Privacy Policy

Effective Date: April 1, 2020 | Last Updated: April 1, 2020

Real Patient Solutions, Inc. d/b/a HelloPatients and its affiliates (collectively “HelloPatients”, “we”, “us”, “our” and “ourselves”) respect your privacy. We offer services that enable platforms and merchants to run businesses, and to safely conduct online payment transactions.

This Privacy Policy describes the types of Personal Data we collect through our payments and other products and services (“Services”) and via our online presence, which include our main website at hellopatients.com, HelloPatients-branded apps, as well as services and websites that we enable Internet users to access (collectively, our “Sites”). This policy also describes how we use Personal Data, with whom we share it, your rights and choices, and how you can contact us about our privacy practices. This policy does not apply to third-party websites, products, or services, even if they link to our Services or Sites, and you should consider the privacy practices of those third-parties carefully. “Personal Data” is any information that relates to an identified or identifiable individual.

This Privacy Policy is entered into between you, the User of this Website and HelloPatients, the owner and provider of this Website. HelloPatients takes the privacy of your information very seriously. This Privacy Policy applies to our use of any and all Data collected by us or provided by you in relation to your use of the Website. Capitalized terms in this Privacy Policy are defined in the section headed “Definitions and interpretation” at the end of this Privacy Policy if not otherwise defined in the provisions below.

Please familiarize yourself with our privacy practices and let us know if you have any questions. By using the Sites, you signify your acceptance of this Privacy Policy. If you do not agree to this Privacy Policy, please do not use the Sites.

Irrespective of which country you live in, you authorize us to transfer, store, and use your information in the United States, and any other country where we operate. In some of these countries, the privacy and data protection laws and rules regarding when government authorities may access data may vary from those in the country where you live. Learn more about our data transfer operations in the “International Transfer” section below. If you do not agree to the transfer, storage and use of your information in the United States, and any other country where we operate, please do not use the Sites or Services.

  1. Overview

HelloPatients provides payments and other products and services for commercial and non-commercial enterprises. Those products and services include payment card processing, point-of-sale terminal management and support, merchant accounting and funds transfer. As a part of our payment processing function and other products and services, we routinely collect and retain personal information about our customers and the third parties with whom our customers do business. For our customers, additional information about disclosures, transfers and other processing of personal information as part of our payment processing function may be set out in the documentation provided to them at or before onboarding. “You” may be a visitor to one of our websites, a user of one or more of our Services (“User” or “HelloPatients User”), or a customer of a User (“Customer”). If you are a Customer, HelloPatients will generally not collect your Personal Data directly from you. Your agreement with the relevant HelloPatients User should explain how the HelloPatients User shares your Personal Data with HelloPatients, and if you have questions about this sharing, then you should direct those questions to the HelloPatients User.

  • Site Visitors – If you visit or use our Sites, we may collect Personal Data. For example, we collect Personal Data that you submit to us via online forms and surveys, and when you contact us by email.
  • Payment Processing Services – As a processor of payment transactions and provider of related services, we may collect, use and disclose Personal Data about Customers when we act as a HelloPatients User’s service provider. HelloPatients Users are responsible for making sure that the Customer’s privacy rights are respected, including ensuring appropriate disclosures about third party data collection and use. To the extent that we are acting as a HelloPatients User’s data processor, we will process Personal Data in accordance with the terms of our agreement with the HelloPatients User and the HelloPatients User’s lawful instructions. If you are a Customer and would like to obtain more information about how a HelloPatients User uses third party services like HelloPatients to process your Personal Data in the context of payment transactions, please contact the HelloPatients User directly or visit the HelloPatients User’s privacy policy.
  • Fraud prevention activities and activities for offering a compliant and secure platform – The collection and use of Personal Data is critical in helping us to ensure that our platform and services are safe, secure and compliant. In the context of fraud monitoring, prevention and detection services, we may monitor insights and patterns of payment transactions and other online signals to reduce the risk of fraud, money laundering and other harmful activity for ourselves, our Users and their Customers. The HelloPatients entities responsible for the collection and use of Personal Data for fraud monitoring, detection and prevention activities are indicated below.
  1. Data
    • Collecting Data

