Vitality Weight Loss Solutions V Logo
Book a Consult

Vitality Weight Loss Solutions Privacy Policy

TELEMEDICINE HIPAA NOTICE OF PRIVACY PRACTICES 

THIS NOTICE DESCRIBES HOW YOUR MEDICAL INFORMATION MAY BE USED AND DISCLOSED AND HOW YOU CAN GET ACCESS TO THIS INFORMATION. 

Please review it carefully. 

This Telemedicine Notice of Privacy Practices (“Notice”) is being provided to you by Vitality Weight Loss Solutions (the “Company”). It contains important information regarding your medical information you also have the right to receive a paper copy of this Notice and may ask us to give you a copy of this Notice at any time. If you received this Notice electronically, you are still entitled to a paper copy of this Notice upon your request. You can access a paper copy of our current notice from our Privacy Officer at 864-737-1213 or on our website at VitalityWLS.com. This privacy policy applies to our website, Vitality Weight Loss Solutions’ application, and associated APIs, websites and services (each a “Site”, “Service”, or “Mobile App” or collectively, the “Services”), owned and controlled by Company. The Health Insurance Portability and Accountability Act of 1996 (“HIPAA”) imposes numerous requirements on health care practices such as ours, defined as Covered Entities, regarding how certain individually identifiable health information, known as protected health information (“PHI”) may be used and disclosed. We understand that medical information about you and your health is personal. We are committed to protecting medical information about you and will use it to the minimum necessary to accomplish the intended purpose of use, disclosure, or request of it. As required by law, this notice provides you with information about your rights and our legal duties and privacy practices with respect to the privacy of PHI. This notice also discusses the uses and disclosures we may make of your PHI. We must comply with the provisions of this notice as currently in effect, although we reserve the right to change the terms of this Notice from time to time and to make the revised notice effective for all PHI we maintain. 

INFORMATION WE COLLECT ABOUT YOU 

We may collect Personal Information, Usage and Device Information (collectively, “information”, defined in detail below) about you in connection with your (or your organization’s) use of our Services that link to this Privacy Policy. When you use our Services, we collect the following types of information.

INFORMATION YOU PROVIDE US (“PERSONAL INFORMATION”)

ACCOUNT INFORMATION

Some information is required to create an account on Services, such as your: 

  •  name 
  •  email address
  •  password
  •  phone number 
  •  address 

You provide this information to us directly by completing fillable webforms on the Services and submitting the information to us. 

ADDITIONAL INFORMATION

To help improve your experience or enable certain features of the Services, you may choose to provide us with additional information, such as

  • ID information 
  • profile information (such as a biography), 
  • country information, 
  • date of birth, 
  • demographic information (such as date of birth gender, height, weight and geographical 
  • residence location), 
  • test results as provided by third parties, 
  • additional health and medical information and logs, 
  • community or social media username, and 
  • messages and media on discussion boards or to your social contacts on the Services.

If you contact us or participate in a survey, contest, or promotion, we collect the information you submit directly from you such as your name, email address, contact information, and message.

INFORMATION FROM THIRD-PARTY SERVICES

If you choose to connect your account on our Services to your account on another service, we may receive information from the other service. For example, if you connect to Facebook or Google, we may receive information like your name, profile picture, age range, language, email address and friend list.You may also choose to grant us access to your personal information such as activity data or health data from other services. You can stop sharing the information from the other services with us by removing our access to each other service. However, we will store historical data that has already been collected unless you opt-out. 

INFORMATION PROVIDED BY OTHER INDIVIDUALS

While using our Services, individuals may provide information about another individual, or an authorized user (such as an account administrator) creating an account on your behalf may provide information about You. When one individual provides us with information (including personal information) about another individual, we assume that the individual has permission and authority to do so and to consent on behalf of that individual to the collection and use of personal information as described in this Privacy Policy. Please contact us immediately if you become aware of an individual providing us with personal information about another individual without being authorized to do so, and we will act consistently with this Privacy Policy.

PAYMENT AND CARD INFORMATION

Some Company Services support payments and transactions with third parties. We do not store your payment information. We use a third-party service provider to manage payment card processing. Note that third-party payment processors may retain this information in accordance with their own privacy policies and terms. This service provider is not permitted to store, retain or use information you provide except for the sole purpose of credit card processing on our behalf.

