Last Updated: October 1, 2021
Medicestry LLC. (“Medicestry”, “us”, “we”, or “our”) operates the Medicestry Platform, which consists of the medicestryllc.com website and the app Medicestry (collectively known as the “Service”).
This page informs all users of our policies regarding the collection, use, and disclosure of your personal data when you use our Service and the choices you have associated with that data.
We manage your data in our platform and enable you to share it amongst family members, as well as, healthcare providers of your choosing. By using the Service, you agree to the collection, storing, and use of your data in accordance with this policy.
DATA COLLECTION AND USE
We collect several different types of information for various purposes to provide and improve our Service to you.
WHAT KIND OF DATA DO WE COLLECT?
If you download, install, and/or create an account in our Medicestry platform, we collect information on your personal health history and also health history information on any of your relatives. This information allows us to provide our Services, which include the ability for you to share your health history information, as well as, that of your relatives with your healthcare provider, so they can assess your risk of hereditary diseases. Our Services DO NOT in any way make recommendations independent of your healthcare provider related to your health. We are simply a platform that allows you to self-report health history information on yourself and your relatives, which you can then share with appropriate healthcare providers of your choosing.
Medicestry only requires you enter a name and email address to create an account on the platform. Medicestry provides additional optional data entry screens to allow you to enter health information related to yourself or other family members. You can enter as much, or as little data as you want. In order to help your healthcare provider best assess your risk of hereditary disease, you should enter as much information as they deem necessary.
You should always consult your healthcare provider related to any medical decisions you make. Let’s go over the data that we allow you to store in our platform.
DATA YOU CAN STORE
Information entered into the platform is collected for the sole purpose of determining what types of diseases you might be at risk for based on your family health history. Information you self-report on yourself and other family members, is stored in our platform and may include, but is not limited to the following:
First name and Last name
Date of Birth
Diseases/Medical Conditions and the age they occurred
Relationship information as to how you are related to other relatives
Other medical information necessary for your healthcare provider to assess your hereditary risk of disease
Platform users can choose to invite family members to connect via the platform. By inviting a family member to the platform, a user is consenting that their family health history record is to be shared with the invited family member. No data from Optional Surveys or healthcare provider specific surveys will be shared with other family members.
No user data will be consented over to another family member without the user’s consent.
INFORMATION WE COLLECT AUTOMATICALLY
We also collect some information automatically:
Log Information: The products we offer via our platform follow a standard procedure of using log files. These files log visitors when they visit our website, as well as login to our platform. All hosting companies do this and are a part of the hosting services’ analytics. We collect information that web browsers, mobile devices, and servers typically make available, such as the browser type, IP address, unique device identifiers, language preference, referring site, the date and time of access, operating system, and mobile network information. These are not linked to any information that is personally identifiable. The purpose of the information is for analyzing trends, administering the site, tracking users’ movement on the website, and gathering demographic information.
Usage Data: We may also collect information about how the Service is accessed and used. This Usage Data may include information such as your smartphone’s and/or computer’s operating system, your Internet Protocol address (e.g. IP address), browser type, browser version, the pages of our Service that you visit, the time and date of your visit, the time spent on those pages, device information (e.g., screen size, name of cellular network, and mobile device manufacturer) and other diagnostic data. We use this information to, for example, provide our Services to you, as well as get insights on how people use our Services, so we can make our Services better.
A cookie is a string of information that a website stores on a visitor’s computer, and that the visitor’s browser provides to the website each time the visitor returns. Pixel tags (also called web beacons) are small blocks of code placed on websites and emails.
You can instruct your browser to refuse all cookies or to indicate when a cookie is being sent. However, if you do not accept cookies, you may not be able to use some portions of our Service.
Examples of Cookies we use:
We use Session Cookies to operate our Service.
We use Preference Cookies to remember your preferences and various settings.
We use Security Cookies for security purposes.
