AI-Powered EMR: Smarter Data, Simplified Workflows, Better Care – Launching Soon!
Follow Us On:
Linkedin-in Youtube
Login
Book a Demo

IrisInsights Privacy Policy

IrisInsights (also referred to as “we”, “our”, “us”, “Company”) operates [IrisInsights App] (the “IrisInsights.us”) to provide an interactive portal by which patients and providers communicate, inform, and assess ongoing patient care. We are committed to protecting the privacy of all persons using the Site. 

This Privacy Policy describes users of how IrisInsights and its affiliates gather and use personal information collected by us or through the Site. More information on the use of the IrisInsights patient engagement platform is included in our Terms of Use may be found at [Irisinsights.us]

By downloading and using the Site, You understand and hereby expressly consent to the terms set forth in this “Privacy Policy” and the related Terms of Use for the purposes set forth herein. “You” or “Your” or similar terms refer to you as a user of the Site. By accepting our Privacy Policy during registration, or by using the Site, you expressly consent to our collection, use, disclosure, storage, and processing of your Personal Information (as defined below) in accordance with this Privacy Policy.

While utilizing this Site and associated application(s), IrisInsights may integrate tags to provide patient specific information and improve the user experience.  Downloading the IrisInsights patient application(s) will require a digital signature that will create a binding agreement of which the Privacy Policy and Terms of Use are a part. IrisInsights policies may change. Changes shall be posted on this site and communicated via the application(s) while in use. Continuing to utilize the IrisInsights platforms following notification of these changes shall infer acceptance of the changes.

1. What Information Do We Collect?

This Privacy Policy covers how we treat your personally identifiable information that could be used to identify you (“Personal Information”) that we collect, receive, maintain, store, or transmit including, but not limited to, information you transmit or submit in connection with your use of, or interaction with, the Site. Your Personal Information includes, but is not limited to, information that individually identifies you or is information about you that can be traced back to you, your IP address, or your location. It may include, but is not limited to, your name, address, email address, phone number, other contact information, and any information you choose to share via the Site. 

We collect your Personal Information whenever you interact with us and when you visit our Site. Generally, we will collect and process the following information:

  • Account Registration Information: When you create an account with us, you provide us with certain personally identifiable information, including but not limited to full name, address, email address and your telephone number. You may also voluntarily provide us with additional personal data that will enhance your user experience.
  • Interaction Information: We collect information relating to our interactions with you make including information about procedures, health, demographics, and equipment usage. Providing Personal Information for individuals other than yourself may violate the law. Personal information collected by the IrisInsights application(s), including responses, recordings, and digital integrations, shall be considered protected. Content not identified as user specific may not be considered protected information.
  • Customer Feedback and Support: We will process the information that you give us whenever you contact us. We may make a copy of any correspondence with you for our training and quality purposes.
  • Marketing Opt-ins and Opt-outs: We will process information about you when you have agreed to receive marketing and promotional material from us.
    Device Information: We collect, but do not save, your device ID; IP address; device type; operating system and version; general geographic location (from your IP address); browser type; screen resolution; device manufacturer and model; language; and interaction with QR codes. You may control some of this information through your device settings.
  • Authorized Users and Authorized Providers: Caregivers and family members (“Authorized Individuals”) may be permitted to access and view your information via IrisInsights. Authorized individuals, including health care providers, may provide and view information via the IrisInsights application(s).
  • We also automatically collect certain information when you access, use, or interact with us. We generally collect the following information:
    • Device Information: We collect your device ID; IP address; device type; operating system and version; general geographic location (from your IP address); browser type; screen resolution; device manufacturer and model; language; You may control some of this information through your device settings.
    • Usage Information: We collect information about your interaction with our Services.
    • Log Information: While accessing IrisInsights, certain information may be recorded that document the interaction. Information requests, features access, date, time, and other unique identifiers may be collected. Device information may also be collected, including type, operating system version, and device identification. Personal Information as created via an IP address or identified device may be shared with third parties as expressed in this privacy policy.

2. What Do We Do With the Information We Collect?

We will ask you for Personal Information in certain fields on the Site or in the Surveys that we need for you to use the Services. The Personal Information we collect is used only for the purpose we state at the time of collection or for purposes listed below. For example, our uses may include, but are not limited to, the following:

  • To manage internal business practices
  • To provide support or other services
  • To provide information based on your needs and respond to your requests
  • To administer products and services
  • To select content, improve quality, and facilitate the use of our Site and Services
  • To assess usage of products and services
  • To communicate with you about events
  • To update you on relevant products, services, and opportunities
  • To engage with third parties
  • To protect our content and services from illegal or harmful activities
  • To get feedback and input from you
  • To protect our information assets as well as your personal data
  • To assist in business sales or mergers
  • To comply with Laws, Regulations, legal proves or other government or law enforcement requests
  • To enforce our Terms of Use, including investigation of potential violations
  • To detect, prevent, or otherwise address fraud, security or technical issues

To the extent that we collect certain demographic information about you, we may use this information in our market research, but we will do so only after we “anonymize” the data, i.e., remove information that would confirm your identity. We will not use your Personal Information, however, to send commercial or marketing messages to you unless we have your continued consent for which you will have the ability to opt out by sending an email to support@irisinisghts.us.

