Privacy

Protecting your privacy is really important to us. With this in mind, we’re providing this Privacy Policy to explain our practices regarding the collection, use and disclosure of information that we receive through our website located at Profi.io (“Site”) and our web application (“App”) (together, the “Services”). This Privacy Policy does not apply to any third-party websites, services or applications, even if they are accessible through our Services. The first section of this Privacy Policy applies to all users of the Services, including designated service providers (“guides”) and their customers. The second section applies only to customers.

Revisions to this Privacy Policy:


Any information that is collected via our Services is covered by the Privacy Policy in effect at the time such information is collected. We may revise this Privacy Policy from time to time. If we make any material changes to this Privacy Policy, we’ll notify you of those changes by posting them on the Services or by sending you an email or other notification, and we’ll update the “Last Updated Date” above to indicate when those changes will become effective.

Information Collected or Received from You:


Our primary goals in collecting information are to provide and improve our Services, to administer your use of the Services, and to enable you to enjoy and easily navigate our Services.

Account Information:


If you create an account as a Customer (“Customer Account”) or as a Guide (“Guide Account”), we may collect certain information that can be used to identify you, such as your name, email address, and phone number (“PII”). We may also collect your gender, date of birth and other information that is not considered PII because it cannot be used by itself to identify you.

By signing up to Profi you grant Profi permission to coordinate and manage bookings between you and your Guide. You also grant Profi access to data required to perform the job of coordinating and managing bookings including and limited to: your first name + last initial, phone number, email, appointment date, time, and provider name. We access the minimum amount of data required to do our job and this information is only used to coordinate bookings. Profi has permission to share this information with your Guide.

Information Collected Through Your Use of the Services:


If you have a Customer Account, the Services collect active data, which requires input from you, and also passive data, meaning that once you authorize access, the data will be collected periodically without any additional action or input required. Active data includes tracking whether you did or did not take action on your care plan, as well as notes, ratings, and messages. These communications are customized by your Guide and help gather data about your current state and situation so that your Guide can better understand how you are doing and how certain situations affect you. Passive data may include Cookies (defined below) and information about the time you spent using the Services.


Information Collected Using Cookies and other Web Technologies:


Like many website owners and operators, we use automated data collection tools such as Cookies and Web Beacons to collect certain information. “Cookies” are small text files that are placed on your device by a Web server when you access our Services. We may use both session Cookies and persistent Cookies to identify that you’ve logged in to the Services and to tell us how and when you interact with our Services. We may also use Cookies to monitor aggregate usage and web traffic routing on our Services and to customize and improve our Services. Unlike persistent Cookies, session Cookies are deleted when you log off from the Services and close your browser. Although most browsers automatically accept Cookies, you can change your browser options to stop automatically accepting Cookies or to prompt you before accepting Cookies. Please note, however, that if you don’t accept Cookies, you may not be able to access all portions or features of the Services. Some third-party services providers that we engage (including third-party advertisers) may also place their own Cookies on your hard drive. Note that this Privacy Policy covers only our use of Cookies and does not include use of Cookies by such third parties. “Web Beacons” (also known as Web bugs, pixel tags or clear GIFs) are tiny graphics with a unique identifier that may be included on our Services for several purposes, including to deliver or communicate with Cookies, to track and measure the performance of our Services, to monitor how many visitors view our Services, and to monitor the effectiveness of our advertising. Unlike Cookies, which are stored on the user’s hard drive, Web Beacons are typically embedded invisibly on web pages (or in an e-mail).

