Last Updated: August 31, 2021
CorneaCare, Inc., and its affiliates (collectively, “CorneaCare,” “we,” “us,” “our”) provide education, community, diagnosis, treatment, and products for people that suffer from eye conditions. This Privacy Policy describes how we collect, use, disclose and otherwise process personal information we collect through our website, platform, mobile applications, and related technologies and services (collectively, the “Service”).
Please note that some aspects of the Service may be governed by the Health Insurance Portability and Accountability Act (“HIPAA”). If you receive services from a medical practice affiliated with CorneaCare, you will receive a separate HIPAA privacy notice, which will govern the collection, use and disclosure of your protected health information by the practice. To the extent there are inconsistencies between the HIPAA privacy notice you receive and this Privacy Policy related to an affiliated medical practice’s use of your protected health information, the practice’s HIPAA privacy notice will govern.
Personal Information We Collect
We collect personal information from website visitors, community members, program participants, family members, and caregivers, as well as the participants’ care teams, which may consist of physicians, other health care professionals, and support personnel. These individuals may provide information about themselves (e.g., patients who sign up to participate) as well as about each other (e.g., physicians who provide information about program participants).
This information may include:
- Contact details, such as your first and last name, email and mailing addresses, and phone number.
- Biographical and demographic information, such as date of birth, age, gender, marital status, and information regarding any parents or legal guardians.
- Health and medical information, such as information about physical and mental health conditions and diagnoses, photographs of your eyes, treatments for medical conditions, family medical history, and medications an individual may take, including the dosage, timing, and frequency.
- Audio and video feed, when you engage in CorneaCare’s telemedicine services. We may record your audio and video conversations for quality and training purposes, and to advance and optimize the telemedicine program.
- Verification information, such as a photo of your ID or other means used to verify your identity.
- Communications that we exchange with you, including when you contact us with questions, feedback, or otherwise.
- Payment and transactional data needed to complete your subscriptions and orders on or through the Service (including name, payment card information, bank account number, billing information), and your purchase history. Our payment processor(s) will collect the financial information necessary to process your payments, such as your payment card number and authentication details. Please note, however, that we store only a tokenized version of such information and do not maintain payment card information on our servers.
- Marketing data, such as your preferences for receiving our marketing communications, and details about your engagement with them.
Automatic data collection. We, our partners, and our service providers may use cookies, browser web storage (also known as locally stored objects, or “LSOs”), web beacons, and similar technologies to automatically collect information about you, your computer or mobile device, and your interaction over time with the Service, our communications and other online services, such as:
- Device data, such as your computer or mobile device operating system type and version number, manufacturer and model, device identifier, browser type, screen resolution, IP address, and general location information such as city, state or geographic area; and
- Online activity data, such as the website you visited before browsing to our website, and information about your use of and actions on our websites and mobile apps, including pages or screens you viewed, how long you spent on a page or screen, navigation paths between pages or screens, information about your activity on a page or screen, access times, and length of access, and how you interact with emails we send you.
How We Use Your Personal Information
We use your personal information for the following purposes or as otherwise described at the time of collection:
Service delivery, including to:
- provide, operate and improve the Service, including providing you with eye care information, screening, assessment or management, facilitating your interaction with health care professionals, and fulfilling your orders for eye care products;
- process your payments and complete transactions with you;
- communicate with you about the Service, including by sending announcements, updates, security alerts, and support and administrative messages;
- understand your needs and interests, and personalize your experience with the Service and our communications; and
- provide support for the Service, and respond to your requests, questions and feedback.
Research and development. We may use your personal information for research and development purposes, including to analyze and improve the Service and for public health initiatives, including to prepare for symposia, research publications, conferences, and scientific and educational events. As part of these activities, we may create aggregated, de-identified or other anonymous data from personal information we collect. We make personal information into anonymous data by removing information that makes the data personally identifiable to you. We may use this anonymous data and share it with third parties for our lawful business purposes, including to analyze and improve the Service and promote our business.
