USER PRIVACY

Privacy Policy of Atana, Inc.

Last updated May 15, 2019.

Our company is dedicated to protecting the privacy of patients that use our products. We are committed to protecting your privacy and we take great care with your personal information. This policy will help you understand how we use and protect your data. If you have any questions, feel free to contact us at atana.io. Thank you so much for choosing Atana.

Effective Date: May 15th, 2019

BY ACCESSING OR USING THE SERVICES, YOU AGREE TO THE PRACTICES AND POLICIES OUTLINED IN THIS PRIVACY POLICY AND YOU HEREBY CONSENT TO THE COLLECTION, USE, AND SHARING OF YOUR INFORMATION AS DESCRIBED IN THIS PRIVACY POLICY. IF YOU DO NOT AGREE WITH THIS PRIVACY POLICY, YOU CANNOT USE THE SERVICES. IF YOU USE THE SERVICES ON BEHALF OF SOMEONE ELSE (SUCH AS YOUR CHILD) OR AN ENTITY (SUCH AS YOUR EMPLOYER), YOU REPRESENT THAT YOU ARE AUTHORIZED BY SUCH INDIVIDUAL OR ENTITY TO ACCEPT THIS PRIVACY POLICY ON SUCH INDIVIDUAL’S OR ENTITY’S BEHALF.

1. Introduction

Atana, Inc. (“us,” “we,” or “Atana”) is committed to respecting the privacy rights of our customers, visitors, and other users of Atana.io (the “Site”) and related websites, applications, services and mobile applications provided by Atana and on/in which this Privacy Policy is posted or referenced (collectively, the “Services”). We created this Privacy Policy (“Privacy Policy”) to give you confidence as you use the Services and to demonstrate our commitment to the protection of privacy. This Privacy Policy covers our practices with respect to personally identifiable information (“Personal Information”) that we gather when you use our Services. This Privacy Policy does not apply to any other web service or digital service that you may be able to access through the Services or any web service or digital services of Atana’s business partners, each of which have data collection, storage and use practices and policies that may differ from this Privacy Policy.

Remember that your use of the Services is at all times subject to the Agreement (as the term “Agreement” is defined in our Terms of Use), which incorporates this Privacy Policy. Any capitalized term used but not defined in this Privacy Policy shall have the meaning in the Agreement.

2. Information We Collect

Some of the Services require us to learn more about you so that we can best meet your needs.

2.1 Personal Information We Collect Directly From You

We receive Personal Information directly from you when you voluntarily provide us with such Personal Information, including, without limitation, the following:

(1) contact data (such as your e-mail address and phone number);

(2) demographic data (such as your gender, your date of birth and your zip code);

(3) insurance data (such as your insurance carrier, insurance plan, member ID, group ID and payer ID);

(4) medical data (such as the doctors, dentists or other healthcare specialists, professionals, providers, organizations, or agents or affiliates thereof (collectively, “Healthcare Providers”) you have visited, your reasons for visit, your dates of visit, your medical history, and other medical and health information you choose to share with us); and

(5) other identifying information that you voluntarily choose to provide to us, including without limitation unique identifiers such as passwords, and Personal Information in emails or letters that you send to us.

We may also collect additional information, which may be Personal Information, as otherwise described to you at the point of collection or pursuant to your consent. You may still access and use some of the Services if you choose not to provide us with any Personal Information, but features of the Services that require your Personal Information will not be accessible to you.

2.2 Billing, Collection and Payment Information
2.3 Information From Third Party Sources

Some third parties, such as our business partners and service providers, provide us with Personal Information about you, such as the following:

2.4 Information we automatically collect when you use our Services

Some information, which may include Personal Information, is automatically collected when you use our Services, such as the following:

2.5 HIPAA and PHI

Under a federal law called the Health Insurance Portability and Accountability Act (“HIPAA”), some demographic, health and/or health-related information that Zocdoc collects as part of providing the Services may be considered “protected health information” or “PHI.” Specifically, when Atana receives identifiable information about you from or on behalf of your Healthcare Providers, this information is considered PHI.

HIPAA provides specific protections for the privacy and security of PHI and restricts how PHI is used and disclosed. Zocdoc may only use and disclose your PHI in the ways permitted by your Healthcare Provider(s). In addition, you may be asked to e-sign the Atana authorization (the “Atana Authorization”). Your decision to e-sign the Atana Authorization is entirely voluntary. If you choose to e-sign the Atana Authorization, you agree that Atana may use and disclose your PHI in the same way it uses and discloses your Personal Information that is not PHI. These uses and disclosures are described in this Privacy Policy. To the extent any provision in the Atana Authorization is inconsistent with this Privacy Policy or other provisions of the Agreement, then the provision in the Atana. Authorization only controls with respect to your PHI. If you do not e-sign the Atana Authorization, then your Personal Information that is not PHI is governed by this Privacy Policy and your Personal Information that is PHI is used and disclosed only as permitted by your Healthcare Provider(s).

