This notice describes how Personal Data (defined below) about you may be used and disclosed and how you can obtain access to this information. Please review it carefully.
We at Hera, Inc. (“we”, “us”, or “Hera”) value your privacy and are committed to keeping your personal data confidential. We use your data collected on the Hera (hellohera.com) website solely in the context of providing the website (the “Website”) and providing all relevant content to website users (“Users”).
Privacy Policy Applicability
This Privacy Policy applies to personal data that Hera collects from Users of the Hera Website (“Personal Data”). The term “Personal Data” includes any information that can be used on its own or with other information in combination to identify or contact one of our Users or another individual. Some of the Personal Data we collect and transmit may be considered “health data” (i.e., data related to your or another individual’s physical or mental health), “protected health information” or “PHI” (i.e., information that relates to your past, present, or future physical or mental health or condition(s); the provision of health care to you; or the past, present, or future payment for the provision of health care to you), and/or medical records as defined by state law.
We believe that privacy and transparency about the use of your Personal Data are of utmost importance. Therefore, our privacy practices are intended to comply with all applicable federal and state laws related to privacy and the use and disclosure of medical records. Additionally, in this Privacy Policy, we provide you detailed information about our collection, use, maintenance, and disclosure of your Personal Data. The Privacy Policy explains what kind of information we collect, when and how we might use your Personal Data, how we protect Personal Data, and your rights regarding your Personal Data.
For additional information related to how we use and disclose your Personal Data, health data, PHI, and/or medical records data, please contact us at connect@hellohera.com.
Agreement to Privacy Policy Terms
BY ACCESSING AND/OR USING THE WEBSITE, YOU ARE ACKNOWLEDGING THAT YOU HAVE READ AND AGREE TO THE TERMS OF THIS PRIVACY POLICY. IF YOU DO NOT AGREE, YOU MUST IMMEDIATELY CEASE USING THE PLATFORM.
Privacy Policy Updates
Please note that we occasionally update this Privacy Policy, and it is your responsibility to stay up to date with any amended versions. Any revisions to the Privacy Policy will be posted on the Hera Website. Any changes to this Privacy Policy will be effective immediately upon posting a new version of the Privacy Policy on our Website. We will change the “Last Updated” date above and the changes will apply to all Personal Data that we maintain, use, and disclose. If you continue to use the Website following such posting, you are agreeing to those changes.
Personal Data Deletion
If at any point you no longer agree to the use and disclosure of Personal Data, as described in this Privacy Policy, discontinue all further use of the Website and send a deletion request to connect@hellohera.com with the following information:
The email address, phone number and/or name you shared with us previously; and
A statement that you are requesting Personal Data deletion.
Once we have deleted your Personal Data, we will provide confirmation to you via email.
Questions or Concerns
If you have any questions or concerns after reading this Privacy Policy, please do not hesitate to contact us at connect@hellohera.com. We appreciate your feedback.
COLLECTION AND USE OF PERSONAL DATA
What Personal Data Does Hera Collect?
We collect the following types of information, including information that is voluntarily provided, from our Users: (i) demographic and personal data; (ii) support data; and (iii) technology data. Each category of data is explained in depth below.
Demographic and Personal Data: Hera collects demographic data from Users and from individuals who call our phone number or input information through forms on the Website, which data may include, but not be limited to, name, phone number, address, email address, provider name, PHI (such as health concerns, diagnoses, and progress notes), insurance information, and caregiver information.
Support Data: If you contact us for support or to lodge a complaint, we may collect technical or other information from you through log files and other technologies, some of which may qualify as Personal Data (e.g., IP address). Such information will be used for the purposes of troubleshooting, customer support, and improvement of the Website in accordance with this Privacy Policy. Calls with Hera may be recorded or monitored for training, quality assurance, customer service, and reference purposes.
Technology Data: We use common information-gathering tools, such as log files, cookies, web beacons (such as pixels), and similar technologies to automatically collect information, which may contain Personal Data from your computer or mobile device as you navigate our Website or interact with emails or other communications we have sent you. The information we collect may include your IP address (or proxy server), device and application identification numbers, location, browser type, Internet service provider and/or mobile carrier, the pages and files you viewed, your searches, your operating system and system configuration information, the page that led you to the Website, and date/time stamps associated with your usage. This information is used to analyze overall trends, help us provide and improve our advertising and the Website, and ensure the proper functioning and security of the Website.
