LABWORQ PRIVACY POLICY

LABWORQ LLC (the “Company”, “our”, “us” or “we”) is committed to maintaining robust privacy protections for its users. Our Privacy Policy (“Privacy Policy”) is designed to help you understand how we collect, use and safeguard the information you provide to us and to assist you in making informed decisions when using our Service. This Privacy Policy applies to all visitors to and users of the Company website www.labworq.com and all other Company-owned websites, domains, services, applications, and products.

For purposes of this Agreement, “Site” refers to the Company’s website, which can be accessed at https://labworq.com. “Service” refers to the Company’s services accessed via the Site or application “Healeze” (further also referred as “Application”), in which users can get information on COVID-19 services and testing. The terms “we,” “us,” and “our” refer to the Company. “You” refers to you, as a user of our Site or our Service. By accessing our Site or our Service, you accept our Privacy Policy (found here: https://labworq.com/privacy) and Terms of Use (found here: https://labworq.com/terms) , and you consent to our collection, storage, use and disclosure of your Personal Information as described in this Privacy Policy. Please read this Privacy Policy carefully. It explains what personal information we collect, why we collect it, how we use it, and your choices related to your information. By using our Services, you agree to this Privacy Policy. We may make changes from time to time, and it is your responsibility to periodically review this Privacy Policy for any changes. Your continued use of the Services after we make changes is deemed to be an acceptance of those changes.

I. INFORMATION WE COLLECT
We collect “Non-Personal Information” and “Personal Information.” Non-Personal Information includes information that cannot be used to personally identify you, such as anonymous usage data, general demographic information we may collect, referring/exit pages and URLs, platform types, preferences you submit and preferences that are generated based on the data you submit and number of clicks. Personal Information is information that identifies, relates to, describes, is capable of being associated with, or could reasonably be linked, directly or indirectly, with you or your household.
1. Information we collect about you and how we collect it
To activate the Service you do not need to submit any Personal Information other than your email address. To use the Service thereafter, you [do/do not] need to submit further Personal Information.

Company may receive your Personal Data:

when our user or subscriber provide it directly to our Site or Application (e.g., when registering in our system or when such information altered or modified by user or subscriber); through the use of our Services by its users or subscribers.

When you access and use the Services, we may collect the following categories of Personal Information from or about you:

Direct identifiers, such as your name, address, email address, telephone number. We typically collect this information directly from you in order to communicate with you, and provide you with access to certain information through our Services. Other personal information, such as identifiable health information, including demographic information like age, race, or gender. Additional information regarding our uses and disclosures of personally identifiable protected health information (“PHI”) covered by the Health Insurance Portability and Accountability Act of 1996 and its implementing regulations (“HIPAA”) can be found in this Privacy Policy, section 4. Notice of Privacy Practices. Commercial Information, such as products and services purchased from us. We typically collect this information directly from you in order to fulfill your transactions and provide related customer service. Photo information. The Application asks you for permission to use your phone's camera features to capture documents with a medical insurance number or an identity document (driver's license or passport) for insurance company validation; to scan a 2D barcode (or sometimes referred to as a QR code) to determine the testing address; to create a selfie photo for a user profile. Photos of documents are transmitted using the API and sent to the laboratory for identification. The profile photo is stored on our server for the purpose of displaying the photo when you log into your profile. Location information, such as information used to locate the device you use to access the Services. Location information may include: (i) the location of the device derived from GPS or WiFi use; (ii) other information made available by a user or others that indicates the current or prior location of the user. We typically collect this information to find the testing station you need. Without permission to access your location, we will not be able to provide correct information about the test station closest to you. The app does not store or use your location in the background. We will not use your Personal Information in any other way.

However, in an effort to improve the quality of the Service, we track information provided to us by your browser or by our software application when you view or use the Service, such as the website you came from (known as the “referring URL”), the type of browser you use, the device from which you connected to the Service, the time and date of access, and other information that does not personally identify you. We track this information using cookies, or small text files which include an anonymous unique identifier. Cookies are sent to a user’s browser from our servers and are stored on the user’s computer hard drive. Sending a cookie to a user’s browser enables us to collect Non-Personal information about that user and keep a record of the user’s preferences when utilizing our services, both on an individual and aggregate basis. For example, the Company may use cookies to collect the following information: login statistics, operating system and browser detection. The Company may use both persistent and session cookies; persistent cookies remain on your computer after you close your session and until you delete them, while session cookies expire when you close your browser. We store cookies to store your login session.

