Information Gathering and Usage
User Account and Data Privacy
• Each organization subscribing for the Anteo Sites and the Services will have access to an “Admin Account” through which a person designated by the organization may monitor aggregated data produced by the collective usage of those within the organization. No data visible on the Admin Account is attached to any individual user account. Only certain types of data are presented to the Admin Account and only in aggregated form for the entire organization or in aggregated form for user accounts associated with individual Anteo Providers. It is the responsibility of each individual user to protect the privacy of all personal information entered on the Anteo Sites by never sharing individual account information, usernames or passwords with other individuals.
At no time will Anteo or any employee of Anteo share, sell or otherwise distribute individual user data or personal information that can be reasonably identified with a specific user account without the prior consent of the individual user. We may choose to aggregate and redistribute data without providing information identifying specific subscribing organizations, companies or individual users without prior consent.
Use of Contact Information
We may use your email address to send you information about our Services or to market to you. You may unsubscribe from these messages by following the instructions contained within the messages or the instructions on the Anteo Sites. If you email us with a request or question or have provided us with your email address, we may keep your message, email address and contact information to respond to your request or otherwise follow up with you.
No Public Sharing of Your Data
We do not allow the public to see your personal information.
If you accept an invitation from a Care Provider or select one as your health provider, the Anteo Provider will be able to access to all data and information that exists under your account. The Care Provider will also be able to send private messages to you. The Care Provider has agreed to keep your data and information confidential and not use it for any purpose other than to provide you individualized advice and services, but we cannot provide any assurances that any Care Provider will in fact do so. We are not required to litigate or otherwise pursue any wrongful disclosure of your data and information. To the extent that any of your data or information contains protected health information, you hereby expressly consent to the disclosure of such protected health information when you accept an invitation from a Care Provider or select on through the Anteo app.
We use third party vendors and hosting partners to provide the necessary hardware, software, networking, storage, and related technology required to run our services. We do not transfer ownership of any code, databases, Website rights or data to any third-party vendors or hosting partners.
Log Data and Links
When you visit our Website, our servers automatically record information ("Log Data") created by your visit to and use of the Anteo Sites and the Services. Log Data may include information such as your IP address, browser type, the referring domain, pages visited and order of visit, search terms used and other historical data. We may keep track of how you interact with links across the Anteo Sites and the Services. We do this to help improve our Website and the Services, including the advertising on our Website and through our Services. We may share the Log Data in the form of aggregate click statistics, such as how many times a particular link was clicked on, without any personally identifiable information, with third parties.
In addition to Log Data, we may also collect information about the device you are using when accessing the Products, including what type of device it is, what operating system you are using, device settings, unique device identifiers, and crash data. Whether we collect some or all of this information often depends on what type of device you are using and its settings. To learn more about what information your device makes available to us, please also check the policies of your device manufacturer or software provider.
Third Party Services
We may use a variety of services offered by third parties to help maintain and improve our Website, to help us understand the use of our Website and Services, or simply to provide the Services. These services may store both personally identifiable information about you which we collect and the information sent by your browser as part of a web page request, such as cookies or your IP address. If any third parties are given access to your personally identifiable information, we will limit the use of such personally identifiable information only to provide the services to us which we have requested.
Policy Towards Children
Neither the Anteo Sites nor the Services are directed to people under the age of 13. If you become aware that your child has provided personally identifiable information, please contact us at firstname.lastname@example.org. We do not knowingly permit children under 13 to use our Website or Services or collect personally identifiable information from children under 13. If we become aware that a child under 13 has provided us with personally identifiable information, we will take steps to remove such information and terminate the child's account.
Information Security, Retention, and Data Integrity
We take reasonable security measures to protect against unauthorized access to or unauthorized alteration, disclosure or destruction of data. These include firewalls and encryption, internal reviews of our data collection, storage and processing practices and security measures, as well as physical security measures to guard against unauthorized access to systems. Our software code and all data and information reside on servers that comply with the requirements of the Health Insurance Portability and Accountability Act of 1996. In addition, our software code resides on one set of servers and all data and information reside on a separate set of servers. We restrict access to personal information to our employees, contractors and agents who need to know that information in order to operate, develop or improve our Services. These individuals are bound by confidentiality obligations and may be subject to discipline, including termination, if they fail to meet these obligations. However, we are unable to guarantee that the security measures we take will not be penetrated or compromised or that your information will remain secure under all circumstances.
Transfer of Information on Sale and for Legal Compliance
The Website and Services are hosted in the United States. If you access the Anteo Sites or Services from the European Union, Asia, or any other region with laws or regulations governing personal data collection, use, and disclosure that differ from United States laws, please be advised that through your continued use of the Anteo Sites or Services, you are transferring your personal information to the United States and you consent to that transfer. Additionally, you understand that your personal information may be processed in countries (including the United States) where laws regarding processing personal information may be less stringent than in your country.
Legal Basis for Processing Personal Data under GDPR
We may process Personal Data under the following conditions:
Consent: You have given Your consent for processing Personal Data for one or more specific purposes.
Performance of a contract: Provision of Personal Data is necessary for the performance of an agreement with You and/or for any pre-contractual obligations thereof.
Legal obligations: Processing Personal Data is necessary for compliance with a legal obligation to which the Company is subject.
