Last modified: October 16, 2020


MDLIVE Privacy Policy



1. Introduction.

This Privacy Policy describes how MDLIVE collects and uses Personal Information about you through the use of our Website, mobile MDLIVE, and through email, text, and other electronic communications between you and MDLIVE.

MDLIVE, Inc. (“MDLIVE,” “we,” “our,” or “us”) respects your privacy, and we are committed to protecting it through our compliance with this policy.

This Privacy Policy (our “Privacy Policy”) describes the types of information we may collect from you or that you may provide when you visit MDLIVE.com or any of our affiliated websites where this Policy is posted (collectively, “Website”) and the MDLIVE application ( “Application”) and our practices for collecting, using, maintaining, protecting, and disclosing that information.

This policy applies to information we collect:

It does not apply to information collected by:


Note, MDLIVE is not a medical group. Any telemedicine consults obtained through our Website or Application are provided by independent medical practitioners including, but not limited to, MDLIVE Medical Group, P.A., MDLIVE Medical Group (DE), P.A., MDLIVE Medical Group of New York, MDLIVE Medical Group (IL), LLC, MDLIVE Medical Group (NC), P.C., MDLIVE Medical Group (NJ), LLC, MDLIVE Medical Group NM, LLC, MDLive Medical Group of California, and MDL Medical Group (TX), PLLC (collectively, “MDLIVE Medical Group”), which are independent medical groups with a network of United States based health care providers (each, a “Provider”). MDLIVE Medical Group (or your own medical provider if you do not use a MDLIVE Medical Group Provider) is responsible for providing you with a Notice of Privacy Practices describing its collection and use of your health information, not MDLIVE. If you do not agree to be bound by those terms, you are not authorized to access or use our Website, and you must promptly exit our Website or Application.

Please read this policy carefully to understand our policies and practices regarding your information and how we will treat it. If you do not agree with our policies and practices, you should elect not to use our Website and Application. By accessing or using our Website and/or Application, you agree to this Privacy Policy. This Privacy Policy may change from time to time (see Changes to Our Privacy Policy). Your continued use of our Website or Application after we make changes is deemed to be acceptance of those changes, so please check this Privacy Policy periodically for updates.


2. Children Under the Age of 18.

Our Website and Application are not intended for children under the age of 18 without parental consent.

If you are under the age of eighteen (18) and wish to create an account with MDLIVE, your parent or legal guardian must create the account, submit your personal information, and agree to this privacy policy on your behalf. If you are under the age of 13, you may only use our services and access our Website and Application with the supervision and consent of your parents or legal guardians, including the Provider consultation services. If we learn that we have collected personal information from someone under the age of 13 that was not provided with the supervision and consent of the minor’s parents or legal guardian, we will promptly delete that information. If you believe we have impermissibly collected personal information from someone under the age of 13, please contact us using the information below.


3. Information We Collect About You and How We Collect It.

We collect different types of information about you, including information that may directly identify you, information that is about you but individually does not personally identify you, and information that we combine with our other users. This includes information that we collect directly from you or through automated collection technologies.

Generally


We collect several types of information from and about users of our Website and Application (collectively, “Personal Information”), specifically information: We collect this information:

Information You Provide to Us


The information we collect on or through our Website or through our Application is:

You also may provide information to be published or displayed (hereinafter, “posted”) on public areas of the Website or Application or transmitted to other users of the Website or Application or third parties (collectively, “User Contributions”). Your User Contributions are posted on and transmitted to others at your own risk. Although we limit access to certain pages, please be aware that no security measures are perfect or impenetrable. Additionally, we cannot control the actions of other users of the Website and Application with whom you may choose to share your User Contributions. Therefore, we cannot and do not guarantee that your User Contributions will not be viewed by unauthorized persons.

The audio portion of your medical telehealth visit (including audio from visits that include video) is recorded for purposes which may include treatment, quality, improvement of health status, customer and patient experience, customer and patient engagement and/or behavior modification, peer review, payment, efficiency, cost effectiveness and/or other purposes relating to operations and provision of telehealth services. Behavioral health visits are not recorded. By using the telehealth services available through our Website and Application you specifically consent to the recording of the medical visit.

Information We Collect Through Automatic Data Collection Technologies

As you navigate through and interact with our Website and Application, we may use automatic data collection technologies to collect certain information about your equipment, browsing actions, and patterns, specifically:

The information we collect automatically may include Personal Information or we may maintain it or associate it with Personal Information we collect in other ways or receive from third parties. It helps us to improve our Website and Application and to deliver a better and more personalized service by enabling us to:


The technologies we use for this automatic data collection may include:

4. How We Use Your Information.

We use your Personal Information for various purposes described below, including to:

  • provide our Website or Application to you;

  • provide services to you;

  • provide you with information you request from us;

  • enforce our rights arising from contracts;

  • notify you about changes; and

  • provide you with notices about your account.


