TABLE OF CONTENTS
1. INFORMATION COLLECTED AND HOW WE USE IT
2. SUBMISSION OF REVIEWS, RATINGS, AND COMMENTS
4. THIRD PARTIES
5. CONTROLLING YOUR PERSONAL DATA
6. data integrity
7. HIPAA AND PHI
8. DATA RETENTION AND ACCOUNT TERMINATION
9. YOUR CHOICES
11. information sECURITY
12. CONTACT INFORMATION
14. CALIFORNIA PRIVACY RIGHTS
15. NEVADA PRIVACY RIGHTS
16. IMPORTANT NOTICE TO NON-U.S. RESIDENTS
1. INFORMATION COLLECTED AND HOW WE USE IT
In the course of operating the Service we may collect and store information about you in connection with your use of the Service, including any information you transmit to or through the Service. We use that information to provide the Service’s functionality, fulfill your requests, improve the Service’s quality, engage in audit, research and analysis to troubleshoot, maintain, protect, and improve the Service. We also that information to personalize your experience, track usage of the Service, provide feedback to third party businesses that are listed on the Service, display relevant advertising, market the Service, provide customer support, message you, back up our systems, allow for disaster recovery, enhance the security of the Service, and comply with legal obligations. Even when we do not retain such information, it still must be transmitted to our servers initially and stored long enough to process. Please also note:
A. Account Information: If you create a Rate A Hospital account, we may store and use the information you provide during that process, such as your full name, email address, zip code, physical address, and other information you may provide with your account, such as your gender, phone number, and birth date. We may publicly display your first name and last initial, as well as any photo or other content you submit through the registration process, as part of your account profile. Your account information may also contain sensitive personal information, including any confidential health information such as the hospitals, doctors, other healthcare specialists, professionals, other healthcare providers, organizations, or agents or affiliates thereof (collectively, “Hospitals”) you have visited, your reasons for visit, your dates of visit, your medical history, and other medical and health information that you voluntarily provide. You can modify some of the information associated with your account through your account settings. If you believe that someone has created an unauthorized account depicting you or your likeness, you can request its removal by flagging it.
B. Contacts: You can invite others to join or become your friend on Rate A Hospital by providing us with their contact information, or by allowing us to access your contacts from your computer, mobile device, or third party sites to select which individuals you want to invite. If you allow us to access your contacts, we may transmit that information to our servers long enough to process your invitations.
C. Communications: When you sign up for an account or use certain features, you are opting to receive messages from other users, businesses, and Rate A Hospital. You can manage some of your messaging preferences through your account settings, but note that you cannot opt out of receiving certain administrative, transactional, or legal messages from Rate A Hospital. We may also track your actions in response to the messages you receive from us or through the Service, such as whether you deleted, opened, or forwarded such messages. If you exchange messages with others through the Service, we may store them in order to process and deliver them, allow you to manage them, and we may review and disclose them in connection with investigations related to use of the Service, as well as our efforts to improve the Service. We may not deliver messages that we believe are objectionable, such as spam messages, fraudulent solicitations, or requests to exchange reviews for compensation. If you send or receive messages through the Service via SMS text message, we may log phone numbers, phone carriers, and the date and time that the messages were processed. Carriers may charge recipients for texts that they receive. We may also store information that you provide through communications to us, including from phone calls, letters, emails and other electronic messages, or in person. If you are a representative of a business listed on Rate A Hospital, we may contact you, including by phone or email, using the contact information you provide us, make publicly available, or that we have on record for your business. Our calls with you may be monitored and recorded for quality purposes.
D. Transactions: If you initiate a transaction through the Service, such as a purchase, we may collect and store information about you, such as your name, phone number, address, email, and payment information (such as a credit card number and expiration date), as well as any other information you provide to us, in order to process your transaction, send communications about them to you, and populate forms for future transactions. This information may be shared with third parties, and third parties may share such information with us, for the same purposes. When you submit credit card numbers, we encrypt that information using industry standard technology. If you write reviews about businesses with which you transact through the Service, we may publicly display the fact that you transacted with those businesses.
E. Activity: We may store information about your use of the Service, such as your search activity, the pages you view, the date and time of your visit, businesses you call using our mobile applications, and reservations, purchases, or transactions you make through the Service. We may also store information that your computer or mobile device may provide to us in connection with your use of the Service, such as your browser type, type of computer or mobile device, browser language, IP address, WiFi information such as SSID, mobile carrier, phone number, unique device identifier, advertising identifier, location (including geolocation, beacon based location, and GPS location), and requested and referring URLs and mobile applications. We may also receive and store your location whenever our mobile applications are running, including when running in the background, if you enable our mobile apps to access such information in the course of using the Service. You may be able to limit or disallow our use of certain location data through your device or browser settings, for example by adjusting the "Location Services" settings for our applications in iOS privacy settings.