Information Related to Use of the Services:


Our servers automatically record certain information about how a person uses our Services (we refer to this information as “Log Data”), including both Account holders and non-Account holders (either, a “User”). Log Data may include information such as a User’s Internet Protocol (IP) address, browser type, operating system, the web page that a User was visiting before accessing our Services, the pages or features of our Services to which a User browsed and the time spent on those pages or features, search terms, the links on our Services that a User clicked on and other statistics. We use Log Data to administer the Services and we analyze (and may engage third parties to analyze) Log Data to improve, customize and enhance our Services by expanding their features and functionality and tailoring them to our Users’ needs and preferences. We may use a person’s IP address to generate aggregate, non-identifying information about how our Services are used. Information Sent by Your Mobile Device. We collect certain information that your mobile device sends when you use our Services, like a device identifier, user settings and the operating system of your device, as well as information about your use of our Services.

Location Information:


When you use our App, we may collect and store information about your location by converting your IP address into a rough geolocation or by accessing your mobile device’s GPS coordinates or coarse location if you enable location services on your device. We may use location information to improve and personalize our Services for you. If you do not want us to collect location information, you may disable that feature on your mobile device.

Video:


Profi does not record video sessions, neither stores them.

Information that We Share with Third Parties:


We will not share any PII that we have collected from or regarding you except as described below.

Information Shared with Our Services Providers:


We may engage third-party services providers to work with us to administer and provide the Services. These third-party services providers have access to your PII only for the purpose of performing services on our behalf and are expressly obligated not to disclose or use your PII for any other purpose.


Information Shared with Third Parties:


We may share aggregated information and non-identifying information with third parties for industry research and analysis, demographic profiling and other similar purposes. Any aggregated information shared in these contexts will not contain your PII. Such information shall be de-identified and handled in conformance with the Health Insurance Portability and Accountability Act of 1996 and its privacy and security regulations (“HIPAA”).

Information Disclosed in Connection with Business Transactions:


Information that we collect from our users, including PII and PHI (defined below), is considered to be a business asset. Thus, if we are acquired by a third party as a result of a transaction such as a merger, acquisition or asset sale or if our assets are acquired by a third party in the event we go out of business or enter bankruptcy, some or all of our assets, including your PII, may be disclosed or transferred to a third party acquirer in connection with the transaction. You will have the opportunity to opt out of any such transfer if the new entity's planned processing of your information differs materially from that set forth in this Privacy Policy. Information Disclosed for Our Protection and the Protection of Others. We cooperate with government and law enforcement officials or private parties to enforce and comply with the law. We may disclose any information about you to government or law enforcement officials or private parties as we, in our sole discretion, believe necessary or appropriate: (i) to respond to claims, legal process (including subpoenas); (ii) to protect our property, rights and safety and the property, rights and safety of a third party or the public in general; and (iii) to stop any activity that we consider illegal, unethical or legally actionable activity.

Your Choices:


We offer you choices regarding the collection, use and sharing of your PII and we’ll respect the choices you make. Please note that if you decide not to provide us with the PII that we request, you may not be able to access all of the features of the Services.

Opt-Out:


Whether you are a Customer or a Guide, we may periodically send you free newsletters and e-mails that directly promote our Services. When you receive such promotional communications from us, you will have the opportunity to “opt-out” (either through your Account or by following the unsubscribe instructions provided in the e-mail you receive). We do need to send you certain communications regarding the Services and you will not be able to opt out of those communications – e.g., communications regarding updates to our customer Terms of Service, Guide Terms of Service or this Privacy Policy, or email communications relating to the HIPAA Security Rule or essential notifications of communications with your Guide. Modifying Your Information. If you want to access and modify the PII associated with your customer Account, you’ll need to work with your Guide to do so. If you want us to delete your customer Account, please contact us at help@profi.io with your request. We’ll take steps to deactivate your customer Account as soon we can, but some information, including PHI (defined below) may remain in archived/backup copies for our records, your Guide’s records or as otherwise required by law.


Responding to Do Not Track Signals:


Our Site does not have the capability to respond to “Do Not Track” signals received from various web browsers.