We use information that we collect about you or that you provide to us, including any Personal Information:

We may also use your information to contact you about goods and services that may be of interest to you, including through newsletters. If you wish to opt-out of receiving such communications, you may do so at any time by clicking unsubscribe at the bottom of these communications. For more information, see "Choices About How We Use and Disclose Your Information".

Health Information

Some information MDLIVE collects constitutes protected health information (“PHI”) under the U.S. Health Insurance Portability and Accountability Act (“HIPAA”). As set forth above, MDLIVE Medical Group (or your own medical provider if you do not use a MDLIVE Medical Group Provider) will provide you with a Notice of Privacy Practices describing its collection, use and disclosure of your PHI, not MDLIVE, Inc. MDLIVE is a “business associate” (as that term is used under HIPAA) that provides services to and for MDLIVE Medical Group, other health care providers and health care plans, referred to as “covered entities” under HIPAA, and enters into business associate agreements with these covered entities. MDLIVE will use and disclose PHI only in accordance with the business associate agreements and HIPAA.

We may de-identify your Personal Information so that it no longer reasonably identifies you. In this case, we may use this de-identified data without restriction and for any purpose, including to improve our Website, Application, and products and services.


5. Disclosure of Your Information:

We do not share, sell, or otherwise disclose your Personal Information for purposes other than those outlined in this Privacy Policy. We may disclose your Personal Information to a few third parties, including:

  • our affiliates and third party service providers that we use to support our business;
  • to a company we merge, acquire, or that buys us, or in the event of change in structure of our company of any form;
  • to comply with our legal obligations;
  • to enforce our rights; and
  • with your consent.

We do not share or otherwise disclose your Personal Information for purposes other than those outlined in this Privacy Policy. We may disclose Personal Information that we collect or you provide as described in this privacy policy:
We may disclose Personal Information that we collect or you provide as described in this privacy policy: We may also disclose your Personal Information:

6. Choices About How We Use and Disclose Your Information :

We offer you choices on how you can opt out of our use of tracking technology, disclosure of your Personal Information for our advertising to you, and other targeted advertising.

We do not control the collection and use of your information collected by third parties. We strive to provide you with choices regarding the Personal Information you provide to us. We have created mechanisms to provide you with control over your Personal Information:


7. Your Rights Regarding Your Information and Accessing and Correcting Your Information:

You may review and change your Personal Information by logging into the Application or Website and visiting your User Preferences page.

You can review and change your Personal Information by logging into our Website or Application and visiting either the Account Details section of our Application or Website. You may also notify us through the Contact Information below of any changes or errors in any Personal Information we have about you to ensure that it is complete, accurate, and as current as possible or to delete your account. We cannot delete your personal information except by also deleting your account with us. We may also not be able to accommodate your request if we believe it would violate any law or legal requirement or cause the information to be incorrect.

With respect to any PHI in our possession, you have certain rights under HIPAA as described in the Notice of Privacy Practices provided to you by your healthcare Provider.


8. Do Not Track Signals:

We currently do not use automated data collection technologies to track you across websites. We currently do not honor do-not-track signals that may be sent by some browsers.

Some web browsers permit you to broadcast a signal to websites and online services indicating a preference that they “do not track” your online activities. At this time, we do not automatically honor such signals. However, please review other portions of this Policy regarding your ability to disable tracking technologies (e.g., Information We Collect Through Automatic Data Collection Technologies, Choices About How We Use and Disclose Your Information).


9. Data Security :

Information transmitted over the Internet is not completely secure, but we do our best to protect your Personal Information. You can help protect your Personal Information and other information by keeping your password to our Website confidential.

We have implemented measures designed to secure your Personal Information from accidental loss and from unauthorized access, use, alteration, and disclosure. We use application timeouts and encryption technology for information sent and received by us.

The safety and security of your information also depends on you. Where you have chosen a password for the use of our Website or Application, you are responsible for keeping this password confidential. We ask you not to share your password with anyone.

Unfortunately, the transmission of information via the Internet is not completely secure. Although we work diligently to try and protect your Personal Information, we cannot guarantee the security of your Personal Information transmitted to our Website or on or through our Application. Any transmission of Personal Information is at your own risk. We are not responsible for circumvention of any privacy settings or security measures contained on the Website, in your operating system, or in the Application.


10. California Privacy Rights :

California residents have certain additional privacy rights as described in this Section.

These California Privacy Rights supplement the other information contained in our Privacy Policy and applies solely to all visitors, users, and others who reside in the State of California ("consumers" or “you”). This notice is to comply with the California Consumer Privacy Act of 2018 ("CCPA") and any terms defined in the CCPA have the same meaning when used in this notice. We may update these California Privacy Rights as necessary and in the event of changes in the CCPA. These terms apply only to California residents. Please note that the CCPA expressly excludes personal information regulated under the California Confidentiality of Medical Information Act (CMIA) and protected health information (PHI) collected by a “covered entity” (e.g., a health care provider or insurance plan) or “business associate” (e.g., MDLIVE) that provides services to a covered governed by HIPAA.

