iDoc24 Privacy & Security Notice (First Derm & STD Triage)
iDoc24 Inc (“iDoc24″) is committed to protecting your personal information and privacy. This Privacy & Security Policy applies to the service provided via the websites and mobile applications known as iDoc24 (iDoc24.com), First Derm and STD Triage (STDtriage.com) (collectively the “Service”). This policy describes the personal information we collect from you and how we use and secure it. “Personally Identifiable Information” or “PII” means information that can be used to identify you personally, such as an email address, a photograph with unique identifying features, etc.
Capitalized terms not defined in this Privacy & Security Policy will have the meanings set forth in the Terms of Service.
1. Information We Collect
If you choose to provide us with your PII by using the Service, you are agreeing to the processing and storage of your information in the United States and countries outside of the United States which may have data protection laws that differ from laws in your country.
Information collected by iDoc24 consists of the following, and constitutes a “Case”:
a) Two images of the user’s skin condition. These images are generally non-identifiable but may be identifiable if the user submits images of the face, rare birthmark, or identifying tattoo. We encourage users to submit images that are regarded as having no identifying features.
b) Descriptive text on the symptoms, duration, history, age, gender, etc of the skin problem.
c) We give the user the option to submit an email address via the webform (not iOS or Android) so they may be notified when their Case is answered. This is optional and is not required by the user. Email addresses are deleted from our servers immediately after the Customer has been notified their Case has been answered. We do not store, sell, or catalogue email addresses past this time.
d) On iOS, an Apple Push Notification Token, which is generated by the user’s device, is stored to allow for a Push Notification when the Customer’s Case has been answered and remind of any outstanding cases to be answered.
To help facilitate the question and response process, and the payment of Professionals (i.e Doctors), iDoc24 may require basic data from Customers such as email address to be submitted to third party payment processors, such as PayPal and Payson.
Professional applicants (i.e. Doctors) may be asked for additional information, such as full names, addresses, telephone numbers, professional license and certification information, and payment-related information. Other PII may be requested in certain circumstances.
Customer payment and contact information via third parties (PayPal and Google Wallet) is stored separately from Customer Cases. iDoc24 provides Customers with alphanumeric codes once payment is confirmed, and the codes may be used to view Professionals’ reports. The reports do not contain Customer email addresses or other PII, except to the extent that the images or reports themselves depict or describe a condition sufficiently rare/unique that they are PII.
iDoc24 is intended for use by persons over 13 years old. In addition, it does not knowingly solicit or collect PII from persons under 13 years old. We may delete from the Service PII, as well as Posts and other information, from users we believe are under the age of 13.
To enhance and individualize your experience with the Service, we may use small files called “cookies” on our websites that let us know that you are a prior user and help us ensure that your information is directed to you. We also use services on the web and in our mobile applications that help us improve your customer experience. (For example, if a report is waiting for you and you have not accessed it, we may remind you to do so.) We do not use these services to collect information about you for any other purpose.
2. Use of Your Information
iDoc24 may use, share, transfer, or disclose your PII and/or usage statistics, itself or in conjunction with third parties, for payment processing, fraud prevention, customer service, research, and to tailor iDoc24’s content and services to its users’ needs. These third parties are authorized to use your PII only as necessary for the purpose(s) of iDoc24’s agreements with them.
iDoc24 will not otherwise disclose your PII without your consent, unless acting under a good faith belief that such action:
a) conforms to legal requirements or complies with legal process, such as in complying with a formal request in a court order, subpoena or judicial proceeding;
b) serves to protect or defend the rights, property, or safety of iDoc24, its users, or others;
c) to any other third party with your consent to do so; or
d) enforces the iDoc24 Terms of Service or related Agreements.
iDoc24 may share your PII with any parent company, subsidiaries, joint ventures, or other companies under common control, in which event it will require that such companies follow this Policy with respect to your PII. If these companies follow other privacy practices you will be provided with prior written notice.
3. Correspondence Sent to You
iDoc24 will not send you any unsolicited information, including e-mail, except:
a) Users may receive iDoc24 registration emails when their Cases have been responded to, Professional applicants may receive iDoc24 communications relating to their applications, Professionals may receive notifications of images submitted by Customers, and all users may receive updates and notices about Case, their accounts, payments and new features and policies;
4. Deleting PII
If at any time you would like your PII to be removed from the Service and/or database, or believe that iDoc24 has not adhered to these privacy principles, please notify us by email at [email protected] We will use commercially reasonable efforts to delete your PII and/or promptly detect and remedy any problems.
5. Links to Third-Party Sites
6. Security and Data Retention
iDoc24 uses multiple security procedures and practices to protect from unauthorized access, destruction, use, modification and disclosure users’ PII.
All PII is password protected. All passwords use encryption.
iDoc24 uses third party services to process payments (Apple iTunes, Google Wallet, PayPal and Payson). iDoc24 obtains and stores only so much payment information as is necessary to generate the code associating the payment with the image, and only for so long as is necessary to ensure delivery of the report. (For example: last four digits of credit card; email address if one is collected and forwarded by the payment processor.) No payment information is stored on the same servers as user images, comments and reports. iDoc24 does not send images, comments or reports to email addresses collected by payment processors.
Our main servers are hosted by a third party provider in a private and secure environment.
Despite these security procedures and practices, as is the case with all computer networks connected to the Internet, iDoc24 cannot guarantee the security of your PII or any other information provided over the Internet and will not be responsible for breaches of security.
We retain your account information and the information provided by you in the form of Cases for so long as we determine is necessary, at which time we may delete and/or aggregate and store it in aggregate form indefinitely.
If you wish to have your Case removed from our site you may contact us at [email protected]. You may have to provide proof and time of payment so we can ensure you are the rightful owner of the Case in question.
7. Updates to This Policy
If we make any material changes to how your PII is used or shared, we will notify our users by posting an announcement on our company blog by way of a notice on the Service prior to the change becoming effective. We encourage you to periodically review this page for the latest information on our privacy practices.
8. Our Commitment to Children’s Privacy
iDoc24 is particularly concerned with safeguarding the privacy of children. The Service is not directed to children under 13, and children under 13 are prohibited from using the Site and Service. We do not knowingly collect PII from children under 13. If a parent or guardian becomes aware that his or her child has provided us with PII without the parent’s or guardian’s consent, he or she should contact us. If we become aware that a child under 13 has provided us with PII, we will delete such information from our systems. IF YOU ARE UNDER 13 YEARS OF AGE, THEN YOU MAY NOT USE OR ACCESS THE SERVICE AT ANY TIME OR IN ANY MANNER. A parent or guardian may submit a Case of a child under 13 and may communicate with us in order to provide and obtain information concerning the child’s Case.
May 15, 2013
Revised January 15, 2018