HOW WE USE YOUR INFORMATION
We use information about you as mentioned above and for the purposes listed below:
To provide and maintain the Service
To notify you about changes to our Service
To allow you to participate in interactive features of our Service when you choose to do so
To provide customer care and support
To provide analysis or valuable information so that we can improve the Service
To monitor the usage of the Service
To detect, prevent and address technical issues
LEGAL BASES FOR COLLECTING AND USING INFORMATION
A note here for those in the European Union about our legal grounds for processing information about you under EU data protection laws, which is that our use of your information is based on the grounds that: (1) The use is necessary in order to fulfill our commitments to you under the applicable terms of service or other agreements with you or is necessary to administer your account–for example, in order to enable access to our website on your device or charge you for a paid plan; or (2) The use is necessary for compliance with a legal obligation; or (3) The use is necessary in order to protect your vital interests or those of another person; or (4) We have a legitimate interest in using your information — for example, to provide and update our Services; to improve our Services so that we can offer you an even better user experience; to safeguard our Services; to communicate with you; to measure, gauge, and improve the effectiveness of our advertising; to understand our user retention and attrition; to monitor and prevent any problems with our Services; and to personalize your experience; or (5) You have given us your consent.
The user has the right to withdraw his or her consent at any time. The withdrawal of consent shall not affect the lawfulness of processing based on consent before its withdrawal. Consent can be withdrawn by following the steps outlined in our Data Deletion policy found at the bottom of this document.
Should the purpose of data collection and processing change, you will be notified via the Medicestry Platform and your consent will need to be re-obtained for you to continue using the Medicestry platform.
DATA RETENTION POLICY
Service users’ data is typically retained for a period of 6 years, dating from their most recent login. After 6 years without account activity, the user account will be deleted. In accordance with our Data Deletion Policy, Medicestry will permanently destroy the user data held on our servers, with the exception of data that has been shared with family members or healthcare providers. If data has been shared with a healthcare provider, the user must contact the healthcare provider directly to request deletion of their data.
Service users can request the deletion of their data and closure of their Service account at any point in accordance with our Data Deletion Policy.
Service users should be aware that most nations have laws requiring healthcare providers to retain records for a minimum period of time and as such, it might not be possible to delete the copy of the Service user data which the healthcare provider(s) holds.
Service users who have opted in a healthcare provider(s) should contact their healthcare provider(s) directly in order to request deletion of the copy of their data the healthcare provider(s) holds.
TRANSFER OF DATA
Your information, including Personal Data, may be transferred to — and maintained on — computers located outside of your state, province, country or other governmental jurisdiction where the data protection laws may differ than those from your jurisdiction.
If you are located outside United States and choose to provide information to us, please note that we transfer the data, including Personal Data, to servers in the United States and process it there.
DISCLOSURE OF DATALEGAL REQUIREMENTS
We do not sell your private personal information you share with us. We may disclose your personal data (with appropriate safeguards on your privacy) in the good faith belief that such action is necessary to:
To comply with a legal obligation
To protect and defend the rights or property of Medicestry LLC
To prevent or investigate possible wrongdoing in connection with the Service
To protect the personal safety of users of the Service or the public
To protect against legal liability
SECURITY OF DATA
The security of your data is important to us but remember that no method of transmission over the Internet, or method of electronic storage is 100% secure. While we strive to use commercially acceptable means to protect your Personal Data, we cannot guarantee its absolute security.
Your data is encrypted at all times, meaning while the data is at rest on our servers, as well as when data is transmitted from your device to our platform.
You have several choices available when it comes to information about you:
Limit Access to Information on Your Mobile Device: Your mobile device operating system should provide you with the ability to discontinue our ability to collect stored information.
Opt-Out of Marketing Communications: You may opt out of receiving promotional communications from us. Just follow the instructions in those communications or let us know. If you opt out of promotional communications, we may still send you other communications, like those about your account and legal notices.
Set Your Browser to Reject Cookies: You can usually choose to set your browser to remove or reject browser cookies before using Medicestry LLC. websites, with the drawback that certain features of our websites may not function properly without the aid of cookies.