3. Who Can Use the Information We Collect and How?

IrisInsights may share information with compliant partners necessary to complete information requests and maintain the functionality of the IrisInsights application(s). Compliant partners may only use information for its intended purpose. “Compliant Partners” are third-party service providers that provide limited services to help us operate the Site, which may include (not an exhaustive list):

  • Data hosting and storage providers, i.e., cloud hosting providers such as Amazon Web Services (AWS) or Microsoft Azure.
  • Technology Service Providers, i.e., integrated tools in the Site that give the Site more functionality such as technology to help us provide live audio, video and group meetings.
  • Customer Service Providers, i.e., tools that help us track requests and inquires from users of the Site, visitors and providers.
  • Email management and communication Service Providers, i.e., providers of tools that allow easy communication between you and us.
  • Billing and Payment processing Service Providers.
  • Reporting and analytics Service Providers (as discussed in Section 5 of this Privacy Policy) to help us keep track of which pages and features of the Site are used most often.
  • Advisors and lawyers to assist with business matters.

We may also provide your personal data to third parties, or third parties may collect personal data from you on our behalf if we have contracted with that third party to provide some part of the information or service that you have requested. Other than those who act on our behalf, and except as explained in this Policy, personal data you provide to us will not be transferred to unrelated third parties, unless we have a legal basis to do so. However, please note that the personal data you transmit to us may be subject to disclosure pursuant to judicial or other government subpoenas, warrants, or orders.

Authorized individuals and providers will have access to IrisInsights for the management of your information. It is the primary user’s responsibility to designate and terminate each authorized user. Authorized providers will be provided access credentials for the primary user’s Personal Information. IrisInsights is not responsible for how authorized individuals and providers manage the primary user’s information.

4. What Are Your Rights Regarding Your Personal Data?

We respect your right to access and control your personal data. You have choices about the data we collect. When you are asked to provide personal data that is not necessary for the purposes of providing you with our Products and Services, you may decline. However, if you choose not to provide data that is necessary to provide a particular service or product, you may not have access to certain features on our website. 

Please note that your privacy rights may be specific to the state in which you reside. In the list below, we identify the states where certain privacy rights differ or are absent and describe the difference or omission.

  1. Access to Personal Data: You have the right to request access to your personal data. In these cases, we will comply, subject to any relevant legal requirements and exemptions, including identity verification procedures. Before providing data to you, we will ask for proof of identity and sufficient information about your interaction with us so that we can locate any relevant data. We may also charge you a fee for providing you with a copy of your data (except where this is not permissible under applicable law). This right is available in all states with consumer privacy laws currently in effect.

  2. Correction and Deletion: In some jurisdictions, you have the right to correct or amend your Personal Information if it is inaccurate or requires updating. You may also have the right to request deletion of your Personal Information. Please note that such a request could be refused because your Personal Information is required to provide you with the products or services you requested, e.g., to deliver a product or send an invoice to your email address, or because it is required by the applicable law. Iowa (effective Jan. 1, 2025) and Utah do not provide individuals with the right to correct. Other than those two states, the right to correct is available in all states with consumer privacy laws currently in effect. If you believe that any of your information is incorrect, incomplete, or out-of-date, you can update your personal details through your account with us, or by contacting support@irisinisghts.us.

  3. Opt-Out of certain data processing: In some jurisdictions, you have the right to restrict a business’s ability to process Personal Information about the consumer. Residents of New Hampshire (effective Jan. 01, 2025) have this right. Residents of California have the right to opt out of certain data processing for sensitive data, which is defined below in “Right to Opt-Out.” Residents of Colorado, Connecticut, Delaware (effective Jan. 1, 2025), Montana (effective Oct. 1, 2024), Nebraska (effective Jan. 15, 2025), New Jersey (effective Jan. 15, 2025), Oregon, Utah, and Virginia have the right to opt out of processing for profiling/targeted advertising purposes. Residents of Iowa do not have this right.

  4. Right to Opt-Out: There is a right to opt out of collecting sensitive personal information in California. Under the California Consumer Privacy Act (“CCPA”) sensitive personal information (“SPI”) is defined as personal information that reveals the following: (1) a consumer’s social security, driver’s license, state identification card, or passport number; (2) a consumer’s account log-in, financial account, debit card, or credit card number in combination with any required security or access code, password, or credentials allowing access to an account; (3) a consumer’s precise geolocation; (4) a consumer’s racial or ethnic origin, religious or philosophical beliefs, or union membership; (5) the contents of a consumer’s mail, email, and text messages unless the business is the intended recipient of the communication; (6) a consumer’s genetic data; (7) the processing of biometric information for the purpose of uniquely identifying a consumer; (8) personal information collected and analyzed concerning a consumer’s health.; and (9) personal information collected and analyzed concerning a consumer’s sex life or sexual orientation. SPI that is “publicly available” is not considered sensitive personal information or personal information. IrisInsights [does or does not] process SPI (as that term is defined under the CCPA) when collecting your account information. Because we limit our use of SPI to what is necessary to perform the services reasonably expected by you, California residents would not have the right to limit this use. Importantly, we do not process Personal Information for profiling or targeted advertising. Under other current U.S. state privacy laws (Colorado, Connecticut, New Jersey, and Virginia) account information (login and password) is not defined as SPI.

