BoobFairy Privacy Policy

Effective Date: August 19, 2021

BoobFairy Inc. (“BoobFairy”, “we”, “our” or “us”) is devoted to safeguarding our users, customers, affiliates, partners, and employee private information and ensuring the highest level of confidentiality of records. In summary, we take data privacy and security very seriously. This Privacy Policy describes the information we collect, how we use it, and the standards and procedures in place to safeguard your personal, nonpublic information.

BoobFairy, its personnel, and its affiliates strictly adhere to this Privacy Policy and the security practices and procedures described herein to ensure the confidentiality of customer information. It is BoobFairy’s policy to comply with all international (where applicable), federal, and state laws and regulations relating to the privacy of our customers’ Private Information (PI) and Private Health Information (PHI).

This Privacy Policy describes how BoobFairy Inc. collects, uses and shares your information when you visit our website at https://www.boobfairy.com (“Site” or “Website”) or use our mobile applications available in the Apple App Store or Google Play store (“App”) and use the services, features, content or applications we offer (collectively within the Site or App, the “Services”). We receive information about you from various sources, including: (i) if you download the App through your user account on the App Store or Google Play Store (your “Account”); (ii) your use of our Services generally; and (iii) from third party websites and services. You acknowledge that this Privacy Policy is part of our Terms of Service, and by agreeing to use the Services, you are agreeing to be bound by all of its terms and conditions and all applicable laws and regulations. If you do not agree and consent, discontinue use of the Services and wherever applicable, delete the App from any and all of your devices. BoobFairy Inc. is a United States company with its headquarters listed at 1789 West Union Boulevard in the city of Bethlehem in the state of Pennsylvania, 18018. Regardless of the country in which you live, you authorize us to access, transfer, store, and use your Personal Information (as defined below) in the United States and in accordance with this Privacy Policy. U.S. privacy and data protection laws and rules may vary from those in the country where you live.

What Does This Privacy Policy Cover?

This Privacy Policy covers the treatment of personally identifiable information (“Personal Information”) gathered when you are using or accessing the Services. “Personal Information” is information that can be used to identify you by itself or when it is combined with other information, such as your first and last name, email address, postal address, phone number, or payment card information. This Privacy Policy also covers our treatment of any Personal Information that our business partners or affiliates share with us or that we share with our business partners and affiliates. This Privacy Policy does not apply to the practices of third parties that we do not own or control, including but not limited to any third party websites, services and applications (“Third Party Services”) that you elect to access through the Third Party Services or to individuals that we do not manage or employ. While we attempt to facilitate access only to those Third Party Services that share our respect for your privacy, we cannot take responsibility for the content or privacy policies of those Third Party Services. We encourage you to carefully review the privacy policies of any Third Party Services you access. Certain aspects of the Services are designed to help you share information with the world. If you make information public through our Services, other users will have access to it. We cannot guarantee information you make public through our Services will remain protected in accordance with this Privacy Policy. Please think carefully before sharing information with others or before making information public. You are solely responsible for information you make public. Personal Information once “de-identified” is not subject to this Privacy Policy and we and our service providers and third party sub-contractors may treat it as non-Personal Information and use it without obligation to you, except as prohibited by applicable law.

Information BoobFairy Collects from Users

BoobFairy collects, retains, and uses Personal Information/Protected Health Information (PI/PHI) from users to include the following:

  • The information that’s required when you sign up for the site, as well as the information you choose to share.
  • Required account information such as your first and last name, email address, birthday, and gender. We use return email addresses to answer the email we receive. Such addresses are not used for any other purpose and are not shared with outside parties.
  • Usernames and User IDs, which are a way to identify you on BoobFairy. A User ID is a string of numbers and a username generally is some variation of your name. Usernames, User IDs, or Full Names may be used to identify users in public, community-based settings, such as group chats / communications, forums, and/or message boards.
  • “Public Information” which means the information you choose to make public, as well as information that is always publicly available such as user reviews and user profiles, which may remain on our site even after you terminate your account.
  • Information submitted or posted in a public space on our platform, such as a forum, message board, or group chat / communications platform or moderated session and information kept within a one on one session.
  • Information BoobFairy receives on forms, including, but not limited to, identifying information such as home or business address, zip code, telephone number, email address, and IP address. We also collect information when you contact us (such as on a form) or when you apply for a job.
  • Certifications, licenses, and photos of health providers / practitioners commonly referred to as “Experts” on Our platform. This information is used to ensure that providers are indeed health professionals with credentials proving so. Photos are used to help users better understand who the Provider is and what types of services the Provider offers. Providers also voluntarily fill out “Expert Profiles” to help users better understand who they would be working with, such as their working style, skillsets, years of experience, and prices.
  • Information surrounding video and audio calls such as metadata and analytics. BoobFairy does not access, listen to, or view the call data itself, which we consider to be Private Health Information (PHI) and is therefore protected.
  • Information that a user willingly chooses to record during a video or audio call for future access. Users may be given the option to record, save, store, and/or archive telehealth calls (both audio and video) for their own records and educational purposes. Providers do not have the option to save / record a video or audio call on our Platform; only users can do so and only they would have access to these recordings.
  • Banking and payment processing information for billing and payout purposes; such as credit card numbers, bank account numbers, routing information, legal entity information, and tax-related information and for invoicing, payment, and payout purposes
  • Health-related information that may contain Private Health Information (PHI) such as past and current healthcare/medical history, associated providers / practitioners such as primary care physicians, specialists, and allied health providers, and health insurance plans, policies, and identification numbers and information related to the processing of insurance reimbursement claims.
  • Information related to minors and dependents that you oversee as parents and/or legal guardians, such as their full name, birthdate, gender, and healthcare/medical history in the effort to collect and pass along that information to healthcare and health-related partners, that you consent to communications and/or services with, in an effort to provide proper health-related support. The BoobFairy website and Apps are not intended for use by minors however, and only people Ages 18+ years old should create an account or access or use our Services.
  • We collect usage information, such as the browser you are using, the device you are using, your location information which might be your precise location (geolocation) if you have enabled location services on your device, what website or referral source you came from previously, and what website or destination you visit when you leave our platform.
  • We make use of cookies and other types of tracking technologies to collect and store information when you use our Services on our website and/or Apps and/or email communications. A cookie is a small file sent from a web server to your computer whenever you visit a website Types of tracking technologies may include pixels and web beacons to analyze trends, administer the website and Apps, troubleshoot and improve the site’s functionality, confirm email addresses, track users’ movements around the website and/or Apps, remember items in a shopping cart or login information, serve targeted advertisements, and gather demographic information about our user base as a whole. Users can control the use of cookies at the web browser level. If you choose to opt-out or disable the tracking of cookies (or delete the cookies), certain features of our website or Apps may not function correctly or our Service might be rendered impossible. Note that your browser settings may allow you to automatically transmit a “Do Not Track” signal to websites and online services you visit. Like many websites and online services, BoobFairy currently does not alter its practices when it receives a “Do Not Track” signal from a user’s browser. To find out more about “Do Not Track,” you can visit this website: https://allaboutdnt.com/

Information BoobFairy Collects from Employees and Sub-Contractors

Federal law requires us to obtain, verify, and record personal information – such as your full name, address and date of birth – in order to confirm your identity, social security number, and banking information.
BoobFairy collects, retains, and uses PI from employees and subcontractors including the following:

  • Information BoobFairy receives on applications or other forms, including, but not limited to, identifying information such as home or business address, telephone number, email address, social security number, employer identification number, date of birth, mother’s maiden name, medical history;
  • Federal Tax ID #;
  • Medical records;
  • Banking information;
  • Background security checks and records verification

Use of Your Personal Data

We may use information about you, including your Personal Information, for any purposes consistent with our statements under this Privacy Policy or as permitted by applicable law, including to:

  • To provide and maintain our Service, including to monitor the usage, performance, and security of our Service to prevent and address fraud, terms or policy breaches, and potential harmful threats. We may send you notices, software updates, security alerts, administrative messages, and information regarding changes to our policies (such as Privacy Policy, Terms of Service, and HIPAA Notice of Privacy Practices).
  • To manage your Account: to manage your registration and account as a user of the Service. The Personal Data you provide can give you access to different functionalities of the Service that are available to you as a registered user, such as in-app messaging capabilities and booking of appointments.
  • For the performance of a contract: the development, compliance and undertaking of the purchase contract for the products, items or services you have purchased or of any other contract with Us through the Service.
  • To process transactions: to facilitate, complete, and service transactions between users, third party affiliates or service providers, and other parties regarding the purchase of products or services.
  • To conduct market research: to send out and/or conduct surveys and questionnaires, informational interviews, focus groups, and user-testing in order to analyze trends and improve our website, Apps, and marketing content, and conduct other research and marketing-related activities and efforts
  • To contact you: To contact you by email, telephone calls, SMS, in-app messages, VOIP video or audio calls, or other equivalent forms of electronic communication, such as a mobile application’s push notifications regarding updates or informative communications related to the functionalities, products or contracted services, including security updates, when necessary or reasonable for their implementation. We may contact you (or respond to you) to provide customer service regarding your account, request follow-up information, discuss any publicly-made communications, or attempted / completed transactions.
  • To provide you with news, special offers and general information about other goods, services and events which we offer that are similar to those that you have already purchased or inquired about unless you have opted not to receive such information.
  • For business transfers: We may use your information to evaluate or conduct a merger, divestiture, restructuring, reorganization, dissolution, or other sale or transfer of some or all of Our assets, whether as a going concern or as part of bankruptcy, liquidation, or similar proceeding, in which Personal Data held by Us about our Service users is among the assets transferred.
  • For marketing purposes: For advertisements, and communicate with you regarding our and third party products, services, offers, promotions, rewards and events we think you may be interested in. If you no longer wish to receive marketing communications via email, you may click on the “unsubscribe” link at the bottom of a marketing email to be removed. For information about how to manage these communications and marketing efforts, please see “Do I Have to Disclose My Personal Information” below.
  • For other purposes: We may use your information for other purposes, such as data analysis, identifying usage trends, determining the effectiveness of our promotional campaigns and to evaluate and improve our Service, products, services, marketing and your experience.

How We May Share or Disclose Your Information

We may share your personal information in the following situations:

  • With Service Providers / Vendors: We may share your personal information with Service Providers or Vendors that have products / services incorporated into our Services. These third parties help us provide, improve, promote, and protect the Services. For example, we may use third parties to provide our in-app messaging software, customer service, audio and video call services, handle scheduling and booking of services, payment processors, process healthcare reimbursement claims, run and manage our databases and servers, capture analytics, assist with cloud data storage, track affiliate transactions across other platforms, among other activities. These third parties may access, process, or store your information to perform tasks only for the purposes we have authorized for our Services. We may also share with third parties aggregated or anonymized information that does not directly identify you.
  • For business transfers: We may share or transfer your personal information in connection with, or during negotiations of, any merger, sale of Company assets, financing, or acquisition of all or a portion of Our business to another company.
  • With Affiliates: We may share your information with Our Affiliates, in which case we will require those Affiliates to honor this Privacy Policy. Affiliates include Our parent company and any other subsidiaries, joint venture partners, or other companies that We control or that are under common control with Us.
  • With business partners: We may share your information with Our business partners to offer you certain products, services or promotions.
  • With healthcare providers: In an effort to improve “Continuity of Care” and healthcare records, we may pass along your healthcare information (PI/PHI) to healthcare providers / practitioners that you have indicated you work with / have a relationship with, such as a primary care physician (PCP), healthcare specialist, and/or allied health professional.
  • With covered entities and business associates: To facilitate the processing of health insurance reimbursement claims, we may share your PI/PHI with covered entities and business associates under HIPAA regulations, such as health insurance companies, healthcare clearinghouses, and their associated technology vendors and service providers (aka “Business Associates”) in an effort to conduct normal business affairs and transactions. “Covered Entities” include doctor’s offices, dental offices, clinics, psychologists, therapists, allied health workers, nursing homes, pharmacies, hospitals, or home healthcare agencies, health plans, insurance companies, Pharmacy Benefits Managers (PBMs), healthcare clearinghouses, Health Maintenance Organizations (HMOs), government programs that pay for healthcare such as WIC, Medicare, and Medicaid.
  • With other users: when you share personal information or otherwise interact in the public areas with other users, such information may be viewed by all users and may be publicly distributed outside. If you interact with other users or register through a Third-Party Social Media Service, your contacts on the Third-Party Social Media Service may see your name, profile, pictures and description of your activity. Similarly, other users will be able to view descriptions of your activity, communicate with you and view your profile.
  • With legal representatives of the courts: When legally obligated by subpoenas, warrants, or other court orders, we may share your information for use in any legally-mandated local, state, or federal proceedings under United States law.
  • With Your consent: We may disclose your personal information for any other purpose with your consent.

WE DO NOT SELL YOUR DATA TO THIRD PARTIES. AS A DIGITAL HEALTH COMPANY, WE FEEL THAT IT IS OUR DUTY TO PROTECT YOUR DATA TO THE GREATEST EXTENT POSSIBLE.