Account Deletion:

 

You have the right to request us to delete your account and erase personal data, unless Profi is obliged to continue processing your data under law or under a contract between Profi and Guide. To request account deletion, please contact help@profi.io. ​


The Security of Your Information:


We take reasonable administrative, physical and electronic measures designed to protect the information that we collect from or about you (including your PII) from unauthorized access, use or disclosure. When you enter sensitive information on our forms, we encrypt this data using SSL or other technologies. Please be aware, however, that no method of transmitting information over the Internet or storing information is completely secure. Accordingly, we cannot guarantee the absolute security of any information.

Links to Other Sites:


Our Services may contain links to websites and services that are owned or operated by third parties (each, a “Third-party Service”). Any information that you provide on or to a Third-party Service or that is collected by a Third-party Service is provided directly to the owner or operator of the Third-party Service and is subject to the owner’s or operator’s privacy policy. We’re not responsible for the content, privacy or security practices and policies of any Third-party Service. To protect your information we recommend that you carefully review the privacy policies of all Third-party Services that you access.

International Transfer:


Your PII may be transferred to, and maintained on, computers located outside of your state, province, country or other governmental jurisdiction where the privacy laws may not be as protective as those in your jurisdiction. If you’re located outside the United States and choose to provide your PII to us, we may transfer your PII to the United States and process it there.

Our Policy Toward Children:


As described in the Customer Terms of Service, to create a Customer Account, children under 13 must enter an access code provided by the child’s Guide. Before the Guide can provide an access code to a child under 13, we require the Guide to obtain written consent from the child’s parent or legal guardian for the child to use the Services. We only collect information through the Services from children under 13 where the child’s Guide has agreed to provide this Privacy Policy to and obtain written consent from the child’s parent or legal guardian.

The child’s Guide is responsible for confirming receipt of a consent form for the child before providing an access code, and for providing parents or legal guardians access to their child’s Customer Account so that the parent or legal guardian may review, modify or delete any PII contained in the child’s Customer Account. The child’s parent or legal guardian has the right to refuse further collection, use, and/or disclosure of their child’s PII by notifying the child’s Guide. If we learn that we have received PII from a child under 13 without the child’s Guide having obtained written consent from the child’s parent or guardian, we will delete the child’s customer Account. Please contact us at help@profi.io if you believe that a child under 13 may have created a customer Account without the consent of the child’s parent or legal guardian.

FOR CUSTOMERS:


Use of Protected Health Information

If you have registered a customer Account with Profi, you have agreed to the customer Terms of Service which describe our practices and your obligations with regard to your protected health information (“PHI”). Please read and review the customer Terms of Service carefully as they are a contract between you and Profi. We may use your PHI in the following ways: As part of the Services, we may deliver your PHI to your Guide. Your Guide should give you a notice of privacy practices that describe how your Guide uses and discloses your PHI, including through the Services. As directed by your Guide, we may give your PHI to other Guides or health care providers for the purposes of your treatment. We may also disclose your PHI to individuals who are not health care providers such as your teacher, but if the person to whom we are directed to disclose your PHI is not a health care provider, we’ll only disclose your PHI to that person if you provide a release form to your Guide allowing us to do so. Your Guide's ability to disclose your PHI for these and similar purposes is restricted by applicable federal law and state law, including HIPAA and the applicable privacy laws of the state in which you reside. If you wish to restrict the disclosures that your Guide makes of your PHI, you should make a request directly to your Guide. To the extent your PHI becomes part of your Guide’s health records, you may not be able to delete it. We may also use your PHI to operate our Services, and we may give it to our services providers to assist us in providing Services. We may disclose it if we are compelled to do so by law, including valid legal process.

We may aggregate your PHI with that of other Customers who use the Services, and share such aggregated information with wellness providers and their business associates for health care operations purposes, or other purpose(s) in accordance with applicable state and federal law.

In order to maintain the security of your customer Account, we may monitor and keep a log of access to it, and we may maintain the log until we determine it is no longer needed.

Except as provided in this Privacy Policy and the customer Terms of Service, we will not use or disclose your PHI to third parties.

