Information We Collect
We generally collect the following information:
- Information you share directly with us. We collect and process your information when you use the Lenses2go Application to request a Visit, create an account, login to the account, complete surveys, comment on articles, use messaging features and contact Customer Support. This information can generally be categorized as Registration Information, Self-Reported Information, and/or User Content.
How We Use Information
We generally process Personal Information, for the following reasons:
- To provide our Services. We process Personal Information in order to provide Lenses2go’s Services, which includes the creation of customer accounts and authenticating logins, communication with you, facilitating communications (including requests for Visits) between users and the eye care professionals responsible for providing service, providing users with access to their health information, processing payments, and billing users’ insurance carriers if applicable.
- To analyze and improve our Services. We constantly work to improve and provide new tools and Services. For example, we are constantly working to improve Lenses2go’s Applications. We may also need to fix bugs or issues, analyze use of our website or Lenses2go’s Application to improve the customer experience or assess our marketing campaigns.
Sharing Your Information
- When you give us your consent to do so, including if we notify you on Lenses2go’s Application that the information you provide will be shared in a particular manner and you provide such information.
- To your L2G Opticians (s) responsible for providing the requested eye care services.
- To third party payors who are financially responsible, or are reasonably believed to be financially responsible, for the eye care services.
- With contracted vendors, contractors, consultants, and other service providers who are working on our behalf and who require access to your information to carry out their work for us
Data from Apple Clinical Health Records API or the Apple Health (HealthKit) application
When you grant Heal permission to access data gathered through Apple’s Clinical Health Records API or through synchronization with the Apple Health application:
- We do share your data with L2G Opticians or medical professionals for your treatment and improving health management.
- We do not use your data for advertising, marketing, research, or other use-based data mining purposes.
- We do not disclose your data to third parties for advertising, marketing, research, or other use-based data mining purposes.
- We have adopted commercially reasonable information security policies and practices to help protect your information, but please note that no method of transmitting or storing electronic data is ever completely secure.
Please note, Lenses2go is an administrative and technology service provider that owns the Application. Lenses2go has entered into contracts with certain independent health care providers who provide mobile, non-emergency general services (collectively, “L2G Opticians”). Among other things, Lenses2go contracts with L2G Opticians, licenses the Application to Lenses2go Opticians so to provide opticians with the capability to receive, respond to and schedule requested visits. Lenses2go does not provide any medical services, nor does it refer or recommend any physician or medical practice or any other medical provider or personnel. Lenses2go provides L2G Opticians with scheduled visit to measure patient’s optical measurement for the purpose of fitting them with eyeglasses. Also L2G Optician provide patients with assistance in selecting eye care products and services.
1. Information That You Give Us
When you create an account on the Application or enroll as a Lenses2go registered user (“Enroll”), or login to the Application or Lenses2go website to create a profile, comment on articles, or complete surveys, we collect personal information that can identify you (“Personally Identifiable Information” or “PII”), such as your full name, email address, mailing address, telephone number, and credit card information for payment. In addition to PII, Lenses2go may also collect the protected health information (“Protected Health Information” or “PHI”) of you or of an individual for which you are requesting health services. For example, when you use the Application to transmit a request for health services to be provided your specified location (a request for a “Visit”), you will be need to provide additional health information the individual for whom the visit is requested so that L2G Opticians can assess the request and determine whether or not it has an appropriate and available medical provider (a “Provider”) and medical assistant (“Medical Assistant”) to respond to your request. Another example of how Lenses2go may obtain your PHI and/or PII is you may grant permission for other third-parties to share your information directly with Lenses2go. This would include, without limitation, the Application’s access and synchronization of your PHI and/or PII with the Apple Health application and/or Apple Health Records.
Ultimately, the information that Lenses2go collects varies depending upon how you use our Services and what permissions you give to us and other third-parties that also collect your PII and/or PHI. We will not use any PHI for any other purpose without your explicit authorization, or unless otherwise permitted or required by law. You may revoke, in writing, any such authorization at any time, except to the extent we have taken action in reliance thereon.
PHI and/or PII Obtained from Apple Clinical Health Records API or through synchronization with the Apple Health application: Lenses2go does not use data obtained through Apple Clinical Health Records API or through synchronization with the Apple Health application for advertising, marketing, or other use-based data mining purposes. Lenses2go does not disclose any data obtained through Apple Clinical Health Records API or through synchronization with the Apple Health application to any third-party for advertising, marketing, or other use-based data mining purposes.