  5. Right to Opt-In: Except for California, Iowa, and Utah, current U.S. state privacy laws (Connecticut, Colorado, New Jersey, and Virginia) require organizations to obtain affirmative opt-in consent to collect and use SPI.

  6. Right to Opt-Out of Sales: The California CCPA defines a “sale” as the disclosure of personal information for monetary or other valuable consideration. We do not share, sell, rent, or trade your Personal Information with third parties for commercial purposes or for monetary or other gain, and we do not share Personal Information for cross-context behavioral advertising within the scope of CCPA or sell or share Personal Information of California residents 16 years of age and younger
    Suppose you are a California, Connecticut, Colorado, Delaware, Iowa, Montana, Nebraska, New Hampshire, New Jersey, Oregon, Utah, or Virginia, resident and have an established business relationship with us and want to receive information about how to exercise your third-party disclosure choices. In that case, you must send a request to the following address with a preference on how our response to your request should be sent (email or postal mail). You may contact us in two ways.

      1. Send an email to support@irisinisghts.us
      2. Alternatively, you may contact us at:     
        IrisInsights
        Royal Oak, MI. 48067
        Attn: Your [insert your state of residence] Privacy Rights
        c/o Privacy Administrator

    For requests sent via email you must put the statement “Your [insert your state of residence] Privacy Rights” in the subject field of your email. All requests sent via postal mail must be labeled “Your [insert your state of residence] Privacy Rights” on the envelope or post card and clearly stated on the actual request. For all requests, please include your name, street address, city, state, and zip code. (Your street address is optional if you wish to receive a response to your request via email. Please include your zip code for our own record-keeping.) We will not accept requests via the telephone or by facsimile. We are not responsible for responding to notices that are not labeled or not sent properly, or do not have complete information.

    If you are a California resident under the age of 18, California Business and Professions Code Section 22581 permits you to request and obtain removal of content or information you have publicly posted. Please be aware that such a request does not ensure complete or comprehensive removal of the content or information you have posted and that there may be circumstances in which the law does not require or allow removal even if requested.

    In addition, if we process your Personal Information in reliance upon your consent, you can still contact us at any time to withdraw your consent.
    We will respond to all legitimate requests within 30 days. If you exercise your right to: (1) opt out of the sale, (2) opt out of the sharing, or (3) to limit the use of SPI (assuming that we even have your SPI), we will cease using and disclosing the SPI as soon as feasibly possible. Requests that fall into these three categories will be fulfilled within 15 days of the request.

  7. Sensitive data processing: In some jurisdictions, applicable U.S. state privacy laws require organizations to obtain affirmative opt-in consent to collect and use SPI. Residents of Colorado, Connecticut, Delaware, Montana, Nebraska, New Hampshire, New Jersey, Oregon, and Virginia have this right, basically requiring individuals to consent to the collection and use of their SPI. Residents of California do not have this right, but they may limit the use of SPI to that which is necessary to perform the services. Residents of Iowa and Utah must be presented with clear notice and an opportunity to opt-out of such processing, otherwise they will be subject to an opt-in default.

  8. Portability: You have the right to ask for a copy of your personal data and/or ask for it to be ported to another provider of your choice. Please note that such a request could be limited only to the personal data you provided to us or that we hold at that given time and subject to any relevant legal requirements and exemptions, including identity verification procedures. Residents of California, Colorado, Connecticut, Delaware, Iowa, Montana, Nebraska, New Hampshire, New Jersey, Oregon, Utah, and Virginia have the right to request Personal Information about the consumer be disclosed in a common file format.

  9. Automated decision making: In some jurisdictions, residents have the right to opt out of certain automated decision making. Residents of California and Delaware have this right. Residents of Colorado, Connecticut, Montana, Nebraska, New Hampshire, New Jersey, Oregon, and Virginia only have the right to opt out of certain automated decision-making. Residents of Iowa and Utah do not have this right.

  10. Private right of action: In some jurisdictions, residents may seek civil damages from a business for violations of a statute. Residents of California have a private right of action limited to certain violations only. Residents of Colorado, Connecticut, Delaware, Iowa, Montana, Nebraska, New Hampshire, New Jersey, Oregon, Utah, and Virginia do not have this right.

  11. Marketing preferences: If you have provided us with your contact information, we may, subject to any applicable Spam Act or similar regulation, contact you via email, postal mail, or telephone about our Products, Services, or events that may be of interest to you, including newsletters.
    If you receive email communications from us, we will provide you with an unsubscribe link allowing you to opt-out of receiving future email or to change your contact preferences. Email communications may also include a link to directly update and manage your marketing preferences. If you have an online account with us, you can also change your contact preferences through email. Please remember that even if you opt out of receiving marketing emails, we may still send you important information related to your accounts.

  12. Right to Non-Discrimination: We will not discriminate against you for exercising your consumer rights under applicable privacy laws. Email communications you receive from us will provide you with an unsubscribe link allowing you to opt-out of receiving future email or to change your contact preferences. Email communications may also include a link to directly update and manage your marketing preferences. See Section 7 for how to manage your contact preferences. Please remember that even if you opt out of receiving marketing emails, we may still send you important information related to your account.

