Patient Ally Privacy Policy

Scope of This Policy

Patient Ally and Office Ally, Inc. ("Office Ally"), the operator of Patient Ally, take their obligation to protect the confidentiality of your information very seriously. This Privacy Policy (this "Policy") describes how we collect, store, and share your information when you interact with PatientAlly.com, (the "Site"). This Policy applies when you interact with us through this Site. It also applies anywhere it is linked. It does not apply to any other websites or applications, including those that are connected to other Office Ally services; please review the privacy policy on those websites and applications directly to understand the applicable privacy practice.

Information we collect

• Information You Give Us. We collect and store any information you enter on this Site directly, from the devices you use to interact with us, and from third parties. We may combine information from the Site together and with other information we obtain from our business records. We may use and share information that we aggregate (compile to create statistics that cannot identify a particular individual) or de-identify (strip information of all unique identifiers such that it cannot be linked to a particular individual) at our discretion.
  
  You may provide the following information to us directly:
• Contact and professional information, including name, email address, telephone number, and job title, as well as company name and size.
• Demographic information.
• Audiovisual information.
• Payment information, including credit card information.
• Content you may include in survey responses.
• Information contained in your communications to us, including call recordings of customer service calls.
• Information you make available to us via a social media platform.
• Any information or data you provide by interacting in our online forums and chatrooms, or by commenting on content posted on our Site. Please note that these comments are also visible to other users of our Site.
• Information you submit to inquire about or apply for a job with us.
• Any other information you submit to us.
• Information We Collect Automatically. When you interact with this Site, certain information about your use of this Site is automatically collected. Much of this information is collected through cookies, web beacons, and other tracking technologies, as well as through your web browser or device. This includes:
• Details of your visits to our site and information generated in the course of the use of our site (including the timing, frequency and pattern of service use) including, but not limited to, traffic data, location data, weblogs and other communication data, the resources that you access, and how you reached this Site.
• Diagnostic information such as web traffic logs.
• Details regarding the device you use to access this Site, including, but not limited to, your IP address, operating system and browser type.
• Information about how you interact with our ads, including whether you open or click links in any correspondence.
• Office Ally relies on partners to provide many features of our Site and services using data about your use of Office Ally and other sites.
  
  Most web browsers automatically accept cookies but, if you prefer, you can usually modify your browser setting to disable or reject cookies. If you delete your cookies or if you set your browser to decline cookies, some features of the Site may not be available, work, or work as designed.
  
  Your browser or device may include "Do Not Track" functionality. At this time, Office Ally does not respond to browser "Do Not Track" signals.
• Information We Collect From Other Sources. We may collect the following information about you from third-party sources:
• Subscription registration information.
• Contact information, demographic information, and information about your interests and purchases, from consumer data providers.
• Information about your credit history from credit reporting agencies.
• Information about your interests, activities, and employment history from social networks and other places where you choose to share information publicly.
• Information about your interaction with advertisements on our Site, or ads that we place on third party websites, from online advertising companies.
• If you decide to invite others to the Site, we will collect your and the other person's names, email addresses, and/or phone numbers to send an email or text message and follow up with the other person. You agree that you will obtain the other person's consent before giving us his or her contact information. You also agree that you will not send us the contact information of a minor. We will inform any other person you invite that you gave us his or her information in the invitation email.