We collect Personal Data in the following ways:

  • Information You Give to Us

You may choose to provide us with personal data about yourself, including your name, phone number and email address, by completing forms on our website or mobile app, such as:

  • When you register for a HelloPatients account we collect your full name, email address, and account log-in credentials.
  • When you fill-in our online form to contact our sales team, we collect your full name, work email, country, and anything else you tell us about your project, needs and timeline.
  • When you use the “Remember Me” feature for checkout or other services, we collect your email address, payment card number, CVC code and expiration date.
  • When you apply for a job with us, we may collect your past job history and professional experience, current job title and information and educational history and
  • Your date of birth and government identifiers associated with you and your organization (such as your social security number, tax number, or Employer Identification Number).
  • When you make payments or conduct transactions through a HelloPatients User’s website or application, we will receive your transaction information. Depending on how the HelloPatients User implements our Services, we may receive this information directly from you, or from the HelloPatients User or third parties.
  • The information that we collect will include payment method information (such as credit or debit card number, or bank account information), purchase amount, date of purchase, and payment method. Different payment methods may require the collection of different categories of information. The HelloPatients User will determine the payment methods that it enables you to use, and the payment method information that we collect will depend upon the payment method that you choose to use from the list of available payment methods that are offered to you by the HelloPatients User. When you make a transaction, we may also receive your name, email, billing or shipping address and in some cases your transaction history to authenticate you.
  • You may also choose to submit information to us via other methods, including: (i) in response to marketing or other communications, (ii) through social media or online forums, (iii) through participation in an offer, program or promotion, in connection with an actual or potential business relationship with us, or (iv) by giving us your business card or contact details at trade shows or other events.

You may also provide us with Personal Data about yourself when your report a problem or have a question about our services. Please note that if you do not provide us with Personal Data, your ability to use certain aspects of our products and services may be limited.

  • Information We Obtain from Your Use of Our Services

We collect certain information automatically, such as your operating system version, browser type, and internet service provider. When you use our Site, we automatically collect and store this information in service logs. This includes: details of how you used our Site; Internet protocol address; and cookies that uniquely identify your browser.  We may also collect and process information about your actual location. The information we collect automatically is statistical data and may or may not include Personal Data, but we may maintain it or associate it with Personal Data we collect in other ways or receive from third parties. When we conduct fraud monitoring, prevention and detection activities, we may also receive Personal Data about you from our business partners, financial service providers, identity verification services, and publicly available sources (e.g., name, address, phone number, country), as necessary to confirm your identity and prevent fraud. Our fraud monitoring, detection and prevention services may use technology that helps us assess the risk associated with an attempted transaction that is enabled on the HelloPatients User’s website or the application that collects information.

  • Information Received from a Healthcare or Other Service Provider

We may obtain personal information about you from a health plan, physician, health care professional, hospital, clinic, laboratory, pharmacy, medical facility, or other health care provider that has provided payment, treatment, or services to you or on your behalf. HelloPatients may receive information about you with your consent from your health provider.

  • Cookies and Similar Technologies

We and our partners use various technologies to collect and store information when you visit one of our services, and this may include using cookies or similar technologies to identify your browser or device. We also use these technologies to collect and store information when you interact with services from our partners, such as advertising services. Our third party advertising and analytics partners include Google, [describe any other third party advertising or analytics partners].

The technologies we use for this automatic data collection may include:

Cookies. A cookie is a small file placed on the hard drive of your computer. You may refuse to accept browser cookies by activating the appropriate setting on your browser. However, if you select this setting you may be unable to access certain parts of our services. Unless you have adjusted your browser setting so that it will refuse cookies, our system will issue cookies when you direct your browser to our services.