F. Different Devices: You may access the Service through different devices (e.g., your mobile phone or personal computer) and different platforms (e.g., the Rate A Hospital website or Rate A Hospital mobile apps). The information that we collect and store through those different uses may be cross-referenced and combined, and your contributions through one Rate A Hospital platform will typically be similarly visible and accessible through all other Rate A Hospital platforms.
G. Legal Basis for Processing: We will normally collect personal information from you only where we have your consent to do so, where we need the personal information to perform a contract with you, or where the processing is in our legitimate interests and not overridden by your data protection interests or fundamental rights and freedoms. In some cases, we may also have a legal obligation to collect personal information from you or may otherwise need the personal information to protect your vital interests or those of another person (for instance, to prevent, investigate, or identify possible wrongdoing in connection with the Service or to comply with legal obligations). If we ask you to provide personal information to comply with a legal requirement or to perform a contract with you, we will make this clear at the relevant time and advise you whether the provision of your personal information is mandatory or not (as well as of the possible consequences if you do not provide your personal information). If we collect and use your personal information in reliance on our legitimate interests (or those of any third party), this interest will typically be to operate our Services, communicate with you in relation to our Services, or for our other legitimate commercial interests, for instance, when responding to your queries, to analyze and improve our platform, engage in marketing, or for the purposes of detecting or preventing fraud. If you have questions about or need further information concerning the legal basis on which we collect and use your personal information, please contact us at the address listed below in the “Contact” section.
2. SUBMISSION OF REVIEWS, RATINGS, AND COMMENTS
A. Public Content: We collect information that you voluntarily contribute as part of the Service. Your contributions to the Service are intended for public consumption and are therefore viewable by the public, including your photos, ratings, reviews, lists, collections, compliments, Rate A Hospital posts, and edits to business listing information. Your account profile (e.g., first name, last initial, city, neighborhood, month and year joined, profile photos and friends) is also intended for public consumption, as is some of your other activity through the Service, like how you vote on other people’s contributions (e.g., helpful, not helpful), which contributions you like, where you check-in or where your friends check-in on your behalf, which contributions or users you follow, and which businesses you bookmark. You can limit the public nature of some of these activities through your account settings.
B. Sharing: We may in our sole discretion share Your Content with others such as your Hospital reviews. If you do not want certain information shared with others, you should not submit such Content, or should not submit Content that contains information or Personal Information you do not want shared in this manner. Once You have submitted Your Content, we reserve the right to publish it in any medium to others.
C. Developing Products and Services: We may include use of your information in connection with developing and offering to you products and services such as reward and recognition, topics for magazine articles, health education and/or medical error prevention.
A. Processes: Intended to make the Service work in the way you expect. For example, we use a Cookie that tells us whether you have already signed up for an account.
C. Preferences: Intended to remember information about how you prefer the Service to behave and look. For example, we use a Cookie that tells us whether you have declined to allow us to send push notifications to your phone.
D. Notifications: Intended to allow or prevent notices of information or options that we think could improve your use of the Service. For example, we use a Cookie that stops us from showing you the signup notification if you have already seen it.
F. Analytics: Intended to help us understand how visitors use the Service. For example, we use a Cookie that tells us how our search suggestions correlate to your interactions with the search page.
You can set some Cookie preferences through your device or browser settings, but doing so may affect the functionality of the Service. The method for disabling Cookies may vary by device and browser, but can usually be found in your device or browser preferences or security settings. For example, iOS and Android devices each have settings which are designed to limit forms of ad tracking. For flash cookies, you can manage your privacy settings by clicking here. Please note that changing any of these settings does not prevent the display of certain advertisements to you. For more information on cookies, including how to control your cookie settings and preferences, visit http://www.allaboutcookies.org.
4. THIRD PARTIES
We may employ third parties to perform services on our behalf to improve the Service, marketing, advertising, and promotional efforts to facilitate transactions, including processing orders by credit card. We do not sell email addresses to third parties. Third parties may receive information about you as follows:
B. Content Partners: We allow third party partners to use and display some of the public content available through the Service, such as your photos, reviews, and other information detailed in Section 2 above.