INFORMATION WE RECEIVE FROM YOUR USE OF OUR SERVICES 

USAGE AND DEVICE INFORMATION 

When you use our Services, we receive certain usage data (“Usage and Device Information”). This includes information about your interaction with the Services, for example, when you view or search content, install or open applications or software, create or log into your account, import data into your account, or integrate a third-party service to your account.We may also collect data about the devices and computers you use to access our Services, including IP addresses, browser type, language, operating system, or mobile device information (including device and application identifiers), the referring web page, pages visited, location (depending on the permissions you have granted us), and cookie information.

HEALTH AND OTHER CATEGORIES OF PERSONAL DATA 

To the extent that information we collect directly from you or pulled from your connected EHR is health data or another special category of sensitive personal data subject to the European Union’s General Data Protection Regulation (“GDPR”), we ask for your explicit consent to process such sensitive personal data. We obtain this consent separately when you take actions leading to our obtaining the data, for example, when you enter in health survey data or grant us access to your health or activity data from another service. You can use your account settings or contact us to withdraw your consent at any time by requesting deletion your data or closing your account.However, if we are acting as a service provider (a “Data Processor”) processing your personal information on behalf of a third party that has collected such data from you, and such third party is the party that has the right to determine the purposes for which it will process your personal information and the means it will use to process your personal information (the “Data Controller”), then such Data Controller has the legal obligation to ask for your explicit consent to process your sensitive personal data (including health data), and we are not responsible for obtaining such consent from you. In such a scenario, the Data Controller may have their own, separate policies regarding the use and disclosure of your personal information, including any sensitive personal data you provide to such Data Controller. In such a scenario, this Privacy Policy does not apply to, we cannot control the activities of, and we are not responsible for the activities of the applicable Data Controller generally; this Privacy Policy only applies to our processing of your personal information that we, as a Data Processor, have been asked to process on behalf of the applicable Data Controller. We encourage you to review such Data Controller’s privacy policy and/or contact the applicable Data Controller for more information about the policies that apply to their use and disclosure of your personal information, including any sensitive personal data.

YOUR RIGHTS 

When it comes to your Information, you have certain rights. This section explains your rights and some of our responsibilities to help you. 

  • Get an electronic or paper copy of your medical record. You can ask for an electronic or paper copy of your medical record by contacting us at info@vitalitywls.com or by phone at 864-737-1213. We will provide you a copy of your health information, usually within 30 days of your request. We may charge a reasonable, cost-based fee. 
  •  Ask us to correct your medical record. You can ask us to correct health information about you that you think is incorrect or incomplete. We may say “no” to your request, but we’ll tell you in writing within 60 days. 
  • Request confidential communications. You can ask us to contact you in a specific way or to send mail to a different address. We will say “yes” to all reasonable requests.
  •  Ask us to limit what we use or share. You can as us not to use or share certain PHI for treatment, payment, or our operations. We are not required to agree to your request, and we may say “no” if it would affect your care. 
  • Get a list of those with whom we’ve shared information. You can ask for an accounting of times we’ve shared your health information for six years prior to the date you ask. We will include all the disclosures except those about treatment, payment, and health care operations, and other certain disclosures (such as any you asked us to make). 
  •  Choose someone to act for you. If you have given someone medical power of attorney or if someone is your legal guardian, that person can exercise your rights and make choices about your Information. We will make sure the person has this authority and can act for you before taking any action. 
  •  File a complaint if you feel we have violated your rights. Contact us at info@vitalitywls.com or file a complaint with the U.S. Department of Health and Human Services for Civil Rights by visiting www.hhs.gov/ocr/privacy/hipaa/complaints. We will not retaliate against you for filing a complaint. 

YOUR CHOICES 

For certain Information, you can tell us your choices about what we share. If you have a clear preference for how we share your Information in the situations described below, talk to us. 

  • In the following cases, you have both the right and choice to tell us to: 
      • Share your Information with your family, close friends, or others involved in your care 
      • Share Information in a disaster relief situation 
  • In these cases we never share your Information unless you give us written permission: 
  •  Sale of your Information 

OUR USES AND DISCLOSURES. 

We typically use or share your Information in the following ways. 