Application and Service does not use cookies explicitly. However, the Application may use third party code and libraries that use cookies to collect information and improve the Services. You may have the option to either accept or refuse these cookies and know when a cookie is being sent to your device. If you choose to refuse our cookies, you may not be able to use some portions of the Services.

Company has to inform you that whenever users or subscribers use our Application or Service, in a case of an error in the Application we may collect data and information (through third party products) on your mobile phone or smartphone and it so called Log Data. This Log Data may include information such as your device Internet Protocol (“IP”) address, device name, operating system version, location, the configuration of the Application when utilizing our Service, the time and date and duration of usage of the Service or Application, and other statistics which may be treated as Personal Data. The Application does not collect sensitive information such as location when the Application is closed or not in use.

2. Information you provide us by registering for an account

In addition to the information provided automatically by your browser when you visit the Site, to become a subscriber to the Service you will need to create a personal profile. You can create a profile by registering with the Service and entering your email address, and creating a user name and a password. By registering, you are authorizing us to collect, store and use your email address in accordance with this Privacy Policy.

3. Children’s Privacy

The Service are not directed to anyone under the age of 18. The Site and the Application do not knowingly collect or solicit information from anyone under the age of 18, or allow anyone under the age of 18 to sign up for the Service. In the event that we learn that we have gathered personal information from anyone under the age of 18 without the consent of a parent or guardian, we will delete that information as soon as possible. If you believe we have collected such information, please contact us at support@labworq.com.

4. Notice of Privacy Practices

THIS NOTICE OF PRIVACY PRACTICES (“NOTICE”) DESCRIBES HOW HEALTH INFORMATION ABOUT YOU MAY BE USED AND DISCLOSED AND HOW YOU CAN GET ACCESS TO THIS INFORMATION. PLEASE REVIEW IT CAREFULLY. Company collects protected health information about you that is necessary to perform collecting of the materials for it testing on COVID-19 and other Services we provide. “Protected health information” or “PHI” is information about you, including demographic information, that may identify you and that relates to past, present, and/or future physical or mental health condition and related health care services.

4.1. Our Responsibilities

Company is committed and required by law to maintain the privacy and security of your PHI. We are required to follow the terms of this Notice and, except as described in this Notice, will not disclose your PHI without your authorization. We will let you know promptly if a breach occurs that may have compromised the privacy or security of your information. If you provide us with authorization to use or disclose your PHI for a specific purpose and later change your mind, please let us know in writing.

4.2. Your Rights

You have certain rights when it comes to your PHI. You have the right to: Ask that we limit how we use or share your PHI for treatment, payment, or our operations. We are not required to agree to your request and may say “no” if it could affect your care. If you pay for a service out-of-pocket in full, you can ask us not to share that information for the purposes of payment or our operations with your health insurer, in which case we will say “yes” unless a law requires us to share that information. Ask us to contact you in a specific and/or confidential way (for example, home or office phone) or to send mail to a different address. We will say “yes” to all reasonable requests. Ask for an electronic or paper copy of your medical record and other information we have about you. We will provide a copy or a summary of your health information. We may charge a reasonable, cost-based fee associated with producing copies of your medical records and other information.  Ask us to correct your protected health information that you think is incorrect or incomplete. We may say “no” to this request if we believe the change would violate any law or other legal requirement or would otherwise cause the information to be incorrect, but if that is the case we will explain why in writing. Ask for a list (accounting) of times we’ve shared your PHI in the six years prior to the date of your request, who we shared it with, and why. We will include all disclosures except those disclosures related to treatment, payment, and our health care operations, and certain other disclosures, such as disclosures you asked us to make. We will provide one accounting to you in any twelve (12) month period free of charge. We may charge a reasonable, cost-based fee associated with producing additional accountings in any twelve (12) month period in which you have already received a free accounting.

