Effective Date: April 1, 2020 | Last Updated: April 1, 2020
Real Patient Solutions, Inc. d/b/a HelloPatients and its affiliates (collectively “HelloPatients”, “we”, “us”, “our” and “ourselves”) respect your privacy. We offer services that enable platforms and merchants to run businesses, and to safely conduct online payment transactions.
Irrespective of which country you live in, you authorize us to transfer, store, and use your information in the United States, and any other country where we operate. In some of these countries, the privacy and data protection laws and rules regarding when government authorities may access data may vary from those in the country where you live. Learn more about our data transfer operations in the “International Transfer” section below. If you do not agree to the transfer, storage and use of your information in the United States, and any other country where we operate, please do not use the Sites or Services.
HelloPatients provides payments and other products and services for commercial and non-commercial enterprises. Those products and services include payment card processing, point-of-sale terminal management and support, merchant accounting and funds transfer. As a part of our payment processing function and other products and services, we routinely collect and retain personal information about our customers and the third parties with whom our customers do business. For our customers, additional information about disclosures, transfers and other processing of personal information as part of our payment processing function may be set out in the documentation provided to them at or before onboarding. “You” may be a visitor to one of our websites, a user of one or more of our Services (“User” or “HelloPatients User”), or a customer of a User (“Customer”). If you are a Customer, HelloPatients will generally not collect your Personal Data directly from you. Your agreement with the relevant HelloPatients User should explain how the HelloPatients User shares your Personal Data with HelloPatients, and if you have questions about this sharing, then you should direct those questions to the HelloPatients User.
- Site Visitors – If you visit or use our Sites, we may collect Personal Data. For example, we collect Personal Data that you submit to us via online forms and surveys, and when you contact us by email.
- Fraud prevention activities and activities for offering a compliant and secure platform – The collection and use of Personal Data is critical in helping us to ensure that our platform and services are safe, secure and compliant. In the context of fraud monitoring, prevention and detection services, we may monitor insights and patterns of payment transactions and other online signals to reduce the risk of fraud, money laundering and other harmful activity for ourselves, our Users and their Customers. The HelloPatients entities responsible for the collection and use of Personal Data for fraud monitoring, detection and prevention activities are indicated below.
- Collecting Data
We collect Personal Data in the following ways:
- Information You Give to Us
You may choose to provide us with personal data about yourself, including your name, phone number and email address, by completing forms on our website or mobile app, such as:
- When you register for a HelloPatients account we collect your full name, email address, and account log-in credentials.
- When you fill-in our online form to contact our sales team, we collect your full name, work email, country, and anything else you tell us about your project, needs and timeline.
- When you use the “Remember Me” feature for checkout or other services, we collect your email address, payment card number, CVC code and expiration date.
- When you apply for a job with us, we may collect your past job history and professional experience, current job title and information and educational history and
- Your date of birth and government identifiers associated with you and your organization (such as your social security number, tax number, or Employer Identification Number).
- When you make payments or conduct transactions through a HelloPatients User’s website or application, we will receive your transaction information. Depending on how the HelloPatients User implements our Services, we may receive this information directly from you, or from the HelloPatients User or third parties.
- The information that we collect will include payment method information (such as credit or debit card number, or bank account information), purchase amount, date of purchase, and payment method. Different payment methods may require the collection of different categories of information. The HelloPatients User will determine the payment methods that it enables you to use, and the payment method information that we collect will depend upon the payment method that you choose to use from the list of available payment methods that are offered to you by the HelloPatients User. When you make a transaction, we may also receive your name, email, billing or shipping address and in some cases your transaction history to authenticate you.
- You may also choose to submit information to us via other methods, including: (i) in response to marketing or other communications, (ii) through social media or online forums, (iii) through participation in an offer, program or promotion, in connection with an actual or potential business relationship with us, or (iv) by giving us your business card or contact details at trade shows or other events.
You may also provide us with Personal Data about yourself when your report a problem or have a question about our services. Please note that if you do not provide us with Personal Data, your ability to use certain aspects of our products and services may be limited.
- Information We Obtain from Your Use of Our Services
We collect certain information automatically, such as your operating system version, browser type, and internet service provider. When you use our Site, we automatically collect and store this information in service logs. This includes: details of how you used our Site; Internet protocol address; and cookies that uniquely identify your browser. We may also collect and process information about your actual location. The information we collect automatically is statistical data and may or may not include Personal Data, but we may maintain it or associate it with Personal Data we collect in other ways or receive from third parties. When we conduct fraud monitoring, prevention and detection activities, we may also receive Personal Data about you from our business partners, financial service providers, identity verification services, and publicly available sources (e.g., name, address, phone number, country), as necessary to confirm your identity and prevent fraud. Our fraud monitoring, detection and prevention services may use technology that helps us assess the risk associated with an attempted transaction that is enabled on the HelloPatients User’s website or the application that collects information.