Categories of Personal Information MDLIVE collects

As described in more detail in other areas of our Privacy Policy, we collect and/or disclose Personal Information about you when you visit use our Website or Application, including information about you that you provide to us, and information that we automatically collect from you or your computer or device as you use our Website or Application. Please refer to Information We Collect About You and How We Collect It for additional information and details.

Personal information does not include information that is: (a) publicly available information from government records; (b) de-identified or aggregated consumer information; or (c) certain information excluded from the scope of CCPA (e.g., PHI covered under HIPAA and medical information covered under the CMIA as discussed above).

Categories of Sources from which MDLIVE has collected Personal Information:

We collect Personal Information directly from you, for example when you provide it to us to when you contact us to our Website for Application, for create an MDLIVE account; and indirectly from you automatically through your computer or device as you use our Website or Application. We may also collect Personal Information about you from our advertising partners and service providers.

Use of Personal Information:

We do not sell your Personal Information and have not done so in the prior 12 months from the effective date of this Policy. We may use or disclose the personal information we collect for our business purposes described elsewhere in this Privacy Policy (for example, please refer to “How We Use Your Information” and Disclosure of Your Information).

Sharing Personal Information

MDLIVE may disclose your Personal Information to a third party for one or more business purposes. When we disclose Personal Information for a business purpose, such as to service providers, we enter a contract that describes the purpose and requires the recipient to both keep that Personal Information confidential and not use it for any purpose except performing the contract.

Disclosures of Personal Information for Business Purposes:

We may disclose your Personal Information for our business purposes, such as your contact information, other information you have provided to us and unique identifiers that identify you to us or to our service providers, such as companies that assist us with marketing and advertising. Please refer to Information We Collect About You and How We Collect It for additional information and details.

We disclose your Personal Information to certain third parties such as our health care Provider partners, service providers, including companies that assist us with marketing and advertising. For additional information please refer to How We Use Your Information and Disclosure of Your Information).

Access Request Rights

You have the right to request that MDLIVE disclose certain information to you about our collection and use of your Personal Information over the past 12 months for the above business and commercial purposes. To submit an access request, see Exercising Access and Deletion Rights. Once we receive and confirm your verifiable consumer request, we will disclose to you:

Deletion Request Rights

You have the right to request that MDLIVE delete your Personal Information that we collected from you and retained, subject to certain exceptions. Once we receive and confirm your verifiable consumer request, we will delete (and direct our service providers to delete) your Personal Information from our records, unless certain exceptions apply.

Exercising Access and Deletion Rights

To exercise the access and deletion rights described above, please submit a verifiable consumer request to us by either:

Only you, or a person registered with the California Secretary of State that you authorize to act on your behalf, may make a verifiable consumer request related to your Personal Information. You may also make a verifiable consumer request on behalf of your minor child. You may only make a verifiable consumer request for access twice within a 12-month period. The verifiable consumer request must:

Non-Discrimination

We will not discriminate against you for exercising any of your CCPA rights. Unless permitted by the CCPA, we will not:

Other California Privacy Rights

California Civil Code Section 1798.83 (California’s “Shine the Light” law) permits users of our Website that are California residents and who provide Personal Information in obtaining products and services for personal, family, or household use to request certain information regarding our disclosure of Personal Information to third parties for their own direct marketing purposes. If applicable, this information would include the categories of Personal Information and the names and addresses of those businesses with which we shared your Personal Information with for the immediately prior calendar year (e.g. requests made in 2020 will receive information regarding such activities in 2019). You may request this information once per calendar year. To make such a request, please contact us by email at privacy@mdlive.com.


11. Changes to Our Privacy Policy:

We will post any changes to our Privacy Policy on our Website. If we make material changes to our Privacy Policy, we may notify you of such changes through your contact information and invite you to review (and accept, if necessary) the changes.

We may change this Privacy Policy at any time. It is our policy to post any changes we make to our Privacy Policy on this page with a notice that the Privacy Policy has been updated on the Website’s home page or the Application’s home screen. If we make material changes to how we treat our users’ Personal Information, we will notify you by email to the email address specified in your account and/or through a notice on the Website’s home page or the Application’s home screen. The date this Privacy Policy was last revised is identified at the top of the page. You are responsible for ensuring we have an up-to-date active and deliverable email address for you, and for periodically accessing the Application or visiting our Website and reviewing this Privacy Policy to check for any changes.


12. Contact Information:

You may contact us through the contact information below.

If you have any questions, concerns, complaints or suggestions regarding our Privacy Policy or otherwise need to contact us, you may contact us at the contact information below or through the “Contact Us” page on our Website or in the Application.

How to Contact Us:

MDLIVE, Inc.
Attn: Chief Compliance Officer
3350 SW 148th Avenue, Suite 300
Miramar, Florida 33027
Telephone: (888)910-8508
Email: privacy@mdlive.com