4.3. Our Uses and Disclosures

Your PHI may be used and disclosed for treatment, payment, healthcare operations, and other purposes permitted or required by law. If we wish to use or disclose your PHI for other purposes, we would have to obtain your authorization. We may, however, use or disclose your PHI without specific authorization or permission for certain purposes, including: Treatment. We may use and share your PHI to provide and coordinate your treatment with medical professionals responsible for your care. For example, we may use your PHI to perform tests, or send your test results to your health care provider. Payment. We may use and share your health information to bill and receive reimbursement from health plans or other entities. For example, we may provide information about you to your health insurance plan so it will pay for the services you receive. Health care operations. We may use and share your data to support the operations of our business or contact you when necessary. For example, we may retain a copy of your health information for auditing purposes or to improve our Services. Business associates. There are some services provided to us through contracts with business associates (e.g., billing services), and we may disclose your PHI to our business associate so that they can perform the job we have asked them to do. To further protect your PHI, we require our business associates to appropriately safeguard your information. Communication with individuals involved in your care or payment for your care. We may disclose your PHI to a family member, other relative, close friend, or any other person you identify that is directly relevant to that person’s involvement in your care or payment related to your care. Protected health information of minors. As permitted by federal and state law, we may disclose PHI about minors to their parents or guardians. Research activities. Researchers may be given limited access to your PHI so that they can develop research projects or identify patients who may potentially qualify to participate in research studies.  We may otherwise use your PHI when it is in the form of a limited data set or once an institutional review board or privacy board has reviewed the research proposal and determined that your specific authorization or consent for the research use of your PHI is not needed in whole or in part. Creating “de-identified” information. We may use your PHI to create “de-identified” information, which means that information that can be reasonably used to identify you will be removed.  There are specific rules under the law about what type of information needs to be removed before information is considered de-identified. Once the information has been de-identified as required by law, it is no longer considered PHI, not covered by this Notice, and we may use it for any lawful purpose without further notice or compensation to you. As required to comply with laws. We may disclose your PHI when required to do so by federal, state, or local law. Law enforcement activity. We may disclose your PHI to law enforcement officers for law enforcement purposes as permitted by law or in response to a valid subpoena or court order. Judicial and administrative proceedings. We may disclose your PHI in response to a court or administrative order, a subpoena, discovery request, or other lawful process by someone involved in a lawsuit or dispute with or against you. Public health activities and threats to health and safety. We may disclose your PHI to public health or other legal authorities charged with preventing or controlling disease, receiving report of suspected abuse, neglect, or domestic violence, receiving reports of adverse reactions to medications or devices, notifying people of recalls of products, or otherwise preventing or reducing serious threats to the health and safety of you, others, or the public generally. Health oversight activities. We may disclose your PHI to an oversight agency for activities authorized by law, including audits, investigations, and inspections necessary for licensure and for the government to monitor the health care system, government programs, and compliance with civil rights laws. Food and Drug Administration (FDA) activities. We may disclose your PHI to the FDA, or persons under the jurisdiction of the FDA, when the PHI is related to adverse events with respect to drugs, foods, supplements, products and product defects, or post marketing surveillance information to enable product recalls, repairs, or replacement. Military or veteran affairs. We may disclose your PHI as required by military command authorities if you are or were a member of the armed forces. Specialized government functions. We may disclose your PHI to units of the government with specialized functions such as the U.S. Military or the U.S. Department of State in response to requests authorized by law. Correctional institutions. We may disclose your PHI to a correctional institution or its agents for your health and the health and safety of other individuals if you are or become an inmate in the correctional institution. Worker’s compensation. We may disclose your PHI to the extent authorized by and the extent necessary to comply with laws relating to worker’s compensation or other similar programs established by law. Death. We may disclose your PHI to a coroner, medical examiner, or funeral director to identify a deceased person, determine the cause of death, or otherwise carry out their duties. Organ tissue procurement organizations. We may disclose your PHI to organ procurement organizations or other entities engaged in the procurement, banking, or transplantation of organs for tissue donation and transplant.

