Last updated: December 16, 2022
Regardless of how You use this website or the Doxy.me Service, this section defines certain terms that are used throughout this policy.
For the purposes of this policy:
- You means the individual accessing or using the Doxy.me Service, or the company, or other legal entity on behalf of which such individual is accessing or using the Service, as applicable. You must be at least 18 years of age in order to use the Service.
- Company (referred to as either “the Company”, “We”, “Us” or “Our” in this Agreement) refers to Doxy.me Inc., 3445 Winton Pl, Suite 114, Rochester, NY 14623.
- Affiliate means an entity that controls, is controlled by or is under common control with a party, where “control” means ownership of 50% or more of the shares, equity interest or other securities entitled to vote for election of directors or other managing authority.
- Service Provider means any natural or legal person who processes data on behalf of the Company. It refers to third-party companies or individuals employed by the Company to facilitate the Service, to provide the Service on behalf of the Company, to perform services related to the Service or to assist the Company in analyzing how the Service is used.
- Third-party Social Media Service refers to any website or any social network website through which a User can log in or create an account to use the Service.
- Personal Data is any information that relates to an identified or identifiable individual.
- Cookies are small files that are placed on Your computer, mobile device or any other device by a website, containing (among other things) the details of Your browsing history and/or connection information when using the Service.
- Device means any device that can access the Service such as a computer, a cellphone or a digital tablet.
- Usage Data refers to data collected automatically, either generated by the use of the Service or from the Service infrastructure itself (for example, the duration of a page visit).
- User is someone accessing the Website as a guest, a Provider, or a Patient.
- Protected Health Information (PHI) means any health-related information as defined by applicable law.
Terms specific to the Doxy.me Service are:
- Service refers to the software product accessible from the Website.
- Provider means a doctor, medical group, or other healthcare professional who has signed up as a “Provider” on the Doxy.me Service.
- Patient refers to an individual who is using the “Patient” component of the Service using a unique URL sent by the Provider to view the Waiting Room (prior to the Session).
- Account means a unique account created for You to access our Service or parts of our Service. This may also be referred to as Your Clinic.
- Website refers to doxy.me, accessible from http://doxy.me
- Session is secure audio and/or video communication between the Patient and the Provider—the key feature of the Doxy.me Service.
- Waiting Room is the web page that is seen by Patients prior to the beginning of a video session. The Provider may change the look and feel of the Waiting Room and upload Provider-specific content.
- Provider Link is the unique URL (web address) that the Patient uses to enter the Provider’s Waiting Room prior to a Session. An example is https://yourclinic.doxy.me/DrSmith
Privacy Act of 1983
This Act defines the rules and obligations for Canadian federal agencies and departments to limit the use of personal information. Any Canadian agency that uses Doxy.me products to collect personal information must comply with this Act.
PIPEDA—The Personal Information Protection and Electronics Documents Act of 2000
Canada’s comprehensive national private sector privacy legislation is known as PIPEDA. The goals of the Act are to create trust in electronic commerce transactions and to establish a level playing field, so the same rules apply to all businesses. PIPEDA is similar to EU legislation, and that is why Canada is one of the few countries that is deemed to have an “adequate” level of protection by EU Authorities. This means that EU data may be stored and processed in Canada without additional legal instruments.
It should be noted that provinces may have their own privacy laws. If they are equal to or stronger than PIPEDA, then they take precedence.
PIPEDA has ten Fair Information Principles, listed below.
Accountability – We have a privacy officer and committee responsible for privacy issues. They make information about their privacy policies and procedures available at the Website.
Identifying purposes – We identify the reasons for collecting Your personal information before or at the time of collection.
Limiting collection – We limit the amount and type of the information gathered to what is necessary. For Providers, only a name and email address are required.
Limiting use, disclosure and retention – In general, we use or disclose Your personal information only for the purpose for which it was collected, unless You consent. We only keep Your personal information only as long as necessary.
Accuracy – We keep and allow You to keepYyour personal information as accurate, complete and up to date as necessary.
Safeguards – We protect Your personal information against loss or theft by using appropriate security safeguards.
Openness – Our privacy policies and practices are understandable and easily available on the Website.
Individual access – Generally speaking, citizens have a right to access the personal information that an organization holds about you. As a Provider, You always have access to your account and the information within the account.
Recourse (Challenging compliance) – Organizations must develop simple and easily accessible complaint procedures. When you contact an organization about a privacy concern, citizens should be informed about avenues of recourse. Please contact firstname.lastname@example.org for any concerns or complaints.
To learn more about controlling and deleting cookies, please visit this external website: https://www.aboutcookies.org/
We may update our privacy policies from time to time. We will notify You of any changes by posting the updated policy on this page.
We will let You know via email and/or a prominent notice on Our Service, prior to the change becoming effective and update the “Last updated” date at the top of this policy.
We encourage You to review this policy periodically for any changes. Changes to this policy are effective when they are posted on this page.