LABWORQ LLC (the “Company”, “our”, “us” or “we”) registered address at 818 CENTRAL AVE STE 8 ALBANY, NY 12206 with Company EIN number 87-2715352 is committed to maintaining robust privacy protections for its users. Our Privacy Policy (“Privacy Policy”) is designed to help you understand how we collect, use and safeguard the information you provide to us and to assist you in making informed decisions when using our Service or Website. This Privacy Policy applies to all visitors to and users of the Company website www.labworq.com and all other Company-owned websites, domains, services, applications (including, but to the “Healeze”) , and products.
For purposes of this agreement, “Site” refers to the Company’s website, which can be accessed at https://labworq.com. “Service” refers to the Company’s services accessed via the Site or application “Healeze” (further also referred as “Application”), in which users can get information on COVID-19 services and testing and receive other services if any. “You” refers to you, as a user of our Site or our Service.
By accessing our Site or our Service or/and by using any of them , you accept our Privacy Policy (found here: https://labworq.com/privacy) and Terms of Use (found here: https://labworq.com/terms), and you express your informed consent to our collection, storage, use and disclosure of your Personal Information as described in this Privacy Policy.
Please read this Privacy Policy carefully. It explains what personal information we collect, why we collect it, how we use it, and your choices related to your information. We may make changes from time to time, and it is your responsibility to periodically review this Privacy Policy for any changes. Your continued use of the Services after we make changes is deemed to be an acceptance of those changes. In cases if changes are significant, we may notify you by the email or otherwise depending on your preferences.
You must not use/access the Website or the Services in any possible way in case if you do not agree to the provisions of the present Privacy Policy partially or in full.
To activate the Service you do not need to submit any Personal Information other than your email address. To use the Service thereafter, you need to submit further Personal Information. Exact types of the Personal Information required depends on the type of Services required.
Practices of collecting your Personal Data.
Company may receive your Personal Data:
When our user or subscriber provide it directly to our Site or Application (e.g., when registering in our system or when such information altered or modified by user or subscriber) using such devices as mobile phone, smartphone or PC;
through the use of our Services by its users or subscribers.
When you access and use the Services, we may collect the following categories of Personal Information from or about you:
a. Direct identifiers, such as your name, address, email address, telephone number, driver’s license number (other personal information available on the driver license), personal ID number or any other relevant information. We typically collect this information directly from you in order to communicate with you, and provide you with access to certain information through our Services. This information is also required to provide you with some of the Services.
b. Other personal information, such as identifiable health information, including demographic information like age, race, or gender. Additional information regarding our uses and disclosures of personally identifiable protected health information (“PHI”) covered by the Health Insurance Portability and Accountability Act of 1996 and its implementing regulations (“HIPAA”) can be found in this Privacy Policy, section 4. Notice of Privacy Practices.
c. Commercial Information, such as products and services purchased from us. We typically collect this information directly from you in order to fulfill your transactions and provide related customer service.
d. Photo information. The Application asks you for permission to use your phone's camera features to capture documents with a medical insurance number or an identity document (driver's license or passport) for insurance company validation; to scan a 2D barcode (or sometimes referred to as a QR code) to determine the testing address; to create a selfie photo for a user profile. Photos of documents are transmitted using the API and sent to the laboratory for identification. The profile photo is stored on our server for the purpose of displaying the photo when you log into your profile.
e. Video image information. The Application asks you for permission to use your phone's camera features to provide a video consultation feature with medical professionals at your request. The Application does not store or use your video image information in the background.
f. Location information, we used to collect the information about your current location (subject to your permission), but at the moment we don’t collect your location information. You will be redirected to respective third-party application to build a route to closest testing clinics or others purposes. Please advise that handling of your personal data is covered by the respective privacy policies of such third party. THE APPLICATION ALSO DOES NOT STORE OR USE YOUR LOCATION IN THE BACKGROUND
g. AUDIO INFORMATION, such us information you may share during audio-calls made through our Application with medical practitioners engaged in providing you services. THE APPLICATION WILL ASK YOUR PERMISSION BEFORE ACCESSING THIS TYPE OF DATA. In case you don’t want, you may revoke your permission, but some services may become unavailable for you. This service will be offered only in case if you choose to have a call with medical practitioner. Collected information may include medical data (symptoms, history of deceases, etc), duration of the consultation or other information shared during the call. By accepting our Privacy Policy, you give as an affirmative consent for handling, processing information, that can be shared during audio-calls, provided, that permission is granted. Legal ground for the processing – your consent and we will use this information to provide you with services and in order to improve their quality.
