Privacy Policy
This Privacy Policy describes the practices of Rume Health, LLC DBA Sameday Health LLC and its affiliates, predecessors, successors, and subsidiaries (“we,” “us,” or “Sameday”), including when you visit any Sameday website (“Websites”), use any affiliated applications (“Apps”), or otherwise provide data to Sameday. We refer to the Website, Apps, and other services provided by Sameday together in this Policy as the “Service” or “Services”).
By creating, registering, or logging into an account through the Service, or otherwise accessing or using the Service, you are automatically accepting and acknowledging the most recent version of this Privacy Policy.
If you are using the Service on behalf of an individual other than yourself, you represent that you are authorized by such individual to act on such individual's behalf and that such individual acknowledges the practices and policies outlined in this Privacy Policy.
By using this site, you represent that you are at least the age of majority in your state or province of residence, or that you are the age of majority in your state or province of residence, and you have given us your consent to allow any of your minor dependents to use this site.
INFORMATION YOU PROVIDE TO US.
We collect a variety of information that you provide directly to us. For example, we collect information from you through:
Account and product registration and administration of your account
Processing your orders and requests for treatment
Questions, communications, or feedback you submit to us via forms or email
Your participation in research and surveys
Requests for customer support and technical assistance, including through online chat functionalities
Uploads or posts to the Services
Allowing the app to access your camera roll or photo storage to allow you to upload your insurance card information.
The specific types of information we collect will depend upon the Services you use, how you use them, and the information you choose to provide. The types of data we collect directly from you may include:
Name, address, telephone number, date of birth, and email address.
Information about your medical conditions, treatment options, physician referrals, prescriptions, and lab results or other related health information, such as your physical and emotional characteristics
Billing information, such as shipping address, credit or debit card number, verification number, expiration date, and identity verification information, collected by our payment processors on our behalf
Information about purchases or other transactions with us or independent providers
Information about your customer service and maintenance interactions with us
Demographic information such as your gender and age
User-generated content you post in public online forums on our Services
Insurance card information
Any other information you provide us with in connection with your use of the Services.
Information We Collect Through Automated Means.
We collect certain information about your use of the Services and the devices you use to access the Services, as described in this Section. As discussed further below, we and our service providers (which are third party companies that work on our behalf), may use a variety of technologies, including cookies and similar tools, to assist in collecting this information.
Our websites. When you use our Websites, we may collect and analyze information such as your IP address, browser types, browser language, operating system, the state or country from which you accessed the Services, software and hardware attributes (including device IDs) referring and exit pages and URLs, platform type, the number of clicks, files you download, domain names, landing pages, pages viewed and the order of those pages, the amount of time spent on particular pages, the terms you use in searches on our sites, the date and time you used the Services, error logs, and other similar information.
Our Apps. When you use our Apps, we may receive certain information about the mobile phone, tablet, or computer used to access the Apps, including a mobile device identifier, IP address, operating system, version, Internet service provider, browser type, domain name and other similar information, whether and when you update the Apps, date and time of use, and how you use the Apps, including time spent in different portions of the Apps.
You can also permit the application to access specific images stored on your device by allowing the app access to your camera roll or photo storage solely to upload your insurance card information. We will not access, collect or use any other data or image on your camera roll or photo storage.
Location Information. When you use the Services, we and our service providers may automatically collect general location information (e.g., IP address, city/state and or postal code associated with an IP address) from your computer or mobile device. This information allows us to enable access to content that varies based on a user’s general location (e.g., to provide you with accurate sales tax information and to deliver content customized to your location).
Our Use of Cookies and Similar Online Tools. To collect the information discussed in this Section, we and our service providers use web server logs, cookies, tags, SDKs, tracking pixels and other similar tracking technologies. We use these technologies to offer you a more tailored experience.
A web server log is a file where website activity is stored.
An SDK is a set of tools and/or code that we embed in our Apps and software to allow third parties to collect information about how users interact with the Services.
A cookie is a small text file that is placed on your computer or mobile device when you visit a site, that enables us to: (i) recognize your computer/device; (ii) store your preferences and settings; (iii) understand the parts of the Services you have visited and used; (iv), enhance your user experience by delivering and measuring the effectiveness of content and advertising tailored to your interests; (v) perform searches and analytics; and (vi) assist with security and administrative functions.