5. How Do You Opt-out of Personal Information Sharing with Our Business Partners?

We may use third party analytics vendors to evaluate and provide us with information about the use of our Services and viewing our content. Some of the information you see about our Products and Services may be customized based on automated predictions about your interests, which predictions are generated from your visits over time and across different websites using tools such as Google Analytics and Facebook Pixel. This information allows us to create content of greater interest to you and can also be used to serve ads based on your past visits to our website. Note that you can opt out of a third-party vendor’s use of cookies, including use by Google and Facebook/Meta, by visiting the Network Advertising Initiative opt-out page (http://www.networkadvertising.org/choices/).

For more information about how targeted Network Advertising works, please visit: http://www.youradchoices.com/ or http://www.networkadvertising.org/understanding-online-advertising.

  1. Google Analytics: We may use Google Analytics, a web analytics service provided by Google, Inc. (“Google”) to collect certain information relating to your use of the Site Google Analytics uses cookies to analyze how users use the Service. You can find out more about how Google uses data by visiting the following website: www.google.com/policies/privacy/partners/. We may also use Google Analytics Advertising Features or other advertising networks to provide you with interest-based advertising based on your online activity. For more information regarding Google Analytics please visit Google’s website, and pages that describe Google Analytics, such as www.google.com/analytics/learn/privacy.html.

  2. Facebook Pixel: We may use Facebook Pixel, a web analytics and advertising service provided by Facebook Inc. (“Facebook”) with our Site. The Facebook Pixel service uses cookies, pixel tags and other storage and tracking technology to collect or receive information from our Site based on your usage activity. Facebook uses that information to provide us with marketing and advertising services, including targeted ads, and reports that help us measure the effectiveness of our ads. Using this service, we can keep track of what users do after they see or click on a Facebook advertisement, keep track of users who access our Service or advertisements from different devices, and better provide advertisements to our target audiences. The data from Facebook Pixel is also saved and processed by Facebook. Facebook can connect this data with your Facebook account and use it for its own and others advertising purposes, in accordance with Facebook’s Data Policy found at https://www.facebook.com/about/privacy/. Please click here if you would like to withdraw your consent for use of your data with Facebook Pixel https://www.facebook.com/settings/?tab=ads#_=_.

    You may opt-out of third-party targeted advertising or analytics in two ways: (1) By directly notifying a Network Advertising service provider via its opt-out tools (please see above), or (2) using your browser’s Do Not Track (DNT) settings to indicate that you do not wish to receive targeted advertising based on your overall internet usage. For more information about DNT and how it works, please visit the Future of Privacy Forum’s website: http://www.allaboutdnt.com/.

    We will make a good faith reasonable effort to honor your DNT browser settings for opting out of receiving targeted third-party advertising based on your overall Internet usage. Please note that various browsers frequently update their technology or change their settings and business practices without advance notice, and we may not have the latest information on how to honor your preferences. If you exercise either opt-out option – the cookie opt-out or the browser opt-out – you will continue to receive advertising, but such advertising may not relate to your specific interests, previous purchases, or search history.

    However, you cannot opt-out of our contextual analytics and advertising, which is based solely on your usage of our Services. We will continue to provide you with contextual advertising. We will also continue to monitor your usage and search or transaction history to provide us with analytics on how well our Services, features, and activities are functioning and used. In addition, we will share this information in an aggregated or anonymized form (meaning that no one individual person can be identified) for our internal use.

    You can also opt out of our marketing emails at any time by contacting us at [support@irisinisghts.us] or by sending us a post card to “OPT OUT”, IrisInsights, Royal Oak, MI. 48067.

6. How Do We Protect the Personal Data We Collect?

We are committed to protecting the security of your personal data. Depending on the circumstances, we may hold your information in hard copy and/or electronic form. In either situation, we use technologies and procedures to protect your personal data. We review our strategies and methods update them as necessary to meet our business needs, changes in technology, and regulatory requirements. We take our security obligations seriously and so should you. While we are responsible for maintaining the security of our websites and Services, you must also access and use the Services in a manner that is responsible and secure. In addition, we have implemented a series of policies, procedures, and training to address data protection, confidentiality, and security, and we update and review the appropriateness of these measures on a regular basis. 

We will take reasonable security measures to protect against unauthorized access to or unauthorized alteration, disclosure or destruction of data. However, we cannot guarantee its absolute security or that unauthorized persons will not access or use your Personal Information for improper purposes. In the event of a breach of security affecting Personal Information or data on our servers, we will take such notification and other steps as may be required under applicable law. You hereby agree that we may send you notices via email unless otherwise required by applicable law.

7. Where is Your Information Stored?

We store data on cloud-based servers located in the United States through Microsoft Azure. Information regarding Microsoft Azure data protection is available on its website at: Data Privacy in the Trusted Cloud | Microsoft Azure.

8. How Long Do We Retain the Data?

We retain personal data for as long as necessary to provide our Services and fulfill the transactions you have requested, or for other business purposes such as complying with our legal obligations, resolving disputes, and enforcing our agreements. 

Direct communications via phone, email, or fax may be retained to aid in our quality improvement efforts. We are required by law to keep some types of information for certain periods of time (e.g., statute of limitations). If your personal data is no longer necessary for the legal or business purposes for which it is processed, then we will generally destroy or anonymize that information.