h. CALENDAR INFORMATIOM AND APPOINTMENT INFORMATION (for each user making appointment with medical practitioner via the Application) this information may include: information regarding reasons causing meeting [symptoms, diseases, related information etc], place and date of the visit, status [first consultation, second, etc], frequency, other information from time to time reasonably shared by the user. We don’t request access to your device calendar. Information from calendar in Application is required to provide you with services. YOU WILL BE ASKED TO GRANT PERMISSION TO CALENDAR INFORMATION AND IN CASE IF PERMISSION IS DISMISSED, SOME OF THE APPLICATION’S FUNCTIONS MAY NOT BE AVAILABLE TO YOU. You can opt out anytime. We are relying on you consent when processing this data and will use it for providing you services and their quality improvement. By accepting our Privacy Policy, you give as an affirmative consent for handling, processing information, that can be shared via the Calendar, provided, that permission is granted. After the consultation is provided, we may also collect information on prescriptions given and result of the consultation itself (e.g. diagnosis).
i. BLUETOOTH. Our Application may send you request to access your device’s headphones, microphone or smart-watch (to discover local devices solely). Permission for headphones or microphone is required in order to provide you with services (to properly make audio-calls with medical practitioners, while access to the smart-watch may be requested to notify you regarding the testing results or other information, intrinsically connected with services provision). Request to access will be send to you separately and you need to agree with it (adjust your setting accordingly) and your approval of it constitutes your affirmative consent. Legal ground for the processing – your consent and we will use this information solely to provide you with services and in order to improve their quality. Without this permission, some parts of the services may be unable to you. You can out put any time.
We will not use your Personal Information in any other way, express those provided in the present Privacy Policy.
However, in an effort to improve the quality of the Service, for technical maintenance or optimization, we automatically track information provided to us by your browser or by our software application when you view or use the Service, such as the website you came from (known as the “referring URL”), the type of browser you use, the device from which you connected to the Service, the time and date of access, and other information that does not personally identify you. We track this information using cookies, or small text files which include an anonymous unique identifier. Cookies are sent to a user’s browser from our servers and are stored on the user’s computer hard drive. Sending a cookie to a user’s browser enables us to collect Non-Personal information about that user and keep a record of the user’s preferences when utilizing our services, both on an individual and aggregate basis. For example, the Company may use cookies to collect the following information: login statistics, operating system and browser detection. The Company may use both persistent and session cookies; persistent cookies remain on your computer after you close your session and until you delete them, while session cookies expire when you close your browser. We store cookies to store your login session. Application and Service does not use cookies explicitly. However, the Application may use third party code and libraries that use cookies to collect information and improve the Services. You may have the option to either accept or refuse these cookies and know when a cookie is being sent to your device. If you choose to refuse our cookies, you may not be able to use some portions of the Services.
Company has to inform you that whenever users or subscribers use our Application or Service, in a case of an error in the Application we may collect data and information (through third party products) on your mobile phone or smartphone or PC and it so called Log Data. This Log Data may include information such as your device Internet Protocol (“IP”) address, device name or Other IDs (some common examples may include Advertising ID, Android ID, IMEI, BSSID, MAC address), operating system version, location, the configuration of the Application when utilizing our Service, the time and date and duration of usage of the Service or Application, and other statistics which may be treated as Personal Data. The Application does not collect sensitive information such as location when the Application is closed or not in use.
In addition to the information provided automatically by your browser when you visit the Site, to become a subscriber to the Service or use them in other prescribed ways you need to create a personal profile. You can create a profile by registering with the Service and providing us your mobile number or entering your email address, and creating a user name and a password. By registering, you authorize us to collect, store and use your email address and mobile number in accordance with this Privacy Policy. You will also be required to provide personal identifiers (examples provided earlier in the present Privacy Policy), government ID, other personal information, etc in order to register for an account.