We may use IP addresses and device identifiers to analyze trends, administer the Services and gather broad demographic information for aggregate use. We do not link IP addresses and device identifiers to PII or PHI.

De-Identified Information:


We are permitted to remove personal identifiers from your PII, including PHI, so that it cannot reasonably be used to identify you. We may use your PHI collected through the Services to create de-identified information (i.e., information that does not identify you).

As part of the customer Terms of Service, you transfer and assign to us all right, title and interest in and to all such de-identified information, and you agree that we may use, disclose, market, license and sell such de-identified information for any purpose without restriction, and that you have no interest in such de-identified information, or in the proceeds of any sale, license, or other commercialization thereof.

Questions?


Please contact us at help@profi.io if you have any questions about our Privacy Policy.

Privacy policy for corporate:


At Profi we respect your privacy and value the trust you have placed in us. We are committed to the responsible management, use, and protection of your information. This Privacy Policy explains how Profi (“we,” “our,” or “us”) collects, uses, and discloses information we obtain through www.profi.io, our products and applications that link to this Privacy Policy (collectively, the “Service”). This Privacy Policy is incorporated by reference into our Terms of Service.

In providing the Service, we collect and obtain information about individual consumers (“End Users”) to, among other things, provide End Users access to our platform that connects wellness professionals involved in the End User’s care. In providing the Service, we at times act as a service provider to health care providers and/or wellness professionals (collectively, “Providers”).

YOUR HEALTH PRIVACY RIGHTS:


A Federal law entitled the Health Insurance Portability and Accountability Act, (“HIPAA”), safeguards “protected health information” that we create, receive, maintain, or transmit. As used in this Privacy Policy, the term “protected health information” includes any information covered by U.S. federal health laws that we maintain that reasonably can be used to identify an individual and that relates to that individual’s physical or mental health condition, provision of care, or payment for such care. HIPAA limits how we may use and disclose protected health information. We are also required to, among other things, apply reasonable and appropriate measures to safeguard the confidentiality, integrity, and availability of this information. Some of our Providers may be regulated as “covered entities” under HIPAA. Please be aware that this Privacy Policy is distinct from such Provider’s HIPAA Notice of Privacy Practices, which describes in detail how that Provider uses and discloses protected health information. If an End User would like to review a copy of their Provider’s HIPAA Notice of Privacy Practices, the End User should request a copy directly from their Provider.

HOW WE COLLECT YOUR INFORMATION:


Information You Provide. We collect any information that you provide us when you use the Service. Through the Service. We collect any information that you provide when you use the Service. When an End User registers for the Service the End User provides their [name, date of birth, address, phone number, and email address.] In addition, we may request that the End User submit responses to physical assessment questionnaires to help us assess their physical health.

Connected Devices. We collect any information that you provide from approved third-party applications and/or devices you connect to the Service. These third-party applications and/or devices use or share your information in accordance with their own privacy policies. We strongly suggest you review their privacy policies to make yourself aware of their privacy practices.

Communications and other Interactions. We may collect information through your communications with our customer support team and through other communications with us.

Information Provided by Third Party Partners:


We collect any information provided by third-party applications that we have partnered with. For example, enrolled End Users are provided a welltory account to assist with stress management. To the extent an End User uses the welltory service, welltory will transmit the information about the End User’s condition to us. These third-party partners use or share your information in accordance with their own privacy policies. We strongly suggest you review their privacy policies to make yourself aware of their privacy practices.

Provider Submitted Information about End Users:


Providers may provide us with information, including protected health information, about End Users they refer to the Service. Information We Collect When You Use Our Service. We may automatically collect certain technical information from your computer or mobile device when you use the Service. Information and Content from Your Device. We automatically collect information about your devices, such as a device ID, IP address, and browser type, so that we can provide and customize functionality. Cookies and Related Technologies. We may collect certain information by automated means, such as cookies, web beacons and web server logs. The information collected in this manner includes IP address, browser characteristics, device IDs and characteristics, operating system version, language preferences, referring URLs, and information about the usage of our Service. We may use this information, for example, to determine how many users have visited certain pages or opened messages or newsletters, or to prevent fraud. We may link this data to your profile. You may be able to change browser settings to block and delete cookies when you access the Service through a web browser. However, if you do that, the Service may not work properly.