Aggregated data. We may combine any information you provide us with information from other users to create aggregated data to display on the Service. This sort of statistical information is called aggregated data because it reflects the characteristics of a large group of anonymous people. Aggregated data does not contain any information that could be used to identify you or contact you. For example, we might inform third parties regarding the number of users of the Service and the activities they conduct while on our site. We may use aggregated data or share it with our business partners so that the information and services we provide best meet the needs of our users. Aggregated data also helps advertisers and sponsors know how effectively they are reaching and meeting the needs of their target audiences. In addition, we may make use of de-identified information in accordance with our Terms of Service.
Marketing and advertising. We, our partners, and our service providers may collect and use your personal information for marketing and advertising purposes:
- Direct marketing. We may send you CorneaCare-related direct marketing communications as permitted by law, including, but not limited to, notifying you of special promotions, offers and events via postal mail, email, telephone, text message, and other means. See the “Opt out of marketing communications” section below for information on how to opt out.
- Interest-based advertising. We and our partners, including third party advertising companies and social media companies, may display ads on the Service and other online services. These companies may use cookies and similar technologies to collect information about your interaction (including the data described above) over time across the Service, our communications and other online services, and use that information to serve online ads that they think will interest you. This is called interest-based advertising. We may also share information about our users with these companies to facilitate interest-based advertising to those or similar users on other online platforms. You can learn more about your choices for limiting interest-based advertising in the “Online tracking opt out” section below.
Compliance and protection. We may use your personal information to:
- comply with applicable laws, lawful requests, and legal process, such as to respond to subpoenas or requests from government authorities;
- protect our, your or others’ rights, privacy, safety or property (including by making and defending legal claims);
- audit our internal processes for compliance with legal and contractual requirements and internal policies;
- enforce the terms and conditions that govern the Service; and
- prevent, identify, investigate and deter fraudulent, harmful, unauthorized, unethical or illegal activity, including cyberattacks and identity theft.
How We Share Your Personal Information
We may share your personal information with the following parties and as otherwise described in this Privacy Policy or at the time of collection:
Affiliates. Our corporate parent, subsidiaries, and affiliates that are involved in providing the Service to you may be found here.
Health care partners. The Medical Groups, Providers, and other third parties with whom we partner to deliver the Service, including to provide our telehealth services and fulfil your orders, or for the research and public-health purposes described above.
Service providers. Companies and individuals that provide services on our behalf or help us operate the Service and our business (such as customer support, hosting, analytics, email and text delivery, and database management services).
Your family members, caregivers, and care team.Depending on your use of the Service,you may direct us to share some of your information with your family members, caregivers, and care team. For example, they may be able to view the contents of your monitoring history, treatment outcomes, and other information contained within the Service. Your care team may obtain the information about you through the Service and store it in their own systems. The Service may permit your care team to see the names and other identifying information about your other health care providers and their organizations to facilitate collaborative care.
Advertising partners. Third-party advertising companies, including for the interest-based advertising purposes described above.
Third-party platforms.By enabling features or functionality that connect your account to a third-party platform (such as by logging in to the website or mobile application using a third party social media account, or otherwise linking your account with the services to a third-party’s services), you chose to disclose certain of your personal information with those platforms. We do not control the third party’s use of your personal information.
Professional advisors.Professional advisors, such as lawyers, bankers, auditors and insurers, where necessary in the course of the professional services that they render to us.
Authorities and others. Law enforcement, government authorities, and private parties, as we believe in good faith to be necessary or appropriate for the compliance and protection purposes described above.
Business transfers. Acquirers and other relevant participants in business transactions (or negotiations for such transactions) involving a corporate divestiture, merger, consolidation, acquisition, reorganization, sale or other disposition of all or any portion of the business or assets of, or equity interests in, CorneaCare or our affiliates (including, in connection with a bankruptcy or similar proceedings).
Please keep in mind that whenever you voluntarily make your personal information available for viewing by third parties or the public on or through our Service, that information can be seen, collected and used by others. We are not responsible for any use of such information by others.
Your Choices
Access to information. To keep your information accurate, current, and complete, please contact us as specified below. We will take reasonable steps to update or correct information in our possession that you have previously submitted via the Service. Please also feel free to contact us if you have any questions about our Privacy Policy or the information practices of CorneaCare at privacy@cornea.care.