Tracking pixels (sometimes referred to as web beacons or clear GIFs) are tiny electronic tags with a unique identifier embedded in websites, online ads and/or email that are designed to: (1) collect usage information like ad impressions or clicks and email open rates; (2) measure popularity of the Services and associated advertising; and (3) access user cookies.
As we adopt additional technologies, we may also gather information through other methods.
INFORMATION WE RECEIVE FROM OTHER SOURCES.
We work closely with third parties (including, for example, physicians, medical professionals, and laboratories with whom we partner to provide you with the Services and their health care services, sub-contractors in technical, advertising networks, analytics providers, and search information providers). Such third parties will sometimes provide us with additional information about you.
PURPOSES FOR HOW WE USE YOUR INFORMATION
In connection with providing, you with the Services, we may use your information to:
Carry out, improve, and manage the Services and, as applicable, facilitate the provision of health care services to you by physicians or other health care providers and ensure that the physicians or health care providers have the services and support necessary for health care operations.
Engage in internal research to understand the effectiveness of our Services, improve our Services, and better understand our user base. If we publish or provide the results of this research to others, such research will be presented in a de-identified and aggregate form such that individual users cannot be identified.
Communicate with you about the Services, your use of the Services, or your inquiries related to the Services and send you communications on behalf of physicians or other health care providers utilizing the Services to meet your needs.
We may communicate with you by email, postal mail, or phone about surveys, promotions, special events, or our products and Services and those of our subsidiaries, affiliates, and parent companies, as well as any of their related businesses and those of our third-party partners. If you prefer not to receive such communications, you may opt-out at any time by following the opt-out instructions provided in our "Terms and Services" document or by contacting us directly. Your preference will be updated promptly to ensure you only receive communications that are relevant to you.
Provide you with technical support and customer service.
Verify your identity and administer your account, including processing your payments and fulfilling your orders.
Ensure that content from our Services is presented in the most effective manner for you and for your computer or device, allow you to participate in interactive features of our Services (when you choose to do so), and as part of our efforts to keep our Services safe and secure.
Measure or understand the effectiveness of advertising and content we serve to you and others, and to deliver and customize relevant advertising and content to you.
Help us better understand your interests and needs, such as by engaging in analysis and research regarding the use of the Services.
Comply in good faith with any procedures, laws, and regulations which apply to us where it is necessary for our legitimate interests or the legitimate interests of others.
Establish, exercise, or defend our legal rights where it is necessary for our legitimate interests or the legitimate interests of others.
When Sameday believes in good faith that such use is otherwise necessary or advisable.
Combined Information. For the purposes discussed in this Privacy Policy, we may combine the information that we collect through the Services with information that we receive from other sources, both online and offline, and use and share such combined information in accordance with this Privacy Policy.
Aggregate/De-Identified Data. We may aggregate and/or de-identify any information collected through the Services so that such information can no longer be linked to you or your device (“Aggregate/De-Identified Information”). We may use Aggregate/De-Identified Information for any purpose, including for research and marketing purposes, and may also share such data with any third parties, including advertisers, promotional partners, and sponsors.
ONLINE ANALYTICS AND ADVERTISING
1. Online Analytics
We may use third-party web analytics services on our Services to collect and analyze usage information through cookies and similar tools; engage in auditing, research, or reporting; assist with fraud prevention; try to locate the same unique users across multiple browsers or devices to better tailor services and features; and provide certain features to you.
If you receive email from us, we may use certain analytics tools, such as clear GIFs to capture data such as when you open our message or click on any links or banners our email contains. This data allows us to gauge the effectiveness of our communications and marketing campaigns.
2. Online Advertising
The Services may integrate third-party advertising technologies (e.g., ad networks and ad servers such as Facebook, Google Ad Words, and others) that use cookies and other technologies to deliver relevant content and advertising, as well as on other websites you visit and other applications you use. The ads may be based on various factors such as the content of the page you are visiting, information you enter such as your searches, demographic data, and other information we collect from you. These ads may be based on your current activity or your activity over time and across other websites and online services.
