Effective Date: April 17 2023
- Starling Medical’s UrinDx device (the “Device,” “UrinDx”);
- Starling Medical’s mobile application (the “App,” “the Starling app”);
- Starling Medical’s remote patient monitoring platform (“RPM platform,” “StarStream,” “the Platform”)
- the website that Starling Medical operates (www.starlingmedical.com) (the “Site”); and
- all related services and features that Starling Medical provides.
Personal Information – In General
Protected Health Information
WHAT PERSONAL INFORMATION DO WE COLLECT?
We collect various Personal Information from you and certain devices that you may use, as further described below. This includes information collected through clinical partners, applications, registrations, and your use of the Services. We also collect Personal Information in connection with your inquiries. Collection starts from the time that you initially access our Services.
Information that we gather enables us:
- to administer your account,
- to provide you with the Services,
- to send you communications regarding the services we offer,
- to respond to your inquiries,
- to obtain your feedback on our Services,
- to understand who is using our Services and how the Services are performing,
- to otherwise analyze user behavior and activity,
- to personalize and improve our Services,
- to conduct research activities,
- to manage the security of the Services, and
- to fulfill any requirements imposed on us by applicable laws and regulations.
From time to time, we may use or augment Personal Information about you with information obtained from third parties. For example, we may use third-party information to confirm contact or financial information, to verify your coverage eligibility for Starling Medical Program, or to better understand your interests by associating demographic information with the information that you have provided.
In some cases, you will provide Personal Information, including Protected Health Information, to us in connection with your use of the Services, and in other cases, we may collect this information automatically when you visit or interact with the Site, App, Device, Platform, or other aspects of the Services. We provide more detail below on the types of Personal Information that you provide and the types of Personal Information that we collect automatically:
Personal Information that You Provide to Us
We will use the Personal Information that you provide for the purposes described above (and any other purposes intrinsic to the Services that you use) and to provide you with an engaging and personalized experience in using the Services. You can choose not to provide us with certain information, but if you do make that choice, we may be unable to provide you with access to or use of many of our features.
Personal Information Collected Automatically
In addition to any information that you provide to us through the Services, we and our third-party service providers may use a variety of technologies that store or collect certain information from you automatically (or passively) when you visit or interact with the Site, App, Device, Platform, or other aspects of the Services (“Usage Information”). This Usage Information may be stored or accessed using technologies downloaded to your device whenever you visit or interact with the Services. Examples of Usage Information include: your IP address, other unique device identifiers assigned to your device that allow our computers to recognize you, details of your device’s characteristics and functionality (e.g., browser, operating system, mobile network information), the areas within the Site, App, Device, Platform, or other aspects of the Services that you visit and your activities there, your Device’s location, and certain other data regarding your Device. To the extent we associate Usage Information with your Personal Information that we collect directly from you, we will treat it as Personal Information.
Information from Your Browser or Device
We automatically receive and record Usage Information from your browser on our server logs whenever you interact with the Site, App, Device, Platform, or other aspects of the Services. We may use this Usage Information to provide you with customer service and support. We also may use this Usage Information to recognize you when you arrive at the Site from an external link, such as a link appearing on a third-party site or in an email generated by us. We discuss this type of technology in more detail under “Tracking Technologies” below.
Our Services also collect Usage Information to determine how often visitors use parts of the Site, App, Device, Platform, or other aspects of the Services so that we can improve our Services and strive to ensure that the Services appeal to as many users and customers as possible. Our Services collect this data in a manner similar to how TV ratings may indicate the number of people that watched a particular show. We may provide this de-identified, aggregate data to our partners and/or customers to identify how our users use our Services, but we only use this data in aggregate form as a statistical measure to monitor how the Services function and not in a manner that would permit us to identify you personally.
You may set your browser to refuse or disable these data collection methods, but doing so may change your experience with the Site, App, Device, Platform, or other aspects of the Services, diminish certain aspects of the Services’ functionality, or render certain features inoperable. For example, the Site and App may not recognize or respond to your browser with “do not track” technologies employed.
We may use various tracking methods or technologies (“Tracking Technologies”) to store or collect your Usage Information, including information about your visits to or interactions with our Site, App, Device, Platform, and other aspects of the Services. We use Tracking Technologies for a variety of purposes we believe to be necessary or helpful in improving or assessing the performance of the Services (for example, as part of our analytic practices) or in offering you enhanced functionality (for example, to identify you when you sign in, to keep track of your specified preferences, or to help ensure that the security of your account has not been compromised).
