This privacy policy (“Policy”) was last updated on 2/10/2023.
This Privacy Policy explains how information is collected, used and disclosed by Pillbox Health LLC (Pillbox Health LLC) concerning your access and use of our Services through our website located at https://pillbox.health/ (“Site”). To make this Privacy Policy easier to read, The term “Services”, and “Service” as used herein encompasses the Device(s), App, Website, and associated services provided by Pillbox Health LLC. This service includes but is not limited to, Software (as defined below), data, subscription services, the utilization of de-identified and aggregated data for improving any of the foregoing, and other services. This Privacy Policy doesn’t apply to any third-party websites, services or applications that can be accessed through our Services.
By using and/or consenting to you and your Authorized Provider’s (as defined in our Terms and Conditions use of our services, you consent to the collection, use and disclosure of your Personal Information and your Personal Health Information (each as defined below) by this Policy. We strongly recommend that you read this Policy carefully and retain it for future reference. This Policy may change from time to time (see Section 13 “Changes to this privacy policy” below). For this reason, please check this Policy periodically for updates. Your continued use of our Website, and/or any of our Services, as defined in our Terms and Conditions, after we make changes to this policy, indicates that you accept and consent to those changes. The application of this Policy is subject to applicable laws, regulations, and the orders or lawful requests of courts or legal authorities.
We take commercially reasonable steps to protect the integrity and confidentiality of personally identifiable and health information that you may share with us. We comply with the HIPAA security rule for administrative, technical, and physical security safeguards and have third party assessments of our controls performed annually. However, please be aware that no security measures are perfect or impenetrable and we cannot guarantee the absolute security of your information.
We will do our part to protect your information, but you need to protect your information as well. Additionally, we do not control the actions of anyone with whom you or any other Pillbox Health LLC user may choose to share information. As such, you should be cautious about the access you provide to others when using Pillbox Health LLC, and the information you choose to share when using the Pillbox Health LLC Services.
“Personal Information” is anything that identifies, relates to, describes, is capable of being associated with, or could be reasonably linked, directly or indirectly, to you. Examples of Personal Information include your:
Personal Information we collect might include but is not limited to, your name, email address, telephone number, sex, date of birth, address, medical conditions, medication name, medication intake details, bank account number, any identifier we may use to contact you, other personally identifiable information that you may choose to add to your Pillbox Health LLC User account profile in our website, records, and copies of your correspondence with us and with your Authorized Provider through our Services.
“Protected Health Information” is a subset of Personal Information that is protected by the Health Insurance Portability and Accountability Act of 1996 and its implementing regulations (collectively, “HIPAA”). We may receive Protected Health Information about you directly from you or from Authorized Providers and the information you provide to us in connection with Services.
“Non-Personal Information” means information that does not permit us to identify, contact or locate you. For example, your device model number and manufacturer, and state of residence are Non-Personal Information unless linked to your Personal Information. If we combine or link your Non-Personal Information with Personal Information (such as combining your name with your device model), we will treat the combined information as Personal Information so long as it is combined.
The Services may use “cookie” technology and similar technology to gather information from our visitors such as which pages are used and how often they are used, and to enable certain features on the Services. In some jurisdictions, this is considered Personal Information.
We may collect information about your activities on our Services using technologies such as cookies, including third-party cookies, web beacons, JavaScript code, HTML 5 databases, and server log files. The information we collect using these means may include your Media Access Control (MAC) address, operating system and version, screen resolution, device manufacturer and model, language, Internet browser type and version, the version of the Services you are using, the date and time you access the Services, pages visited, time spent on the Services, general location information, and other activity data. This information is automatically generated. Our third-party business partners and we may use this information to provide you with an optimal experience.
Your “IP Address” (a number that is automatically assigned to the computer or other device that you are using by your internet service provider) may be identified and logged automatically in our server log files whenever you access the Services, along with the time of the visit and the page(s) that were visited. IP Addresses are automatically collected by many websites, applications, and other services. We may use IP Addresses for purposes such as calculating usage levels of the Services, helping diagnose server problems, and administering the Services.