9. What is Our Policy if You Are an Underage Child?

We understand the importance of protecting the privacy of all individuals, especially the very young. Our services are intended for United States audiences over the age of 18. Our Site and its Services are not directed to children, and you may not use our Services if you are under the age of 13. You must also be old enough to consent to the processing of your personal data in the country or state where you live (in some countries, parents or guardians may consent on your behalf). Using our Services is restricted to adults who are either 18 years of age or older or as otherwise legally defined by the country or state where you live. 

10. What Happens When You Link to a Third-Party Web Site?

If you click on a link and go to another site, you will be subject to that website’s privacy policy. We encourage you to read the posted privacy policy statement at any website before submitting any personal data. 

11. What Happens When We Update Our Privacy Policy?

We may update our Privacy Policy from time to time to keep current with evolving legal requirements. Your acceptance of any minor changes to this Privacy Policy is indicated by your continued use of our Services. If we make any material changes to our Privacy Policy, we will post a notice about the change at a prominent location on our Site. We encourage you to periodically review our Site and this Privacy Policy for any changes. 

12. What If You Have Questions?

If you have questions or concerns regarding anything in this Privacy Policy, please feel free to send us an email at [support@irisinisghts.us]

13. Additional Information Regarding Your California Privacy Rights

We have adopted the following disclosures to comply with the California Consumer Privacy Act of 2018, as amended, its implementing regulations (“CCPA”) and other California privacy laws. Any terms defined in the CCPA, other California privacy laws, or in our Privacy Policy have the same meaning when used in this Notice. 

This California Privacy Notice (“Notice”) applies to “Consumers” as defined by the California Consumer Privacy Act (“CCPA”) as a supplement to other privacy policies or notices that we may issue. In the event of a conflict between any of our other policies, statements, or notices and this Notice, this Notice will prevail with regard to California Consumers and their rights under the CCPA.

Consistent with the CCPA, job applicants, current and former employees and contractors, and subjects of certain business-to-business communications acting solely in their capacity as representatives of another business, are not considered Consumers for purposes of this Notice or the rights described herein.

14. Information We Collect and How We Use It

We collect personal data that identifies, relates to, describes, references, is capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer or device (“personal data”). 

Personal information tracking and collection will discontinue upon the termination of your use of IrisInsights.

The following is a description of our data collection practices, including the personal data we collect, the source of that information, the purposes for which we collect information, and whether we disclose that information to external parties. We may use any and all of the information for any purposes described in this Privacy Notice.

  1. PERSONAL IDENTIFIERS
    • We collect your name, phone number, and email address when you create an account with us or providing to us through your Authorized Agent. We use this information to provide our Services, respond to your requests.
    • We collect a unique numerical identifier, assigned to you by a first-party cookie, automatically when you use our Services in order to identify you, provide our services, prevent fraud, and provide you with targeted information.
    • We collect your IP address automatically when you use our Services. We use this information to identify you, gauge online activity on our mobile application(s), and measure the effectiveness of online services, application(s)s, and tools.
    • We collect your Device ID automatically when you use our Services. We use this information to monitor your use and the effectiveness of our Services, and to identify you.

  2. Personal DATA protected against security breaches (Cal. Civ. Code § 1798.80(e))
    • We collect your name, phone number when you create an account with us or provided to us through your Authorized User. We use this information to provide our Services, respond to your requests.
    • We collect health and other medical information directly from you when you respond via the survey and when you participate in therapy or other treatment with a provider. We use this information to provide you with the Service and to better calibrate our assessment tool.
    • We may collect information about your health insurance from your employer if a referral to another provider is necessary.

  3. PROTECTED CLASSIFIED INFORMATION
    • We collect information about your age and date of birth when you create an account with us or when your employer provides us with this information. We use this information to provide you with the Service and to better calibrate our assessment tool.
    • We collect information about current and potential physical disabilities that you may have. We use this information to provide you with the Service and to better calibrate our assessment tool.
    • We collection information about your gender when you create an account with use or when your employer provides us with this information. We use this information to provide you with the Service and to better calibrate our assessment tool.

  4. COMMERCIAL INFORMATION
    • When you engage with us, we create records of your interactions with us and the Services provided. We use this information to measure the effectiveness of our Services and use this information to better calibrate our assessment tool.

  5. INTERNET OR OTHER SIMILAR NETWORK ACTIVITY
    • We collect information about your browsing history, search history, and information regarding your interaction with our Site.

  6. GEOLOCATION
    • As described above, we collect your IP address automatically when you use our Site. We can determine your general location based on the IP address.

  7. AUDIO/VIDEO DATA
    • If you contact us via phone, we may record the call. We will notify you if a call is being recorded at the beginning of the call. We do not collect your image or any thermal, olfactory, or similar information.

  8. EDUCATION INFORMATION
    • We do not collect any information about the institutions you have attended. We may ask you for information regarding the level of education you have attained as part of marketing surveys or the level of education you have attained.

  9. BIODATA
    • We collect information about your physiological, biological, and/or behavioral characteristics for purposes of our outcomes algorithm and remote patient monitoring, such as pain scores, satisfaction scores, demographics, and app usage behaviors.

