Privacy policy

Introduction

Medyear is committed to protecting the privacy of our users. Medyear is a private health management platform where you can collect and store your health information in your personal Medyear account. If you choose, you can also share information about particular health issues or problems with your own health care providers or others, such as friends and family. Medyear can also enable some providers to integrate the health information you’ve shared with them into their own Electronic Health Records (EHR). This Privacy Policy details your choices and how your information is protected and shared.

Scope

This Privacy Policy explains how Medyear handles and protects your information. It does not address how your information may be protected, used, or disclosed by any person or entity with whom you choose to share it. We encourage you to make thoughtful choices about how you to choose to share your information with third parties because Medyear cannot control how others handle your information once you have given them access.

Information you provide to us

When you create or modify a Medyear account, you will be asked to create a profile protected by a self-chosen unique username and password.

Profile information: In order to create this profile, we will ask you for personal information including but not limited to your name, address, email address, phone number, date of birth, last four digits of your social security number, and gender.

We also require the following information to verify your identify though a commercially available identity verification service. The information facilitates the accurate matching of your Medyear records with providers’ medical records.

  • A photo of the front and back of your State issued photo identification
  • A selfie, with your explicit consent to be reviewed against your photo identification card; and,
  • Answers to three challenge questions

Identity verification is important so if you choose to share your health information with your providers, they can accurately match you to your records in their files/records.

Payment Method. When you add a credit card or payment method to your Medyear account, a third party that handles payments for us will receive your card information. To keep your financial data secure, we do not store full credit card information on our servers.

If you choose to share information with individuals, companies, or health care providers through Medyear, we will collect contact information about them from you. We will also only share the information you chose to share with them for your selected purpose and duration.

If you contact us, we will clearly have any information that you have provided to us in the communication. Medyear uses the information you have provided to assist you with any issue.

Information we collect when you use Medyear

Device Information: Medyear receives information from Users’ devices, including IP address, web browser type, mobile operating system version, phone carrier and manufacturer, device identifiers, and push notification tokens.

Usage Information: To help us understand how you use Medyear and to help us improve it, we automatically receive information about your interactions within the Medyear app, and the dates and times of your visits.

Information from Cookies and other technologies: We may use cookies, web beacons, and similar technologies to help us verify your identity upon return visits to Medyear, improve your user experience with our services, and improve and measure the effectiveness of our products. We may also use web beacons in communications with you to keep accurate internal logs and to assure proper operation of the service, such as determining if a message to you was delivered and opened. (Cookies are small text files that websites can send to your browser, which your computer stores, that can automatically collect server domain names, IP addresses, type of computer, type of browser, and information about what pages are visited. You can set your browser to decline cookies or notify you before accepting cookies, although if you decline them, the website may not function properly. Web beacons are small bits of code embedded in web pages or emails that can be used to communicate with cookies, count visitors, and understand usage patterns.)

Your choices and information sharing

Some of Medyear’s products, services and features require that we share information with other users or at your request. We may also share your information with our affiliates, subsidiaries and business partners, or for legal reasons or in the event of a dispute.

Medyear gives you meaningful choices about controlling the information you have provided – whom you let see it, how much, and for how long. Your choices include:

  • How much health information you want to create and store yourself (e.g. symptom logs, exercise records, blood pressure readings, blood glucose logs, etc.).
  • How much health information about yourself provided by outside sources you decide to store in your account (e.g. medical lab results, data provided by applications, etc.).
  • How much health information, if any, you want to share with friends and family.
  • How much health information you want to share with your health care providers, if at all. If you do share information with your providers through Medyear, they may be able to respond to you through your Medyear account. They will also be required to use and disclose your health information only if required by federal and state law.
  • Changing any of these preferences and choices at any time; and
  • Closing your account at any time.

Please see our operational FAQs for more details.

Information use and sharing by Medyear

Uses and disclosures

  • We will use the information you provide to provide you services and to take action on your choices about sharing information with individuals and entities.
  • We will use your contact information to communicate with you via email about your account and our services. We will not disclose PHI in emails; instead, we may send an email asking you to log into your account.
  • We will create aggregated and/or de-identified statistical, information about our users or their web usage and may disclose this statistical information when appropriate. These statistics will be aggregated and adhere to the Health Information Portability and Accountability Act (HIPAA) U.S. federal medical privacy law 45 CFR 160, 162, and 164.

In the course of running our business, some information may be shared with third parties subject to contractual and legal controls over how they protect, use, and disclose the information, all of which must be in compliance with HIPAA and our Privacy Policy.

Uses and disclosures we would make only with your consent

  • As described above and in the FAQ, we will only share your personally identifiable information (PII) with individuals, applications, or health care providers at your direction.
  • We will not use or disclose any of your PII for marketing purposes, or to serve you ads related to your health, unless you specifically and explicitly consent. You also may withdraw your consent to future offers or ads at any time.
  • At your request, we may share your information with business partners.