C. Service Providers: We may rely on third party providers to support or provide some of the services that are available through the Service, such as site moderation. We may also rely on third party providers to perform certain services for us in connection with your use of the Service, such as communications and hosting services, network security, technical and customer support, tracking and reporting functions, quality assurance testing, payment processing, our own marketing of the Service, and other functions. We may share information from or about you with these third party providers so that they can perform their services or complete your requests. These third party providers may share information with us that they obtain from or about you in connection with providing their services or completing your requests. Third party providers may also share this information with their subsidiaries, joint ventures, or other companies under common control. Some of our web pages utilize framing techniques to serve content to you from our third party providers, while preserving the look and feel of the Service. In such cases, please note that the information you provide is being provided to the third party.
D. Aggregate or Anonymous Information: We may disclose aggregated non-personal information with third parties, such as businesses that are listed on Rate A Hospital and content distributors. For example, we may disclose the number of users that have been exposed to or clicked on advertisements. We may also disclose anonymized information about your use on Rate A Hospital. For example, if you engage in a transaction in connection with Rate A Hospital, we may publicly disclose information about the transaction without providing additional identifying information about you or otherwise disclosing your participation in the transaction.
F. Businesses on Rate A Hospital: We may share information from or about you (such as your age, gender, and city), your devices, and your use of the Service (such as which businesses you bookmark or call, or if you visit a business’s URL) with businesses listed on Rate A Hospital. You may adjust your account settings to increase or decrease the amount of information we share. Keep in mind that businesses may still see your public activity and posts, and may receive information from or about you when you transact or communicate with them, through Rate A Hospital or otherwise, regardless of your settings (see Section 1 above). Additionally, if you make a phone call to a business through or in connection with your use of the Service, we may share information about your call with the business that the business would have received had you called them directly, such as the date and time of your call and your phone number. You may be able to limit our ability to collect and share your phone number through your phone’s settings or phone service provider.
G. Investigations and Legal Disclosures: We may investigate and disclose information from or about you if we have a good faith belief that such investigation or disclosure: (a) is reasonably necessary to comply with legal processes and law enforcement instructions and orders, such as a search warrant, subpoena, statute, judicial proceeding, or other legal process or law enforcement requests served on us; (b) is helpful to prevent, investigate, or identify possible wrongdoing in connection with the Service; or (c) protects our rights, reputation, property, or that of our users, affiliates, or the public, such as disclosures in connection with Rate A Hospital program; or respond to claims that any posting or other content violates third-party rights. If you flag or otherwise complain to us about content through the Service, we may share the substance of your complaint with the contributor of that content in order to provide an opportunity for the contributor to respond.
I. Third Party Integrations: If you sign up for, or log into, Rate A Hospital using a third party service like Facebook or Google, or link your Rate A Hospital account to your account with a third party service like Facebook, Instagram or Twitter, we may receive information about you from such third party service. If you post content to a third party service through the Service, that third party service will also receive that content, which will be visible to anyone that has access to it through that third party service. Some of our web pages utilize framing techniques to serve content to you from our third party partners, while preserving the look and feel of the Service. In such cases, please note that the information you provide may be transmitted directly to the identified third party partner. If you interact with businesses through Rate A Hospital, they will receive whatever information you choose to share with them, for example contact information you share through direct messages to the business or your phone number if you call the business.
5. CONTROLLING YOUR PERSONAL DATA
Other users may be able to identify you, or associate you with your account, if you include personal information in the content you post publicly. You can reduce the risk of being personally identified by using the Service pseudonymously, though doing so could detract from the credibility of your contributions to the Service. Please also note that the messages you send or receive using the Service are only private to the extent that both you and the person you are communicating with keep them private. For example, if you send a message to another user, that user may choose to publicly post it. Also, we may access, review, and disclose such messages in connection with investigations related to use of the Service, as well as our efforts to improve the Service.
6. data integrity
7. HIPAA and PHI
Under a federal law called the Health Insurance Portability and Accountability Act (“HIPAA”), some demographic, health and/or health-related information that the Service collects as part of providing the Service may be considered “protected health information” or “PHI”. Specifically, when the Service receives identifiable information about you from or on behalf of your Hospitals, this information is considered PHI. HIPAA provides specific protections for the privacy and security of PHI and restricts how PHI is used and disclosed. The Service may only use and disclose your PHI in the ways permitted by your Hospital(s). In addition, your decision to use the Service is entirely voluntary and if you choose to post PHI, you agree that the Service may use and disclose your PHI in the same way it uses and discloses your personal information that is not PHI. You can decline to provide your personal information when you voluntarily provide information in free-form text boxes through the Service or through responses to surveys, questionnaires and the like by not engaging in the activities described above, such as by not posting PHI or by not using the Service. Accordingly, you can determine to a large extent what personal information you wish to share with the Service.