- Information Received from a Healthcare or Other Service Provider
We may obtain personal information about you from a health plan, physician, health care professional, hospital, clinic, laboratory, pharmacy, medical facility, or other health care provider that has provided payment, treatment, or services to you or on your behalf. HelloPatients may receive information about you with your consent from your health provider.
- Cookies and Similar Technologies
We and our partners use various technologies to collect and store information when you visit one of our services, and this may include using cookies or similar technologies to identify your browser or device. We also use these technologies to collect and store information when you interact with services from our partners, such as advertising services. Our third party advertising and analytics partners include Google, [describe any other third party advertising or analytics partners].
The technologies we use for this automatic data collection may include:
Web Beacons. Pages of our services or our e-mails may contain small electronic files known as web beacons (also referred to as clear gifs, pixel tags and single-pixel gifs) that permit us, for example, to count users who have visited those pages or opened an e-mail and for other related website statistics (for example, recording the popularity of certain website content and verifying system and server integrity).
- Use of Data
We use your personal data in ways that are compatible with the purposes for which it was collected or authorized by you, including for the following purposes:
- To contact you regarding any inquiry you make or to fulfill a request, such as, for example, a request for information about our products and services;
- To improve and personalize your experience when you use our Sites;
- To improve our products and services and for the development of future products and services;
- For internal record keeping and administration of records;
- For auditing related to a current interaction with the consumer and concurrent transactions, including, but not limited to, counting ad impressions to unique visitors, verifying positioning and quality of ad impressions, and auditing compliance with laws and other standards;
- For detecting security incidents, protecting against malicious, deceptive, fraudulent, or illegal activity, and prosecuting those responsible for that activity
- For internal research for technological development and demonstration;
- To verify or maintain the quality or safety of our products and services and to improve, upgrade, or enhance our services;
- To contact you by email and, if you have signed up for the service, to share e-newsletter or any other updates, communications or publications;
- For direct marketing purposes subject to your consent if required by applicable law (see “Managing Your Preferences” below);
- As necessary to set up and administer your sign up to, and use of, the log in facility available on the Sites; and
- For compliance with applicable laws and/or regulations and as otherwise required or permitted by applicable laws and/or regulations.
- For any other lawful purpose.
We use information collected from cookies and other technologies, to improve your user experience and the overall quality of our services. We may use your personal information to see which web pages you visit at our Site, which web site you visited before coming to our Site, and where you go after you leave our Site. We can then develop statistics that help us understand how our visitors use our Site and how to improve it. We may also use the information we obtain about you in other ways for which we provide specific notice at the time of collection.
- Disclosing & Sharing Data
We may share your Personal Data as outlined below and for any other lawful purpose. We share Personal Data with the following entities and third parties:
- any of our group companies or affiliates – to ensure the proper administration of your website and business;
- our employees, agents and/or professional advisors – to obtain advice from professional advisers;
- Our Service providers – we share Personal Data with a limited number of our service providers. We have service providers that provide services on our behalf, such as identity verification services, website hosting, data analysis, information technology and related infrastructure, customer service, email delivery, and auditing services. These service providers may need to access Personal Data to perform their services. We authorize such service providers to use or disclose the Personal Data only as necessary to perform services on our behalf or comply with legal requirements. We require such service providers to contractually commit to protect the security and confidentiality of Personal Data they process on our behalf. Our service providers are predominantly located in the United States of America;
- Your service providers – we share Personal Data with your third-party service providers in connection with the Services, including but not limited to any of your healthcare providers using or interacting with our Services.
- Business partners – we share Personal Data with third party business partners when this is necessary to provide our Services to our Users. Examples of third parties to whom we may disclose Personal Data for this purpose are banks and payment method providers (such as credit card networks) when we provide payment processing services, and the professional services firms that we partner with to deliver Services;
- Corporate transactions – in the event that we enter into, or intend to enter into, a transaction that alters the structure of our business, such as a reorganization, merger, sale, joint venture, assignment, transfer, change of control, or other disposition of all or any portion of our business, assets or stock, we may share Personal Data with third parties for the purpose of facilitating and completing the transaction;
- To regulators including state and federal agencies, card payment networks, issuing banks and other parties required to enable compliance with laws, regulations and industry standards related to transaction processing in order to obtain commercial and credit information to establish, maintain or renew a customer’s contract(s), as may be required to provide any of the services for which a customer has subscribed, to comply with the rules and regulations of any credit or debit card payment network or otherwise in accordance with this policy; and
- To law enforcement, courts and other relevant parties in response to a court order or a request for cooperation from a regulatory, law enforcement or other government agency; to establish or exercise our legal rights; to defend legal claims; as otherwise required or permitted by applicable laws and/or regulations; when we believe that disclosure is appropriate in connection with efforts to investigate, prevent, or take action regarding actual or suspected illegal activity, fraud, or other wrongdoing; or to protect and defend the rights, property or safety of HelloPatients, its customers, staff, suppliers or others.