3. How We Collect Information

We collect information (including Personal Information and Traffic Data) when you use and interact with the Services, and in some cases from third party sources. Such means of collection include:

4. Tracking Tools, Behavioral Advertising, and Opt Out Options

4.1. Tracking Tools

We may use tools outlined below in order to provide our Services to, advertise to, and to better understand users.

Some cookies are placed by a third party on your device and provide information to us and third parties about your browsing habits (such as your visits to our Services, the pages you have visited, and the links and advertisements you have clicked). These cookies can be used to determine whether certain third party services are being used, to identify your interests, and to serve advertisements relevant to you. We do not control third party cookies.

4.2. Behavioral Advertising

We may use a type of advertising commonly known as interest-based or online behavioral advertising. This means that some of our partners use Tracking Tools, such as cookies, pixel tags, and web beacons, to collect information about a user’s online activities to display Atana ads to the user based on the user’s interests (“Behavioral Advertising”). Such partners may include third-party service providers, advertisers, advertising networks or platforms, traffic measurement service providers, marketing analytics service providers, and other third party service providers (collectively, “Advertising Service Providers”). Other Tracking Tools used by our partners may collect information when you use the Services, such as IP address, mobile device ID, operating system, browser, web page interactions, geographic location and demographic information, such as gender and age range. These Tracking Tools help Atana learn more about our users’ demographics and internet behaviors.

4.3. Options for Opting out of Cookies and Mobile Device Identifiers

Some web browsers allow you to reject cookies or to alert you when a Cookie is placed on your computer, tablet or mobile device. You may be able to reject mobile device identifiers by activating the appropriate setting on your mobile device. Although you are not required to accept Atana’s cookies or mobile device identifiers, if you block or reject them, you may not have access to all features available through the Services.

This Privacy Policy does not cover the use of cookies and other Tracking Tools by any third parties, and we aren’t responsible for their privacy policies and practices. Please be aware that some cookies placed by third parties can continue to track your activities online even after you have left our Services.

4.4. How Atana Responds to Browser “Do Not Track” (DNT) Signals

Some web browsers (including Safari, Internet Explorer, Firefox and Chrome) incorporate a “Do Not Track” (DNT) or similar feature that signals to web services that a visitor does not want to have his/her online activity and behavior tracked. If a web service operator elects to respond to a particular DNT signal, the web service operator may refrain from collecting certain Personal Information about the browser’s user. Not all browsers offer a DNT option and there is currently no industry consensus as to what constitutes a DNT signal. For these reasons, many web service operators, including Atana, do not proactively respond to DNT signals. For more information about DNT signals, visit http://allaboutdnt.com.

5. How We Use Your Information

We may use information that is neither Personal Information nor PHI (including non-PHI Personal Information that has been de-identified and/or aggregated) to better understand who uses Atana and how we can deliver a better healthcare experience (for example, testing different kinds of emails has helped us understand when and how patients prefer to get Wellness Reminders for preventive care), or otherwise at our discretion.

We use information, including Personal Information, to provide the Services and to help improve the Services, to develop new services, and to advertise (for example, to display Atana ads on other web services). Specifically, such use may include:

6. How We Share Your Information

In certain circumstances, and in order to perform the Services, we may share certain information that we collect from you, as described in this section:

7. Storage and Security of Information

The security of your Personal Information is important to us. We endeavor to follow generally accepted industry standards to protect the Personal Information submitted to us, both during transmission and in storage. For example, when you enter sensitive information on our Site, we encrypt that information using Secure Socket Layer (SSL) technology.

We store and process your information on our servers in the United States and abroad. We maintain industry standard backup and archival systems.

Your account is protected by a password for your privacy and security. If you access your account via a third party site or service, you may have additional or different sign-on protections via that third party site or service. You must prevent unauthorized access to your account and Personal Information by selecting and protecting your password and/or other sign-on mechanism appropriately, and limiting access to your computer or device and browser by signing off after you have finished accessing your account.

