BUDS PRIVACY STATEMENT
This Privacy Statement describes how the BUDS Technology, Inc. website and related BUDS Applications, including but not limited to NurseDaisy, WeCare, SavvyPay, BUDlogic, and/or FootPrint (collectively, “BUDS” or “BUDS Applications” or the “Site”) may collect, use, transfer, and/or store “PII”, i.e., data that can be used to identify or to contact a specific individual. The Statement applies to the BUDS Applications and the services available via the BUDS Applications.
This Privacy Statement is incorporated into and subject to the BUDS Terms and Conditions.
The Privacy Statement may be updated without prior notice to you to reflect changes in our information practices, so please review it periodically.
If you have any questions or comments relating to this Privacy Statement or to the ways that the BUDS Applications use the information we collect from the BUDS Applications, please contact us using the methods outlined at the end of this statement.
Collection and Use of your Personally-Identifiable Information (PII).
Personal Information About You Received from Your Healthcare Provider
The BUDS Applications contain information about the user and any designated contacts for the user that are provided by the user or the user’s health care provider:
-
name
-
date of birth
-
residence and/or postal address
-
email address
-
telephone number(s)
-
information regarding your medical condition
If your healthcare provider includes information regarding your medical condition, in the U.S., it is also Protected Health Information or “PHI” and is protected by the Health Information Portability and Administerability Act (“HIPAA”) in the U.S.
Certain aspects of the above-listed PII may be designated as “sensitive” information under data privacy laws in certain jurisdictions. BUDS will adopt additional measures as required by such laws for the processing of PII, including sensitive information. By providing us with your sensitive personal information, you consent to BUDS collecting, processing, using, or storing PII and PHI.
BUDS uses your personal information to operate the BUDS Applications for your specific medical conditions. BUDS also may use this information to send you surveys or other questionnaires about your views on the BUDS Applications and how we could improve it.
When you first access the BUDS Applications, you will be asked to (a) review and agree to the Terms and Conditions, which includes your consent for BUDS to collect, process, use, disclose, and store your PII, and (b) set up an account with the BUDS Applications. You should not share your login information with anyone that you do not want to have access to your PII.
Your Personal and Health Information
The BUDS Applications are configured to collect certain PII and PHI about you. Such PII and PHI may include, but is not limited to:
-
pulse rate
-
respiration rate
-
oxygen saturation
-
temperature
-
medicine type and dosage and use
-
blood pressure
-
weight
-
blood glucose levels
-
diagnosis and symptoms
-
information regarding your care plan
-
information regarding your medications
-
communications made using the BUDS Applications amongst user, designated representatives, and your healthcare providers
-
other information provided by user, user’s designated contact representatives, and user’s health care providers
Your healthcare provider has determined which of the BUDS Applications will collect PHI and PII about you and how long BUDS is required to store (retain) your PII.
The BUDS Applications will use the PHI and PII collected about you to provide regular updates of your self-reported medical status to your healthcare provide to your healthcare provider as well as alerts when the PII collected indicates that your medical status has fallen outside, or is likely to fall outside, parameters set by your provider. The PII collected and any alerts will be identified as your personal health information and may be sent directly to your provider. In all cases, all decisions about your medical treatment based in whole or in part on PII about you provided by the BUDS Applications will be made by your healthcare provider.
Your healthcare provider, in addition to monitoring your health and medical conditions and prescribing tests or treatment, may, but is not so required, to use the PII collected by the BUDS Applications to send you wellness coaching, to suggest that you make an appointment with or otherwise contact one of their physicians or other medical personnel, or to remind you about scheduled appointments.
When you create an account and use the BUDS Applications, you consent to BUDS disclosing your PII via email and text over the user’s cellular network and/or the chat or video function through the BUDS Applications (text and date rates may apply) to any user of the BUDS Applications authorized by you or your health care provider. You are responsible for ensuring that the identity and pertinent contact information for any such user is current.
The accuracy and reliability of any information inputted into the BUDS Applications is the sole responsibility of the user, any authorized users, and/or the participating health care providers. BUDS is not responsible for and makes no warranties or representations as to the accuracy or breadth of any information inputted or omitted from the BUDS Applications.
The BUDS Applications also use your PHI and PII to develop or improve ways that the BUDS Applications can assist your healthcare provider to better predict when a patient’s medical status or vital signs indicate the worsening of a patient’s existing medical conditions or the onset of a new medical condition, and to assist your healthcare provider to otherwise develop and improve biomarker monitoring, health monitoring, disease detection, disease prediction, health risk stratification and prediction of disease evolution and therapy response, the ability to identify illness earlier, and the conduct of post market therapy response, the ability to identify illness earlier, and the conduct of post market surveillance to enable the improvement of patient safety (collectively, “Authorized Purposes”).
BUDS will not sell or disclose your PHI or PII to a third party.