Does this Privacy Policy Apply to Third Party Sites?
Our Website may contain links to other sites that are not operated by Hera. If you click a third-party link, you will be directed to that third party’s site. We strongly advise you to review the privacy policy(ies) of every site you visit. Hera has no control over and assumes no responsibility for the content, privacy policies, or practices of any third-party sites or services. This Privacy Policy does not apply to your use of or access to any third-party sites or services.
How Will Hera Use Your Personal Data?
Hera processes your Personal Data based on legitimate business interests, the provision of our Website to you, compliance with our legal obligations, and/or your consent. We only use or disclose your Personal Data when it is legally mandated or where it is necessary to fulfill those purposes described in this Privacy Policy. Where required by law, we will ask for your prior consent before disclosing your Personal Data to a third party.
More specifically, Hera processes your Personal Data for the following legitimate business purposes:
To provide the Website;
To fulfill our obligations to you under the Terms of Use;
To communicate about and/or provide you with you our services;
To properly store and track your data within our system;
To respond to lawful requests from public and government authorities, and to comply with applicable state/federal law, including cooperation with judicial proceedings and court orders;
To protect our rights, privacy, safety, or property, and/or that of you or others by providing proper notices, pursuing available legal remedies, and acting to limit our damages;
To handle technical support and other requests from you;
To enforce and ensure your compliance with our Terms of Use or the terms of any other applicable services agreement we have with you;
To manage and improve our operations and the Website, including the development of additional functionality;
To identify usage trends, and improve your user experience;
To find and prevent fraud, and keep our Website safe and secure;
To send you information about changes to our terms, conditions, and policies;
To conduct research and analysis using your information, which may be subject to your separate written authorization;
To allow us to pursue available remedies or limit the damages that we may sustain; and
For other purposes for which we provide specific notice at the time the information is collected.
Does Hera Use Personal Data for Analytics?
Hera uses third-party service providers to monitor and analyze the use of the Website. The analytics services we use may include but are not limited to: Google Analytics.
Where Is Personal Data Processed?
The Personal Data we collect through the Website will be stored on secure servers in the United States. Personal Data may be transmitted to third parties, which parties may store or maintain the data on their secure servers. These third parties are not permitted to transfer your Personal Data outside of the United States.
With Whom Does Hera Share Personal Data?
We may share your personal information with the following categories of individuals/entities:
Business Partners and Vendors: We share Personal Data with a limited number of partners, service providers, and other persons/entities who help run our business (“Business Partners”). Specifically, we may employ third-party companies and individuals to provide infrastructure for our Website, supply elements of the Website on our behalf, or assist us in analyzing how our Website is used. Our Business Partners are contractually bound to protect your Personal Data and to use it only for the limited purpose(s) for which it is shared. Business Partners’ use of Personal Data may include, but is not limited to, the provision of services such as data hosting, user interface elements and IT services.
Our Advisors: We may share your Personal Data with third parties that provide advisory services to Hera, including, but not limited to, our lawyers, auditors, accountants, and banks (collectively, “Advisors”). Personal Data will only be shared with Advisors if Hera has a legitimate business interest in the sharing of such data.
Third Parties Upon Your Direction or Consent: You may direct Hera to share your Personal Data with third parties. Upon your request and consent, we may share such Personal Data with those third parties that you identify.
Providers: Hera may make your Personal Data, including PHI, available to its contracted healthcare provider(s) for the purposes of providing services.
Third Parties Pursuant to Business Transfers: In the event of a reorganization, merger, sale, joint venture, assignment, transfer, or other disposition of all or any portion of Hera’s corporate entity(ies), assets, or stock (including in connection with any bankruptcy or similar proceedings), we may share your Personal Data with a third party.
Government and Law Enforcement Authorities: If reasonable and necessary, we may share your Personal Data to (i) comply with legal processes or enforceable governmental requests, or as otherwise required by law; (ii) cooperate with third parties in investigating acts or omissions that violate this Privacy Policy or the Terms of Use; or (iii) bring legal action against someone who may be violating the Terms of Use or who may be causing intentional or unintentional injury or interference to the rights or property of Hera or any third party, including other users of our Website.
How Long Does Hera Retain Personal Data?