Although we make good faith efforts to store Personal Information in a secure operating environment that is not open to the public, we do not and cannot guarantee the security of your Personal Information. If at any time during or after our relationship we believe that the security of your Personal Information may have been compromised, we may seek to notify you of that development. If a notification is appropriate, we will endeavor to notify you as promptly as possible under the circumstances. If we have your e-mail address, we may notify you by e-mail to the most recent e-mail address you have provided us in your account profile. Please keep your e-mail address in your account up to date. You can update that e-mail address anytime in your account profile. If you receive a notice from us, you can print it to retain a copy of it. To receive these notices, you must check your e-mail account using your computer or mobile device and email application software. __You consent to our use of e-mail as a means of such notification. If you prefer for us to use the U.S. Postal Service to notify you in this situation, please e-mail us [email protected]. __Please include your address when you submit your request. You can make this election any time, and it will apply to notifications we make after a reasonable time thereafter for us to process your request. You may also use this e-mail address to request a print copy, at no charge, of an electronic notice we have sent to you regarding a compromise of your Personal Information.

8. Your Choices

You can always opt not to disclose information to us, but keep in mind some information may be needed to register with us or to take advantage of some of our features.

If you are a registered user of the Services, you can modify certain Personal Information or account information by logging in and accessing your account. The information you can view, update, and delete may change as the Services change.

If you wish to close your account, please email us at [email protected] Atana will use reasonable efforts to promptly delete your account and the related information. Please note, however, that Zocdoc reserves the right to retain information from closed accounts, including to comply with law, prevent fraud, resolve disputes, enforce the Agreement and take other actions permitted by law.

You must promptly notify us if any of your account data is lost, stolen or used without permission.

9. How Long We Retain Your Information

We retain Personal Information about you for as long as you have an open account with us or as otherwise necessary to provide you Services. In some cases we retain Personal Information for longer, if doing so is necessary to comply with our legal obligations, resolve disputes or collect fees owed, prevent fraud, enforce the Agreement, or as otherwise permitted or required by applicable law, rule or regulation. Afterwards, we retain some information in a depersonalized or aggregated form but not in a way that would identify you personally.

10. Information Provided on Behalf of Children and Others

As noted in the Terms of Use, the Services are not intended for use by children and children under the age of 13 are prohibited from using the Services. Zocdoc does not knowingly collect any information from children, nor are the Services directed to children. If you are under 13, please do not attempt to register for the Services or send any Personal Information about yourself to us.

By accessing, using and/or submitting information to or through the Services, you represent that you are not younger than age 13. If we learn that we have received any information directly from a child under age 13 without his/her parent’s written consent, we will use that information only to respond directly to that child (or his/her parent or legal guardian) to inform the child that he/she cannot use the Services, and we will subsequently delete that information. If you believe that a child under 13 may have provided us Personal Information, please contact us at [email protected].

If you are between age 13 and the age of majority in your place of residence, you may use the Services only with the consent of or under the supervision of your parent or legal guardian. If you are a parent or legal guardian of a minor child, you may, in compliance with the Agreement, use the Services on behalf of such minor child. Any information that you provide us while using the Services on behalf of your minor child will be treated as Personal Information as otherwise provided herein.

If you use the Services on behalf of another person, regardless of age, you agree that Atana may contact you for any communication made in connection with providing the Services or any legally required communications. You further agree to forward or share any such communication with any person for whom you are using the Services on behalf.

11. Other Web Services

The Services contain links to or embedded content from third party web services. A link to or embedded content from a non-Atana web service does not mean that we endorse that web service, the quality or accuracy of information presented on the non-Atana web service or the persons or entities associated with the non-Atana web service. If you decide to visit a third party web service, you are subject to the privacy policy of the third party web service as applicable and we are not responsible for the policies and practices of the third party web service. We encourage you to ask questions before you disclose your information to others.

You may have arrived at the Services from, or began your use of the Services at, a third party web service, including a third party web service that links to Atana or embeds Atana content. The presence of such links or content on third party web services does not mean that we endorse that web service, the quality or accuracy of information presented on the non-Atana web service or the persons or entities associated with the non-Atana web service. You may be subject to the privacy policy of the third party web service as applicable and we are not responsible for the policies and practices of the third party web services. In addition, the policies and practices of third parties do not apply to your information, including Personal Information, obtained pursuant to this Privacy Policy.

12. Updates and Changes to Privacy Policy

The effective date of this Privacy Policy is set forth at the top of this webpage. We will notify you of any material change by posting notice on this webpage. Your continued use of the Services after the effective date constitutes your acceptance of the amended Privacy Policy. We encourage you to periodically review this page for the latest information on our privacy practices. Any amended Privacy Policy supersedes all previous versions. IF YOU DO NOT AGREE TO FUTURE CHANGES TO THIS PRIVACY POLICY, YOU MUST STOP USING THE SERVICES AFTER THE EFFECTIVE DATE OF SUCH CHANGES.

13. Contact Us

If you have any comments, concerns or questions about this Privacy Policy, please contact us at [email protected] or at:

Atana, Inc.
101 W Dickman St.
Baltimore, MD 21230