Note: This is an outdated record preserved for posterity. Please review the current policy here.
Validic, Inc., a Delaware corporation (the “Company”, “we”, “us” or “our”), provides the website located at www.validic.com (the “Website”) to support healthcare application or website providers by providing their end users with access to certain third party applications, programs, and/or devices that the end users may elect to connect to using the Website (collectively, the “Service”).
The United States Federal Trade Commission (FTC) is the enforcement authority with jurisdiction over this compliance.
The Information We Collect
In this section, we provide you with details about some of the information we currently collect about users of our Website and of our Service (collectively, “User Data”).
- User Key. Your healthcare application or website (each, a “healthcare portal”) provides us with a user key (the “User Key”) that identifies you as a registered member of the healthcare portal. This allows us to verify that we are authorized to provide you with the Service.
- Personal Information. We may collect information by which you may be personally identified, such as name, address, e-mail address and/or telephone number, and information required for the payment of goods or services that you order from us, including credit card numbers, security codes and other financial information (“Personal Information”).
- Company Applications. We will collect health and wellness user data produced by your use of, or uploaded by you to, Company’s applications that you may elect to use in connection with the Website and/or the Service (“Company Apps”). We provide you with information about Company Apps that connect with the Service or that are used in connection with the Website and/or the Service. These Company Apps have features that collect and store data and/or other information about you, including health and wellness user data. When you choose to access or use the Company Apps, they will be able to provide us with access to some or all of such data and/or other information (the “Company App Data”).
- Navigational Information. We may collect and use information and data from you when you are using the Service and/or Website through the standard operation of our Internet servers. Information collected from you may include user Internet Protocol (IP) addresses, browser type and version, domain names, referring/exit pages, devices, operating system, date/time stamp, click stream data and anonymous statistical data regarding your use of the Service and/or Website. For example, we can tell which Internet Service Provider our users use, but not the names, addresses or other information that would allow us to identify particular users. We use this information to analyze trends, to administer and to improve the Service and Website, to track users’ movements around the Website and to gather demographic and other aggregate information (as described in more detail below) about our user base as a whole.
- Clear Gifs. We may also employ a software technology called “clear gifs” (also known as “web beacons” or “web bugs”) that helps us better manage content on the Website by providing us feedback as to what content is effective. Clear gifs are tiny graphics with a unique identifier, similar in function to cookies, and are used to track the online movements of users. In contrast to cookies, which are stored on your web enabled device’s hard drive, clear gifs are embedded invisibly on a website page, web-based document or email message and are about the size of the period at the end of this sentence. Clear gifs may be used in our HTML-based emails to confirm receipt of, and response to our emails, including those that you forward to other recipients.
- Site Information. Due to communications standards on the internet, when you visit the Website we typically automatically receive the URL of the site from which you came and the site to which you are going when you leave our Website. We also receive the internet protocol address of your computer (or the proxy server you use to access the Internet), your computer operating system and type of web browser you are using, email patterns, your mobile device and mobile operating system, as well as the name of your ISP or your mobile carrier. We may also receive location data passed to us from third-party services or GPS-enabled devices that you have enabled.
- Site Analytics. We may analyze your use of the Website and/or Service with third party software that allows us to monitor and record your navigation and usage activities, in order to better customize and improve our Website, Service and other products.
- Aggregated User Data. In an ongoing effort to better understand and serve the users of the Website and the Services, we may analyze the User Data and conduct research on demographics, interests, behavior and other topics based on User Data of our end users, including you, that is provided to, collected by or otherwise available to us. We use the User Data from you and other users and reformat, supplement, compile, analyze and/or aggregate these datasets together to create what we term “Aggregated User Data.” We use such Aggregated User Data for product development and to improve our products and services and may share certain components of this User Data and/or Aggregated User Data with our affiliates, agents and business partners as described below.
How We Use the Information We Collect
- Sharing with Healthcare Portal Providers. We share the Program Data we collect from the Programs with your application provider.
- Business Transfers. We may also disclose and/or transfer your User Data to third parties in connection with a corporate transaction, such as a merger, acquisition by another company or sale or other transfer of all or a portion of our business or assets.
- Onward Transfer. In cases of onward transfer to third parties of data of EU or Swiss Individuals received pursuant to the EU-US and Swiss-US Privacy Shields, the Company is potentially liable.
- Lawful requests by public authorities. We will disclose personal information in response to lawful requests by public authorities, including when there is a need to meet national security or law enforcement requirements.
Reviewing, Updating and Deleting Your Information
EU individuals have the right to access their personal data. We provide your healthcare portal provider with the capability to review, update and delete your User Data, including your personal health data. We require your permission before any of your User Data (including your personal data) is accessed, retrieved or made available to your healthcare portal provider. You may change your level of permission at any time to enhance or limit the collection, use, and/or disclosure of your User Data (including your personal data). In addition, we provide your healthcare portal provider the ability to allow you to revoke permission to access your User Data (including your personal data) and will permanently delete any records that we have of your User Data (including your personal data).
Links and Advertising
You should also be aware that if you voluntarily disclose personally identifiable information in an email or other communications with any third party listed on the Website or in other materials, that information, along with any other information disclosed in your communication, can be collected and correlated and used by such third parties and may result in your receiving unsolicited messages from other persons. Such collection, correlation, use and messages are beyond our control.
- Steps we take to keep your information secure. The security of your User Data is important to us. We have put in place commercially reasonable physical, electronic, and managerial procedures to safeguard and secure User Data from unauthorized access, including as set forth in more detail in our Company Security Policy available at https://validic.com/legal/data-security (the “Security Policy”).
- Risks inherent in sharing information. Notwithstanding our commitment to protect your information, you should be aware that there is always some risk involved in transmitting information over the internet. In addition to the risk that the employees, contractors and others subject to our Security Policy may fail to follow required procedures, there is also some risk your or our network and/or security systems could be circumvented or breached, including by third parties who use our Website or Service in order to do so. As a result, while we strive to use commercially reasonable means to protect your User Data, we cannot ensure or warrant the security and privacy of your User Data or any other information you transmit to us, or of your or our network and/or security systems. If you have any questions regarding the security of the Website or the Service you can contact our privacy team at the email address set forth above.
The Website and the Service are for general audiences and neither is directed toward those under 18 years of age. We do not knowingly collect Personal Information from children under 13 without parental consent. If you become aware that a child has provided us with Personal Information, please contact our Privacy Officer at the email address in the Contact Information section. If we become aware that a child under 13 has provided us with Personal Information, we will take steps to remove such information and terminate the child’s account.
Please remember that your use of the Website and the Service is also governed by our Terms, which are available at https://validic.com/legal/terms.
U.S.-EU and U.S. – Swiss Privacy Shields
701 W. Main Street, Suite 620
Durham, NC 27701
The Company has further committed to refer unresolved privacy complaints under the Privacy Shield Principles to BBB EU PRIVACY SHIELD, a non-profit alternative dispute resolution provider located in the United States and operated by the Council of Better Business Bureaus. If you do not receive timely acknowledgment of your complaint, or if your complaint is not satisfactorily addressed, please visit https://www.bbb.org/EU-privacy-shield/for-eu-consumers/ for more information and to file a complaint.
Please note that if your complaint is not resolved through these channels, under limited circumstances, a binding arbitration option may be available before a Privacy Shield Panel.
The Company is subject to the investigatory and enforcement powers of the Federal Trade Commission (FTC).
If you have questions or complaints regarding this Policy or our practices, please contact the Company at:
701 W. Main Street, Suite 620
Durham, NC 27701