  10. INFERENCES DRAWN FROM OTHER PERSONAL DATA
    • We analyze all data and create profiles. We use this information to improve our Services and to better calibrate our assessment and engagement tools.
    • When we disclose personal data for a business purpose, we enter into an agreement that describes the purpose of the agreement and requires the recipient of the personal data both to keep it confidential and to not use it for any purpose except to perform the contract. The CCPA prohibits third parties who purchase the personal data we hold for you from reselling it unless you have received explicit notice and an opportunity to opt-out of further sales.

Either we or our Service Providers also may use your information for the following Business Purposes (as defined in the CCPA) on a day-to-day basis:

  • Auditing related to a current interaction with the consumer and concurrent transactions, including, but not limited to, counting ad impressions to unique visitors, verifying positioning and quality of ad impressions, and auditing compliance with this specification and other standards.
  • Detecting security incidents, protecting against malicious, deceptive, fraudulent, or illegal activity, and prosecuting those responsible for that activity.
  • Debugging to identify and repair errors that impair existing intended functionality.
  • Short-term, transient use, provided that the personal data is not disclosed to another third party and is not used to build a profile about a consumer or otherwise alter an individual consumer’s experience outside the current interaction, including, but not limited to, the contextual customization of ads shown as part of the same interaction.
  • Performing services on behalf of the business or service provider, including maintaining or servicing accounts, providing customer service, processing or fulfilling orders and transactions, verifying customer information, processing payments, providing financing, providing advertising or marketing services, providing analytic services, or providing similar services on behalf of the business or service provider.
  • Undertaking internal research for technological development and demonstration.
  • Undertaking activities to verify or maintain the quality or safety of a service or device that is owned, manufactured, manufactured for, or controlled by the business, and to improve, upgrade, or enhance the service or device that is owned, manufactured, manufactured for, or controlled by the business.

15. Do We “Sell” Your Personal Data?

We do not “sell” your personal data as currently defined under the CCPA, meaning that we do not rent, disclose, release, transfer, make available or otherwise communicate your personal data to a third party for monetary or other valuable consideration. We will not sell your personal data unless we modify this Privacy Policy and take the additional steps required under the CCPA.

16. How to Exercise Your Rights Under the CCPA

Under the CCPA you have the right to find out about the personal data that we have collected and how that information has been used or disclosed. You also have the right to request that we delete your personal data (subject to certain exceptions, including information that we are legally required to retain as noted in Section 16.ii, below). If you wish to exercise any of the rights listed below, or if you would like additional information, please contact us at [support@irisinisghts.us].

a. The Right to Access and Know About Personal Data Collected, Disclosed

You have the right to request that we disclose certain information to you about our collection and use of your personal data over the past 12 months. Once we receive and confirm your verifiable consumer request, we will disclose to you:

  • The categories of personal data we collected about you.
  • The categories of sources for the personal data we collected about you.
  • Our business or commercial purpose for collecting or selling that personal data.
  • The categories of third parties with whom we share that personal data.
  • The specific pieces of personal data we collected about you (also called a data portability request).
  • If we disclosed your personal data for a business purpose, identifying the personal data categories that each category of recipient obtained.

For data portability requests, we will select a format to provide your personal data that is readily useable and should allow you to transmit the information from one entity to another entity without hindrance.

b. The Right to Request Deletion of Your Personal Data

Subject to certain exceptions, you have the right to request that we delete any or all of the personal data that we collected from you and retained over the past 12 months. Once we receive and confirm your verifiable consumer request, we will delete (and direct our service providers to delete) your personal data from our records, unless an exception applies. You may request that only a portion of your personal data be deleted.

We may deny all or part of your deletion request if retaining your personal data is necessary for us or our Service Providers to:

  • Complete the transaction for which we collected the personal data, provide a service that you requested, take actions reasonably anticipated based on our ongoing business relationship with you, or otherwise perform our agreement with you;
  • Detect security incidents, protect against malicious, deceptive, fraudulent, or illegal activity, or prosecute those responsible for such activities;
  • Debug products to identify and repair errors that impair existing intended functionality;
  • Exercise free speech or ensure the right of another consumer to exercise their right of free speech or other right provided for by law;
  • Enable solely internal uses that are reasonably aligned with consumer expectations based on your relationship with us;
  • Comply with law or a legal obligation; or
  • Otherwise use your personal data internally, in a lawful manner that is compatible with the context in which you provide the information.

c. The Right to Opt-Out of the Sale or Sharing of Your Personal Data

  • We do not sell your personal data, therefore, we do not offer an opt-out.

d. The Right to Non-Discrimination

  • We will not discriminate against you for exercising any of your CCPA rights, and will not engage in the following behaviors:
  • Denying you goods or services
  • Charging you different prices or rates for goods or services, including through granting discounts or other benefits, or imposing penalties
  • Providing you a different level or quality of goods or services
  • Suggesting that you may receive a different price or rate for goods or services or a different level or quality of goods or services

e. Exercising Your Rights

  • When you exercise these rights and submit a request to us, we will verify your identity by asking for information about your relationship with us, such as your name, email address on file, billing or shipping address, phone number, or order number.
  • We try to respond to a verifiable consumer request within forty-five (45) days of its receipt. If we require more time, we will inform you of the reason and extension period in writing.
  • Any disclosures we provide will only cover the 12-month period preceding your verifiable request’s receipt. The response we provide will also explain the reasons we cannot comply with your request, if applicable.