Vital interests: Processing Personal Data is necessary in order to protect Your vital interests or of another natural person.
Public interests: Processing Personal Data is related to a task that is carried out in the public interest or in the exercise of official authority vested in the Company.
Legitimate interests: Processing Personal Data is necessary for the purposes of the legitimate interests pursued by the Company.
In any case, the Company will gladly help to clarify the specific legal basis that applies to the processing, and in particular whether the provision of Personal Data is a statutory or contractual requirement, or a requirement necessary to enter into a contract.
Your Rights under the GDPR
The Company undertakes to respect the confidentiality of Your Personal Data and to guarantee You can exercise Your rights.
Request access to Your Personal Data. The right to access, update or delete the information We have on You. Whenever made possible, you can access, update or request deletion of Your Personal by contacting us at email@example.com. This also enables You to receive a copy of the Personal Data We hold about You.
Request correction of the Personal Data that We hold about You. You have the right to to have any incomplete or inaccurate information We hold about You corrected.
Object to processing of Your Personal Data. This right exists where We are relying on a legitimate interest as the legal basis for Our processing and there is something about Your particular situation, which makes You want to object to our processing of Your Personal Data on this ground. You also have the right to object where We are processing Your Personal Data for direct marketing purposes.
Request erasure of Your Personal Data. You have the right to ask Us to delete or remove Personal Data when there is no good reason for Us to continue processing it.
Request the transfer of Your Personal Data. We will provide to You, or to a third-party You have chosen, Your Personal Data in a structured, commonly used, machine-readable format. Please note that this right only applies to automated information which You initially provided consent for Us to use or where We used the information to perform a contract with You.
Withdraw Your consent. You have the right to withdraw Your consent on using your Personal Data. If You withdraw Your consent, We may not be able to provide You with access to certain specific functionalities of the Service.
Exercising of Your GDPR Data Protection Rights
You may exercise Your rights of access, rectification, cancellation and opposition by contacting Us. Please note that we may ask You to verify Your identity before responding to such requests. If You make a request, We will try our best to respond to You as soon as possible. You have the right to complain to a Data Protection Authority about Our collection and use of Your Personal Data. For more information, if You are in the European Economic Area (EEA), please contact Your local data protection authority in the EEA.
Your Rights under the CCPA
The right to notice. You must be properly notified which categories of Personal Data are being collected and the purposes for which the Personal Data is being used.
The right to access / the right to request. The CCPA permits You to request and obtain from the Company information regarding the disclosure of Your Personal Data that has been collected in the past 12 months by the Company or its subsidiaries to a third-party for the third party's direct marketing purposes.
The right to know about Your Personal Data. You have the right to request and obtain from the Company information regarding the disclosure of the following:
The categories of Personal Data collected
The sources from which the Personal Data was collected
The business or commercial purpose for collecting or selling the Personal Data
Categories of third parties with whom We share Personal Data
The specific pieces of Personal Data we collected about You
The right to delete Personal Data. You also have the right to request the deletion of Your Personal Data that have been collected in the past 12 months.
The right not to be discriminated against. You have the right not to be discriminated against for exercising any of Your Consumer's rights, including by:
Denying goods or services to You
Charging different prices or rates for goods or services, including the use of discounts or other benefits or imposing penalties
Providing a different level or quality of goods or services to You
Suggesting that You will receive a different price or rate for goods or services or a different level or quality of goods or services.
Exercising Your CCPA Data Protection Rights
In order to exercise any of Your rights under the CCPA, and if you are a California resident, You can email or call us. The Company will disclose and deliver the required information free of charge within 45 days of receiving Your verifiable request. The time period to provide the required information may be extended once by an additional 45 days when reasonable necessary and with prior notice.
Sale Of My Personal Information
We do not sell personal information.
"Do Not Track" Policy as Required by California Online Privacy Protection Act (CalOPPA)
Our Service does not respond to Do Not Track signals. However, some third party websites do keep track of Your browsing activities. If You are visiting such websites, You can set Your preferences in Your web browser to inform websites that You do not want to be tracked. You can enable or disable DNT by visiting the preferences or settings page of Your web browser.
Our Service does not address anyone under the age of 13 without parental consent. We do not knowingly collect personally identifiable information from anyone under the age of 13 without parental consent. If You are a parent or guardian and You are aware that Your child has provided Us with Personal Data, please contact Us. If We become aware that We have collected Personal Data from anyone under the age of 13 without verification of parental consent, We take steps to remove that information from Our servers. We also may limit how We collect, use, and store some of the information of Users between 13 and 18 years old. In some cases, this means We will be unable to provide certain functionality of the Service to these users. If We need to rely on consent as a legal basis for processing Your information and Your country requires consent from a parent, We may require Your parent's consent before We collect and use that information.
Your California Privacy Rights (California Business and Professions Code Section 22581)
California Business and Professions Code section 22581 allow California residents under the age of 18 who are registered users of online sites, services or applications to request and obtain removal of content or information they have publicly posted.
To request removal of such data, and if you are a California resident, You can contact Us using the contact information provided below, and include the email address associated with Your account.
Be aware that Your request does not guarantee complete or comprehensive removal of content or information posted online and that the law may not permit or require removal in certain circumstances.