Notwithstanding, it is important to understand that Lenses2go does not have any independent access to L2G Optician detailed medical records of its patients that may be created as a result of a Visit. To the extent L2G Opticians integrates any of the information you provided to Lenses2go into L2G Opticians’ medical record that is created as a result of a Visit, Lenses2go has no authority to access, delete or modify any portion of L2G Opticians’ medical records of its patients. Lenses2go only uses the prescription for the purpose of fabricating eyeglasses. The fabrication is sometime used/done with 3rd party companies.
WE DO NOT KNOWINGLY ENROLL OR COLLECT INFORMATION DIRECTLY FROM CHILDREN UNDER THE AGE OF EIGHTEEN.
Please keep in mind that certain features on the Application or website may give you an opportunity to interact with us and others. These may include forums, message boards, chats, creating community profiles, and rating, tagging and commenting on articles. When you use these features you should be aware that any information you submit, including your name, location, health issues, and email address, may be publicly available to others. We do not protect the privacy of and are not responsible for your disclosure of any information through these interactive features, including, but not limited to information that you might post related to a minor.
Also, whenever you voluntarily disclose anyone’s personal information on publicly-viewable web pages, that information can be collected and used by others. For example, if you post your email address, you may receive unsolicited messages. We cannot control who reads your posting or what other users may do with the information that you voluntarily post, so we encourage you to exercise discretion and caution with respect to information you choose to disclose through these interactive features. When an individual chooses to post information that will be publicly disclosed, he or she is responsible for all legal consequences. We are not responsible under any data protection laws for information that you voluntarily post on a site that can be accessed by others.
If you believe that we have violated your privacy rights, you should contact us at the mailing address or e-mail address provided below. You may also file a complaint with the government. See http://oag.ca.gov/contact/consumer-complaint-against-business-or-company for more information.
2. Other Information We Collect.
Tracking and/or Analytics Services. We may use mobile application tracking and/or analytics services. These services may record unique mobile gestures such as tap, double-tap, zoom, pinch, scroll, swipe and tilt but do not collect personally identifiable information that you do not voluntarily enter in the Application. These services do not track your browsing habits across mobile applications that do not use the same services. We are using the information collected by these services to understand user behavior and optimize site performance.
Web Beacons. We may also use web beacons (invisible images often referred to as pixel tags or clear GIFs) in order to recognize users and assess traffic patterns, and we may include web beacons and cookies in our email messages in order to count how many e-mail messages have been opened.
Non-Personally Identifiable Information. We also collect Non-Personally Identifiable Information that is not health information or medical information in the form of statistics and information regarding the Application user’s statistics and metrics obtained from third party devices (for example, steps, distance, calories burned, GPS coordinates, bat speed, hand speed, swing time, etc.), which may be combined with personal information you submit through the Application and/or Services so that you can fully enjoy the benefits of the Application’s tracking, monitoring, and diagnostic tools. We may also request the following optional information as part of your profile so that you can fully enjoy the features and functions of our Services: your weight, height, and gender.
Mobile Device Information. Your use of the Application may also include collection of information from your mobile device. For example, the Application may request your permission to collect location data and/or may request access to multimedia (photos or videos) stored on your mobile device. You have the option of declining collection of geolocation data, but this may limit your ability to participate in certain activities through the Application. If you do not wish for your location data to be shared with Lenses2go, please respond accordingly when prompted on your mobile device, or visit your mobile device settings. Multimedia will only be collected from your device if you affirmatively select it to upload to the application (i.e. you choose an image or video to store within the Application). Multimedia will not be shared with other Application users (with the exception of your profile photo, to the extent such feature is offered, which will appear in your user profile).
3. How We Use Your Information.
- For the purposes for which you specifically provided it including, without limitation, to enable us to process your registration, provide the Services or other requests.
- To transmit a request for a Visit per your request.
- To send you information about your relationship or transactions with us.
- To notify you about our products, services, and special offers, except that we will not use PHI for marketing purposes without your prior written consent for yourself or your minor child.
- To otherwise contact you with information that we believe will be of interest to you.
- To enhance or develop features, products and services. To allow us to personalize the content that you and others see on the Application.
- To provide advertisers and other third parties with aggregate information about Application users and Application usage patterns.
- To allow other select companies to send you promotional materials about their products and services, provided that no PHI will be used for this purpose without your prior written consent.
