Privacy Policy


Please note that by using this website, our web and mobile applications, or other services provided by DocBuddy Inc., a Colorado corporation (together, the Services), you are accepting the practices described in this Privacy Policy. This Privacy Policy is a part of and incorporated into the Terms of Use (Terms of Use) applicable to the Services. By visiting or using the Services, in whole or in part, you accept the practices described in this Privacy Policy. If you do not agree to the terms of this Privacy Policy, please do not use the Services. Each time you use the Services, you should check the date of this Privacy Policy and review any changes that have been made since your last use of the Services.

Last Updated April 11, 2018
Purpose

This Privacy Policy discloses our information gathering and dissemination practices with respect to the Services. Please read this Privacy Policy carefully. We have also created this Privacy Policy to demonstrate our commitment to privacy. We recognize that when you provide us with information about yourself that you trust us to act in a responsible manner with that information. We are committed to making sure we earn and keep that trust.

What We Collect

The following describes the types of personal and other information that DocBuddy may collect about you, the organization you represent, and patients treated by you or by an affiliated organization, as well as how we may use and maintain that information, including, but not limited to:

Registration. Before you can use certain functionality offered through the Services, we may ask that you register with DocBuddy and provide your email address, a password, your first and last name, your institutional affiliations, other contact information, and personal details. We request this information for identification purposes, to communicate with you regarding your account, and to facilitate the functioning of certain aspects of the Services. We may keep this information indefinitely.

Forms. To fully employ the Services, you may be required to fill out forms that collect contain personal information including but not limited to your name, address, telephone number, DEA number, account information, employment, and other personal information relevant to a patient’s health insurance coverage, diagnosis and treatment.

Medical Records. For medical professionals to provide care to their patients, we may collect data concerning such patients, including but not limited to standard medical and clinical data, test results, insurance claim data, eligibility data, enrollment data, health risk assessment data, billing information, and electronic health record data. We may keep this information indefinitely in de-identified form.

Correspondence. If you correspond with us via email, we may gather in a file specific to you the information that you submit. We may keep this information indefinitely.

URL and IP addresses. Like many other websites, we collect information about the use and navigation of our Services. This information helps us to design our Services to better suit our users’ needs. For example, our Services will track the URL that you visited before you came to our website(s), the URL to which you next go and your Internet Protocol (IP) address. We may use your IP address to help diagnose problems with our server and to administer our Services. Your IP address also is used to help identify you and to gather broad demographic information.

Information Collected with Cookies. Like most providers of web and mobile applications, we use cookies in connection with certain aspects of our Services, including pages of our website. Cookies make using the Internet easier by, among other things, saving preferences for you. For example, a cookie may let our Services remember that you’ve registered, which allows us to speed up your future activities with our Services, and which allows you to enter your registration information less frequently while using our Services. We may also use cookies to deliver content tailored to your interests. Cookies may enable us or our affiliates to relate your use of our Services to personally identifying information that you previously submitted, such as calling you by name when you use our Services at a later date. If your browser or mobile device are set to reject cookies, or if your browser notifies you that you are about to receive a cookie and you reject it, then your use of the Services may not be as efficient or as enjoyable as it would be if the cookie were enabled. The information that we collect with cookies allows us to improve our marketing and promotional efforts, to statistically analyze usage of our Services, to improve our content and product offerings and to customize content provided through the Services, as well as the layout of such Services. However, we only use information collected with cookies on an aggregated basis without the use of any information that personally identifies you.

Sharing of Information with Third Parties

We will not share, rent, sell or otherwise disclose any of the personally identifiable information that we collect about you, your organization(s), or your patients, except when we have your permission or in any of the following situations:

  • We may disclose information that we collect about you or your patients to affiliates, vendors, and suppliers who perform services for us in order to provide certain services, to complete or confirm a transaction that you conduct with us, or to correct errors in our services.
  • We may disclose the results of aggregated data about you for marketing or promotional purposes (for instance, that a certain percentage of our Service’s users are living in the United States). In these situations, we do not disclose to these entities any information that could be used to personally identify you. Certain information, such as your password, is not disclosed to marketing advertisers at all, even in aggregate form.
  • We may disclose information about you as part of a merger, acquisition or other sale or transfer of its assets or business. We do not guarantee that any entity receiving such information in connection with one of these transactions will comply with all terms of this policy.
  • We may disclose information about you, your affiliated healthcare organizations, or your patients for purposes such as to provide services to you; to enforce our client’s rights; to protect against actual or potential fraud; to resolve our users’ inquiries or disputes; to receive payments; to carry out our business; to protect the confidentiality or security of our records; to enable our service providers to perform marketing services on our behalf and inform members about our own products or services; to transmit protected health information (PHI) to one or more electronic health records systems used by you, your employers, or an affiliated healthcare organization; and to comply with federal or state laws and other applicable legal requirements.
  • We may be legally obligated to disclose information about you to the government or to third parties under certain circumstances, such as in connection with illegal activity in our Services or to respond to a subpoena, court order or other legal process. We reserve the right to release information that we collect to law enforcement or other government officials, as we, in our sole and absolute discretion, deem necessary or appropriate.

If you use our Services or services outside of the United States, information that we collect about you may be transferred to servers inside the United States and maintained indefinitely, which may involve the transfer of information out of countries located in the European Economic Area. By allowing us to collect information about you, you consent to such transfer and processing of your data.

