PRIVACY POLICY

Privacy Policy

Version 2.0

Last Updated: May 22, 2021
Effective Date: December 27, 2018

Radish Health Inc. (“Radish”, “we”, “us” and/or “our”) is committed to protecting your privacy.  We have prepared this Privacy Policy to describe to you our practices regarding the Personal Data (as defined below) we collect from users of our website, located at https://www.radish.health, as well as all related websites, applications, networks and other services provided by us an on which a link to this Privacy Policy is displayed (collectively, our “Services”). This Privacy Policy is incorporated into and is subject to the Radish Terms of Use found at book.radish.health/tou. As described in the Radish Terms of Use, the Services may allow you to connect with an Alphabet City Medicine, P.C. health care provider (a “Provider”) to provide certain medical services, including the Telehealth Services (as defined in the Radish Terms of Use).

  1. Questions; Contacting Radish; Reporting Violations. If you have any questions or concerns or complaints about our Privacy Policy or our data collection or processing practices, or if you want to report any security violations to us, please contact us at the following address or phone number:

    Radish Health Inc.
    Attn: Viral Patel
    33 Irving Place, Suite 9060, New York, NY 10003
    help@radish.health

  2. User Consent. By checking the box to indicate your acceptance of this Privacy Policy, you agree to the terms of this Privacy Policy and you expressly consent to the collection, use and disclosure of your Personal Data in accordance with this Privacy Policy.

  3. A Note About Individuals Under the Age of 16. The Services provided through Radish are not intended for individuals under the age of 16. We do not intentionally gather Personal Data from visitors who are under the age of 16. If an individual under 16 submits Personal Data to Radish and we learn that the Personal Data is the information of an individual under 16, we will attempt to delete the information as soon as possible. If you believe that we might have any Personal Data from an individual under 16, please contact us at help@radish.health.

  4. A Note to Non-New York State Residents. The Services provided through Radish are intended only for residents of New York State. If you are not a resident of New York State please do not use the Services.

  5. Types of Data We Collect. “Personal Data” means data that allows someone to identify or contact you, including, for example, your name, address, telephone number, e-mail address, as well as any other non-public information about you that is associated with or linked to any of the foregoing data.  “Anonymous Data” means data that is not associated with or linked to your Personal Data; Anonymous Data does not, by itself, permit the identification of individual persons.  We collect Personal Data and Anonymous Data, as described below.

    1. Information You Provide to Us.

      • We may collect Personal Data from you, such as your first and last name, phone number, e-mail and mailing addresses, gender, and date of birth when you use our Services (“Account”).
      • If you use our Services on your mobile device, we may collect your phone number and the unique device ID number.
      • You may be asked to provide information necessary to complete transactions via the Services, including your name, credit card, and billing information. We do not store your credit card information directly on our servers, but this information may be collected and stored by our third party payment processor(s), who will help process and fulfill your purchases. When you submit credit card numbers, that information is encrypted using industry standard technology.
      • If you provide us feedback or contact us via e-mail, we will collect your name and e-mail address, as well as any other content included in the e-mail, in order to send you a reply.
      • We also collect other types of Personal Data that you provide to us voluntarily as part of the Services, including information about your medical condition, physician referrals, prescriptions, and other related health information we may collect or store on behalf of a Provider, and other requested information if you contact us via e-mail regarding support for the Services.
      • We may also collect Personal Data at other points in our Services that state that Personal Data is being collected.
    2. Information Collected via Technology.