We sometimes provide our customer information (such as email addresses) to service providers, who may “match” this information in de-identified form to cookies (or mobile ad identifiers) and other proprietary IDs, in order to provide you with more relevant ads when you visit other websites and mobile applications.
We neither have access to, nor does this Privacy Policy govern, the use of cookies or other tracking technologies that may be placed on your device you use to access the Services by non-affiliated third-party advertising network services
3. Mobile Advertising
When using mobile applications from us or others, you may also receive tailored in-application advertisements. We may use third-party service providers to deliver advertisements on mobile applications or for mobile application analytics. We do not control how the applicable platform operator allows you to control receiving personalized in-application advertisements; thus, you should contact the platform provider for further details on opting out of tailored in-application advertisements. You may review the support materials and/or the device settings for the respective operating systems to opt-out of tailored in-app advertisements.
OPT-OUT OF MARKETING COMMUNICATIONS:
If you wish to opt-out of receiving marketing communications from us, please contact us at support@rumehealth.com. We will process your request as soon as possible.
HOW WE SHARE AND DISCLOSE YOUR INFORMATION:
We may share your information for our business purposes in the following ways:
Affiliates and Subsidiaries. We may share information we collect within and across any affiliates or subsidiaries to deliver products and services to you, ensure a consistent level of service across our products and services, and enhance our products, services, and your customer experience. We may provide you with information about Sameday’s products and services by letter, email, text, telephone, or other forms of communication. We may also provide you with information about third-party businesses, products, and services by letter, email, text, telephone or other forms of communication.
Health Care Providers and Services. We share your information with health care providers: (i) to schedule and fulfill appointments and provide health care services as part of the Services, (ii) to whom you send messages through our Services, and (iii) for other treatment, payment or health care operations purposes, upon your request.
Service Providers. We may provide access to or share your information with select third parties who use the information to perform services on our behalf. They provide a variety of services to us, including marketing, advertising, analytics, research, customer service, shipping and fulfillment, data storage, IT and security, fraud prevention, auditing and legal services. These entities may also include health care organizations, pharmacies, and other third parties we use to support our business or in connection with the administration and support of the Services.
Protection of Sameday and Others. By using the Services, you acknowledge and agree that we may access, retain and disclose the information we collect and maintain about you if required to do so by law or in a good faith belief that such access, retention or disclosure is reasonably necessary to: (a) comply with legal process (e.g. a subpoena or court order); (b) enforce our Terms and Conditions, this Privacy Policy, or other contracts with you, including investigation of potential violations thereof; (c) respond to claims that any content violates the rights of third parties; (d) respond to your requests for customer service; and/or (e) protect the rights, property or personal safety of Sameday, its agents and affiliates, its users and/or the public. This includes exchanging information with other companies and organizations for fraud protection, spam/malware prevention, and similar purposes.
Business Transfers. As we continue to develop our business, we may buy, merge, or partner with other companies. In such transactions, (including in contemplation of such transactions) user information may be among the transferred assets. If a portion or all of our assets are sold or transferred to a third-party, customer information (including your email address) would likely be one of the transferred business assets. If such a transfer is subject to additional mandatory restrictions under applicable laws, we will comply with such restrictions.
Public Forums. Certain features of our Services may make it possible for you to share comments publicly with other users. Any information that you submit through such features is not confidential, and we may use it for any purpose (including in testimonials or other marketing materials). For example, if you submit a product review on one of our sites, we may display your review (along with the name provided, if any) on other Sameday websites and on third-party websites. Any information you post openly in these ways will be available to the public at large and potentially accessible through third-party search engines. Accordingly, please take care when using these features.
Consent. We may also disclose your information in other ways you direct us to and when we have your consent.
Aggregate/De-Identified Information. We reserve the right to create Aggregate/De-Identified Data from the information we collect through the Services and our sharing of such Aggregate/De-Identified Data is in our discretion.
THIRD PARTY SERVICES AND NOTICES ABOUT HEALTH INFORMATION
This Privacy Policy does not address, and we are not responsible for, the privacy, information, or other practices, including data privacy and security process and standards of any third-parties, including physicians and other health care providers using the Services, the manufacturer of your mobile device and other IT hardware and software, and any other third-party mobile application, website, or service to which our Services may contain a link. These third parties may at times gather information from or about you. We have no control over the privacy practices of these third parties. The collection, use, and disclosure of your information will be subject to the privacy policies of the third-party websites or services, and not this Privacy Policy. We urge you to read the privacy and security policies of these third parties.