Web Beacons. Pages of our services or our e-mails may contain small electronic files known as web beacons (also referred to as clear gifs, pixel tags and single-pixel gifs) that permit us, for example, to count users who have visited those pages or opened an e-mail and for other related website statistics (for example, recording the popularity of certain website content and verifying system and server integrity).

  • Use of Data

We use your personal data in ways that are compatible with the purposes for which it was collected or authorized by you, including for the following purposes:

  • To contact you regarding any inquiry you make or to fulfill a request, such as, for example, a request for information about our products and services;
  • To improve and personalize your experience when you use our Sites;
  • To improve our products and services and for the development of future products and services;
  • For internal record keeping and administration of records;
  • For auditing related to a current interaction with the consumer and concurrent transactions, including, but not limited to, counting ad impressions to unique visitors, verifying positioning and quality of ad impressions, and auditing compliance with laws and other standards;
  • For detecting security incidents, protecting against malicious, deceptive, fraudulent, or illegal activity, and prosecuting those responsible for that activity
  • For internal research for technological development and demonstration;
  • To verify or maintain the quality or safety of our products and services and to improve, upgrade, or enhance our services;
  • To contact you by email and, if you have signed up for the service, to share e-newsletter or any other updates, communications or publications;
  • For direct marketing purposes subject to your consent if required by applicable law (see “Managing Your Preferences” below);
  • As necessary to set up and administer your sign up to, and use of, the log in facility available on the Sites; and
  • For compliance with applicable laws and/or regulations and as otherwise required or permitted by applicable laws and/or regulations.
  • For any other lawful purpose.

We use information collected from cookies and other technologies, to improve your user experience and the overall quality of our services. We may use your personal information to see which web pages you visit at our Site, which web site you visited before coming to our Site, and where you go after you leave our Site. We can then develop statistics that help us understand how our visitors use our Site and how to improve it.  We may also use the information we obtain about you in other ways for which we provide specific notice at the time of collection.

We will ask for your consent before using information for a purpose other than those set out in this Privacy Policy.

  • Disclosing & Sharing Data

We may share your Personal Data as outlined below and for any other lawful purpose. We share Personal Data with the following entities and third parties:

  • any of our group companies or affiliates – to ensure the proper administration of your website and business;
  • our employees, agents and/or professional advisors – to obtain advice from professional advisers;
  • Our Service providers – we share Personal Data with a limited number of our service providers. We have service providers that provide services on our behalf, such as identity verification services, website hosting, data analysis, information technology and related infrastructure, customer service, email delivery, and auditing services. These service providers may need to access Personal Data to perform their services. We authorize such service providers to use or disclose the Personal Data only as necessary to perform services on our behalf or comply with legal requirements. We require such service providers to contractually commit to protect the security and confidentiality of Personal Data they process on our behalf. Our service providers are predominantly located in the United States of America;
  • Your service providers – we share Personal Data with your third-party service providers in connection with the Services, including but not limited to any of your healthcare providers using or interacting with our Services.
  • Business partners – we share Personal Data with third party business partners when this is necessary to provide our Services to our Users. Examples of third parties to whom we may disclose Personal Data for this purpose are banks and payment method providers (such as credit card networks) when we provide payment processing services, and the professional services firms that we partner with to deliver Services;
  • Our Users and third parties authorized by our Users – we share Personal Data with Users as necessary to maintain a User account and provide the Services. We share data with parties directly authorized by a User to receive Personal Data, such as when a User authorizes a third party application provider to access the User’s HelloPatients account. The use of Personal Data by an authorized third party is subject to the third party’s privacy policy;
  • Corporate transactions – in the event that we enter into, or intend to enter into, a transaction that alters the structure of our business, such as a reorganization, merger, sale, joint venture, assignment, transfer, change of control, or other disposition of all or any portion of our business, assets or stock, we may share Personal Data with third parties for the purpose of facilitating and completing the transaction;
  • To regulators including state and federal agencies, card payment networks, issuing banks and other parties required to enable compliance with laws, regulations and industry standards related to transaction processing in order to obtain commercial and credit information to establish, maintain or renew a customer’s contract(s), as may be required to provide any of the services for which a customer has subscribed, to comply with the rules and regulations of any credit or debit card payment network or otherwise in accordance with this policy; and
  • To law enforcement, courts and other relevant parties in response to a court order or a request for cooperation from a regulatory, law enforcement or other government agency; to establish or exercise our legal rights; to defend legal claims; as otherwise required or permitted by applicable laws and/or regulations; when we believe that disclosure is appropriate in connection with efforts to investigate, prevent, or take action regarding actual or suspected illegal activity, fraud, or other wrongdoing; or to protect and defend the rights, property or safety of HelloPatients, its customers, staff, suppliers or others.
  • Data Security & Retention