      • Information Collected by Our Servers. To make our Services more useful to you, our servers (which may be hosted by a third party service provider) collect information from you, including your browser type, operating system, Internet Protocol (“IP”) address (a number that is automatically assigned to your computer when you use the Internet, which may vary from session to session), domain name, and/or a date/time stamp for your visit. 
      • Log Files. As is true of most websites, we gather certain information automatically and store it in log files.  This information includes IP addresses, browser type, Internet service provider (“ISP”), referring/exit pages, operating system, date/time stamp, and clickstream data.  We use this information to analyze trends, administer the Services, track users’ movements around the Services, gather demographic information about our user base as a whole, and better tailor our Services to our users’ needs.  For example, some of the information may be collected so that when you use the Services again, it will recognize you and the information could then be used to serve advertisements and other information appropriate to your interests.  Except as noted in this Privacy Policy, we do not link this automatically-collected data to Personal Data.
      • Cookies. Like many online services, we use cookies to collect information.  “Cookies” are small pieces of information that a website sends to your computer’s hard drive while you are viewing the website.  We may use both session Cookies (which expire once you close your web browser) and persistent Cookies (which stay on your computer until you delete them) to provide you with a more personal and interactive experience on our Services.    This type of information is collected to make the Services more useful to you and to tailor the experience with us to meet your special interests and needs. 
      • Pixel Tag In addition, we use “Pixel Tags” (also referred to as clear Gifs, Web beacons, or Web bugs). Pixel Tags are tiny graphic images with a unique identifier, similar in function to Cookies, which are used to track online movements of Web users.  In contrast to Cookies, which are stored on a user’s computer hard drive, Pixel Tags are embedded invisibly in Web pages.  Pixel Tags also allow us to send e-mail messages in a format users can read, and they tell us whether e-mails have been opened to ensure that we are sending only messages that are of interest to our users.  We may use this information to reduce or eliminate messages sent to a user.  We do not tie the information gathered by Pixel Tags to our users’ Personal Data.
      • How We Respond to Do Not Track Signals. We do not currently respond to “do not track” signals or other mechanisms that might enable users to opt out of tracking on our Services.
      • Flash LSOs. When we post videos, third parties may use local shared objects, known as “Flash Cookies,” to store your preferences for volume control or to personalize certain video features.  Flash Cookies are different from browser Cookies because of the amount and type of data and how the data is stored.  Cookie management tools provided by your browser will not remove Flash Cookies.  To learn how to manage privacy and storage settings for Flash Cookies, click here.
      • Mobile Services. We may also collect non-personal information from your mobile device.  Examples of information that may be collected and used include your geographic location, and information about the type of device you use.   This information is sent to us as aggregated information and is not traceable to any individual and cannot be used to identify an individual.
      • Analytics Services. In addition to the tracking technologies we place, other companies may set their own cookies or similar tools when you visit our Services.  This includes third party analytics services (“Analytics Services”), that we engage to help analyze how users use the Services.  We may receive reports based on these parties’ use of these tools on an individual or aggregate basis.  We use the information we get from Analytics Services only to improve our Services.  The information generated by the Cookies or other technologies about your use of our Services (the “Analytics Information”) is transmitted to the Analytics Services.  The Analytics Services use Analytics Information to compile reports on user activity.  The Analytics Services may also transfer information to third parties where required to do so by law, or where such third parties process Analytics Information on their behalf. Each Analytics Services’ ability to use and share Analytics Information is restricted by such Analytics Services’ Terms of Use and Privacy Policy.  By using our Services, you consent to the processing of data about you by Analytics Services in the manner and for the purposes set out above.  For a full list of Analytics Services we use, please contact us at help@radish.health.
    3. Information Collected from Third Parties. We may receive Personal and/or Anonymous Data about you from third parties, such as Providers and pharmacies.  We may add this information to the information we have already collected from you via our Services in order to improve the Services we provide.

  6. Use of Your Personal Data

    1. General Use. In general, Personal Data you submit to us is used either to respond to requests that you make, or to aid us in serving you better. We may use your Personal Data in the following ways, depending on the particular types of Services received:

      • facilitate the creation of and secure your account in a third party electronic medical record (“EMR”) system;
      • identify you as a user in our system;
      • provide improved administration of our Services;
      • provide the Services you request;
      • improve the quality of experience when you interact with our Services;
      • send e-mails and text messages to you to provide notifications and authorizations in connection with the Services;
      • allow a Provider to communicate with you in connection with the provision of medical services, such as telephonic medical consultations with you for prescription refills or make other telephone calls, send e-mails and text messages to you in connection with the Services;
      • facilitate the transmission of consent forms with a Provider; and
      • facilitate the transmission of electronic prescriptions to pharmacies.

    2. User Testimonials and Feedback. We often receive testimonials and comments from users who have had positive experiences with our Services. We occasionally publish such content. When we publish this content, we may identify our users by their first and last name and may also indicate their home city. We obtain the user’s consent prior to posting his or her name along with the testimonial. We may post user feedback on the Services from time to time. We will share your feedback with your first name and last initial only. If we choose to post your first and last name along with your feedback, we will obtain your consent prior to posting you name with your feedback. If you make any comments on a blog or forum associated with our Services, you should be aware that any Personal Data you submit there can be read, collected, or used by other users of these forums, and could be used to send you unsolicited messages. We are not responsible for the personally identifiable information you choose to submit in these blogs and forums.

    3. Creation of Anonymous Data. We may create Anonymous Data records from Personal Data by excluding information (such as your name) that makes the data personally identifiable to you. We use this Anonymous Data to analyze request and usage patterns so that we may enhance the content of our Services and improve navigation. We reserve the right to use Anonymous Data and aggregated and other de-identified information for any purpose and disclose Anonymous Data to third parties in our sole discretion.

  7. Disclosure of Your Personal Data. We may disclose your Personal Data as described below and as described elsewhere in this Privacy Policy, depending on the particular types of Services received.