How We Use and Protect Information We Collect

• How We Use Your Information. We may use any of the information we collect for the following purposes.
• Site functionality: To provide you with our products and services, including to take steps to enter a contract for sale or for services, process payments, fulfill orders, send service communications (including renewal reminders), and conduct general business operations, such as accounting, recordkeeping, and audits.
• Site improvement: To improve and grow our Site, including to develop new products and services and understand how our Site is being used, our customer base and purchasing trends, and the effectiveness of our marketing.
• Personalization: To offer you recommendations and tailor the Site to your preferences.
• How We Share Your Information: We may share any of the information we collect with the following recipients:
• Affiliates: We share information with other members of our group of companies.
• Site providers: We engage vendors to perform specific business functions on our behalf, and they may receive information about you from us or collect it directly. These vendors are obligated by contract to use information that we share only for the purpose of providing these business functions, which include:
• Supporting Site functionality, such as vendors that support customer service and customer relationship management, subscription fulfillment, freight services, application development, list cleansing, postal mailings, and communications (email, fax).
• Auditing and accounting firms, such as firms that assist us in the creation of our financial records.
• Professional services consultants, such as firms that perform analytics, assist with improving our business, provide legal services, or supply project-based resources and assistance.
• Analytics and marketing services, including entities that analyze traffic on our online properties and assist with identifying and communicating with potential customers.
• Security vendors, such as entities that assist with security incident verification and response, service notifications, and fraud prevention.
• Information technology vendors, such as entities that assist with website design, hosting and maintenance, data and software storage, and network operation.
• Marketing vendors, such as entities that support distribution of marketing emails.
• Business partners: From time to time, we may share your contact information with other organizations for marketing purposes.
• Online advertising partners: We partner with companies that assist us in advertising our Site.
• Social media platforms: If you interact with us on social media platforms, the platform may be able to collect information about you and your interaction with us. If you interact with social media objects on our Site (for example, by clicking on a Facebook "like" button), both the platform and your connections on the platform may be able to view that activity. To control this sharing of information, please review the privacy policy of the relevant social media platform.
• Government entities/Law enforcement: We may share information when we believe in good faith that we are lawfully authorized or required to do so to respond to lawful subpoenas, warrants, court orders, or other regulatory or law enforcement requests, or where necessary to protect our property or rights or the safety of our employees, our customers, or other individuals.
• Security: Security of information communicated by or to us over the Internet is of utmost concern to us; however, no data transmission over the Internet can be guaranteed to be 100% secure. This Site incorporates physical, technical, and administrative safeguards to protect the security, integrity and privacy of the personal information we have collected. We have put in place precautions to protect information from loss, misuse and alteration, including Secure Socket Layer (SSL) technology and database encryption. Please do not use email to communicate information to us that you consider confidential. In addition, healthcare providers with whom you connect with through this Site may use a variety of physical, administrative, and technical measures to protect your personal information.

Additional Information About Our Data Collection and Sharing Practices

• Change of Ownership or Corporate Organization: As we continue to develop our business, we may buy, merge or partner with other companies or businesses, and in so doing, acquire customer information. In such transactions, user information may be among the transferred assets. Similarly, in the event that a portion or substantially all of Patient Ally's assets are sold or transferred to a third party, customer information (including Personally Identifiable Information) would likely be one of the transferred business assets. We cannot promise that an acquiring party or the merged entity will have the same privacy practices or treat your information the same as described in this Policy.
• External Links: This Site may provide links to various websites that we do not control. When you click on one of these links, you will be transferred out of this Site and connected to the website of the organization or company that you selected. We are not responsible for the nature, quality or accuracy of the content or opinions expressed on such websites, or of the services provided through such websites. Such websites are not investigated, monitored or checked for quality, accuracy or completeness by us. Inclusion of any linked website on this Site does not imply or express an approval or endorsement of the linked website by us, or of any of the content, opinions, products or services provided on these websites. Even if an affiliation exists between our Site and a third-party website, we exercise no control over linked sites. Each of these linked sites maintains its own independent privacy and data collection policies and procedures. While Patient Ally expects its partners and affiliates to respect the privacy of our users, Patient Ally cannot be responsible for the actions of third parties. If you visit a website that is linked to from our Site, we encourage you to consult that website's privacy policy before providing any personal information and whenever interacting with any website.
• ‍Cross Border Transfer of Information: This Site is controlled, operated, and administered entirely within the United States. If you use this Site outside of the United States, you understand that we may collect, process, and store your information in the United States. The laws in the U.S. regarding information may be different from the laws of your state or country. Any such transfers will comply with safeguards as required by relevant law.
• Data Retention: We may store information about you for as long as we have a legitimate business need for it.
• Information about children: The Services are intended for users age eighteen and older. We do not knowingly collect information from children. If we discover that we have inadvertently collected information from anyone younger than the age of 18, we will delete that information. Please contact us with any concerns.
• Sharing of Medical or Health Information: To the extent that we receive protected health information about you, that information is subject to electronic disclosure to the extent permitted by applicable law.
• Genetic Information: We also collect or process genetic information through genetic testing that is limited to individuals who voluntarily participate in such testing. The genetic information of our customers is collected, stored, and processed in accordance with relevant federal and state law. If you have any questions related to our practices, please contact us at the address below.