We are using SMS for sending you COVID test results or providing you the key to enter in your personal profile.
In addition to above-mentioned Your Personal Data can be used for fulfiling Your requests and when authorized by you, researching, developing new services, for providing customer support services, sending you technical notices, updates, security alerts.
SMS disclaimer: You will agree to received SMS and SMS data rates may apply.
The Services are not directed to anyone under the age of 18. The Site and the Application do not knowingly collect or solicit information from anyone under the age of 18, or allow anyone under the age of 18 to sign up for the Service. You must not use the Application if you are under the age of majority in your state/jurisdiction empowering you to enter into contracts of such kind. In the event that we learn that we have gathered personal information from anyone under the age of 18 without the consent of a parent or guardian, we will delete that information as soon as possible. If you believe we have collected such information, please contact us at [email protected].
THIS NOTICE OF PRIVACY PRACTICES (“NOTICE”) DESCRIBES HOW HEALTH INFORMATION ABOUT YOU MAY BE USED AND DISCLOSED AND HOW YOU CAN GET ACCESS TO THIS INFORMATION. PLEASE REVIEW IT CAREFULLY.
Company collects Protected health information about you that is necessary to perform collecting of the materials for it testing on COVID-19 and other Services we provide. “Protected health information” or “PHI” is information about you, including demographic information, that may identify you and that relates to past, present, and/or future physical or mental health condition and related health care services. Following types of Personal Data (including, but not limited to) may be considered PHI: results of COVID-19 and other diseases testing, blood pressure, blood type etc).
Company is committed and required by law to maintain the privacy and security of your PHI. We are required to follow the terms of this Notice and, except as described in this Notice, will not disclose your PHI without your authorization. We will let you know promptly if a breach occurs that may have compromised the privacy or security of your information. If you provide us with authorization to use or disclose your PHI for a specific purpose and later change your mind, please let us know in writing.
You have certain rights when it comes to your PHI. You have the right to:
Ask that we limit how we use or share your PHI for treatment, payment, or our operations. We are not required to agree to your request and may say “no” if it could affect your care. If you pay for a service out-of-pocket in full, you can ask us not to share that information for the purposes of payment or our operations with your health insurer, in which case we will say “yes” unless a law requires us to share that information.
Ask us to contact you in a specific and/or confidential way (for example, home or office phone) or to send mail to a different address. We will say “yes” to all reasonable requests.
Ask for an electronic or paper copy of your medical record and other information we have about you. We will provide a copy or a summary of your health information. We may charge a reasonable, cost-based fee associated with producing copies of your medical records and other information.
Ask us to correct your protected health information that you think is incorrect or incomplete. We may say “no” to this request if we believe the change would violate any law or other legal requirement or would otherwise cause the information to be incorrect, but if that is the case we will explain why in writing.
Ask for a list (accounting) of times we’ve shared your PHI in the six years prior to the date of your request, who we shared it with, and why. We will include all disclosures except those disclosures related to treatment, payment, and our health care operations, and certain other disclosures, such as disclosures you asked us to make. We will provide one accounting to you in any twelve (12) month period free of charge. We may charge a reasonable, cost-based fee associated with producing additional accountings in any twelve (12) month period in which you have already received a free accounting.
Your PHI may be used and disclosed for treatment, payment, healthcare operations, and other purposes permitted or required by law. If we wish to use or disclose your PHI for other purposes, we would have to obtain your authorization. We may, however, use or disclose your PHI without specific authorization or permission for certain purposes, including:
Treatment. We may use and share your PHI to provide and coordinate your treatment with medical professionals responsible for your care. For example, we may use your PHI to perform tests, or send your test results to your health care provider.
Payment. We may use and share your health information to bill and receive reimbursement from health plans or other entities. For example, we may provide information about you to your health insurance plan so it will pay for the services you receive.
Health care operations. We may use and share your data to support the operations of our business or contact you when necessary. For example, we may retain a copy of your health information for auditing purposes or to improve our Services.
Business associates. There are some services provided to us through contracts with business associates (e.g., billing services, CRM-services needed to ensure services maintenance), and we may disclose your PHI to our business associate so that they can perform the job we have asked them to do. To further protect your PHI, we require our business associates to appropriately safeguard your information.