We make reasonable efforts to ensure a level of security appropriate to the risk associated with the processing of Personal Data. We maintain organizational, technical and administrative measures designed to protect Personal Data within our organization against unauthorized access, destruction, loss, alteration or misuse. Your Personal Data is only accessible to a limited number of personnel who need access to the information to perform their duties. Unfortunately, no data transmission or storage system can be guaranteed to be 100% secure. If you have reason to believe that your interaction with us is no longer secure (for example, if you feel that the security of your account has been compromised), please contact us immediately.

If you are a HelloPatients User, we retain your Personal Data as long as we are providing the Services to you. We retain Personal Data after we cease providing Services to you, even if you close your HelloPatients account, to the extent necessary to comply with our legal and regulatory obligations, and for the purpose of fraud monitoring, detection and prevention. We also retain Personal Data to comply with our tax, accounting, and financial reporting obligations, where we are required to retain the data by our contractual commitments to our financial partners, and where data retention is mandated by the payment methods that we support. Where we retain data, we do so in accordance with any limitation periods and records retention obligations that are imposed by applicable law.

Unless a longer retention period is required or permitted by law, we will only hold your Data on our systems for the period necessary to fulfil the purposes outlined in this Privacy Policy or until you request that the Data be deleted.

Even if we delete your Data, it may persist on backup or archival media for legal, tax or regulatory purposes.

  • We will use technical and organizational measures to safeguard you Data, for example:
    • access to your account is controlled by a password and a username that is unique to you.
    • access to Website occurs only over a secured channel and may require two-factor authentication (2FA).
    • we store your Data on secure servers and use the third party software component for access management security, which has been evaluated as conformant with the U.S. Federal Information Processing Standard (FIPS) 140-2 standards.
    • payment details are encrypted using SSL (Secure Socket Layer) or TLS (Transport Layer Security) technology (typically you will see a lock icon or green address bar (or both) in your browser when we use this technology.
  • We adhere and/or are certified to the Payment Card Industry Data Security Standard (PCI DSS). This family of standards helps us manage your Data and keep it secure.
  • Technical and organizational measures include measures to deal with any suspected data breach. If you suspect any misuse or loss or unauthorized access to your Data, please let us know immediately by contacting us via this e-mail address: info@hellopatients.com.
  1. HIPAA Authorization

You hereby authorize the receipt, use, and disclosure of your Protected Health Information, as defined in 45 CFR 160.103 (“PHI”), from any health plan, physician, health care professional, hospital, clinic, laboratory, pharmacy, medical facility, or other health care provider (each a “Provider”) that has provided payment, treatment, or services to you or on your behalf, by HelloPatients in accordance with this Agreement and our Privacy Policy. In the event our relationship terminates with one or more Providers that you have a relationship with and provides information to us relating to you, you authorize us to maintain such information on your behalf.  You authorize HelloPatients to use and disclose your health information to provide you with the Services. You understand that your Protected Health Information may contain sensitive information. Unless you expressly revoke it, your authorization shall remain in effect for so long as you use our Services and for a period of six (6) months thereafter; provided, however, that we may retain your information after such date for so long as necessary to fulfill the purpose(s) for which it was collected, as authorized by you, and to comply with applicable laws.