If you are located in certain countries, including those that fall under the scope of the European General Data Protection Regulation (aka the “GDPR”), data protection laws give you rights with respect to your personal data, subject to any exemptions provided by the law, including the rights to:
Request access to your personal data
Request correction or deletion of your personal data
Object to our use and processing of your personal data
Request that we limit our use and processing of your personal data
Request portability of your personal data
If you would like to make a request to exercise any of these rights, please contact us below:
By email: firstname.lastname@example.org
By visiting our website: www.medicestryllc.com
If you have a concern with the handling of your personal information, you have the right to lodge a complaint with the applicable Data Protection Authority in the country in which you reside, however, we ask that you first contact our Data Protection Officer, David Rogers, at email@example.com so that we may attempt to fully resolve the issue.
We may employ third party companies and individuals to facilitate our Service (“Service Providers”), to provide the Service on our behalf, to perform Service-related services or to assist us in analyzing how our Service is used.
These third parties have access to your Personal Data only to perform these tasks on our behalf and are obligated not to disclose or use it for any other purpose
We may use third-party Service Providers to monitor and analyze the use of our Service.
Google Analytics: Google Analytics is a web analytics service offered by Google that tracks and reports website traffic. In using Google Analytics, our website employs the extension “anonymizeIp”. In doing so, Google abbreviates and thereby anonymizes your IP address. Google does not identify individual users or associate your IP address with any other data held by Google. Google uses this information to analyze your use of our site, to compile reports for us on internet activity and to provide other services relating to our website.
For more information on the privacy practices of Google, please visit the Google Privacy & Terms web page: https://policies.google.com/privacy?hl=en
DISCLAIMER OF WARRANTY
The Medicestry Platform and all data derived through its use, are provided "as is" with no warranty, express or implied, of any kind and Medicestry expressly disclaims any and all warranties and conditions, including but not limited to, any implied warranty of availability, security, title and non-infringement. You are solely responsible for any damage that results from the use of any Medicestry Platform and any data derived through such Platform including, but not limited to, any damage to your computer system or loss of data.
LIMITATION OF LIABILITY
Medicestry LLC shall not, under any circumstances, be liable to you for any indirect, incidental, consequential, special or exemplary damages arising out of or in connection with use of the Medicestry Platform and any data derived through such Platform, whether based on breach of contract, breach of warranty, tort (including negligence, product liability or otherwise), or any other pecuniary loss, whether or not Medicestry LLC has been advised of the possibility of such damages. Under no circumstances shall Medicestry LLC be liable to you for any amount.
LINKS TO OTHER SITES
We have no control over and assume no responsibility for the content, privacy policies or practices of any third-party sites or services.
Our Service does not address anyone under the age of 18 (“Children”).
We do not knowingly collect personally identifiable information from anyone under the age of 18. If you are a parent or guardian and you are aware that your Children has provided us with Personal Data, please contact us. If we become aware that we have collected Personal Data from children without verification of parental consent, we take steps to remove that information from our servers.
REQUEST TO DELETE YOUR DATA
If you wish to have your account and all your data associated with your account deleted from our platform, you may contact us at any of the mediums below to formally request your account to be deleted. You will be asked to provide a government issued ID to verify that you are in fact the rightful owner of the account and therefore have the authority to delete the account and all the information contained within it.
Once your request to delete your data has been verified and confirmed your account will be closed and we will dispose of all copies of your data on our servers within 30 days, provided you have not shared data with a healthcare provider(s). If you have shared data with a healthcare provider(s), they will retain a copy of your record for a determinate time period in accordance with local record retention laws. You can contact your healthcare provider directly in order to request deletion of your data.
By email: firstname.lastname@example.org
By visiting our website: www.medicestryllc.com
We try to respond to user requests in as short a timeframe as possible, however sometimes it may take us slightly longer to respond to certain requests. Please allow up to 30 days for a response to your request.