- Data Security & Retention
We make reasonable efforts to ensure a level of security appropriate to the risk associated with the processing of Personal Data. We maintain organizational, technical and administrative measures designed to protect Personal Data within our organization against unauthorized access, destruction, loss, alteration or misuse. Your Personal Data is only accessible to a limited number of personnel who need access to the information to perform their duties. Unfortunately, no data transmission or storage system can be guaranteed to be 100% secure. If you have reason to believe that your interaction with us is no longer secure (for example, if you feel that the security of your account has been compromised), please contact us immediately.
If you are a HelloPatients User, we retain your Personal Data as long as we are providing the Services to you. We retain Personal Data after we cease providing Services to you, even if you close your HelloPatients account, to the extent necessary to comply with our legal and regulatory obligations, and for the purpose of fraud monitoring, detection and prevention. We also retain Personal Data to comply with our tax, accounting, and financial reporting obligations, where we are required to retain the data by our contractual commitments to our financial partners, and where data retention is mandated by the payment methods that we support. Where we retain data, we do so in accordance with any limitation periods and records retention obligations that are imposed by applicable law.
Even if we delete your Data, it may persist on backup or archival media for legal, tax or regulatory purposes.
- We will use technical and organizational measures to safeguard you Data, for example:
- access to your account is controlled by a password and a username that is unique to you.
- access to Website occurs only over a secured channel and may require two-factor authentication (2FA).
- we store your Data on secure servers and use the third party software component for access management security, which has been evaluated as conformant with the U.S. Federal Information Processing Standard (FIPS) 140-2 standards.
- payment details are encrypted using SSL (Secure Socket Layer) or TLS (Transport Layer Security) technology (typically you will see a lock icon or green address bar (or both) in your browser when we use this technology.
- We adhere and/or are certified to the Payment Card Industry Data Security Standard (PCI DSS). This family of standards helps us manage your Data and keep it secure.
- Technical and organizational measures include measures to deal with any suspected data breach. If you suspect any misuse or loss or unauthorized access to your Data, please let us know immediately by contacting us via this e-mail address: email@example.com.
- HIPAA Authorization
- Use by Minors
The Site is not intended for use by children. We do not intentionally gather Personal Data about United States visitors who are under the age of 13 or about European Union, United Kingdom or Swiss visitors who are under the age of 16. If a child has provided us with Personal Data, a parent or guardian of that child may contact us to have the information deleted from our records. If you believe that we might have any information from a child under the ages of 13 or 16 in the applicable jurisdictions, please contact us at firstname.lastname@example.org. If we learn that we have inadvertently collected the personal information of a child under 13, or equivalent minimum age depending on jurisdiction, we will take steps to delete the information as soon as possible.
- Links to Other Websites
The Services may provide the ability to connect to other websites. These websites may operate independently from us and may have their own privacy notices or policies, which we strongly suggest you review. If any linked website is not owned or controlled by us, we are not responsible for its content, any use of the website or the privacy practices of the operator of the website.
- California “Shine the Light” Law
California Civil Code Section § 1798.83 permits Users of our Site that are California residents to request certain information regarding our disclosure of personal information to third parties for their direct marketing purposes. To make such a request, please write to us at the address listed in the “Contact Us” section below. We do not disclose personal information to third parties for the third parties’ direct marketing purposes.
- International Transfer
- Contact Us
Send email to: email@example.com
Send mail to our address:
Real Patient Solutions, Inc.
53 Longbow Lane
Springfield, IL, 62704
- “Cookies” means a small text file placed on your computer by this Website when you visit certain parts of the Website and/or when you use certain features of the Website. Details of the cookies used by this Website are set out in the clause below (Cookies that we use);
- “Data” means all information that you submit to HelloPatients via the Sites. This definition incorporates, where applicable, the definitions provided in applicable data protection laws;
- “User” or “you” means any third party that accesses the Website and is not either (i) employed by HelloPatients and acting in the course of their employment or (ii) engaged as a consultant or otherwise providing services to HelloPatients and accessing the Website in connection with the provision of such services; and