Hera retains your Personal Data only if necessary and as required for our business operations, the provision of the Website, archival purposes, and/or to satisfy legal requirements. The exact period of retention (the “Retention Period”) will depend on: (i) the amount, nature, and sensitivity of the Personal Data; (ii) the personal risk of harm for unauthorized use or disclosure; (iii) the purposes for which we process your Personal Data, including whether those purposes can be achieved through other means; and (iv) business operations and legal requirements.
At the end of the applicable Retention Period, we will remove your Personal Data from our databases and will require that our Business Partners remove any identifiable Personal Data from their databases. If there is any data that we are unable to delete entirely from our systems for technical reasons, we will put in place appropriate measures to prevent any further processing of such data. Please note that once we disclose your Personal Data to third parties, we may not be able to access that Personal Data and we cannot force the deletion or modification of such information by third parties.
Hera and its Business Partners reserve the right to continue using de-identified data indefinitely, even after Personal Data has been removed from Hera’s databases. We may continue to disclose de-identified data to third parties in a manner that does not reveal personal information, as described in this Privacy Policy. Our continued use of de-identified data will comport with applicable law.
What Happens to Personal Data Submitted by Minors?
Hera is committed to protecting the privacy of children. The Hera Website is intended only for adults. We request that individuals under the age of 18 not provide Personal Data to us. If we learn that Personal Data from Users under the age of 18 has been collected, we will take reasonable measures to promptly delete such data from our records. If you are aware of a user under the age of 18 accessing the Website, please contact us at connect@hellohera.com.
The Website does NOT allow children or any User to make their information publicly available. Parents/legal guardians have the right to review or ask us to delete their child’s personal information, as well as to refuse to permit us to further collect or use your child’s personal information. To do any of these, please contact us at connect@hellohera.com.
What Rights Do Users Have Concerning Their Personal Data?
As a user of Hera’s Website, you have certain rights relating to your Personal Data. These rights are subject to local data protection and privacy laws, and may include the right to:
Access Personal Data held by Hera;
Erase/delete your Personal Data, to the extent permitted by applicable data protection and privacy laws and to the extent technologically feasible;
Receive communications related to the processing of your Personal Data;
Restrict the processing of your Personal Data to the extent permitted by law;
Object to the further processing of your Personal Data, including the right to object to marketing;
Request that your Personal Data be transferred to a third party, if possible;
Receive your Personal Data in a structured, commonly used, and machine-readable format; and/or
Rectify inaccurate personal information and, considering the purpose of processing the Personal Data, ensure it is complete.
Where the processing of your Personal Data by Hera is based on consent, you have the right to withdraw that consent at any time. If you would like to withdraw your consent or exercise any of the above rights, please contact us at connect@hellohera.com.
How Can Users Update, Correct, or Delete Personal Data?
You have the right to request restrictions on uses and disclosures of your Personal Data. While we are not required to agree to all restriction requests, we will attempt to accommodate reasonable requests when appropriate.
If you need to make changes or corrections to information, you may contact us at connect@hellohera.com. To comply with certain requests to limit use of your Personal Data, we may need to terminate your ability to access and/or use some or all of the Website. BY REQUESTING TO LIMIT USE OF YOUR PERSONAL DATA OR DELETE PERSONAL DATA, YOU ACKNOWLEDGE AND AGREE THAT HERA WILL NOT BE LIABLE TO YOU FOR ANY CORRESPONDING LIMITATION IN THE SCOPE OF SERVICES OR TERMINATION OF SERVICES AS NECESSARY TO COMPLY WITH YOUR REQUEST.
You have the right to request deletion of any Personal Data from the Hera Website. To request deletion of your Personal Data, please email us at connect@hellohera.com and include a description of the Personal Data you would like removed. We will respond to all requests for data deletion as soon as reasonably possible.
You further understand that it may not be technologically possible to remove all of your Personal Data from our systems. While we will use reasonable efforts to remove your Personal Data, the need to back up our systems to protect information from inadvertent loss means a copy of your Personal Data may exist in a non-erasable form that will be difficult or impossible for us to locate or remove.
PROTECTION OF PERSONAL DATA
Is Personal Data Secure?