For example, if you requested a service through a partnership or promotional offering made by a third party, Medyear may share your information with those third parties. This may include, for example, other apps or websites that integrate with our APIs or services, or those with an API or service with which we integrate, or business partners with whom Medyear may partner with to deliver a promotion, a contest or a specialized service.

As an example, we might want to offer diabetic users the opportunity to receive targeted offers or ads for diabetic supplies, but we will not do so unless you explicitly tell us you want the offers or ads.

Unusual disclosures we could make without your consent

  • We may disclose information based upon a reasonable belief that the disclosures are required by law, including information requested via subpoenas and court orders. We reserve the right to report what appears to be illegal or fraudulent conduct to the proper authorities.
  • We may disclose information if we reasonably believe the disclosure is needed to respond to a threat of physical harm, to defend or assert legal rights, or in response to an imminent health risk authenticated by a medical professional.
  • If we were to transfer assets or operations in connection with a sale, merger, bankruptcy, or other transaction, we may transfer PII to the merging or acquiring entity. If so, we would make a good faith effort to require your PII remains subject to the same restrictions as in our Privacy Policy. If not, we will make all reasonable efforts to inform you in advance of the transfer so you can close your account and remove your data if you wish.

Access to your information

You can view the information you or others have submitted into your active Medyear account at any time. If you submitted information to us in any other way, we will make commercially reasonable efforts to give you access to your information upon request.

Under California Civil Code Sections 1798.83-1798.84, California residents are entitled to ask us for a notice identifying the categories of personal information which we share with our affiliates and/or third parties for marketing purposes, and providing contact information for such affiliates and/or third parties. If you are a California resident and would like a copy of this notice, please submit a written request at Medyear Contact.

Deletion of your information

If you delete health information from your Medyear account, it becomes inaccessible by you and cannot be viewed by anyone else through the Medyear application. Similarly, if you close your account, all of your health and contact information will become inaccessible by you and cannot be viewed by anyone else through the Medyear application.

There is a limited amount of time after data deletion or account termination it takes to process deletion throughout our system. Backup copies of this data will be removed from our server based upon an automated schedule, which means it may persist in our archive for a short period.

Subject to the exceptions described below, Medyear deletes or anonymizes your information upon request.

Subject to applicable law, Medyear may retain information after account deletion:

  1. If there is an unresolved issue relating to your account, such as an unresolved claim or dispute or fraud, spam and abuse;
  2. If we are required to by applicable law; and/or in aggregated and/or anonymized form.

If you have already shared health information through Medyear with an individual, application, or health care provider, and that person or entity has already saved it, the information will persist in their records. As mentioned above, Medyear does not have access to or control over anything you choose to share with third parties. If you believe that you have shared incorrect information with your provider, you may need to contact them directly to have your information corrected or annotated.

Security

We are committed to keeping personal information secure. We use appropriate technical, administrative, and physical controls to protect personal information from loss, misuse, or alteration. For example, we impose controls that limit internal access to your information. If we share personal information with subcontractors, we subject them to strict contractual and legal controls regarding the protection, use, and disclosure of the information as required by federal law. We use SSL (Secure Sockets Layer) encryption when we transmit personal information through the website.

There is always some risk unauthorized, wrongful, or illegal access to your information could occur or that encryption over the Internet could be intercepted. If a breach of the security of personal information ever occurred, we would provide you with all notifications required by federal and state law.

Because of the sensitivity of information held in Medyear accounts, we urge you to take strong precautions to protect your username and password.

Children

At this time, children under the age of 13 cannot create Medyear accounts or use the Service. We do not knowingly collect or solicit PII from children under 13; if you are a child under 13, please do not attempt to use the Service or send any personal information about yourself to us. If we learn we have collected personal information from a child under 13, we will delete that information as quickly as possible. If you believe that a child under 13 may have provided us personal information, please contact us at Medyear Contact and report the issue.

Business and professional users

This Privacy Statement describes the way user PII is protected and handled. Our Site may contain links to other sites belonging to our business partners (who are not affiliated with us). The inclusion of a provider on our Site does not imply endorsement of the linked provider or service by us. While we try to link only to providers that share our high standards and respect for privacy, we are not responsible for the content, security, or privacy practices employed by other providers. Information you disclose to other parties or through such sites is subject to the privacy and security practices and policies of those parties or sites. Businesses and professionals involved with Medyear should review the terms of any contractual or legal requirements applicable to them.

Updates

Any updates to the Privacy Policy will be dated and posted here. Most updates are expected to reflect ongoing changes in our services, applicable laws, or be editorial in nature. However, if we make material changes in this Privacy Policy, we will email you or post a prominent notice on the Medyear home page at least seven days before the new Privacy Policy takes effect. Your use of the website constitutes your agreement to this Privacy Policy and any updates.

Contact Us

Medyear welcomes your comments. If you have any questions or concerns about our Privacy Policy, our information practices, technical or general support, please contact us at Medyear Contact.

Follow us on

 

Download Medyear app

Sign in to Medyear ×