4.4. Other Uses and Disclosures of PHI

We will obtain your written authorization before using or disclosing your PHI for purposes other than those described above, including uses and disclosures of psychotherapy notes or PHI for marketing purposes, and disclosures that would constitute a sale of PHI. You may revoke this authorization in writing at any time. Upon receipt of the written revocation, we will stop using or disclosing your PHI, except to the extent that we have already taken action in reliance on the authorization.

II. HOW WE USE AND SHARE INFORMATION

Personal Information:

Except as otherwise stated in this Privacy Policy, we do not sell, trade, rent or otherwise share for marketing purposes your Personal Information with third parties without your consent. We do share Personal Information with vendors who are performing services for the Company, such as the servers for our email communications who are provided access to user’s email address for purposes of sending emails from us. Those vendors use your Personal Information only at our direction and in accordance with our Privacy Policy. In general, the Personal Information you provide to us is used to help us communicate with you. For example, we use Personal Information to contact users in response to questions, solicit feedback from users, provide technical support, and inform users about promotional offers. We may share Personal Information with outside parties if we have a good-faith belief that access, use, preservation or disclosure of the information is reasonably necessary to meet any applicable legal process or enforceable governmental request; to enforce applicable Terms of Service, including investigation of potential violations; address fraud, security or technical concerns; or to protect against harm to the rights, property, or safety of our users or the public as required or permitted by law.

Also, we share your Personal Information:

At Company. We may share your Personal Information internally among our business units and our affiliates in order to provide you our Services and generally to improve our product and service offerings. With your healthcare providers. We may share your Personal Information with the doctors or other healthcare providers with whom you have a relationship in accordance with our agreements with those healthcare providers or consistent with applicable law. More information about our uses and disclosures of PHI can be found in our Notice of Privacy Practices. With vendors and other service providers. We may share your Personal Information with service providers who perform services for us and act at our direction. These services may include activities such as cloud storage and services, fulfillment services, and other IT services. Our policy is to prohibit these service providers from using your Personal Information for purposes other than providing services to us. In the event of a corporate transaction. In the event we go through a business transition like a merger, acquisition, reorganization, or sale of all or a portion of our assets, we may disclose your Personal Information to the party or parties of such transaction.

Non-Personal Information:

In the event we undergo a business transaction such as a merger, acquisition by another company, or sale of all or a portion of our assets, your Personal Information may be among the assets transferred. You acknowledge and consent that such transfers may occur and are permitted by this Privacy Policy, and that any acquirer of our assets may continue to process your Personal Information as set forth in this Privacy Policy. If our information practices change at any time in the future, we will post the policy changes to the Site so that you may opt out of the new information practices. We suggest that you check the Site periodically if you are concerned about how your information is used. In general, we use Non-Personal Information to help us improve the Service and customize the user experience. We also aggregate Non-Personal Information in order to track trends and analyze use patterns on the Site. This Privacy Policy does not limit in any way our use or disclosure of Non-Personal Information and we reserve the right to use and disclose such Non-Personal Information to our partners, advertisers and other third parties at our discretion.

III. HOW WE PROTECT INFORMATION

We implement security measures designed to protect your information from unauthorized access. Your account is protected by your account password and we urge you to take steps to keep your personal information safe by not disclosing your password and by logging out of your account after each use. We further protect your information from potential security breaches by implementing certain technological security measures including encryption, firewalls and secure socket layer technology. However, these measures do not guarantee that your information will not be accessed, disclosed, altered or destroyed by breach of such firewalls and secure server software. By using our Service, you acknowledge that you understand and agree to assume these risks.

IV. YOUR RIGHTS REGARDING THE USE OF YOUR PERSONAL INFORMATION

You have the right at any time to prevent us from contacting you for marketing purposes. When we send a promotional communication to a user, the user can opt out of further promotional communications by following the unsubscribe instructions provided in each promotional e-mail. You can also indicate that you do not wish to receive marketing communications from us in the support@labworq.com of the Site. Please note that notwithstanding the promotional preferences you indicate by either unsubscribing or opting out in the support@labworq.com of the Site, we may continue to send you administrative emails including, for example, periodic updates to our Privacy Policy.