Opt out of marketing communications. You may opt out of marketing-related communications by following the opt out or unsubscribe instructions contained in the marketing communication we send you.
Online tracking opt out. There are a number of ways to opt out of having your online activity and device data collected through the Service, which we have summarized below:
- Blocking cookies in your browser. Most browsers let you remove or reject cookies, including cookies used for interest-based advertising. To do this, follow the instructions in your browser settings. Many browsers accept cookies by default until you change your settings. For more information about cookies, including how to see what cookies have been set on your device and how to manage and delete them, visit www.allaboutcookies.org.
- Blocking advertising ID use in your mobile settings. Your mobile device settings may provide functionality to limit use of the advertising ID associated with your mobile device for interest-based advertising purposes.
- Using privacy plug-ins or browsers. You can block our websites from setting cookies used for interest-based ads by using a browser with privacy features, like Brave, or installing browser plugins like Privacy Badger, Ghostery, or uBlock Origin, and configuring them to block third party cookies/trackers. You can also opt out of Google Analytics by downloading and installing the browser plug-in available at: https://tools.google.com/dlpage/gaoptout.
- Platform opt outs. The following advertising partners offer opt out features that let you opt out of use of your information for interest-based advertising:
- Google: www.adsettings.google.com
- Facebook: www.facebook.com/about/ads
- Twitter: www.twitter.com/settings/personalization
- Linkedin: www.linkedin.com/psettings/guest-controls/retargeting-opt-out
- Advertising industry opt out tools. You can also use these opt out options to limit use of your information for interest-based advertising by participating companies:
- Digital Advertising Alliance for Websites: optout.aboutads.info
- Digital Advertising Alliance for Mobile Apps: https://youradchoices.com/appchoices
- Network Advertising Initiative: optout.networkadvertising.org/?c=1
Note that because these opt out mechanisms are specific to the device or browser on which they are exercised, so you will need to opt out on every browser and device that you use.
Do Not Track.Some Internet browsers may be configured to send “Do Not Track” signals to the online services that you visit. We currently do not respond to “Do Not Track” or similar signals. To find out more about “Do Not Track,” please visit http://www.allaboutdnt.com.
Declining to provide information. We need to collect personal information to provide certain services. If you do not provide the information we identify as required or mandatory, we may not be able to provide those services.
Other Sites and Services
The Service may contain links to websites and other online services operated by third parties. In addition, our content may be integrated into web pages or other online services that are not associated with us. These links and integrations are not an endorsement of, or representation that we are affiliated with, any third party. We do not control websites or online services operated by third parties, and we are not responsible for their actions.
Security
We employ a number of technical, organizational and physical safeguards designed to protect the personal information we collect. However, no security measures are failsafe and we cannot guarantee the security of your personal information.
Data Retention
We keep personal information for as long as reasonably necessary for the purposes described in this Privacy Policy, while we have a business need to do so, or as required by law (e.g. for tax, legal, accounting, medical record retention, or other purposes), whichever is longer.
International Data Transfer
We are headquartered in the United States and may use services providers that operate in other countries. Your personal information may therefore be processed in the United States or transferred to other locations where privacy laws may not be as protective as those in your state, province, or country.
Children
Our Services are not directed to individuals who are under the age of 18, and we do not knowingly collect personal information from individuals under the age of 18. If you have reason to believe that an individual under the age of 18 has provided personal information to us through the Service, please contact us at the address noted below, and we will endeavor to delete that information from our databases.
Changes to this Privacy Policy
We reserve the right to modify this Privacy Policy at any time. If we make material changes to this Privacy Policy, we will notify you by updating the date of this Privacy Policy and posting it on the Service. If required by law we will also provide notification of changes in another way that we believe is reasonably likely to reach you, such as via email or another manner through the Service. Any modifications to this Privacy Policy will be effective upon our posting the modified version (or as otherwise indicated at the time of posting). In all cases, your use of the Service after the effective date of any modified Privacy Policy indicates your acceptance of the modified Privacy Policy.
Contact Us
If you have any questions or concerns at all about our Privacy Policy, please contact us by email at privacy@cornea.care or at the following mailing address:
CorneaCare, Inc.
ATTN: Privacy
PO Box 54222
Philadelphia PA 19105