8. DATA RETENTION AND ACCOUNT TERMINATION
9. YOUR CHOICES
You can always opt not to disclose information to us, but keep in mind some information may be needed to register with us or to take advantage of some of our features. If you are a registered user of the Service, you can modify certain personal information or account information by logging in and accessing your account. The information you can view, update, and delete may change as the Services change. If you wish to close your account, we may retain information to prevent, investigate, or identify possible wrongdoing in connection with the Service or to comply with legal obligations. Please note that businesses cannot remove their business listings, ratings, or reviews by closing their accounts.
The Service is intended for general audiences and is not directed to children under 13. We do not knowingly collect personal information from children under 13. If you become aware that a child has provided us with personal information without parental consent, please contact us here and we will endeavor to delete that information from our databases. If we become aware that a child under 13 has provided us with personal information without parental consent, we take steps to remove such information and terminate the child's account.
11. information SECURITY
We take reasonable and appropriate safeguards to protect the personal information submitted to us, both during transmission and once we receive it. However, no method of transmission over the Internet or via mobile device, or method of electronic storage, is 100% secure. Therefore, while we strive to use commercially acceptable means to protect your personal information, we cannot guarantee its absolute security.
12. CONTACT information
Rate A Hospital,
1890 Star Shoot Parkway, Suite 170
Lexington, KY 40509
We will take such steps as we deem necessary to confirm your identity before sharing any personal data with you. We will respond to proper and confirmed requests relating to personal data within 30 days, or as otherwise required by applicable law.
14. CALIFORNIA RESIDENTS: PRIVACY RIGHTS
Under the California Consumer Privacy Act of 2018 (“CCPA”), California residents have certain rights around Rate A Hospital’s collection, use, and sharing of their personal information.
Rate A Hospital does not sell your personal information and will not do so in the future without providing you with notice and an opportunity to opt-out of such sale as required by law. Similarly, we do not offer financial incentives associated with our collection, use, or disclosure of your personal information.
Rate A Hospital collects various categories of personal information when you use the Service, including identifiers, commercial information, internet or other electronic network or device activity information, geolocation data, and professional information. A more detailed description of the information Rate A Hospital collects and how we use it is provided above in Section 1 (Information We Collect and How We Use It). Section 4 (Third Parties) describes the categories of third parties with whom we share personal information, and what information may be shared under different circumstances.
If you are a resident of California, you have the right to request to know what personal information has been collected about you, and to access that information. You also have the right to request deletion of your personal information, though exceptions under the CCPA may allow Rate A Hospital to retain and use certain personal information notwithstanding your deletion request. You can learn more about how to submit a data rights request through Rate A Hospital’s Support Center. You may also send your request by email to here. We will not discriminate against you for exercising your rights under the CCPA. An agent may submit a request on your behalf, but you must verify that your agent is authorized to do so.
Separate from the CCPA, California’s Shine the Light law gives California residents the right to ask companies what personal information they share with third parties for those third parties’ direct marketing purposes. We do not disclose your personal information to third parties for the purpose of directly marketing their goods or services to you unless you request such disclosure. If you have any questions regarding this policy, or would like to change your preferences, you may contact us at the address listed above in Section 12.
15. NEVADA RESIDENTS: PRIVACY RIGHTS
Nevada law (SB 220) requires website operators to provide a way for Nevada consumers to opt out of the sale of certain information that the website operator may collect about them. Rate A Hospital does not sell your personal information to third parties as defined in Nevada law, and will not do so in the future without providing you with notice and an opportunity to opt-out of such sale as required by law. If you have any questions regarding our data privacy practices or our compliance with Nevada data privacy law, please contact us through the Support Center.
16. EUROPEAN RESIDENTS: PRIVACY RIGHTS AND INTERNATIONAL DATA TRANSFER
The Service is operated in the United States. If you are a European Resident, you have the right to access your personal data, and the right to request that we correct, update, or delete your personal data. You can object to the processing of your personal information, ask us to restrict processing of your personal information, and request portability of your personal information. Additional information regarding your exercise of these rights is available through the Support Center. Similarly, if we have collected and processed your personal information with your consent, then you can withdraw your consent at any time. Withdrawing your consent will not affect the lawfulness of any processing we conducted prior to your withdrawal, nor will it affect processing of your personal information conducted in reliance on lawful processing grounds other than consent. The Service generally provides you with a reasonable means to view and change your profile information and you can opt-out of marketing communications at any time by clicking on the “unsubscribe” or “opt-out” link in the marketing emails we send you or in your account settings. If you have any questions or comments about the processing of your personal information, you may contact us as described in Section 12 above.