We use non-Personally Identifiable Information for purposes such as measuring the number of users of various features of the Application, making the Application more useful to users and delivering targeted advertising and non-advertising content. We may also use Non-Personally Identifiable Information (for example, statistics regarding use and metrics) for research purposes, for marketing and promotional purposes, and to develop new learning tools and solutions and we may share such information with third parties, including researchers and/or advertisers, on an aggregate and anonymous basis. We use IP addresses to analyze trends, administer the Application, track a visitor’s movement, and gather demographic information for aggregate, non-personally identifiable use.
4. Sharing Your Information.
We may share your information as follows:
- Visits: We will share your information, at your direction, to transmit a request for a Visit with L2G Opticians . The Provider and/or other representative of L2G Opticians may contact you prior to the Provider being dispatched to your location, to ensure that he or she is equipped to handle your medical case. L2G Opticians treatment of your information is subject to Lenses2go own policies and procedures. Any PHI that we collect and save from you will be kept private and secure, as required by law.
- With Affiliates: We may share your information with affiliated companies and businesses, provided that your PHI will not be shared for any marketing purposes without your prior written consent, in accordance with applicable law.
- With Service Providers: We may use other companies to perform services including, without limitation, facilitating some aspects of our Application such as processing credit card transactions sending emails, fulfilling purchase requests, and data analysis on our behalf. These other companies may be supplied with or have access to your information solely for the purpose of providing these services to you on our behalf. Such service providers shall be bound by appropriate confidentiality and security obligations, which may include, as applicable, business associate contract obligations.
- With Business Partners: When you make purchases or engage in promotions offered through our Application, we may share PII, but not your PHI, with the businesses with which we partner to offer you those products, services, and promotions. When you accept a particular business partner’s offer, you authorize us to provide your information to that business partner.
We also may disclose your information:
- In response to a subpoena or similar investigative demand, a court order, or other request from a law enforcement or government agency where required by applicable law.
- When disclosure is required or allowed by law in connection with efforts to investigate, prevent, or take other action regarding illegal activity, suspected fraud or other wrongdoing; to protect and defend the rights, property or safety of our company, our users, our employees, or others; to comply with applicable law or cooperate with law enforcement; or to enforce our Application’s terms and conditions or other agreements or policies.
- In connection with a corporate transaction, such as the sale of all or a portion of our business, a divestiture, merger, consolidation, or asset sale, or in the event of bankruptcy, as required or allowed by law.
SPECIAL NOTICE FOR USERS OF THE APPLICATION: IF YOU ELECT TO MAKE YOUR PROFILE (OR THAT OF A MINOR OR FAMILY MEMBER) VIEWABLE BY PHYSICIANS, ALL INFORMATION THAT YOU INCLUDE IN THAT PROFILE MAY BE VIEWED BY OPTICIAN, OPTOMETRIST, AND LAB TECHNICIAN. YOU SHOULD NOT ENTER ANY INFORMATION IN THE PROFILE THAT YOU (OR ANOTHER PERSON) WISH TO REMAIN CONFIDENTIAL. THE OPTICIAN, OPTOMETRIST, AND LAB TECHNICIAN WILL NOT BE ABLE TO CONTACT YOU EXCEPT THROUGH THE PERSONAL CONTACT INFORMATION YOU PROVIDE THROUGH THE APPLICATION. LENSES2GO IS NOT RESPONSIBLE FOR THE RETENTION, USE OR PRIVACY PRACTICES OF MEDICAL PRACTICES AFTER THEY HAVE RECEIVED YOUR INFORMATION.
5. Confidentiality of Health Information.
Certain Medical Practices, Eye Care Center, and Physicians may be subject to laws and regulations governing the use and disclosure of health information they create or receive. Included among them is the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”), the Health Information Technology for Economic and Clinical Health of 2009 (“HITECH”), and the regulations adopted thereunder, and applicable state laws. When Lenses2go stores, processes, or transmits “individually identifiable health information” (as such term is defined by HIPAA) on behalf of such a health care provider, Lenses2go does so as its “business associate” (as also defined by HIPAA). Lenses2go is prohibited from, among other things, using individually identifiable health information in a manner that the health care provider itself may not. Lensesgo is also required to, among other things, apply reasonable and appropriate measures to safeguard the confidentiality, integrity and availability of individually identifiable health information we store and process on behalf of such health care providers.
6. How to Access or Update Your Information.
7. How We Protect Your Information.
We use commercially reasonable administrative, technical, and physical measures to safeguard your information in our possession against loss, theft and unauthorized use, disclosure or modification. We follow generally accepted industry standards to protect the information submitted to us, both during transmission and once we receive it. No method of transmission over the internet is 100% secure, however. Therefore, while we strive to make all reasonable efforts to use commercially acceptable means to protect your personal information, we cannot guarantee its absolute security. In the unlikely event of a data breach, you will be notified as soon as reasonably possible, in accordance with applicable law. Furthermore, we are not responsible for any breach of security or for any actions of any third parties that receive the information.
