Privacy Policy of 75Health

Kaaspro Inc. doing business as 75health.com and our affiliates and subsidiaries ("75health", "we", "us", or "our") recognizes the importance of protecting the privacy of your information, and we have prepared this Privacy Policy (this "Privacy Policy") to provide you (the "Providers") with important information about the privacy practices applicable to the 75health software, website services, telemedicine product, and any website and application, product, or service, including, without limitation, 75health.com and any other website, application, or online service that links to or refers to this Privacy Policy (collectively, the "75health Services").

75health provides Providers with the 75health Services to manage appointments, personal health records, communications, and other related activities. Other than information gathered through our website at www.75health.com, 75health acts as a service provider for health service providers and does not own or control the information that is submitted to us through the 75health Services. The information that is submitted through the 75health Services will be held subject to the requirements specified by our health service provider clients and applicable law, such as the Health Insurance Portability and Accountability Act of 1996 ("HIPAA").

This Privacy Policy covers any information that, alone or when in combination with other information, may be used to readily identify, contact, or locate an individual ("Personal Information") that is in our possession, including but not limited to Patient's (as defined below) information shared by Providers, Patients, third parties at the direction of users, and Provider systems as well as through the 75health Services. "Personal Information" also includes identifiable health information collected about you. We do not consider Personal Information to include information that has been anonymized so that it does not allow a third party to easily identify a specific individual. This Privacy Policy describes how 75health collects, uses, and discloses Personal Information.

In addition, individually identifiable information that you provide to us for purposes of providing medical care to your potential or existing patients ("Patient" or "Patients") (such information is also referred to as "Protected Health Information" or "PHI") will also be subject to each Provider's Health Insurance Portability and Accountability Act Notice of Privacy Practices (the "HIPAA Notice"), which each Provider shall make available to Patients. The HIPAA Notice shall describe how the Providers can use and share the Patients' PHI and also describe the Patients' rights with respect to their PHI.

This Privacy Policy does not reflect the privacy practices of the Providers, and 75health is not responsible for our Providers' privacy policies or practices. 75health does not review, comment upon, or monitor a Provider's HIPAA Notice or their compliance with their respective privacy policies, nor does 75health review our client's instructions to determine whether they are in compliance or conflict with the terms of a client's published privacy policy or applicable law.

Information We Collect

We may collect the following kinds of information (including Personal Information and PHI of your Patients) when you use the 75health Services:

Information You or the Patients Provide Directly to Us:

For certain activities, such as when the Patients register, use our online services (via our websites or applications), our telemedicine services, subscribe to our alerts, or contact us directly, we may collect some or all of the following types of information:

• Contact information,such as your and the Patients' fullname, emailaddress, mobilephonenumber,and address.
• Username and password.
• Payment information, such as your or the Patients' credit card number, expiration date, and credit card security code.
• Information about your employment, such as your job title, practice area, primary specialty, medical license status, gender, date of birth, languages spoken, educational background, address, photograph, social security number, Tax ID, NPI number, professional license information, and bank account information.
• Personal health information, including information about the Patient's diagnosis, previous treatments, general health, and health insurance and any other information you provide to us.

We may combine such information with information we already have about you or the Patients.

Information We Collect Automatically:

75health and our third-party partners, such as analytics service providers, may collect certain information automatically when you use our 75health Services, such as your Internet protocol (IP) address, device and advertising identifiers, browser type, operating system, Internet service provider, pages that you visit before and after using the 75health Services, the date and time of the Patient's visit, information about the links you click and pages you view within the 75health Services, and other standard server log information. We may also collect certain location information when you use our 75health Services, such as your computer's IP address, your mobile device's GPS signal, or information about nearby WiFi access points and cell towers.

We may use cookies, pixel tags, Local Shared Objects, and similar technologies to automatically collect this information. Cookies are small bits of information that are stored by your computer's web browser. Pixel tags are very small images or small pieces of data embedded in images, also known as "web beacons" or "clear GIFs," that can recognize cookies, the time and date a page is viewed, a description of the page where the pixel tag is placed, and similar information from your computer or device. Local Shared Objects (sometimes referred to as "Flash Cookies") are similar to standard cookies except that they can be larger and are downloaded to a computer or mobile device by the Adobe Flash media player. By using the 75health Services, you consent to our use of cookies and similar technologies.