  • Treatment. We can use your Information and share it with other professionals who are treating you. 
  • Payment. We can use and share your Information to bill and get payment for your services. 
  • Run our organization. We can use and share your Information to run our practice, improve your care, and contact you when necessary. 
  • Customer Support. We can use your Information to respond to inquiries and provide customer support and technical assistance. 
  • Marketing. We may use your Information to improve, develop, provide content for, operate, deliver, and market our services or to implement social networking features. 
  • Third Parties. We may share your information with our business units, affiliates, subsidiaries, business partners, service providers and/or your representatives, in order to provide or improve our Services to you. We may use your information to help you connect with third parties. We do not share information with third parties so that they can independently market their own products or services to you unless you have chosen to engage with that third party. We will never sell your Personal Information to any third party. 
  • Compliance. We may use your Information to comply with our Company policies and procedures and with applicable law
  • HIPPA. If applicable to you, you acknowledge that you have signed a valid HIPAA authorization (the “HIPAA Authorization”) with your health care provider. With this HIPAA Authorization, we may share certain information with your electronic health record (“EHR”) and those parties that have access to your EHR in order to provide or improve our Services to you. 
  • Data Analysis. Me may use your information to monitor and analyze trends, usage and activities in connection with our Services; to calculate metrics in the Application such as for accounting, record keeping, backup, and administrative purposes. 
  • Communication. Including responding to your comments, questions and requests regarding our Services as well as to process and complete transactions, and send you related information, including alerts and notifications about your service, purchase confirmations and invoices. 
  • Improve, personalize, and develop the services. For example, we use the information to troubleshoot and protect against errors; perform data analysis and testing; conduct research and surveys and develop new features and Services. We may use the information collected about you and your use of the Services to provide you with generalized health and wellness notifications and information that may be of interest to you. 
  • Promote safety and security. We use the information we collect to promote the safety and security of the Services, our users and other parties. For example, we may use the information to authenticate users; to facilitate secure payments; to respond to a legal request or claim, conduct audits, and enforce our terms and policies; to investigate and protect against fraud, malicious or unauthorized access, and other illegal activities; and to demonstrate and verify compliance with our internal policies and procedures, and applicable privacy and data security laws and regulations, such as HIPAA and GDPR.
  • In connection with a merger, acquisition, or sale of our assets. We may disclose your personal information to a buyer or other successor to our business in the event of a sale of equity or assets, reorganization, merger or a similar corporate transaction and any due diligence review with respect to any such proposed transaction. If we are involved in such a transaction or related due diligence activities, we will continue to take measures to protect the confidentiality of personal information and give affected users notice for the transferring of any personal information to a new entity. 
  • No sales of personal information. We do not sell your personal information to third parties (within the meaning provided in the California Consumer Privacy Act of 2018) and will not do so in the future without separately obtaining your prior express consent.

 We are allowed or required to share your Information in other ways. 

  • Help with public health and safety issues Respond to lawsuits and legal actions. 
  • Do research 
  • Comply with the law 
  • Address workers’ compensation, law enforcement, and other government requests. 

Use and disclosure of de-identified information. 

  • “De-identified” means that we have removed, or rendered unreadable through complex computational algorithms, your personally-identifiable information, such as your name, address, or birthdate. We may use de-identified information that we have obtained from our Services for various purposes, including for example: 
  • In accordance with regulatory requirements, we may de-identify, store and use your information for internal quality control, validation and research and development. This is important for Company to maintain high quality Services. We may use deidentified information as permitted by law.
  • We may use or disclose de-identified information for general research and communications purposes. This may include analysis of this information to communicate observations and learnings, for example in the case of aggregated data. This may also include research collaborations with third parties, such as universities, hospitals or other laboratories, in which we utilize de-identified clinical cases, at the individual level or in the aggregate, in accordance with our study protocols, and we may present or publish such information. This may also include commercial collaborations with private companies for purposes such as to determine the prevalence of particular disorders or variants among the patients we have tested, or to determine whether any of the patients we have tested might be suitable for potential recruitment for research, clinical trials, or clinical care. 
  • We use cookies and similar technologies for the purposes described above.
  • For personal data subject to the GDPR, we rely on several legal bases to process the data. These include when you have given your consent, which you may withdraw at any time using your account settings and/or other tools; when the processing is necessary to perform a contract with you, like the Terms of Service; and our legitimate business interests, such as in improving, personalizing, and developing the Services, marketing new features or products that may be of interest, and promoting safety and security as described above.