HIPAA and Protected Health Information

Under the Health Insurance Portability and Accountability Act (“HIPAA”), some health and/or health-related information that we collect as part of providing the Services may be considered “protected health information” or “PHI.” PHI is any information in a medical record that can be used to identify an individual, and that was created, used, or disclosed to a covered entity and/or their business associate(s) in the course of providing a health care service, such as a diagnosis or treatment. Protected Health Information (PHI) is the combination of health information and personally identifiable information (PII). Health information can be information that is created or received by a covered entity via any medium—verbal, written, electronically or otherwise.

What PHI do we collect? When you voluntarily provide your PHI to Us through our website or Apps and through your use of our Services, we store and maintain that PHI in our systems. Examples of PHI you may provide include:

  • Name, social security number, driver’s license, gender, birthday and other dates like admittance dates, discharge dates, and death dates, contact information (such as home address, email address, or phone number), names of relatives (like children), device ID numbers or serial numbers, Internet Protocol (IP) address numbers, geolocation data, biometric identifiers such as fingerprints and voice prints, patient face photos, account numbers (e.g. health plan beneficiary number), medical records / history (past and current), payment information, and insurance information

HIPAA provides specific protections for the privacy and security of PHI and restricts how PHI is used and disclosed. BoobFairy may use or disclose your PHI for treatment, payment, or healthcare operations purposes on behalf of covered entities, such as healthcare providers and health insurers, and other purposes permitted or required by law. We may also disclose your PHI to other companies or individuals that need the information to provide services to us. For example, we may provide information to third party companies that assist us with support or billing services now or in the future. These third parties are required by HIPAA to also keep the PHI confidential and secure.

HIPAA Acknowledgement Form

In order to obtain services with any health-related providers on the BoobFairy platform, you will be required to e-sign a “HIPAA Acknowledgement Form” that states that you have had the opportunity to review the “Notice of Privacy Practices” document (aka “HIPAA Policy”) and that you understand how your PHI will be handled. Signing the “HIPAA Acknowledgement Form” does not mean that you agree with the policy or that you are signing away any legal rights that you might have.

The “Notice of Privacy Practices” simply states what your rights are under HIPAA and how we can use your PHI without your explicit permission, but if we wish to disclose your PHI in any other fashion outside of what is included within the “Notice of Privacy Practices,” we can only do so with your written authorization. If you do not sign the “HIPAA Acknowledgement Form, you will not be able to complete any consultations / appointments with any health-related providers.

Additionally, you may be asked by us to e-sign an authorization form (the “HIPAA Authorization Form”) that would allow Us (or the health provider) permission/authorization to disclose certain information to other parties. Your decision to e-sign the HIPAA Authorization Form is entirely voluntary. If you choose to e-sign the HIPAA Authorization, you agree that we may use and disclose your PHI in the same way we use and disclose your Personal Information that is not PHI. These uses and disclosures are described in this Privacy Policy. To the extent any provision in the HIPAA Authorization is inconsistent with this Privacy Policy, then the provisions in the HIPAA Authorization only controls with respect to your PHI. If you do not e-sign the HIPAA Authorization, then your Personal Information that is not PHI is governed by this Privacy Policy and your Personal Information that is PHI is used and disclosed by us only as permitted in accordance with our agreements with your health provider(s).

You have rights regarding the PHI that we collect. You can request that we restrict the use and disclosure of your PHI by sending a written request to legal@boobfairy.com (not HIPAA secure) or contacting us through BoobFairy’s in-app messaging system (HIPAA secure). You can request that we send your health information by alternative means to an alternative address. Once you review your PHI, if you see any problems with your PHI, you may request amendments to your PHI by making a written request to us. We have the right to deny the request in some cases. If we deny your request to change your PHI, we will provide you with a written explanation of the reason for the denial and additional information regarding further actions that you may take. You also have the right to receive a list of certain disclosures of your PHI made by us in the past six years from the date of your written request to us at the address below. Under HIPAA, this does not include disclosures made for purposes of treatment, payment, or general healthcare operations or certain other purposes we have stated above. We are required under HIPAA to notify you in the event of a breach involving your PHI and will do so as required by law. If any HIPAA-related information in this Privacy Policy should clash or be in contradiction with our Notice of Privacy Practices (aka “HIPAA Policy”), then the Notice of Privacy Practices takes precedence.

California Privacy Rights

This section of our Privacy Policy applies solely to visitors and users who reside in the State of California.

California Shine the Light Law