    1. Third Parties Designated by You. When you use the Services, the Personal Data you provide will be shared with the third party that you designate to receive such information, including Providers, pharmacies and other health care service providers. Even though Radish may not be a “covered entity” as defined in the Health Insurance Portability and Accountability Act of 1996, as amended, and its implementing regulations (“HIPAA”), any Provider engaging through our Services may be a “covered entity” and therefore maybe subject to the provisions of HIPAA. If you are using the Services, your acceptance of the Terms of Use and this Privacy Policy incorporates your acceptance and consent to the Alphabet City Medicine, P.C. Notice of Privacy Practices. This notice describes how a Provider uses and discloses your protected health information as defined under HIPAA (“PHI”). Radish has agreed that its collection, use, and disclosure of your PHI on behalf of a Provider will be done consistent with the Alphabet City Medicine, P.C. Notice of Privacy Practices except to the extent you have expressly authorized additional uses and disclosures.

    2. Third Party Service Providers. We may share your Personal Data with our third party service providers to: provide you with our Services, to process payments, to maintain your EMR file, maintain databases, to conduct quality assurance testing, to provide technical support, to provide messaging services, and/or to provide other services to Radish.

    3. Affiliates. We may share some or all of your Personal Data with our parent company, subsidiaries, joint ventures, or other companies under a common control (“Affiliates”), in which case we will require our Affiliates to honor this Privacy Policy.

    4. Corporate Restructuring. We may share some or all of your Personal Data in connection with or during negotiation of any merger, financing, acquisition or dissolution transaction or proceeding involving sale, transfer, divestiture, or disclosure of all or a portion of our business or assets. In the event of an insolvency, bankruptcy, or receivership, Personal Data may also be transferred as a business asset. If another company acquires our company, business, or assets, that company will possess the Personal Data collected by us and will assume the rights and obligations regarding your Personal Data as described in this Privacy Policy.

    5. Other Disclosures. Regardless of any choices you make regarding your Personal Data (as described below), Radish may disclose Personal Data if it believes in good faith that such disclosure is necessary (a) in connection with any legal investigation; (b) to comply with relevant laws or to respond to subpoenas or warrants served on Radish; (c) to protect or defend the rights or property of Radish or users of the Services; and/or (d) to investigate or assist in preventing any violation or potential violation of the law, this Privacy Policy, or our Terms of Use.

  8. Third Party Websites. Our Services may contain links to third party websites.  When you click on a link to any other website or location, you will leave our Services and go to another site, and another entity may collect Personal Data or Anonymous Data from you.  We have no control over, do not review, and cannot be responsible for, these outside websites or their content.  Please be aware that the terms of this Privacy Policy do not apply to these outside websites or content, or to any collection of your Personal Data after you click on links to such outside websites.  We encourage you to read the privacy policies of every website you visit.  The links to third party websites or locations are for your convenience and do not signify our endorsement of such third parties or their products, content or websites.

  9. Your Choices Regarding Information. You have several choices regarding the use of information on our Service:

    1. Email Communications. We may periodically send you free newsletters and e-mails that directly promote the use of our Services.  When you receive newsletters or promotional communications from us, you may indicate a preference to stop receiving further communications from us and you will have the opportunity to “opt-out” by following the unsubscribe instructions provided in the e-mail you receive or by contacting us directly (please see contact information below).  Despite your indicated e-mail preferences, we may send you service related communications, including notices of any updates to our Terms of Use or Privacy Policy.

    2. Cookies. If you decide at any time that you no longer wish to accept Cookies from our Service for any of the purposes described above, then you can instruct your browser, by changing its settings, to stop accepting Cookies or to prompt you before accepting a Cookie from the websites you visit. Consult your browser’s technical information. If you do not accept Cookies, however, you may not be able to use all portions of the Service or all functionality of the Service. If you have any questions about how to disable or modify Cookies, please let us know at the contact information provided below.

    3. Deleting Your Personal Data. We will use commercially reasonable efforts to honor your request to delete your Personal Data that we maintain.  However, we may retain an archived copy of your records, including information related to your EMR file (which we maintain on behalf of Alphabet City Medicine, P.C.), as required by law or for legitimate business purposes. 

    4. Declining to Provide Personal Data. You may decline to provide certain Personal Data to Radish. Declining to provide Personal Data may disqualify you for features of the Services that require certain Personal Data.

  10. Changes to This Privacy Policy. This Privacy Policy is subject to occasional revision. When changes are made, we will make a new copy of the Privacy Policy available through the Services.  We will also update the “Last Updated” date at the top of the Privacy Policy.  If we make any material changes, and you have previously used the Services, we may also send an e-mail to you at the last e-mail address you provided to us pursuant to the Terms.  Any changes to the Privacy Policy will be effective 30 days after posting notice of such changes on the Services for existing users. We may require you to provide consent to the updated Privacy Policy in a specified manner before further use of the Services is permitted.  If you do not wish to permit changes in our use of your Personal Data, you must notify us prior to the effective date of the changes that you wish to terminate your relationship with us and stop using the Services. Otherwise, your continued use of the Services constitutes your acceptance of such change(s).

193715006 v7