17. Authorized Agents

You may authorize a natural person, or a business entity registered with the California Secretary of State, to act on your behalf to make a request to know about personal data collected or to delete your personal data. 

To facilitate such an authorization, you must (i) verify your identity to us and provide that authorized agent written permission to make such a request or (ii) provide the authorized agent with power of attorney in your behalf pursuant to the California Probate Code sections 4000 to 4465.

The authorized agent must include those authorizations in your verifiable consumer request.

18. Notice of Financial Incentive

We do not offer any Financial Incentive (as defined by the CCPA) in exchange for your personal data. 

19. Children Under the Age of 16

We do not knowingly collect, solicit, or share personal data from children under the age of 16. If we have knowledge that a child under 16 has submitted personal data in violation of this Policy, we will delete that information as soon as possible. If you believe we may have obtained information in violation of this Policy, please email us at [support@irisinisghts.us]

20. Questions about the CCPA

If you have questions or concerns regarding this statement, you should first contact us via email at [support@irisinisghts.us].

21. Changes to this Privacy Policy

We reserve the right to amend this Privacy Policy at our discretion and at any time. When we make changes to this Privacy Policy, we will post the updated Privacy Policy on the Site and update the Policy’s effective date. Your continued use of our Site following the posting of changes constitutes your acceptance of such changes. If we are required by applicable data protection laws to obtain your consent to any material changes before they come into effect, then we will do so in accordance with law. 

22. Your HIPAA Privacy Rights (If applicable)

We are not a “Covered Entity” as defined in and for the purposes of the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”) and the Health Information Technology for Economic and Clinical Health of 2009 (“HITECH”) and the regulations adopted thereunder (collectively and as may be amended “HIPAA”). However, to the extent applicable, we have put in place appropriate physical, electronic, and administrative safeguards in compliance with federal and state law, including HIPAA, in an effort to help prevent unauthorized access, maintain data security, and correct use of the Personal Information we collect. We cannot, however, ensure or warrant the security of any Personal Information you transmit to us and you do so at your own risk. Once we receive your transmission of information, we use commercially reasonable efforts to ensure the security of our systems. However, please note that this is not a guarantee that such information may not be accessed, disclosed, altered, or destroyed by breach of any of our physical, technical, or administrative safeguards. Furthermore, your individual user account is protected by a password for your privacy and security. To ensure that there is no unauthorized access to your account and Personal Information, we suggest that you safeguard your password appropriately and limit access to your computer and browser by signing off after you have finished accessing your account. 

Some of our users may be HIPAA Covered Entities. If we store, process or transmit individually identifiable health information (as defined under the HIPAA) on behalf of a covered entity, we may do so as “Business Associate” and as set forth in a separate business associate or provider agreement. In such cases, we are obligated to treat the individually identifiable health information in accordance with the applicable health privacy laws, including HIPAA.

If you are not a Covered Entity and you are registering for the Site for your own personal use and not in connection with a Covered Entity (e.g., a hospital or physician/physician practice), you understand and agree that the Site is not a healthcare provider or other “covered entity” for the purposes of HIPAA and that Personal Information provided by you to us or through the Site will not be subject to HIPAA requirements or deemed HIPAA Protected Health Information (“PHI”) for such purposes provided. However, if you are registering for the Site in connection with health care services to be provided by a Covered Entity, as a Business Associate of such Covered Entity, we are obligated to treat any individually identifiable health information provided by you to us or through the Site (and any other individually identifiable health information created, received, maintained, or transmitted by us on behalf of a Covered Entity) in accordance with the applicable Health Privacy Laws. Under the HIPAA privacy regulations, individuals must be informed about how Covered Entities will use or disclose their PHI and given the opportunity to object to or restrict the use or release of their information. If you are a Patient using the Site in connection with your healthcare services (through your healthcare provider), your rights under HIPAA are set forth in the Notice of Privacy Practices provided by your healthcare provider. The Notice will inform you of the ways your healthcare provider and we may use your information and the occasions on which we may disclose this information to others.

The Notice of Privacy Practices will also explain your rights regarding your health information, including:

  • Right to request restriction
  • Right to receive confidential communications
  • Right to inspect and copy your health information
  • Right to amend your health information
  • Right to an accounting of disclosures
  • Right to a paper copy of the notice
  • Right to complain if you feel your privacy has been violated

If you are an Employer Self-Insured Health Plan, Employer On-site Health Clinic or an Employee of an Employer Self-Insured Health Plan or Employer On-site Health Clinic, and have an account with us, we may also qualify as a Business Associate under HIPAA, in which case you may have the following rights regarding your health information that we maintain on behalf of the health plan / employer clinic:

  • Right to inspect and copy your health information
  • Right to amend your health information in our possession
  • Right to an accounting of disclosures
  • Right to complain if you feel your privacy has been violated

If you believe your privacy rights have been violated or have questions regarding this Notice, you may contact the Privacy Officer in writing at:

IrisInsights
Royal Oak, MI. 48067
Attn: Privacy Administrator (Officer)

You may also file a complaint with your Authorized Provider or the Office of Civil Rights, US Department of Health and Human Services, by sending a letter to: 200 Independence Ave. S.W., Washington, D.C 20201; by calling 1.877.696.6775 or by email to: OCRComplaint@hhs.gov.