Certain of the administrative, technical, and physical measures in place are as follows. Lenses2go’s infrastructure is kept in a secured data center that protects from unauthorized access to the physical servers, backups and any element used to store and/or process personal data. Only authorized personnel can access the data center. Lenses2go systems and databases are backed up regularly to help protect the data in case of an uncontrollable catastrophe. The data center that stores Lenses2go’s servers has policies and procedures in place designed to safeguard the equipment that our data is stored on. Lenses2go regularly upgrades its system software to include the latest security features. Lenses2go servers are protected by a firewall system, which is designed to keep unwanted traffic or access out of our computer network. Lenses2go also employs an intrusion prevention service (IPS) provided by a secured data center operated by a professional company, and uses security methods to determine the identity of each registered user, so that appropriate rights and restrictions can be enforced for that user. Reliable verification of user identity is called “authentication.” All communication between Lenses2go’s Web server, your browser and the Application is encrypted with SSL (Secure Sockets Layer) to guard against network eavesdroppers. Your password is internally encrypted in Lenses2go’s system to prevent unauthorized access to the system. Validations are built throughout the application to capture the most reliable information. Only the last 4 digits of your credit card number is stored on our servers.
9. Children’s Online Privacy Protection Act.
We support and comply with the Children’s Online Privacy Protection Act (COPPA) and we do not knowingly collect information from children under the age of 18, nor do we share such information with third parties. Children under the age of 18 may not use the Application. If you seek a Visit for a minor, you will be responsible for providing information related to the minor and for paying for the Visit requested for the minor.
10. Links to Third Party Sites.
11. How to Contact Us.
12. Effective Date.
THIS NOTICE DESCRIBES HOW MEDICAL INFORMATION ABOUT YOU MAY BE USED AND DISCLOSED AND HOW YOU CAN GET ACCESS TO THIS INFORMATION. PLEASE REVIEW IT CAREFULLY. THE PRIVACY OF YOUR MEDICAL INFORMATION IS IMPORTANT TO US
WHO FOLLOWS THIS NOTICE
This notice describes the privacy practices of L2G Opticians, the independent professional medical entities that contract with Lenses2go and operate as an affiliated covered entities and provide the requested medical services. Among other things, L2G Opticians contracts with Lenses2go to license Lenses2go’s Application to provide L2G Opticians with the capability to receive, respond to and schedule requested visits. Lenses2go does not provide any medical services, nor does it refer or recommend any physician or medical practice or any other medical provider or personnel.
When it comes to your health information, you have certain rights. This section explains your rights and some of our responsibilities to help you.
Get an electronic or paper copy of your medical record: You can ask to see or get an electronic or paper copy of your medical record and other health information we have about you. Ask us how to do this. We will provide a copy or summary of your health information in a time frame compliant with the law, usually within 15 days of your request. We may charge a reasonable, cost-based fee.
Ask us to correct your medical record: Lenses2go nor L2G Opticians will have the ability to change your prescription strength or power. You will be required to revisit your eye care examiner in order to make any adjustments or changes with your prescription.
Request confidential communications: You can ask us to contact you in a specific way (for example, home or office phone) or to send mail to a different address. We will say “yes” to all reasonable requests.
Ask us to limit what we use or share: You can ask us not to use or share certain health information for treatment, payment, or our operations. We are not required to agree to your request, and we may say “no” if it would affect your care. If you pay for a service or health care item out-of-pocket in full, you can ask us not to share that information for the purposes of payment or our operations with your health insurer. We will say “yes” unless a law requires us to share that information.
Get a list of those with whom we’ve shared information: You can ask for a list (accounting) of the times we’ve shared your health information for six years prior to the date you ask, who we shared it with, and why. We will include all the disclosures except for those about treatment, payment, and health care operations, and certain other disclosures (such as any you asked us to make). We’ll provide one accounting a year for free but will charge a reasonable, cost-based fee if you ask for another one within 12 months.
Get a copy of this privacy notice: You can ask for a paper copy of this notice at any time, even if you have agreed to receive the notice electronically. We will provide you with a paper copy promptly.
Choose someone to act for you: If you have given someone medical power of attorney or if someone is your legal guardian, that person can exercise your rights and make choices about your health information. We will make sure the person has this authority and can act for you before we take any action.