We may also collect technical data to address and fix technical problems and improve our 75health Services, including the memory state of your device when a system or app crash occurs while using our 75health Services. Your device or browser settings may permit you to control the collection of this technical data. This data may include parts of a document you were using when a problem occurred, or the contents of your communications. By using the 75health Services, you are consenting to the collection of this technical data.

Information We Obtain from Health Care Providers and Other Sources:

In connection with the Patient's treatment, we may collect medical records from their past, current, and future health care providers. This may include information about their diagnosis, previous treatments, general health, laboratory and pathology test results and reports, social histories, any family history of illness, and records about phone calls and emails related to their illness.

Some of our users, including the Providers, are subject to laws and regulations governing the use and disclosure of health information they create or receive. Included among them is the 21st Century Cures Act, HIPAA, the Health Information Technology for Economic and Clinical Health of 2009 ("HITECH"), and the regulations adopted thereunder. When we store, process, or transmit "individually identifiable health information" (as such term is defined by HIPAA) on behalf of the Provider who has entered a Healthcare Provider User Agreement, we do so as its "business associate" (as also defined by HIPAA). Under this agreement, 75health is prohibited from using individually identifiable health information in a manner that the provider itself may not. 75health is required to, among other things, apply reasonable and appropriate measures to safeguard the confidentiality, integrity, and availability of individually identifiable health information we store and process on behalf of such providers. 75health is subject to laws and regulations governing the use and information of certain personal and health information, including HIPAA, when it operates as a business associate of a healthcare provider.

We may also receive information about you from other sources, including through third-party services and organizations. We may combine our first-party data, such as your email address or name, with third-party data from other sources and use this to contact you (e.g., through direct mail).

Use of Cookies

Cookies are small text files that are stored on your device when you visit a website. They are widely used to make websites work, improve user experience, and provide information to the site owners. We use different types of cookies on our website to enhance its functionality, analyze our performance, and support our marketing efforts. Below are the types of cookies we use:

Targeting Cookies:

These cookies may be set through our site by our advertising partners. They may be used by those companies to build a profile of your interests and show you relevant adverts on other sites. They do not store directly personal information but are based on uniquely identifying your browser and internet device. If you do not allow these cookies, you will experience less targeted advertising.

Functional Cookies:

These cookies enable the website to provide enhanced functionality and personalisation. They may be set by us or by third-party providers whose services we have added to our pages. If you do not allow these cookies, then some or all of these services may not function properly.

Performance Cookies:

These cookies allow us to count visits and traffic sources so we can measure and improve the performance of our site. They help us to know which pages are the most and least popular and see how visitors move around the site. All information these cookies collect is aggregated and therefore anonymous. If you do not allow these cookies, we will not know when you have visited our site and will not be able to monitor its performance.

Strictly Necessary Cookies:

These cookies are necessary for the website to function and cannot be switched off in our systems. They are usually only set in response to actions made by you which amount to a request for services, such as setting your privacy preferences, logging in, or filling in forms. You can set your browser to block or alert you about these cookies, but some parts of the site will not then work. These cookies do not store any personally identifiable information.

Use of your Information

We are committed to maintaining your trust, and we want you to understand when and with whom we may share the information we collect:

Healthcare providers, insurance companies, and other healthcare-related entities:

We may share Patient Personal Information and PHI with healthcare providers, laboratories, government agencies, insurance companies, organ procurement organizations, medical examiners or funeral directors, and other entities involved in providing treatment options and support.

Authorized third-party vendors and service providers:

We may share your Personal Information and PHI with third-party vendors and service providers that assist us with specialized services, including billing, payment processing, customer service, email deployment, business analytics, marketing (including advertising, attribution, deep-linking, direct-mail, mobile marketing, optimization, and retargeting), performance monitoring, hosting, and data processing. These third-party vendors and service providers are not permitted to use your information for purposes other than those related to the services they provide to us.

Research partners:

We may share your information with our research partners to conduct health-related research, subject to your separate written authorization.