OUR RESPONSIBILITIES. 

  • We are required by law to maintain the privacy and security of your protected health information. 
  • We will let you know promptly if a breach occurs that may have compromised the privacy or security of your Information. 
  • We must follow the duties and privacy practices described in this notice and give you a copy of it. 
  • We will not use or share your Information other than as described here unless you tell us we can in writing. If you tell us we can, you may change your mind at any time. Let us know in writing if you change your mind. 

RETENTION OF YOUR INFORMATION

We keep your account information, like your name, email address, and password, for as long as your account is in existence because we need it to operate your account. In some cases, when you give us information for a feature of the Services, we delete the data after it is no longer needed for the feature. We keep your account data until you use your account settings or tools to delete the data or your account because we use this data to provide you Services. We also keep information about you and your use of the Services for as long as necessary for our legitimate business interests, for legal reasons, and to prevent harm, including as described in the Our Uses And Disclosures section. 

NOTICE REGARDING USE OF TECHNOLOGY. 

We may use electronic software, services, and equipment, including without limitation email, video conferencing technology, cloud storage and servers, internet communication, cellular network, voicemail, facsimile, electronic health record, and related technology to share PHI with you or third parties subject to the rights and restrictions contained herein. We will take measures to safeguard the data transmitted, as well as ensure its integrity against intentional or unintentional breach or corruption. 

SECURITY OF YOUR INFORMATION 

We work hard to keep your data safe. We use a combination of technical, administrative, and physical controls to protect the confidentiality, integrity and availability of your data. No method of transmitting or storing data is completely secure, however.If you have a security-related concern, please contact us. 

COOKIES AND SIMILAR TECHNOLOGIES 

We may use “cookies” and similar technologies to help deliver our Services. This technology may involve placing small files/code on your device or browser that serve a number of purposes, such as remembering your preferences and to offer you a more personalized user experience. On your computer, you may refuse to accept browser cookies by activating the appropriate setting on your browser, and you may have similar capabilities on your mobile device in the preferences for your operating system or browser. However, if you select this setting, you may be unable to access or use certain parts of our Platform or the Services. Unless you have adjusted your browser or operating system setting so that it will refuse cookies, our system will issue cookies when you direct your browser to our Platform. 

MARKETING ANALYTICS AND COMMUNICATIONS 

We work with partners who provide us with marketing analytics and communication services. This includes helping us understand how users interact with our Services, communicating with you about our Services and features, and measuring the performance of those communications. These companies may use cookies and similar technologies to collect information about your interactions with the Services and other websites and applications.

LINKS TO OTHER WEBSITES 

Our Sites may contain links to other websites or services that are not owned or controlled by Company, including links to websites of our sponsors and partners. This Privacy Policy only applies to information collected by our Services. We have no control over these third party websites, and your use of third party websites and features are subject to privacy policies posted on those websites. We are not responsible or liable for the privacy or business practices of any third-party websites linked to our Services. Your use of third parties’ websites linked to our Services is at your own risk, so we encourage you to read the privacy policies of any linked third-party websites when you leave one of our Services.

OUR POLICIES FOR CHILDREN 

Our Sites and Mobile Apps are directed toward adults. If you are under the age of 18, or if you otherwise are not of legal age to form a binding contract in your jurisdiction of residence, you must obtain the authorization of a responsible adult (parent or legal custodian) before using or accessing our Sites and Mobile Apps. We will not knowingly collect or use any personal information from any children under the age of 16. Such persons are prohibited from using our Sites and Mobile Apps. If we become aware that we have collected any personal information from children under 16, we will promptly remove such information from our systems. 

CHANGES TO THIS PRIVACY POLICY

We periodically update this Privacy Policy. We will post any privacy policy changes on this page and, if the changes are significant, we will provide a more prominent notice by sending you notification by email or notification alert within our Services.While we will notify you of any significant, material changes to this Privacy Policy, we encourage you to review this Privacy Policy periodically. We will also keep prior versions of this Privacy Policy in an archive for your review. 

Notice effective July 7, 2024.