File a complaint if you feel your rights are violated: You can complain if you feel we have violated your rights by contacting us using the information below. You can also file a complaint with the U.S. Department of Health and Human Services Office for Civil Rights by sending a letter to 200 Independence Avenue, S.W., Washington, D.C. 20201, calling 1-877-696-6775, or visiting www.hhs.gov/ocr/privacy/hipaa/complaints/. We will not retaliate against you for filing a complaint.
For certain health information, you can tell us your choices about what we share. If you have a clear preference for how we share your information in the situations described below, talk to us. Tell us what you want us to do, and we will follow your instructions.
In these cases, you have both the right and choice to tell us to: (1) Share information with your family, close friends, or others involved in your care; (2) Share information in a disaster relief situation. If you are not able to tell us your preference, for example if you are unconscious, we may go ahead and share your information if we believe it is in your best interest. We may also share your information when needed to lessen a serious and imminent threat to health or safety.
In these cases, we never share your information unless you give us written permission: marketing purposes, sale of your information, and most sharing of psychotherapy notes.
In the case of fundraising: We may contact you for fundraising efforts, but you can tell us not to contact you again.
In the case of information obtained from Apple’s Clinical Health Records API or through synchronization with the Apple Health application: We do not disclose any data obtained through Apple’s Clinical Health Records API or through synchronization with the Apple Health application to any third-party for advertising, marketing, or other use-based data mining purposes, other than improving health management and/or treatment.
OUR USES AND DISCLOSURES
We typically use or share your health information in the following ways:
Treat you: We can use your health information and share it with other professionals who are treating you. For example, the optician needs to contact your examining doctor to verify your prescription or to have a copy faxed by way your permission through a consent form.
Run our organization:
We can use and share your health information to run our practice, improve your care, and contact you when necessary. For example, we use health information about you to manage your treatment and services.
Bill for your services: We can use and share your health information to bill and get payment. For example, we give information about you to your health insurance plan so it will pay for your services.
How else can we use or share your health information?
We are allowed or required to share your information in other ways – usually in ways that contribute to the public good, such as public health and research. We have to meet many conditions in the law before we can share your information for these purposes. For more information see www.hhs.gov/ocr/privacy/hipaa/understanding/consumers/index.html.
Help with public health and safety issues: We can share health information about you for certain situations such as (1) preventing disease; (2) helping with product recalls; (3) reporting adverse reactions to medications; (4) reporting suspected abuse, neglect or domestic violence; (5) preventing or reducing a serious threat to anyone’s health or safety.
Do research: We can use or share your information for health research.
Comply with the law: We will share information about you if state or federal laws require it, including with the Department of Health and Human Services if it wants to see that we’re complying with federal privacy law.
Address workers’ compensation, law enforcement, mandated reporting and other government requests: We may use or share health information about you: (1) for workers’ compensation claims; (2) for law enforcement purposes or with a law enforcement official; (3) with health oversight agencies for activities authorized by law; (4) for special government functions such as military, national security, and presidential protective services; (5) for any applicable mandated reporting purposes such as child abuse, sexual assault, intimate partner violence or other mandated reporting.
Respond to lawsuits and legal actions: We can share health information about you in response to a court or administrative order, or in response to a subpoena.
SPECIAL CATEGORIES OF INFORMATION
In many circumstances, we are required to provide more restrictive treatment to the following types of information: psychotherapy notes, genetic testing information, information on persons with developmental disabilities, information concerning HIV/AIDS testing, and alcohol and drug abuse treatment.
We are required by law to maintain the privacy and security of your protected health information. We will let you know promptly if a breach occurs that may have compromised the privacy or security of your information. We must follow the duties and privacy practices described in this notice and give you a copy of it. We will not use or share your information other than as described here unless you tell us we can in writing. If you tell us we can, you may change your mind at any time. Let us know in writing if you change your mind. For more information see: www.hhs.gov/ocr/privacy/hipaa/understanding/consumers/noticepp.html.
CHANGES TO THE TERMS OF THIS NOTICE:
We can change the terms of this notice, and the changes will apply to all information we have about you. The new notice will be available upon request, in our office, and on our website.
THIS NOTICE OF PRIVACY PRACTICES APPLIES TO THE FOLLOWING ORGANIZATION:
Attention – General Counsel.
2451Cumberland Parkway, Suite 3745
Atlanta, Georgia 30339
At the time of your visit, you will be required to sign Lenses2go Patient consent