Corporate affiliates:

To streamline business operations, develop products and services that better meet customer needs, and inform customers about relevant products and services, we may share your Personal Information with our current or future affiliated entities, subsidiaries, and parent companies.

Business transfers:

In the event of a substantial corporate transaction, such as a merger, consolidation, asset sale, or in the unlikely event of bankruptcy, we may share your information.

Legal purposes:

We may disclose information to respond to subpoenas, warrants, court orders, legal processes, law enforcement requests, legal claims, or government inquiries, and to protect and defend the rights, interests, health, safety, and security of 75health, our affiliates, users, or the public. If legally compelled to disclose information about you to a third party, we will attempt to notify you via the email address in our records, unless doing so would violate the law or you have not provided an email address.

With your consent or at your direction:

We may share information for any other purposes disclosed to you at the time we collect the information or pursuant to your consent or direction.

Access to Information

Our uses for the information (including Personal Information) we collect online include but are not limited to:

1. Providing and improving the 75health Services:Ensuring that our services meet your needs and enhancing their functionality.
2. Contacting you: Communicating with you regarding your account and the services we offer.¤
3. Fulfilling your requests for products, services, and information: Processing and delivering your orders or requests.¤
4. Sending you information about additional clinical services or general wellness:This may come from us or on behalf of our affiliates and trusted third-party partners.
5. Analyzing the use of the 75health Services and user data:Understanding how our services are used to improve them.
6. Customizing the content you see when you use the 75health Services:Providing a personalized experience.
7. Conducting research using your information:This may be subject to your separate written authorization.
8. Preventing potentially prohibited or illegal activities: Ensuring compliance with our Terms of Service.
9. For any other purposes disclosed to you at the time we collect your information or pursuant to your consent.

From time to time, we may desire to use the information we collect online for uses not previously listed in this Privacy Policy. If our practices change regarding previously collected Personal Information in a way that would be materially less restrictive than stated in the version of this Privacy Policy in effect at the time we collected the information, we will make reasonable efforts to provide notice and obtain consent to any such uses as may be required by law.

Any request to obtain your consent does not narrow the scope of this Privacy Policy. By using the 75health Service, you accept and agree to 75health's information handling practices as described in this Privacy Policy and in our Terms of Use.

We may use the information collected through the 75health Services to investigate potential or suspected threats to the 75health Services or to the confidentiality, integrity, or availability of the information 75health stores and maintains.

By using the 75health Services, you agree to receive texts, phone calls, and/or emails from us at the phone numbers and email addresses you provided for informational and customer service-related purposes.

Additionally, we may send an email to the email address you provide us in order to verify your account and for informational and operational purposes, such as account management, customer service, or system maintenance. We may also send you marketing emails if you request more information about our products and services. Emails are often transactional or relationship messages, such as appointment requests, reminders, cancellations, and other notifications. 75health may not offer you the option of opting out of receiving some of these messages, although we may allow you to modify how often you receive such messages. If you opt-in to receiving marketing announcements from 75health, we will allow you to opt-out of receiving those announcements.

Securing Your Information

We use reasonable measures to help protect information from loss, theft, misuse, and unauthorized access, disclosure, alteration, and destruction. 75health acts as a trusted confidential application service provider dedicated to providing a secure Internet and mobile service. You should understand that no data storage system or transmission of data over the Internet or any other public network can be guaranteed to be 100% secure. Consequently, we cannot ensure or warrant the security of any information you transmit to us, and you do so at your own risk. Once we receive your transmission, we take steps to ensure security on our systems. Please note this is not a guarantee that such information may not be accessed, disclosed, altered, or destroyed by breach of such safeguards. Information collected by third parties may not have the same security protections as information you submit to us, and we are not responsible for protecting the security of such information.

75health employs a high degree of security consciousness. One of our priorities is to make reasonable efforts to ensure data security and be fully compliant with all HIPAA regulations. Access, integrity, availability, ownership, authorization, dependability, authentication, and confidentiality are all major considerations within the 75health Security Policy.

