-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Biomarkers privacy policy post added
- Loading branch information
1 parent
1d92c37
commit c2dd305
Showing
1 changed file
with
89 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,89 @@ | ||
| --- | ||
| layout: post | ||
| title: "Biomarkers Privacy Policy" | ||
| permalink: "biomarkers-privacy-policy" | ||
| date: 2024-08-06 | ||
| categories: misc | ||
| teaser: "" | ||
| --- | ||
|
|
||
| _This Privacy Policy was last updated on **August 6th, 2024**._ | ||
|
|
||
| # Privacy Policy for Biomarkers | ||
|
|
||
| ## Introduction | ||
|
|
||
| Welcome to Biomarkers ("we", "our", "us"). We're dedicated to protecting your personal data and respecting your privacy. This Privacy Policy explains how we handle your data, what data we collect, and your rights under the California Consumer Privacy Act (CCPA). | ||
|
|
||
| ## Data Collection | ||
|
|
||
| Here's the rundown on what we collect: | ||
|
|
||
| - **Biomarker Data**: This includes biomarker types, values, and dates you input into the app. | ||
| - **User Profile Data**: This includes some personal information (PI) like your birthdate, sex, and weight. We use this solely to personalize your historical biomarker insights. | ||
| - **User-Generated Documents**: Any documents you choose to upload for data extraction. | ||
|
|
||
| ### Local Storage | ||
| - All the data we collect is stored locally on your device and is securely encrypted. We never have access to this data. | ||
|
|
||
| ### Third-Party Data Handling | ||
| - You might choose to upload your data to a third party (OpenAI, Inc) to streamline biomarker data entry and get personalized health insights. This includes your biomarker data, profile data, and any documents you upload. | ||
| - The data you send to OpenAI is securely transmitted using industry-standard encryption, processed to generate personalized insights, and immediately deleted after processing. This data can never be traced back to you. | ||
| - We always get your explicit consent before any data is uploaded to OpenAI. | ||
| - Your privacy is important to us, and we ensure all interactions with third parties are secure. | ||
|
|
||
| ### App Usage and Crash Logs | ||
| - Apple may collect data about how you use the app and crash logs, which are aggregated and anonymized, so it can't be used to identify you personally. You can choose to share this data with us through your device settings. This helps us improve the app and provide a better user experience. | ||
|
|
||
| ## Your Privacy Rights under CCPA | ||
|
|
||
| If you're a California resident, you have specific rights under the CCPA, including: | ||
|
|
||
| - The right to know what personal data is being collected about you. | ||
| - The right to access your personal data. | ||
| - The right to request the deletion of your personal data. | ||
| - The right to know if your personal data is sold or disclosed and to whom. | ||
|
|
||
| Since we do collect and process some personal data like biomarker data and user profile data, you can exercise these rights by contacting us at [email protected] or (650) 200 - 3620. | ||
|
|
||
| ## HIPAA Compliance | ||
|
|
||
| We understand the importance of the Health Insurance Portability and Accountability Act (HIPAA) and prioritize the security and privacy of your health information. While we're not HIPAA compliant just yet, we're actively working towards it. | ||
|
|
||
| Here are some things we're doing: | ||
| - Ensuring that all local data stored on iOS is encrypted. | ||
| - Making sure data sent to our third-party vendor (OpenAI) is transmitted securely, properly destroyed after processing, and can't be traced back to you. | ||
| - Developing Standard Operating Procedures (SOPs) for breach notifications and administrative safeguards. | ||
|
|
||
| We're committed to achieving full HIPAA compliance and will continuously review and update our processes and security measures. | ||
|
|
||
| ## Contact Information | ||
|
|
||
| If you have any questions or concerns about this Privacy Policy or your rights, please contact us: | ||
|
|
||
| Email: [email protected] | ||
| Address: 1100 Pomeroy Ave, Santa Clara, CA 95051 | ||
|
|
||
| ## Changes to this Privacy Policy | ||
|
|
||
| We may update our Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page, and updates in-app. | ||
|
|
||
| --- | ||
|
|
||
| ## HIPAA Compliance Efforts | ||
|
|
||
| We're working towards HIPAA compliance and here’s what we’re focusing on: | ||
|
|
||
| 1. **Data Encryption**: | ||
| - Ensuring that all local data stored on iOS devices is encrypted. | ||
|
|
||
| 2. **Third-Party Data Handling**: | ||
| - Making sure data sent to OpenAI, Inc is transmitted securely, properly destroyed after processing, and can't be traced back to you. | ||
|
|
||
| 3. **Administrative Safeguards**: | ||
| - Developing Standard Operating Procedures (SOPs) for breach notifications. | ||
| - Implementing administrative safeguards to ensure the security and privacy of health information. | ||
|
|
||
| We're committed to achieving full HIPAA compliance and will continuously review and update our processes and security measures. | ||
|
|
||
| By adhering to these efforts and regularly reviewing our processes, we aim to protect the privacy and security of your health information as we work towards full HIPAA compliance. |