Security Measures

Our Services require users to give us unique identifiers in order to log into many areas of our Services. We utilize these unique identifiers to verify the user’s identity and eligibility, in order to protect our members from the release of sensitive or personally identifiable information to unauthorized users. To help protect the privacy of data you transmit through our Services or through a mobile device, where personally identifiable information is requested, we also use technology designed to encrypt the information that you input before it is sent to us using Secure Sockets Layer (SSL) technology or similar encryption technology. In addition, we take steps to protect the data we collect against unauthorized access. However, you should keep in mind that our Services are run on software, hardware and networks, any component of which may, from time to time, require maintenance or experience problems or breaches of security beyond our control.

Please also be aware that despite our best intentions and the guidelines outlined in this Privacy Policy, no data transmission over the Internet or encryption method can be guaranteed to be 100% secure.

Correcting or Updating Information Collected About You

You may correct or update information collected about you by managing your account profile or by contacting us at the email or mailing address noted below. We will use reasonable efforts to update our records. For our records, we may retain original and updated information for reasons such as technical constraints, dispute resolution, troubleshooting and agreement enforcement.

Linked Sites and other third parties

This Privacy Policy only addresses the use and disclosure of information we collect from you. You should be aware that when you are using our Services, you can be directed to other websites or mobile applications that are beyond our control, and we are not responsible for the privacy practices of third parties or the content of linked websites. We encourage you to read the posted privacy policy whenever interacting with any website.

Changes to this Privacy Policy

We reserve the right to update this Privacy Policy from time to time. Please visit this page periodically so that you will be apprised of any changes.

Use of the Services by Children

We do not knowingly collect or maintain personally identifiable information from persons under 13 years old, and no part of our Services are directed to persons under 13. IF YOU ARE UNDER 13 YEARS OF AGE, PLEASE DO NOT USE OR ACCESS OUR SERVICES AT ANY TIME OR IN ANY MANNER. If we learn that personally identifiable information of persons less than 13 years old has been collected without verifiable parental consent, then we will take appropriate steps to delete this information.

Governing Law

By choosing to use our Services, or otherwise provide information to us, you agree that any dispute over privacy or the terms contained in this Privacy Policy will be governed by the law of the State of Colorado, without reference to principles of conflicts of law. You also agree to abide by any limitation on damages contained in our Terms of Service or other agreement that we have with you.

Contacting Us

If you have any questions about this Privacy Policy, or need to reach us for any other reason, you may contact us by e-mail at support@docbuddy.com

Additional Information About this Privacy Policy

The policies indicated in this Privacy Policy will remain effective, even if your access to the Services is terminated, to the extent we retain information about you. We may change this Privacy Policy at any time and will inform you of any changes as required by law or regulation.

Information about Particular Third-Party services used by DocBuddy
Google Analytics (Google Inc.)

Google Analytics is a web analysis service provided by Google Inc. Google uses collected data to track and examine the use of our website(s), to prepare reports on its activities, and share them with other Google services. Google may use the data it collects to contextualize and personalize the ads of its own advertising network.

Google Analytics Privacy Policy
Display Advertising extension for Google Analytics (Google Inc.)

The use of Google Analytics in connection with our Services might use Google’s Interest-based advertising, 3rd-party audience data and information from the DoubleClick Cookie to extend analytics with demographics, interests and ads interaction data.

Google Analytics Privacy Policy
Firebase

We use Google Firebase to send notifications to users of the Android version of our software. Firebase may collect data about you regarding engagement with our application, what kind of device you are using, your location, and other data regarding you and your use of our Services.

Development and Crash Reporting Tools

We may capture and disclose data about you and your use of the Services in order to develop, test, and refine our offerings using tools and services developed by third parties. Such third-party tools include but are not limited to Bitrise, BugSnag, FireBase, and Pusher, among others.

Bitrise Privacy Policy
BugSnag Privacy Policy
FireBase Privacy Policy
Pusher Privacy Poiicy
Apple

If enabled by you, the iOS version of our mobile application Services may use Apple iCloud for the storage and syncing of DocBuddy data. Similarly, if enabled by you, we may use data collected by Apple Analytics to help us better understand how our users use our Services.

Apple Privacy Policy
Cloud Hosting Services

We may store content that you disclose to us on virtual servers owned by third parties, including but not limited to Amazon Web Services (each, a Cloud Service Provider). A Cloud Service Provider may disclose, move, access, or use data disclosed by you in accordance with the agreements between DocBuddy and such Cloud Service Providers, as well as the terms of service or privacy policies of such Cloud Service Providers.

AWS Privacy Policy
Transfer of PHI

We may use, in limited instances, certain third-party services (each, an Integration Platform) to transfer PHI between our systems and electronic health records systems licensed or accessed by your affiliated healthcare organization. In connection with our use of an Integration Platform, if any, we may disclose and transmit PHI to the owner or licensee of such an Integration Platform, as well as information regarding software, devices, and network configurations used by you or your affiliated healthcare organization, for the purposes of providing services to you or your affiliated healthcare organization.

Voice Recognition

Certain aspects of our services require you to enter speech data in order to use and derive the benefits of our software applications. These applications collect and transmit the speech data you input into the software applications. One or more third parties acting under our direction, pursuant to confidentiality agreements, use the speech data to develop, tune, enhance, and improve their services and products. Neither DocBuddy nor its vendors will use the contents of any speech data provided to us through your use of DocBuddy services for any purpose except as set forth above. Speech Data means the audio files, associated text and transcriptions and log files provided by you here under or generated in connection with our applications, and may include personal information or PHI.