  1. Use by Minors

The Site is not intended for use by children.  We do not intentionally gather Personal Data about United States visitors who are under the age of 13 or about European Union, United Kingdom or Swiss visitors who are under the age of 16. If a child has provided us with Personal Data, a parent or guardian of that child may contact us to have the information deleted from our records. If you believe that we might have any information from a child under the ages of 13 or 16 in the applicable jurisdictions, please contact us at info@hellopatients.com.  If we learn that we have inadvertently collected the personal information of a child under 13, or equivalent minimum age depending on jurisdiction, we will take steps to delete the information as soon as possible.

  1. Updates To this Privacy Policy and Notifications

We may change this Privacy Policy from time to time to reflect new services, changes in our Personal Data practices or relevant laws. The “Last Updated” legend at the top of this Privacy Policy indicates when this Privacy Policy was last revised. Any changes are effective when we post the revised Privacy Policy on the Services. We may provide you with disclosures and alerts regarding the Privacy Policy or Personal Data collected by posting them on our website and, if you are a User, by contacting you through your HelloPatients dashboard, email address and/or the physical address listed in your HelloPatients account.

  1. Links to Other Websites

The Services may provide the ability to connect to other websites. These websites may operate independently from us and may have their own privacy notices or policies, which we strongly suggest you review. If any linked website is not owned or controlled by us, we are not responsible for its content, any use of the website or the privacy practices of the operator of the website.

  1. California “Shine the Light” Law

California Civil Code Section § 1798.83 permits Users of our Site that are California residents to request certain information regarding our disclosure of personal information to third parties for their direct marketing purposes. To make such a request, please write to us at the address listed in the “Contact Us” section below.  We do not disclose personal information to third parties for the third parties’ direct marketing purposes.

  1. Cookies

This Website may place and access certain Cookies on your computer as set forth in our Cookie Policy available at https://hellopatients.com/terms-and-conditions which is hereby incorporated by reference.

  1. International Transfer

We may, directly or indirectly through third-party entities around the world, process, store, and transfer the information you provide, including your Personal Data, as described in this Privacy Policy. Specifically, the Personal Data that we collect may be transferred to, and stored at, a location outside of your jurisdiction. It may also be processed by staff operating outside of your jurisdiction who work for us or for one of the organizations outlined in this Privacy Policy in connection with the activities outlined in this Privacy Policy. By submitting your information and Personal Data using the Sites, you agree to this transfer, storing or processing. We will take all steps necessary to ensure that your Personal Data is treated securely and in accordance with this Privacy Policy. We have put in place commercially reasonable technical and organizational procedures to safeguard the information and Personal Data we collect on the Sites.

  1. Contact Us

If You have any questions or complaints about this Privacy Policy, please contact us via email or phone or by writing to us at the address below:

Send email to: info@hellopatients.com

Send mail to our address:

Real Patient Solutions, Inc.

Attn: Privacy Policy Inquiry

53 Longbow Lane

Springfield, IL, 62704

  1. Definitions

In this Privacy Policy, the following definitions are used:

  1. “Cookies” means a small text file placed on your computer by this Website when you visit certain parts of the Website and/or when you use certain features of the Website. Details of the cookies used by this Website are set out in the clause below (Cookies that we use);
  2. “Data” means all information that you submit to HelloPatients via the Sites. This definition incorporates, where applicable, the definitions provided in applicable data protection laws;
  3. “User” or “you” means any third party that accesses the Website and is not either (i) employed by HelloPatients and acting in the course of their employment or (ii) engaged as a consultant or otherwise providing services to HelloPatients and accessing the Website in connection with the provision of such services; and
  4. “Website”, “Web site” or “Site” means the website that you were browsing when you clicked on a link to this Privacy Policy, including all subsidiary pages, http://hellopatients.com and any sub-domains of this site unless expressly excluded by their own terms and conditions.