“Location Information” is a subset of Personal Information that can be used to locate the device you use to access the Services. Location Information may include: (i) with your consent, the location of the device you used to access the Services; (ii) the IP address of the device or internet service used to access the Services, and (iii) other information made available by a user or others that indicates the current or prior location of the user. If you do not want us to collect Location Information from your device, please disable the location setting(s) on your device. Please note that disabling the location setting may affect certain features of the Services.
“Usage Data” is information that we automatically collect about your use of the Services and your device. This type of information does not usually, by itself, uniquely identify an individual, and may include your web browser and operating system, device model and manufacturer, and your activity on the Services. If Usage Data is combined with or linked to Personal Information, then we treat it as Personal Information. If the Usage Data cannot be used to identify, contact or locate you, then it is Non-personal Information and will not be treated as Personal Information.
Some web browsers have “Do Not Track” or similar features that allow you to tell each website you visit that you do not want your activities on that website tracked. Presently, the Services do not respond to “Do Not Track” signals and, consequently, the Services will continue to collect information about you even if your browser’s “Do Not Track” feature is activated. The only way to completely “opt-out” of the collection of any information through cookies or other tracking technology is to actively manage the settings on your browser or mobile device to delete and disable cookies and other tracking/recording tools.
Pillbox Health LLC uses a third-party service provider, Amazon Web Services (“AWS”) to host servers; track and prevent errors in our software; and to send, receive and track emails and User login invitations. These third-party service providers may have access to Personal Information and Personal Health Information as an incidental result of the services provided by such third parties to Pillbox Health LLC, but the access of such third parties to such information is strictly controlled per the safeguards detailed below.
While using our platform, you may choose to authorize Pillbox Health LLC and its third-party contractors or affiliates to retrieve and disclose your health records and protected health information. These records may not be a complete 100% comprehensive record, and these records may not be useful for diagnostic purposes. These health records will be shared with Authorized Providers to ensure great healthcare services. Pillbox Health LLC does not alter or modify medical records received from its third parties. If at any time you wish to revoke this authorization, you may do so by deleting your profile on the Pillbox Health LLC website.
Your Authorized Provider may record in our Platform, information such as interactions with you, test results, evaluations, questionnaire assessments, smart pillbox device data you choose to share, records and notes consistent with treatment, and recommendations. By using our Platform, you agree that your chosen Authorized Provider may be authorized to disclose your Personal Information and Personal Health Information to us under the care coordination agreement.
When you input Health Data within our Services or use our Services that collect or ingest data
“Health Data” includes data you provide related to your dietary habits, medication intakes, dietary restrictions, fitness activity, lifestyle (e.g., sleeping habits), health conditions and diseases, familial diseases, height, weight, measurements, heart rate, BMI, and similar types of data relating to physiological condition, and overall health. We collect this data to provide the Services and to tailor features, recommendations and analytics.
We may use the information you provide for various purposes, which include:
We may also de-identify your information or aggregate your information with other users of the Services (“Aggregate Information”). This Aggregate Information is not Personal Information, because it cannot be used to identify you and may be used by us for any lawful purpose. If Aggregate Information is re-identified, it will be treated as Personal Information.
We may share your information with other parties for various business purposes:
Pillbox Health LLC does not sell any Personal Information we collect about you. We may, however, share Aggregate Information about our users in all legally permissible ways.
The safety and security of your Personal Information and Personal Health Information is very important to Pillbox Health LLC. While we cannot guarantee complete protection of your Personal Information or Personal Health Information, we follow commercially reasonable practices to protect Personal Information and Personal Health Information collected from you against accidental loss and unauthorized access, use, alteration, disclosure, and destruction.
We store all Personal Information and Personal Health Information with AWS. AWS is responsible for the hosting and security of all servers, and databases in a secure cloud and AWS is certified as compliant with ISO Standard 27018 Code of Practice for personal identifiable information (PII) protection in public clouds acting as PII processors. In addition to the independent certification process under ISO27018, the ISO Standard also includes the right to audit AWS for compliance.
Because the transmission of information via the Internet is not completely secure, any transmission of Personal Information or Personal Health Information is at your own risk. Although we maintain security measures to maintain the integrity of the data in our care, including the encryption of all Personal Information and Personal Health Information, while in transit or at rest, we are not responsible for circumvention of any of our privacy settings or security measures. Your Personal Information and Health Information may be transmitted over various networks and may be subject to changes to conform and adapt to the technical requirements of connected networks or devices. We urge you to be cautious about giving out information in any public areas of our Platform.