HOW WE PROTECT YOUR INFORMATION
Sameday takes a variety of technical and organizational security measures to protect your information against accidental or unlawful destruction or accidental loss, alteration, unauthorized disclosure or access. However, no method of transmission over the Internet, or electronic or physical storage, is secure. As such, you acknowledge and accept that we cannot guarantee the security of your information transmitted to, through, or on our Services or via the Internet and that any such transmission is at your own risk.
Where we have given you (or where you have chosen) a password that enables you to access the Services, you are responsible for keeping this password confidential. We ask you not to share your password with anyone, and it is recommended you change your password every 90 days (about 3 months). Multi-factor authentication should be enabled where prompted to provide an additional layer of security. The information you share in public areas may be viewed by any user of the Services.
If you provide us with your credit card information, the information is encrypted using secure socket layer technology (SSL) and stored with an AES-256 encryption. Although no method of transmission over the Internet or electronic storage is 100% secure, we follow all PCI-DSS requirements and implement additional generally accepted industry standards.
APPROPRIATE DISPOSAL OF PATIENT INFORMATION
We keep your information for no longer than necessary for the purposes for which it is processed. The length of time for which we retain information depends on the purposes for which we collected and use it and/or as required to comply with applicable laws.
REVISIONS TO OUR PRIVACY POLICY
We reserve the right to change this Privacy Policy at any time to reflect changes in the law, our data collection and use practices, the features of our Services, or advances in technology. We will make the revised Privacy Policy accessible through the Services, so you should review it periodically. The date this Privacy Policy was last revised is identified at the top of the document. You are responsible for periodically monitoring and reviewing any updates to the Privacy Policy. If we make a material change to the Privacy Policy, we will provide you with appropriate notice in accordance with legal requirements. Your continued use of our websites or Apps after such amendments (and notice, where applicable) will be deemed your acknowledgment of these changes to this Privacy Policy.
RETENTION OF INFORMATION
Sameday may retain your information for as long as it believes necessary; as long as necessary to comply with its legal obligations, resolve disputes and/or enforce its agreements; and/or as long as needed to provide you with the products and/or services of the Service. Sameday may dispose of or delete any such information at any time, except as set forth in any other agreement or document executed by Sameday or as required by law.
CONTACTING US
If you have any questions about this Privacy Policy or Sameday’s privacy practices, please contact us at:
Rume Health
2729 Bristol St Costa Mesa, CA 92626
PROTECTED HEALTH INFORMATION
In using components of the Service, you may also provide certain health or medical information that may be protected under applicable laws. One or more of medical groups, allied health professionals, or laboratories (the “Providers”) that provide services to you through Sameday’s Service may be a "covered entity" or "business associate" under HIPAA, and Sameday may in some cases be a "business associate" of the Providers. It is important to note that HIPAA does not necessarily apply to an entity or person simply because there is health information involved, and HIPAA may not apply to your transactions or communications with Sameday or the Providers. To the extent Sameday is deemed a "business associate" however, and solely in its role as a business associate, Sameday, may be subject to certain provisions of HIPAA with respect to "protected health information," as defined under HIPAA, that you provide to the Providers (" PHI"). In addition, any medical or health information that you provide that is subject to specific protections under applicable state laws (collectively, with PHI, "Protected Information"), will be used and disclosed only in accordance with such applicable laws. However, any information that does not constitute Protected Information under applicable laws may be used or disclosed under this Privacy Policy. Protected Information does not include information de-identified in accordance with applicable laws.
The Providers have adopted a Notice of Privacy Practices that describes how they use and disclose Protected Information. By accessing or using any part of the Service, you are acknowledging receipt of the Notice of Privacy Practices from the Provider(s).
By accessing or using any part of the Service, you are agreeing that even if HIPAA does apply to Sameday or the Providers, any information that you submit to Sameday that is not intended and used solely for the provision of diagnosis and treatment by the Providers is not considered Protected Information, and will only be subject to our Privacy Policy and any applicable state laws that govern the privacy and security of such information.