HOW WE USE YOUR INFORMATION:


Internal and Service-Related Usage. We use the information we collect about and from you for a number of purposes, including providing, supporting, and improving the services we offer, analyzing how you use the Service and better tailoring features. Communications. We may send email to the email address you provide to us and push notifications, lessons, questionnaires, videos, animations, etc. to your mobile device to provide the Services and for informational and operational purposes, such as account management, customer service, system maintenance, and other Service-related purposes. Promotional Materials. We may send you promotional emails or other information about the products or services we offer. You may opt out of email marketing by using the unsubscribe link in a promotional email or by writing to us at the address given at the end of this Privacy Policy. Where required under applicable law, we will obtain all required authorizations/consents before sending marketing communications. Aggregate Data. To the extent permitted by applicable law, we may de-identify your information and process it in an anonymous and/or aggregated form for other purposes than described above.

HOW WE MAY DISCLOSE YOUR INFORMATION:


Except as otherwise described in this Privacy Policy, we will not disclose information that we collect about you on the Service to third parties without your consent. In addition, to the extent permitted by applicable law, we may de-identify your information and process it in an anonymous and/or aggregated form. For example, we may share anonymous and aggregated reports on user demographics, service performance and traffic patterns with third parties. Providers and Approved Persons. If you are an End User that was enrolled by a Provider, we share information collected from you through the Service with your Provider. In addition, to the extent permitted by applicable law, the Service may allow End Users to share information collected with explicitly designated third-parties. Vendors and Service Providers. We may share any information we receive with vendors and service providers we use to help us provide and improve the Service. For example, we may provide your collected information to our database hosting provider. In addition, we may use third party analytics vendors to evaluate and provide us with information about your use of the Service. We do not share your information with these third parties, but these analytics service providers may set and access their own cookies, pixel tags and similar technologies on the Service and they may otherwise collect or have access to information about you which they may collect over time and across different websites. On our website, we use Google Analytics to collect and process certain analytics data; Google provides some additional privacy options described at https://google.com/policies/privacy/partners. Marketing. We do not rent, sell, or share information that we collect from you on the Service with other people or unaffiliated companies for their direct marketing purposes unless we have your permission and only to the extent permitted by applicable law. Comply with Legal Requirements. We may disclose your information as we believe to be necessary or appropriate to: (i) comply with applicable law and legal processes; (ii) respond to requests from public and government authorities, including public and government authorities outside your country of residence; (iii) enforce our Terms of Service; (iv) protect our rights, privacy, safety, or property, and/or that of our affiliates, you or others; and (v) allow us to pursue available remedies or limit the damages that we may sustain. Corporate Transactions. We reserve the right to transfer your information to service providers, advisors, potential transactional partners, or other third parties in connection with the consideration, negotiation, or completion of a corporate transaction in which we are acquired by or merged with another company or we sell, liquidate, or transfer all or a portion of our assets. With Your Permission. We may also disclose your collected information with your permission.

INFORMATION SECURITY:


We take steps in an effort to treat your information securely and in accordance with this Privacy Policy. Unfortunately, the Internet and mobile networks over which our Services are delivered cannot be guaranteed to be 100% secure, and we cannot ensure or warrant the security of any information you provide to us. We do not accept liability for unintentional disclosure.

UPDATE YOUR INFORMATION OR POSE A QUESTION OR SUGGESTION:


If you would like to request that we update or correct any information that you have provided to us through your use of the Service or if you have questions regarding this Privacy Policy, including our use and disclosure practices, please send an email to support@profi.io.