Privacy Policy

1. Introduction

This privacy policy (“Privacy Policy”) of Medarch, Inc. (“Medarch,” “Us,” or “We”) sets forth the terms applicable to you (“You” or “Your”) and describes how we collect, use, process, and disclose your personal information, in conjunction with your access to and use of the Medarch Platform, including eCareHealth and https://www.medarch.com (the “Website”) and any application(s), including updates, available on the Website (the “Application”) and the terms of service that apply to any services accessible through any such Application (collectively, the “Services”), plus any information we collect in our capacity as a Business Associate to your health care provider, which is a Covered Entity under the Health Insurance Portability and Accountability Act (“HIPAA”). Your trust is important to us and we’re committed to protecting the privacy and security of your personal information.

2. Information We Collect

There are three general categories of information we collect.

2.1 Information You Give to Us. We ask for and collect the following personal information about you when you use the Medarch Platform. This information is necessary for the adequate performance of the contract between you and us and to allow us to comply with our legal obligations.

Account Information: When you sign up for a Medarch Account, we require certain information such as your first name, last name, email address, and date of birth.

Profile and Offering Information: To use certain features, we may ask you to provide additional information, which may include your address, phone number, and a profile picture.

Identity Verification Information: To help maintain a trusted environment, we may collect identity verification information (such as images of your government-issued ID, passport, national ID card, or driving license, as permitted by applicable laws) or other authentication information.

Payment Information: To use certain features, we may require financial information (like your bank account or credit card information) to facilitate the processing of payments.

Communications: When you communicate with Medarch or use the Platform to communicate with other Users, we collect information about your communication and any information you choose to provide.

2.1.3 Information We Automatically Collect. When you use the Platform we automatically collect personal information about the services you use and how you use them, including Geo-location Information (precise or approximate location via IP address or device GPS), Usage Information (pages or content you view, searches, and other actions), and Log Data and Device Information (IP address, access dates and times, hardware and software information, device information, unique identifiers, crash data, and cookie data).

Cookies and Similar Technologies: We use cookies, web beacons, pixels, browser analysis tools, server logs, and mobile identifiers when you use our platform, mobile app, or engage with our online ads or email communications.

2.1.4 Information We Collect from Third Parties. Medarch may collect information that others provide about you when they use the Platform, or obtain information from other sources and combine it with information we collect.

2.3 Children’s Data. Our websites and applications are not directed to children under 13 and we do not knowingly collect any personal information directly from children under 13.

3. How We Use Information We Collect

We may use, store, and process personal information to (1) provide, understand, improve, and develop the Medarch Platform; (2) create and maintain a trusted and safer environment; and (3) provide, personalize, measure, and improve our advertising and marketing.

3.2 Create and Maintain a Trusted and Safer Environment. We may use personal information to detect and prevent fraud, spam, abuse, and security incidents; conduct security investigations and risk assessments; verify or authenticate information; comply with our legal obligations; resolve disputes; and enforce our Terms of Service and other policies.

3.4 SMS Terms (U.S.). By opting in to a Text Message Service, you authorize Medarch to send text messages (including marketing content) to the cell phone number associated with your opt-in. Message and data rates may apply. Text STOP to opt out or HELP for help. Consent is not a condition of purchase.

3.5 Your Choices. You can limit the communications Medarch sends to you. To opt out of marketing emails, click “unsubscribe” at the bottom of any marketing email or update your notification settings. To revoke permission for promotional texts, reply STOP. Even if you opt out of marketing, we may still send important transactional information.

4. Sharing & Disclosure

Sharing With Your Consent. Where you have provided consent, we share your information as described at the time of consent.

We will disclose your information when: you have given us consent; we need to provide a service you requested; we are complying with laws or lawful requests; we believe it is necessary to protect our rights and the security of our Platform; or in connection with a merger, financing, acquisition, or bankruptcy transaction.

When sharing information protected by HIPAA, we share your information with our HIPAA Covered Entity clients who provide you with services; with third parties you direct us to; and with third-party vendors and service providers with whom we contract as Business Associates under HIPAA. We may also share aggregated and de-identified information for regulatory compliance, research, and other business purposes.

5. Other Important Information

5.1 Analyzing Your Communications. We may review, scan, or analyze your communications on the Platform for fraud prevention, risk assessment, regulatory compliance, investigation, product development, research, analytics, and customer support purposes.

5.2 Linking Third Party Accounts. You may link your Medarch Account with a third-party service and must comply with the terms of those sites.

5.3 Third Party Partners & Integrations. The Platform may contain links to third-party websites or services that have their own rules about collection, use, and disclosure of information. We encourage you to review their privacy policies.

6. Your Rights

You may exercise any of the rights described in this section by sending an email to sales@medarch.com. We may ask you to verify your identity before taking further action.

6.1 Managing Your Information. You may access and update some of your information through your Account settings.

6.2 Rectification. You have the right to ask us to correct inaccurate or incomplete personal information about you.

6.3 Data Access and Portability. In some jurisdictions you may request copies of your personal information in a structured, commonly used, machine-readable format.

Data Retention and Erasure. We generally retain your personal information for as long as necessary to perform the contract and comply with our legal obligations. In certain jurisdictions you can request deletion, subject to retention we may need for legitimate business interests and legal obligations.

6.4 Withdrawing Consent. Where we process your personal information based on consent, you may withdraw it at any time. Withdrawal does not affect the lawfulness of processing before withdrawal.

6.5 Objection to Processing and 6.6 Lodging Complaints. In some jurisdictions you may object to certain processing and lodge complaints with our Data Protection Officer or a supervisory authority.

7. Operating Transfers

To facilitate our operations, Medarch may transfer, store, and process your information within our family of companies, partners, and service providers. Laws may differ from the laws in your residence.

California & Vermont Residents. Medarch will not share information it collects about you with its affiliates or third parties (both financial and non-financial), except as required or permitted by your state’s law.

California Privacy Rights. California law permits California residents to request once a year, free of charge, a list of third parties to whom we have disclosed personal information for direct marketing purposes. Certain information collected through the Platform is HIPAA protected health information or covered by the California Confidentiality of Medical Information Act, and our practices with respect to that information are exempt from the CCPA.

8. Security

We continuously implement and update administrative, technical, and physical security measures to help protect your information against unauthorized access, loss, destruction, or alteration. Safeguards include firewalls, data encryption, and information access controls. If you believe your account credentials have been compromised, please contact us. These safeguards are intended to meet our obligations under the HIPAA Security Standards.

9. Changes to This Privacy Policy

Medarch reserves the right to modify this Privacy Policy at any time. If we make changes, we will post the revised Privacy Policy and update the “Last Updated” date. Your continued access to or use of the Platform after the revised Privacy Policy becomes effective will be subject to the revised Privacy Policy.

10. Contact Us

If you have any questions or complaints about this Privacy Policy or Medarch’s information handling practices, you may email us at sales@medarch.com or our Data Protection Officer at sales@medarch.com. eCareHealth is a product of Medarch, Inc., 8735 Dunwoody Place #4178, Atlanta, GA 30350, USA.