and fulfil and deliver products and services that you purchase from or through us. We may use third parties to help host our Application, send out email updates about the Application, remove repetitive information from our user lists, and process payments. These service providers are not authorized by us to use or disclose the information except as necessary to perform services on our behalf or to comply with legal requirements.

In addition, we may disclose information about you (i) if we are required to do so by law or pursuant to legal process, such as under the Health Insurance Portability Act (“HIPAA”) (for example, we may disclose your information as necessary to comply with an authorized civil, criminal or regulatory investigation), (ii) in response to a request from law enforcement authorities or other government officials, or (iii) when we believe disclosure is necessary or appropriate to prevent physical harm or financial loss or in connection with an investigation of suspected or actual illegal activity.

We reserve the right to transfer any information we have about you in the event we sell or transfer all or a portion of our business or assets. Should such a sale or transfer occur, we will use reasonable efforts to try to require that the transferee use personal information you have provided through this website in a manner that is consistent with this privacy policy.

7. HEALTHCARE PRIVACY AND SECURITY RULES

As a Business Associate of health care providers that are Covered Entities under the federal healthcare privacy and security rules (HIPAA and HITECH), we maintain your Personal Health Information (PHI) in compliance with these rules and our contractual obligations with health care providers. We share information with health care providers who provide services to individuals, and they share information with us, for purposes related to treatment, payment and health care operations, and otherwise as agreed or authorized by you. Currently our main focus is providing a platform to allow individuals to receive telehealth Services from various healthcare providers and to serve as a platform upon which various healthcare providers can administer telemedicine services to patients. We collect your personal information solely for the purposes of providing the Services, marketing and promoting our Services to you, and for market research data. By agreeing to our Terms of Use and using our services you are consenting to the use of your personal data in this manner. We also give you the opportunity to “opt out” of receiving direct marketing or market research information by emailing us at privacy@azova.com. If we use PHI for direct marketing or market research purposes, we will ask you for your authorization.

8. LINKS TO OTHER SITES

Occasionally we provide links to other websites for your convenience and information. These websites operate independently from our Application and are not under our control. These sites may have their own privacy notices or terms of use, which we strongly suggest you review if you visit any linked websites. We are not responsible for the content of these sites, any products or services that may be offered through these sites, or any other use of the linked sites.

9. HOW WE PROTECT PERSONAL INFORMATION

We maintain administrative, technical and physical safeguards for the Application designed to protect against loss, misuse or unauthorized access, disclosure, alteration or destruction of the personal information we collect through our Application. However, you should keep in mind that no Internet transmission is ever completely secure. We maintain a high level of data protection via safeguards such as data backup, audit controls, access controls, and some data encryption. We use account information in a password-protected environment as a security measure to protect your data. Our Application and Services use industry standard SSL encryption to enhance the security of electronic data transmissions.

In addition, we urge you to take precautionary measures in maintaining the integrity of your data. Please be responsible in making sure no one can see or has access to your personal account and login/password information. If you use a public computer, e.g., at a library or a university, always remember to logout of the Application. If you use our Application or Services through your employer’s computer network or through a potentially non-secure internet connection, such use is at your own risk. We are not responsible for your handling, sharing, re-sharing and/or distribution of your personal or personal health information.

10. INFORMATION WE TRANSFER

Our Application may link to or refer to websites or mobile device applications that we do not control. Any Personal Information you provide on the linked pages is provided directly to this third party and is subject to this third party’s provider’s privacy policy. This Privacy Policy does not apply to such other websites or applications, and we are not responsible for the privacy practices or content of any website or application not controlled by us. If you have any concerns, we urge you to review the terms of those other websites or applications for more information about their applicable policies.

11. HOW LONG WE KEEP INFORMATION

We will keep your personal information for the time period necessary to achieve the purposes outlined in this privacy policy, taking into account applicable statute of limitation periods and records retention requirements under applicable law.

12. YOUR RIGHTS

Subject to applicable law, you have the right to request access to and rectification of the personal information we maintain about you, to request the restriction of the processing of your personal information, or to object to that processing on grounds relating to your particular situation. In addition, you may have the right to request erasure of your personal information in certain circumstances provided by applicable law. Subject to applicable law, where technically feasible, upon written request and verifiable identification, we will provide you with a copy of your personal information in a structured, commonly used, machine-readable format.

To exercise these rights, please contact us as indicated below. Depending upon where you are located, for example in the European Union, you may lodge a complaint with a data protection authority if you are not satisfied with our response. We would, however, appreciate the opportunity to deal with your concerns before you approach a data protection authority, so please contact us in the first instance.

You can close your online patient account by sending an e-mail message to request account closure to cancel@azovahealth.com. You will no longer have access to any of the information on your AZOVA account. AZOVA will not be able to restore access to this account in any way. Any person or provider with whom you have communicated or shared information via your AZOVA account or with whom you have had an appointment on AZOVA will continue to have access to your records, communication and data. If you would like to request that the information you have shared with any healthcare professional be deleted, you must contact that healthcare professional directly and make the request.

13. CALIFORNIA PRIVACY RIGHTS

Under California’s “Shine the Light” law, California residents who provide personal information in obtaining products or services for personal, family or household use are entitled to request and obtain from us once a calendar year information about the customer information we shared, if any, with other businesses with which we shared customer information for the immediately prior calendar. To obtain this information, please email us with “Request for California Privacy Information” on the subject line and in the body of your message. We will provide the requested information to you at your email address in response. Please be aware that not all information sharing is covered by the “Shine the Light” requirements and only information on covered sharing will be included in our response.

14. UPDATES TO OUR PRIVACY POLICY

We may update or change this privacy policy from time to time and without prior notice to you. We will post a prominent notice on this web page to notify you of any significant changes to our privacy policy, or we may send them to you via email where we deem appropriate, and indicate at the top of this policy when it was most recently updated. You will always have the ability to stop using the service as explained above.

15. REPRESENTATION FOR DATA SUBJECTS IN THE EU

We value your privacy and your rights as a data subject and have therefore appointed Prighter as our privacy representative and your point of contact. Prighter gives you an easy way to exercise your privacy-related rights (e.g. requests to access or erase personal data).

16. HOW TO CONTACT US

If you have any questions about this privacy policy or our privacy practices, please contact our DPO in the following ways:

Full name of legal entity: AZOVA Inc.

Email address: support@AZOVAhealth.com or privacy@azovahealth.com

Phone: 844-MY-AZOVA

Postal address: 144 S. Main Street, Alpine, UT 84004