Communication with individuals involved in your care or payment for your care. We may disclose your PHI to a family member, other relative, close friend, or any other person you identify that is directly relevant to that person’s involvement in your care or payment related to your care.
Protected health information of minors. As permitted by federal and state law, we may disclose PHI about minors to their parents or guardians.
Research activities. Researchers may be given limited access to your PHI so that they can develop research projects or identify patients who may potentially qualify to participate in research studies. We may otherwise use your PHI when it is in the form of a limited data set or once an institutional review board or privacy board has reviewed the research proposal and determined that your specific authorization or consent for the research use of your PHI is not needed in whole or in part.
Creating “de-identified” information. We may use your PHI to create “de-identified” information, which means that information that can be reasonably used to identify you will be removed. There are specific rules under the law about what type of information needs to be removed before information is considered de-identified. Once the information has been de-identified as required by law, it is no longer considered PHI, not covered by this Notice, and we may use it for any lawful purpose without further notice or compensation to you.
As required to comply with laws. We may disclose your PHI when required to do so by federal, state, or local law.
Law enforcement activity. We may disclose your PHI to law enforcement officers for law enforcement purposes as permitted by law or in response to a valid subpoena or court order.
Judicial and administrative proceedings. We may disclose your PHI in response to a court or administrative order, a subpoena, discovery request, or other lawful process by someone involved in a lawsuit or dispute with or against you.
Public health activities and threats to health and safety. We may disclose your PHI to public health or other legal authorities charged with preventing or controlling disease, receiving report of suspected abuse, neglect, or domestic violence, receiving reports of adverse reactions to medications or devices, notifying people of recalls of products, or otherwise preventing or reducing serious threats to the health and safety of you, others, or the public generally.
Health oversight activities. We may disclose your PHI to an oversight agency for activities authorized by law, including audits, investigations, and inspections necessary for licensure and for the government to monitor the health care system, government programs, and compliance with civil rights laws.
Food and Drug Administration (FDA) activities. We may disclose your PHI to the FDA, or persons under the jurisdiction of the FDA, when the PHI is related to adverse events with respect to drugs, foods, supplements, products and product defects, or post marketing surveillance information to enable product recalls, repairs, or replacement.
Military or veteran affairs. We may disclose your PHI as required by military command authorities if you are or were a member of the armed forces.
Specialized government functions. We may disclose your PHI to units of the government with specialized functions such as the U.S. Military or the U.S. Department of State in response to requests authorized by law.
Correctional institutions. We may disclose your PHI to a correctional institution or its agents for your health and the health and safety of other individuals if you are or become an inmate in the correctional institution.
Worker’s compensation. We may disclose your PHI to the extent authorized by and the extent necessary to comply with laws relating to worker’s compensation or other similar programs established by law.
Death. We may disclose your PHI to a coroner, medical examiner, or funeral director to identify a deceased person, determine the cause of death, or otherwise carry out their duties.
Organ tissue procurement organizations. We may disclose your PHI to organ procurement organizations or other entities engaged in the procurement, banking, or transplantation of organs for tissue donation and transplant.
We will obtain your written authorization before using or disclosing your PHI for purposes other than those described above, including uses and disclosures of psychotherapy notes or PHI for marketing purposes, and disclosures that would constitute a sale of PHI. You may revoke this authorization in writing at any time. Upon receipt of the written revocation, we will stop using or disclosing your PHI, except to the extent that we have already taken action in reliance on the authorization.
Practices of handling (how we use) your Personal Data.
Personal Information:
Except as otherwise stated in this Privacy Policy, we do not sell, trade, rent or otherwise share for marketing purposes your Personal Information with third parties without your consent. We do share Personal Information with vendors who are performing services for the Company, such as the servers for our email communications who are provided access to user’s email address for purposes of sending emails from us. Such vendors e.g., include CRM-system Dr. Chrono (https://www.drchrono.com/), payment providers if any etc
Those vendors use your Personal Information only at our direction and in accordance with our Privacy Policy. In general, the Personal Information you provide to us is used to help us communicate with you. For example, we use Personal Information to contact users in response to questions, solicit feedback from users, provide technical support, notices, other important information and inform users about promotional offers. We may share Personal Information with outside parties if we have a good-faith belief that access, use, preservation or disclosure of the information is reasonably necessary to meet any applicable legal process or enforceable governmental request; to enforce applicable Terms of Service, including investigation of potential violations; address fraud, security or technical concerns; or to protect against harm to the rights, property, or safety of our users or the public as required or permitted by law.