75health upholds its stringent Security Policy with the following security measures:

1. Role-Based Usage: 75health grants varying degrees of access to users with different levels of authority within a provider practice.¤
2. Encryption: All communication between you and the 75health server is secured by using SSL AES 256-bit encryption. This is the highest level of encryption currently available commercially.¤
3. Data Security: 75health takes measures to secure your data on our servers, in our data center. Our data center is both physically and electronically secured. Our servers are isolated from the Internet by using a firewall which is a hardware and software system that blocks access by unauthorized parties.
4. Confidentiality: 75health has internal policies that keep your data private and confidential. We will not share your data with any third party except as described in our Privacy Policy. Your data is your data only.
5. Login ID and Password: Access to your account is controlled by a login ID and a password, which you chose. Strict login ID and password rules help prevent unauthorized users from gaining access to data. We do NOT store a plain text version of your password. Your password is stored using a one-way hash key and verified using the same one- way hash every time you login, which means no one at 75health knows what password you have chosen. If you ever forget your password, we force you to choose a new one using an email verification check.
6. Auto Logout: 75health protects you against accidentally leaving your account active on a computer browser screen. The 75health service ends your "session" if you are logged into 75health but have not actively used the service for a set period of time. This prevents others from accessing your account when you leave a session and forget to log out.
7. Digital Certificates: 75health uses a digital certificate issued by DigiCert Inc., a leading Secure Server Certification Authority. This gives you the confidence that you are connected to a site or application operated by 75health and are authenticated as such.
8. Data Integrity: 75health employs products and technology to help ensure data is available and access to the site continues without interruption.
9. Firewall: We take reasonable measures to secure your data on our servers, in our data center. Our data center is both physically and electronically secured. Our servers are protected behind the Internet by using a firewall system that blocks access by unauthorized parties.

By using the 75health Services or providing Personal Information to us, you agree that we can communicate with you electronically regarding security, privacy, and administrative issues relating to your use of this website.

Third-Party Links

Some of the 75health Services may contain links to content maintained by third parties that we do not control. We allow third parties, including business partners and advertising networks, to collect information about your online activities through cookies, pixels, local storage, and other technologies. These third parties may use this information to display advertisements tailored to your interests on our services and elsewhere online. We are not responsible for the privacy practices of these third parties, and their information practices are not covered by this Privacy Policy.

These third parties may collect information about users of our services to provide interest-based advertising, including across browsers and devices. They may use the information they collect to predict your interests and deliver ads across the internet. Some of these third parties participate in industry organizations that offer users the opportunity to opt out of interest-based advertising.

To opt out of interest-based advertising across browsers and devices from companies participating in the Digital Advertising Alliance or Network Advertising Initiative, visit their respective websites. You may also opt out of interest- based advertising through your mobile device settings, but your opt-out choice may apply only to the browser or device you are using when you opt out.

Do-Not-Track Signals: We currently do not respond to "do-not-track" signals from web browsers due to variations in how browsers incorporate and activate this feature.

Third-Party Browser Extensions: Browser extensions, developed by third parties, can modify and enhance your browser's functionality. These extensions may access, record, and/or modify your private data, including PHI. Such extensions are installed and used at your own risk, and we assume no liability for any data loss or breaches caused by them. We recommend removing all extensions before using the 75health Services.

Third-Party Software: Installing any third-party software on your operating system may also expose you to risks similar to using browser extensions. We have no liability for damages caused by third-party software, including browser extensions.

Data Retention

75health's collection, use, and disclosure of information are generally governed by service agreements with Providers. Information maintained to provide these services to you is retained only for as long as we have a valid business purpose and in accordance with applicable law. 75health may retain archived information for a period of seven years (or longer if required by law) as necessary to comply with legal obligations, resolve disputes, and enforce our agreements and other authorized uses under this Privacy Policy.

75health indefinitely stores non-personal information, as well as any feedback you provide us.

Children's Online Privacy Protection Act Compliance

We are in compliance with the requirements of COPPA (Children's Online Privacy Protection Act); we do not collect any information from anyone under 13 years of age. Our website, products, and services are all directed to people who are at least 13 years old or older.

Your Consent

By using our site, you consent to our privacy policy.

Changes to Our Privacy Policy

If we decide to change our privacy policy, we will post those changes on this page and/or send an email notifying you of any changes.

Contact Details

For any questions regarding the processing of your data and your privacy rights, or to exercise your rights under the applicable law, you may contact our support team through support@75health.com.