Account Information
BUDS utilizes third-party cloud hosting providers and third-party analytics providers to collect information and to prepare reports about how patients access and use the BUDS Applications. BUDS uses this information to improve the BUDS Applications. These service providers may have access to your PHI or PII if required to perform their functions, but they are contractually obligated to maintain the confidentiality and security of all PHI and PII and are not authorized by us to use or disclose any PHI or PII except as necessary to perform services on our behalf or to comply with legal requirements.
BUDS may “de-identify” your PHI or PII by removing your name and other personal identifiers such that the PHI or PII can no longer be identified as yours and does not allow someone to determine your identity. This “de-identified data” also may be combined with other patients’ de-identified data to become “aggregated data” that BUDS uses for Authorized Purposes and to examine the habits, needs, health patterns, usage patterns, and demographics of patients as a group. BUDS also may use de-identified data and aggregated data for scientific or other publications or provide de-identified data and aggregated data for scientific or other publications or provide de-identified data and aggregated data to third parties for their research and development purposes. The rights provided to BUDS in this paragraph will be limited to those set forth in the agreement, if applicable, between BUDS and the organization that employs or contracts with your healthcare provider.
BUDS uses rigorous security measures to protect the confidentiality of your PHI and PII including, without limitation, sign in methods to restrict access to your account. The security of the BUDS Applications relies on your not sharing or disclosing your login information with anyone that you do not want to have access to your PHI and PII. If you believe the confidentiality of your login information has been compromised, you should change your log-in information and notify BUDS promptly.
While no party that maintains a mobile app or a website can guarantee security and no mobile or internet transmission is ever completely secure or error-free, BUDS does utilize administrative, technical, and physical safeguards, consistent with applicable laws, that are designed to ensure the integrity of our systems and to protect patients’ PII that we have collected against unauthorized access, disclosure, or use. These safeguards include, without limitation, using information technology safeguards such as firewalls and multi-factor identification, encrypting all PII that is stored by us and hosting it in a secure cloud environment, and employee security training. We periodically review and update our collection, processing, and storage practices with respect to PHI and PII, including physical security measures, and implement any changes necessary to guard against unauthorized access, disclosure, or use to your PHI and PII.
Where and How Long BUDS Retains Your PHI and PII
Information including, without limitation, your PHI and PII, collected by the BUDS Applications from persons in the United States is stored in an encrypted format in a cloud-hosted environment in the United States. We do not transfer, transport, or store PHI or PII collected from U.S. patients outside the U.S.
Your healthcare provider has contracted with BUDS to arrange for your use of the BUDS Applications. Our agreement with your provider specifies how long BUDS is required to store or retain your PHI and PII.
Protection of the Privacy of Children
BUDS does not knowingly collect or use any PHI or PII from persons aged 13 or younger, and we do not knowingly allow persons aged 13 or younger to communicate with us or to use the BUDS Applications. If you are a parent or guardian and become aware that your child has provided us with any information, please contact us using the methods outlined at the end of this Statement, and we will work with you to address this issue.
Children’s Online Privacy Protection Act (COPPA)
For U.S. users, this U.S. law imposes certain requirements on operators of websites or online services directed to children under 13 years old and on operators of other websites or online services that have actual knowledge that they are collecting PHI or PII online from a person under 13 years old. If you are a parent or guardian and become aware that your child has provided us with any information, please contact us using the methods outlined in the How to Contact Us section at the end of this Statement, and we will work with you to address this issue.
California Consumer Privacy Act (CCPA)
As noted above in this Privacy Statement, BUDS collects and may use or disclose your PII for Authorized Purposes, to send you a questionnaire or survey about your experience with the BUDS Applications and how we might improve the BUDS Applications, and to permit third parties to provide cloud-hosting and analytics services to BUDS (which may be considered a “sale” of PII under the CCPA). California residents have the right to make the following requests of BUDS up to twice in a 12-month period: a list of the specific types of PII BUDS has collected about you; disclosure of the types of PII the BUDS Applications collects, uses, discloses, or sells; and direction to opt out of a “sale” of your PII (as defined by the CCPA) by BUDS. California residents may also ask their healthcare provider to direct BUDS to delete their PII from the BUDS Applications. However, deletion of the PII may result in the inability to utilize the BUDS Applications.
Your Privacy Rights with Respect to Your PII
Users have the following rights with respect to their PII that we collect and store:
-
to ask your healthcare provider to direct BUDS to delete the PII;
-
to have your healthcare provider limit the ways BUDS uses your PII;
-
to restrict BUDS’s use of your PII for marketing or survey purposes;
-
to request through your healthcare provider that BUDS furnish you with a copy of your stored PII; and
-
to submit a complaint with your data protection authority regarding your healthcare provider’s and/or BUDS’s collection, use, or storage of your PII.
How to Contact Us
If you have any privacy questions or complaints, or to exercise any of your privacy rights including, without limitation, modifying or withdrawing your consent to BUDS collecting, processing, using, or storing your PII as outlined in this Privacy Statement, please contact us:
via email at: info@budstechnology.com
via mail (for U.S. users) at: BUDS Technology, Inc., 9755 Dogwood Road, Suite 110, Roswell, Georgia 30075
Dated August 15, 2023
Download above statement in PDF here.