Practices of sharing and using your Personal Data.
Also, we share your Personal Information:
a. Within Company. We may share your Personal Information internally among our business units and our affiliates in order to provide you our Services and generally to improve our product and Service offerings.
b. With your healthcare providers. We may share your Personal Information with the doctors or other healthcare providers with whom you have a relationship in accordance with our agreements with those healthcare providers or consistent with applicable law. More information about our uses and disclosures of PHI can be found in our Notice of Privacy Practices.
c. With vendors and other service providers. We may share your Personal Information with service providers who perform services for us and act at our direction. These services may include activities such as cloud storage and services, fulfillment services, and other IT services. Our policy is to prohibit these service providers from using your Personal Information for purposes other than providing services to us.
d. In the event of a corporate transaction. In the event we go through a business transition like a merger, acquisition, reorganization, or sale of all or a portion of our assets, we may disclose your Personal Information to the party or parties of such transaction.
In the event we undergo a business transaction such as a merger, acquisition by another company, or sale of all or a portion of our assets, your Personal Information may be among the assets transferred. You acknowledge and consent that such transfers may occur and are permitted by this Privacy Policy, and that any acquirer of our assets may continue to process your Personal Information as set forth in this Privacy Policy. If our information practices change at any time in the future, we will post the policy changes to the Site so that you may opt out of the new information practices. We suggest that you check the Site periodically if you are concerned about how your information is used.
e. To detect and defend against fraudulent, abusive, or unlawful activity.
f. To enforce our policies and rights. We may share Personal Data if we believe your actions are inconsistent with our user agreements, rules, or other policies, or to protect the rights, property, and safety of ourselves and others.
2. Non-Personal Information:
In general, we use Non-Personal Information to help us improve the Service and customize the user experience, research and develop new services, for technical maintenance. We also aggregate Non-Personal Information in order to track trends and analyze use patterns on the Site. This Privacy Policy does not limit in any way our use or disclosure of Non-Personal Information and we reserve the right to use and disclose such Non-Personal Information to our partners, advertisers and other third parties at our discretion.
3. Communication
You understand that certain communications, such as service announcements are part of our Services. By using the Services, you expressly agree to receive such communications from Services via sms, email or push notifications.
4. Promotions
We, at our sole discretion, may make available promotions with different features to any of our users or prospective users of the Services. These promotions, unless made to you, shall have no bearing whatsoever on your Agreement or relationship with us.
We implement security measures designed to protect your information from unauthorized access. Your account is protected by your account password and we urge you to take steps to keep your personal information safe by not disclosing your password and by logging out of your account after each use. We further protect your information from potential security breaches by implementing certain technological security measures including encryption, firewalls and secure socket layer technology. However, these measures do not guarantee that your information will not be accessed, disclosed, altered or destroyed by breach of such firewalls and secure server software. By using our Service, you acknowledge that you understand and agree to assume these risks.
We also constantly organize trainings for employees, regularly update and evaluate the effectiveness of used security measures, prior to update, detect the fact of any authorized access to Personal Data. The Company also authorize access to Personal Data only for those employees or contractors who require it to fulfil their job or service responsibilities.
You have the right at any time to prevent us from contacting you for marketing purposes. When we send a promotional communication to a user, the user can opt out of further promotional communications by following the unsubscribe instructions provided in each promotional e-mail. You can also indicate that you do not wish to receive marketing communications from us in the [email protected] of the Site. Please note that notwithstanding the promotional preferences you indicate by either unsubscribing or opting out in the [email protected] of the Site, we may continue to send you administrative emails including, for example, periodic updates to our Privacy Policy.
It shall be noted, that some of the Personal Information may be delated, changed by you in the Application and you are free to do so.
In case if applicable to you legislation empower you with different rights to your Personal Data, you can contact us in order to execute them.