Your Options and Rights Regarding Your Information

• Your Account: Please visit the "Profile Page" under settings to update your information. For more information, please visit our FAQ Page.
• Email Unsubscribe: If you do not wish to receive marketing information from us or wish to opt out of future email promotions from us, please contact us. Please note that all promotional email messages you receive from us will include an option to opt out of future email communications.
• Ad Choices: You have options to limit the information that we and our partners collect for online advertising purposes.
• You may disable cookies in your browser or mobile device using their settings menus. Your mobile device may give you the option to disable advertising functionality. Because we use cookies to support Site functionality, disabling cookies may also disable some elements of our online properties.
• You may contact us directly.

If you delete your cookies, you may also delete your opt-out preferences.

Privacy Disclosures for Specific Jurisdictions

• Special Information for European Economic Area, United Kingdom, and Switzerland Residents
• We process "personal data," as that term is defined in the European Union's General Data Protection Regulation ("GDPR").
  
  Your rights under the GDPR: Users who are located in the European Economic Area ("EEA"), U.K., or Switzerland have the right to lodge a complaint about our data collection and processing actions with the supervisory authority concerned. Contact details for data protection authorities are available here: The European Data Protection Board.
  
  If you are located in the EEA, U.K., or Switzerland, you have the following rights.
• Access and Portability: Request access to personal data we hold about you or request transmission of your data to a third party.
• Correction: Request that we rectify inaccurate or incomplete personal data we store about you.
• Erasure: Request that we erase personal data when such data is no longer necessary for the purpose for which it was collected, when you withdraw consent and no other legal basis for processing exists, or when you believe that your fundamental rights to data privacy and protection outweigh our legitimate interest in continuing the processing.
• Restriction of processing: Request that we restrict our processing of personal data if there is a dispute about the accuracy of the data; if the processing is unlawful; if the processing is no longer necessary for the purposes for which it was collected but is needed by you for the establishment, exercise or defense of legal claims; or if your request to object to processing is pending evaluation.
• Objection to processing: Object to processing of your personal data based on our legitimate interests or for direct marketing (including profiling). We will no longer process the data unless there are compelling legitimate grounds for our processing that override your interests, rights, and freedoms, or for the purpose of asserting, exercising, or defending legal claims.
• Transfers: Obtain information about and a copy of the safeguards we use to transfer personal data across borders.
• Please contact us to exercise these rights.
• Special Information for California Residents
• Your California Privacy Rights; "Shine the Light" Law
  
  ‍Residents of the State of California have the right to request information regarding third parties to whom the company has disclosed certain categories of personal information during the preceding year for the third parties' direct marketing purposes. If you are a California resident and would like to make such a request, please email compliance@officeally.com or write to us at Office Ally, Inc., Attn: Privacy and Security Officer, P.O. Box 872020, Vancouver, WA 98687.
  
  ‍California Consumer Privacy Act
  
  ‍The California Consumer Privacy Act ("CCPA") provides California residents with rights to receive certain disclosures regarding the collection, use, and disclosure of information about them, as well as rights to know/access, delete, and limit disclosure of personal information. You have the right to be free from discrimination based on your exercise of your CCPA rights. To the extent that we collect personal information that is subject to the CCPA, that information, our practices, and your rights are described below.
  