Safeguard measures to ensure authorized access to your account on our Platform include the use of a username and a password for authentication. You are responsible for keeping your password and username private. Please contact us immediately if you believe that your password has been compromised or misused.
Access to private, sensitive and confidential information, including your Personal Information and Personal Health Information, is restricted to Pillbox Health LLC, Authorized Providers, and other independent contractors or employees of Pillbox Health LLC, who are required to abide by our privacy standards.
Our Services may contain links or references to other websites and services owned or operated by third parties. These third-party platforms and websites are not governed by this policy. This policy does not extend to the collection of information by third parties, and we are not responsible for the privacy practices, policies, or actions of third parties. When visiting third-party websites or platforms, you do so at your own risk, and you assume all responsibility associated with the same. We encourage you to review the privacy policies and terms and conditions of each website and platform visited before using them or disclosing information to third parties.
You may opt out of receiving email marketing by unsubscribing using the unsubscribe link provided in all of our marketing email communications.
We may allow others to provide analytics services and serve advertisements on our behalf across the Platform. These entities may use cookies, web beacons, device identifiers, and other technologies to collect information about your use of the Services and other websites and applications, including your IP address, web browser, mobile network information, pages viewed, time spent on pages or in apps, links clicked, and conversion information. This information may be used by us and others to, among other things, analyze and track data, determine the popularity of certain content, deliver advertising and content targeted to your interests in our Services and other websites, and better understand your online activity. We may also work with third parties to serve ads to you as part of a customized campaign on other websites or platforms. To opt out of having information about you used in this way, please email us at support@pillbox.health.
Pillbox Health LLC believes it is particularly important to protect the privacy of minors online. Pillbox Health LLC defines a “minor” as any person less than 18 years of age. Pillbox Health LLC does not knowingly collect Personal Information about minor users without a parent’s or legal guardian’s permission or knowingly share Personal Information about minor users with third parties without a parent’s or legal guardian’s permission. If we learn we have received Personal Information directly from a child under age 18, we will use that information only to respond directly to that child (or his or her parent or legal guardian) to inform the child that he or she cannot use the Services and will make commercially reasonable efforts to delete such information.
We reserve the right to amend this Policy at any time. The Policy posted on our Website shall be deemed to be the policy in effect. A current Policy can also be obtained by contacting us. If we make any material changes to this Policy regarding how we treat your Personal Information or Personal Health Information, we will notify you through a notice on our website, and/or by email to your last known email address and will obtain your express consent as required under applicable privacy laws. We also include the date this Policy was last revised at the top of the Policy. The revised Privacy Policy will supersede all previous versions.
By continuing to access or use the Services following such changes, you will be deemed to have agreed to such changes. You are responsible for ensuring that we have an up-to-date, active, and deliverable email address for you and for periodically visiting this Policy to check for any changes.
The Personal Information and Personal Health Information we hold about you must be accurate and current. The accuracy, integrity and completeness of your Personal Information and Personal Health Information you input into our website or allow someone to input into our website on your behalf, is your responsibility. Please keep us informed if your information changes. By law, you have the right to request access to and to correct the Personal Information and Personal Health Information that we hold about you. You may contact us if you would like to review, verify, correct, or withdraw consent to the use of your Personal Information or Personal Health Information. We may request certain Personal Information to verify the identity of the individual seeking access to their Personal Information or Personal Health Information records.
We may not accommodate a request to view or change information if we believe that:
Where a request for access to information is made, to protect vulnerable populations, Pillbox Health LLC reserves the right to verify communications, including with your Authorized Provider, before taking action. Where a request for access or alteration of Personal Information or Personal Health Information is declined, the individual making the request will be provided with the reason(s) for declining the request, subject to any legal or regulatory restrictions.
If you have questions about this policy or would like to submit a request, you may contact our customer service team by email at support@pillbox.health or by phone at: +1 (813)-540-4567.
If you have any questions on the Facility’s privacy practices or for clarification on anything contained within the Notice, please contact at: Email: support@pillbox.health