Hera understands the importance of data confidentiality and security. We use a combination of reasonable physical, technical, and administrative security controls to: (i) maintain the security and integrity of your Personal Data; (ii) protect against any threats or hazards to the security or integrity of your Personal Data; and (iii) protect against unauthorized access to or use of such information in our possession or control that could result in substantial harm to you.
While Hera uses reasonable security controls, WE CANNOT GUARANTEE OR WARRANT THAT SUCH TECHNIQUES WILL PREVENT UNAUTHORIZED ACCESS TO YOUR PERSONAL DATA. HERA IS UNABLE TO GUARANTEE THE SECURITY OR INTEGRITY OF PERSONAL DATA TRANSMITTED OVER THE INTERNET, AND THERE IS NO GUARANTEE THAT YOUR PERSONAL DATA WILL NOT BE ACCESSED, DISCLOSED, ALTERED, OR DESTROYED BY BREACH OF ANY OF OUR PHYSICAL, TECHNICAL, OR ADMINISTRATIVE SAFEGUARDS. ACCORDINGLY, WE DO NOT AND CANNOT ENSURE OR WARRANT THE SECURITY OR INTEGRITY OF ANY PERSONAL DATA YOU TRANSMIT TO US. YOU ASSUME THE RISK THAT UNAUTHORIZED ENTRY OR USE, HARDWARE OR SOFTWARE FAILURE, AND OTHER FACTORS MAY COMPROMISE THE SECURITY OF YOUR PERSONAL DATA AT ANY TIME.
What Safeguards Does Hera Have in Place to Secure Personal Data?
Hera stores Personal Data on secured servers and uses a combination of technical, administrative, and physical safeguards to protect your personal information. Such safeguards include, but are not limited to, authentication, encryption, backups, secure socket layer technology (SSL) encryption, and access controls.
How Can Users Protect Their Personal Data?
You are solely responsible for preventing unauthorized access to your devices by limiting access to your devices. Hera has no access to or control over your device’s security settings, and it is your responsibility to implement any device-level security features and protections you feel are appropriate (e.g., password protection, encryption, remote wipe capability). We recommend that you take all appropriate steps to secure any device that you use to access our Website.
Please note that Hera will never send you an email requesting confidential information, such as account numbers, usernames, passwords, or Social Security Numbers. If you receive a suspicious email from Hera, please notify us at connect@hellohera.com.
Further, if you know of or suspect any unauthorized use or disclosure of your information or any other security concern, please notify Hera immediately.
What If Hera Experiences a Data or Security Breach?
Hera takes the security of your Personal Data seriously. In the event of a data or security breach, Hera will take the following actions: (i) promptly investigate the security incident, validate the root cause, and, where applicable, remediate any vulnerabilities within Hera’s control which may have given rise to the security incident; (ii) comply with laws and regulations directly applicable to Hera in connection with such security incident; (iii) as applicable, cooperate with any affected User in accordance with this Privacy Policy or the Terms of Use, and (iv) document and record actions taken by Hera in connection with the security incident, and conduct a post-incident review of the circumstances related to the incident and actions/recommendations taken to prevent similar security incidents in the future. Hera will notify you of any data or security breaches as required by and in accordance with applicable law.
ADVERTISING, MARKETING, AND TRACKING
Does Hera Send Marketing or Advertisement Materials?
Hera may use your Personal Data to contact you with newsletters, marketing, or promotion materials and other information that may be of interest to you. You may opt out of receiving any marketing or advertising materials from Hera at any time by exercising the opt out method for such marketing communications within the applicable message.
Can Users Opt Out of Receiving Communications from Hera?
We may send communications, including emails, to you regarding the Website. You can choose to filter any Website emails using your email settings, but we do not provide an option for you to opt out of these communications.
If you consent to receive marketing or other communications not related to the Website, we will provide you with the option to opt out of such marketing communications within the applicable message.
Do Not Track Disclosure
Some web browsers may transmit do not track (“DNT”) signals to websites with which the User communicates. To date, there is no industry standard for DNT and users cannot know how a given company responds to a DNT signal they receive from browsers. Hera is committed to remaining apprised of DNT standards. However, Hera does not support DNT browser settings and does not currently participate in any DNT frameworks that would allow Hera to respond to signals or other mechanisms regarding the collection of your personal information.
CONTACT US
If you have questions regarding this Privacy Policy, you may contact us at connect@hellohera.com.