As part of the Service, we may provide links to or compatibility with other websites or applications. However, we are not responsible for the privacy practices employed by those websites or the information or content they contain. This Privacy Policy applies solely to information collected by us through the Site and the Service. Therefore, this Privacy Policy does not apply to your use of a third party website accessed by selecting a link on our Site or via our Service. To the extent that you access or use the Service through or on another website or application, then the privacy policy of that other website or application will apply to your access or use of that site or application. We encourage our users to read the privacy statements of other websites before proceeding to use them.
If the client, user or subscriber is a European citizen or resident, the GDPR grants a number of additional rights concerning the use, storage, and processing of Personal Data. In situations when Company acts as a data processor and our client, user or subscriber is a data controller who holds Personal Data of our client, user or subscriber, you must contact this person directly if you wish to exercise any of the privacy rights mentioned below.
Under certain circumstances; you may exercise the following privacy rights:
a) right of access – you may ask us whether we are processing your Personal Data and you have the right to request a copy of the information we hold about you,
b) right of rectification – you have the right to correct inaccurate or incomplete Personal Data about you and you may have the ability to do so yourself in the settings of your Profile,
c) right to be forgotten – you can ask for the information that we hold about you to be erased from our system and we will comply with this request unless we will have a legitimate reason not to do so,
d) right to restriction of processing – where certain conditions apply, you can ask us to 'block' the processing of your Personal Data,
e) right to data portability – you have the right to have the data we hold about you transferred to another organization and to receive Personal Data in a structured, commonly used format,
f) right to object to automated processing (including profiling) – this right provides you with the ability to object to a decision based on purely automated processing. We are not currently processing your Personal Data for such type of automated decision-making, including profiling, but if we elect to do so in the future we will provide you with notice and choice, in accordance with EU data protection law.
If any of our clients, users or subscribers wishes to learn more about the GDPR and your rights, the website https://commission.europa.eu/law/law-topic/data-protection/reform/what-are-data-protection-authorities-dpas_en is a reliable source.
When processing data from EU-residents, citizens, we rely on your consent, legitimate interest, legislative requirements and existence of contractual relationship between you and the Company mainly as grounds for processing Personal Data
This website and our Services are hosted in the United States and are intended for visitors located within the United States. Your use of the Services and provision of your information is subject to the laws and regulations of the United States and the State of New York. If you choose to use the Services from other regions of the world with laws governing data collection, use and disclosures that may differ from United States law, then you acknowledge and agree that (a) you are transferring your personal information outside of those regions to the United States, and (b) the laws and regulations of the United States regarding data privacy and security governing the use and disclosure of Personal Information and Protected Health Information may differ from those of your country of residence.
Company will retain Personal Data of each client, user or subscriber only for a certain period of time which may continue as long as it will be necessary for the purposes set out in this Privacy Policy. By default Company will retain Personal Data during the period necessary for the purpose(s) for which it has been collected and/or is being processed for up to 3 (three) years unless a longer retention period is established by applicable laws.
Company will remain the right to retain and use your Personal Data to the extent necessary to comply with our legal requirements and/or contractual obligations (for example, if we are required to retain your Personal Data to comply with applicable laws or to ensure the payment for the services rendered), resolve disputes, and enforce our legal agreements and policies.
Some data may be deleted whenever you like and some data will be deleted or shortened automatically, but some data may be retained for longer periods of time when it is necessary for Company. When client, user or subscriber decided to delete data, we may follow a deletion policy (if any) to make sure that Personal Data was safely and completely removed from our servers and storages or retained only in necessary volume and anonymized form.
The Company reserves the right to change this Privacy Policy and our Terms of Use at any time. If we make material changes to how we treat our users’ Personal Information, we will update this Privacy Policy. We will notify you of significant changes to our Privacy Policy by sending a notice to the primary email address specified in your account or by placing a prominent notice on our site. You are responsible for ensuring we have an up-to-date active and deliverable e-mail address for you, and for periodically visiting our website and this Privacy Policy for changes. You should periodically check the Site and this privacy page for updates.
If you have any questions regarding this Privacy Policy or the practices of our Services, please contact us by sending an email to [email protected]
Last Updated: This Privacy Policy was last updated on 07-19-2023