23. Confidentiality of Substance Use Disorder Records

We are not a program for the treatment of substance use disorders (SUD) for purposes of 42 Code of Federal Regulations Part 2.  If you are a patient using this Site, to the extent the information that you upload to the Site includes protected SUD records, you expressly consent and agree to the use and disclosure of such SUD records by your Authorized Agents and/or any providers to whom you have granted such access rights in the Site. 

24. Cookie Policy

The IrisInsights website, like many other websites, uses small files called cookies to help us customize your browsing experience. Find out more about cookies and how you can control them in the information below. 

This page contains information on what cookies are, the cookies we use, how to switch cookies off in your browser, how to specifically switch off advertising cookies, and some useful links for further reading on the subject. If this Policy does not provide the information you were looking for, or you have any further questions about the use of cookies on our website, please email [support@irisinisghts.us].

a. What are cookies?

Cookies are small text files that are stored by the browser (for example, Edge, Firefox, Chrome, or Safari) on your computer, tablet, or cell phone. They allow websites to store things including your user preferences. Think of cookies as providing a “memory” for the website, so that it can recognize you when you come back and respond appropriately.

b. How do we use cookies?

Listed below are the various types of cookies you may encounter and a description of each type. We only use [insert types] on our Website:

  • Site performance cookies
  • Anonymous analytics cookies
  • Geotargeting cookies
  • Registration cookies
  • Advertising cookies
  • Third party advertising cookies

c. Site performance cookies

This type of cookie remembers your preferences for tools found on our website, so you don’t have to re-set your preferences each time you visit our website. Examples include:

  • Volume settings for a video player
  • Whether you prefer to see new content first
  • Video streaming speeds that are compatible with your browser

d. Anonymous analytics cookies

Every time someone visits our website, software provided by another organization generates an “anonymous analytics cookie.” These cookies can tell us whether or not you have visited our website before. Your browser will tell us if you have these cookies and, if you don’t, we generate new ones. This allows us to track how many individual users we have, and how often they visit our website.

Unless you are signed into some registration feature on our website, we cannot use these cookies to identify you. We use them to gather statistics, for example, the number of visits to a page. If you are logged in, we will also know the details you gave to us for this, such as your username and email address.

e. Geotargeting cookies

These cookies are used by software which tries to work out your location from the information supplied by your browser when you click on a web page. This cookie is completely anonymous, and we only use it to help target our content and advertising.

f. Registration cookies

When you register with us, we generate cookies that let us know whether you are signed in or not. Our servers use these cookies to work out which account you are signed in with, and if you are allowed access to a particular Service. It also allows us to associate any comments you post with your username. If you have not selected “keep me signed in,” your cookies get deleted when you either close your browser or shut down your computer. While you are signed into any of our registration offerings, we combine information from your registration cookies with analytics cookies, which we could use to identify which pages you have seen.

g. Advertising cookies

These cookies allow us to know whether or not you’ve seen a particular ad or a type of advertisement, and how long it is since you’ve seen it. We also use cookies to help us use targeted advertising. We may use cookies set by another organization so we can more accurately target advertising to you. These cookies are anonymous – they store information about what you are looking at on our website, but not about who you are.

h. Third party advertising cookies

Some content you see on our website is provided by other organizations. Some of these organizations use their own anonymous cookies to track how many people have seen a particular ad, or to track how many people have seen it more than once. The companies that generate these cookies have their own privacy policies, and we have no access to read or write these cookies. These organizations may use their cookies to anonymously target advertising to you on other websites, based on your visit to our website.

i. Other third-party cookies

On some pages of our website, other organizations may also set their own anonymous cookies. They do this to track the success of their application, or to customize the application for you. Because of how cookies work, our website cannot access these cookies, and neither can the other organization access the data in cookies we use on our website.

j. How do I turn cookies off?

It is usually possible to stop your browser accepting cookies, or to stop it accepting cookies from a particular website. However, we cannot tell if you are signed in without using cookies, so if you decline all cookies, you would not be able to post comments.

All browsers allow you to change your cookie settings. You can usually find these settings in the Options or Preferences menu of your browser. To understand these settings, the following links may be helpful, or you can use the Help option in your browser for more details.

If you are primarily concerned about third party cookies generated by advertisers, you can turn these off by going to the Your Online Choices site.

You can also visit the trade body representing these advertising platforms for more information: Network Advertising Initiative. The Network Advertising Initiative provides instructions and information on how to opt out of communications: https://www.networkadvertising.org/choices/.

k. Useful links

If you would like to find out more about cookies and their use on the Internet, you may find the following links useful:

The Interactive Advertising Bureau (IAB) is an American advertising business organization that develops industry standards, conducts research, and provides legal support for the online advertising industry. The IAB has provided the following website to give information specifically about privacy issues around Internet advertising: https://www.iab.com/topics/privacy/

For further legal information about privacy issues, you may find these links useful:

  • California Consumer Privacy Act
  • Virginia Consumer Data Protection Act

If you would like to contact us about cookies, please email us: [support@irisinisghts.us].

Happy Educator and adorable kids

Want to know more?

Book a Demo