V. LINKS TO OTHER WEBSITES

As part of the Service, we may provide links to or compatibility with other websites or applications. However, we are not responsible for the privacy practices employed by those websites or the information or content they contain. This Privacy Policy applies solely to information collected by us through the Site and the Service. Therefore, this Privacy Policy does not apply to your use of a third party website accessed by selecting a link on our Site or via our Service. To the extent that you access or use the Service through or on another website or application, then the privacy policy of that other website or application will apply to your access or use of that site or application. We encourage our users to read the privacy statements of other websites before proceeding to use them.

VI. ACCESS, REVIEW, OBJECTION TO PROCESSING AND PORTABILITY

If the client, user or subscriber is a European citizen or resident, the GDPR grants a number of additional rights concerning the use, storage, and processing of Personal Data. In situations when Company acts as a data processor and our client, user or subscriber is a data controller who holds Personal Data of our client, user or subscriber, you must contact this person directly if you wish to exercise any of the privacy rights mentioned below. Understand certain circumstances; you may exercise the following privacy rights: right of access – you may ask us whether we are processing your Personal Data and you have the right to request a copy of the information we hold about you. right of rectification – you have the right to correct inaccurate or incomplete Personal Data about you and you may have the ability to do so yourself in the settings of your Profile. right to be forgotten – you can ask for the information that we hold about you to be erased from our system and we will comply with this request unless we will have a legitimate reason not to do so. right to restriction of processing – where certain conditions apply, you can ask us to 'block' the processing of your Personal Data. right to data portability – you have the right to have the data we hold about you transferred to another organization and to receive Personal Data in a structured, commonly used format. right to object to automated processing (including profiling) – this right provides you with the ability to object to a decision based on purely automated processing. We are not currently processing your Personal Data for such type of automated decision-making, including profiling, but if we elect to do so in the future we will provide you with notice and choice, in accordance with EU data protection law; If any of our clients, users or subscribers wishes to learn more about the GDPR and your rights, the website https://ec.europa.eu/info/law/law-topic/data-protection/reform/what-are-data-protection-authorities-dpas_en is a reliable source.

VII. OTHER INTERNATIONAL VISITORS

This website and our Services are hosted in the United States and are intended for visitors located within the United States. Your use of the Services and provision of your information is subject to the laws and regulations of the United States and the State of New York. If you choose to use the Services from other regions of the world with laws governing data collection, use and disclosures that may differ from United States law, then you acknowledge and agree that (a) you are transferring your personal information outside of those regions to the United States, and (b) the laws and regulations of the United States regarding data privacy and security governing the use and disclosure of Personal Information and Protected Health Information may differ from those of your country of residence.

VIII. DATA RETENTION PERIOD

Company will retain Personal Data of each client, user or subscriber only for a certain period of time which may continue as long as it will be necessary for the purposes set out in this Privacy Policy. By default Company will retain Personal Data during the period necessary for the purpose(s) for which it has been collected and/or is being processed for up to 3 (three) years unless a longer retention period is established by applicable laws. Company will remain the right to retain and use your Personal Data to the extent necessary to comply with our legal requirements and/or contractual obligations (for example, if we are required to retain your Personal Data to comply with applicable laws or to ensure the payment for the services rendered), resolve disputes, and enforce our legal agreements and policies. Some data may be deleted whenever you like and some data will be deleted or shortened automatically, but some data may be retained for longer periods of time when it is necessary for Company. When client, user or subscriber decided to delete data, we may follow a deletion policy (if any) to make sure that Personal Data was safely and completely removed from our servers and storages or retained only in necessary volume and anonymized form.

IX. CHANGES TO OUR PRIVACY POLICY

The Company reserves the right to change this Privacy Policy and our Terms of Use at any time. If we make material changes to how we treat our users’ Personal Information, we will update this Privacy Policy. We will notify you of significant changes to our Privacy Policy by sending a notice to the primary email address specified in your account or by placing a prominent notice on our site. You are responsible for ensuring we have an up-to-date active and deliverable e-mail address for you, and for periodically visiting our website and this Privacy Policy for changes. You should periodically check the Site and this privacy page for updates.

X. CONTACT US

If you have any questions regarding this Privacy Policy or the practices of our Services, please contact us by sending an email to support@labworq.com Last Updated: This Privacy Policy was last updated on 04-25-2022