  ‍Notice at Collection Regarding the Categories of Personal Information Collected
  
  ‍You have the right to receive notice of the categories of personal information we collect and the purposes for which we use personal information. The following table summarizes the categories of personal information we collect, the categories of sources of that information, and whether we disclose or sell that information to service providers or third parties, respectively. The categories we use to describe personal information are those enumerated in the CCPA. We collect this personal information for the purposes described in "how we use information."

• Entities to whom we disclose information for business purposes are service providers, which are companies that we engage to conduct activities on our behalf. We restrict service providers from using personal information for any purpose that is not related to our engagement.
  
  Entities to whom we "sell" information are third parties. Under the CCPA, a business "sells" personal information when it discloses personal information to a company for monetary or other benefit. A company may be considered a third party either because we disclose personal information to the company for something other than an enumerated business purpose under California law, or because its contract does not restrict it from using personal information for purposes unrelated to the service it provides to us.
  
  ‍Your rights under the CCPA
• Know and request access to and deletion of personal information: You have the right to request access to personal information collected about you and information regarding the source of that personal information, the purposes for which we collect it, and the third parties and service providers with to whom we sell or disclose it. You also have the right to request in certain circumstances that we delete personal information that we have collected directly from you. Please contact us to exercise these rights.
• Financial incentives
  
  ‍We may offer you the opportunity to participate in special promotions and programs from time to time. Your participation is voluntary. If we provide this offer, we will obtain your consent to collect your Personal Information in connection with your participation. The categories of Personal Information we collect is first and last name, phone number, email address, postal address, and health information, which we use to facilitate your participation in the program and to market to you. If we run the program jointly with a business partner, we may disclose the information to that business partner. You may opt into the program using the means we present to you, such as an online registration page, at the time we make the offer. You may opt out of the program at any time by contacting us at the address below. The program we offer may qualify as a financial incentive program (FIP) under California law. We are required to explain how the value you receive from FIPs is reasonably related to the value that we receive from the Personal Information you provide to us. We use the Personal Information you provide to directly market to you and offer referral programs. These activities generate revenue for us that we believe is reasonably related to the benefit you receive from participating in the incentive program. In disclosures to you regarding the incentive programs, we will explain our good faith estimate of the value of your Personal Information.
• Special Notice to Nevada Residents
• Residents of the State of Nevada have the right to opt out of the sale of certain pieces of their information to other companies who will sell or license their information to others. At this time, Patient Ally does not engage in such sales. If you are a Nevada resident and would like more information about our data sharing practices, please email compliance@officeally.com.

Making a request to exercise your rights

Submitting requests: You may request to exercise your rights by making a request using the contact information below. If you are a California resident, you may authorize another individual or a business registered with the California Secretary of State, called an authorized agent, to make requests on your behalf. We may have a reason under the law why we do not have to comply with your request, or why we may comply with it in a more limited way than you anticipated. If we do, we will explain that to you in our response.

‍Verification: We must verify your identity before responding to your request. We verify your identity by asking you to provide personal identifiers that we can match against information we may have collected from you previously. We may need to follow up with you to request more information to verify identity. We will not use personal information we collect in connection with verifying or responding to your request for any purpose other than responding to your request.

Modifications to Privacy Policy

We may make changes to this Policy from time to time. The "Effective Date" at the top of this page indicates when this Privacy Policy was last revised. We may also notify you in other ways from time to time about the collection, use, and disclosure of your personal information described in this Policy.

Contact

We welcome your questions, comments and all feedback pertaining to your privacy or any other issue with regard to this Site.
You may contact us at:

Office Ally, Inc.
Attn: Privacy and Security Officer
P.O. Box 872020
Vancouver, WA 98687

‍360-975-7004
‍Email: compliance@officeally.com