Tracking Technologies may include the following technologies and methods as well as any subsequent technologies and methods later developed to perform similar functions:
Embedded Scripts. An embedded script is programming code designed to collect information about your interactions with the Site, App, Device, Platform, and other aspects of our Services, such as a link that you may click on. Embedded scripts are temporarily downloaded onto your device. Embedded scripts remain active only while you are connected to the Services and are then deactivated or deleted.
Web Beacons. The Services may also include small graphic images or other web programming code called “web beacons” (also known as “1×1 GIFs” or “clear GIFs”). Any electronic image or other web programming code inserted into a page or email can act as a web beacon, and web beacons may be invisible to you. Web beacons and similar technologies may be used for a number of purposes, including to count visitors to the Services, to count how many sent emails were opened, to count how many articles or links were viewed, or to monitor how users navigate the Services.
WHO OWNS THE PERSONAL INFORMATION YOU DISCLOSE TO COMPANY?
WHAT PERSONAL INFORMATION DO WE SHARE?
The following sections describe certain circumstances when we may share your Personal Information:
Information Shared with Other Users
If you access or use any Starling Medical Program, other users will have access to a range of Personal Information that you share, as further described below. By accessing or using any Starling Medical Program, you authorize Starling Medical to disclose to other users that you are clinically eligible for the Services and that you participate in relevant aspects of the Services, which may indicate that you meet the clinical enrollment criteria for relevant aspects of the Services and may identify you as living with or at risk for certain chronic diseases or conditions.
If you enroll in a Starling Medical Program, on your user profile page on the App, you may provide information about your health, symptoms, and treatments, your feelings about your health information and/or yourself, or any other information about yourself. You may also upload or send pictures or videos to our clinical or technical support team.
In addition, in connection with your participation in a Starling Medical Program, you may choose to enroll in other group-based communities that we may offer. The Site, App, Device, Platform, and other aspects of the Services may include the ability to interact with discussion boards, live chat, community pages, profile pages, bulletin boards, blogs, instant messaging or other messaging services, activities, polls, games, and other communication forums to which you post or otherwise make information or materials available (“Forums”). Please note that any information, text, and images that you post or disclose on or through the Forums may be visible to the present and future users in those groups or communities. Your User ID will be viewable to these individuals when you send messages or when you disclose information on or through the Forums generally.
We take great care to protect your privacy, but please remember that we cannot control how other users will use or disclose any information that you share on your user profile page or disclose to Forums. We urge you to exercise discretion and caution when deciding to disclose information, including your health information and other Personal Information, on your user profile page, through a Forum, or otherwise through the Services.
WE EXPRESSLY DISCLAIM ANY RESPONSIBILITY FOR THE USE BY OTHERS OF ANY INFORMATION, INCLUDING PERSONAL INFORMATION, THAT IS DISCLOSED BY YOU OR ON YOUR BEHALF ON YOUR USER PROFILE PAGE OR TO GROUPS OR OTHER PUBLIC-FACING FEATURES OF THE SERVICES, INCLUDING DISCUSSION BOARDS, CHAT ROOMS, MESSAGING SERVICES, OR OTHER FORUMS DESCRIBED ABOVE. BY DISCLOSING ANY OF YOUR INFORMATION THROUGH THESE FEATURES, YOU ACKNOWLEDGE AND ACCEPT ANY RISK AND DAMAGE ARISING FROM THE DISCLOSURE OF THAT INFORMATION.
Communications in Response to User Submissions
As part of the Services, you will receive from us email and other communications relating to your User Submissions. By posting User Submissions, you acknowledge and agree that we may send you email, text messages, phone calls, and other communications that we determine in our sole discretion relate to your User Submissions.
Information Shared with Our Agents
We employ other people and companies to perform tasks on our behalf, and we must share your information with them in order to provide products and/or services to you. By accessing or using the Services, you consent to and authorize Starling Medical to disclose Personal Information about you to our authorized personnel and administrators, including, for users that enroll in a Starling Medical Program. Unless we have your authorization or consent, we limit these agents’ rights to use any Personal Information that we share with them to what is minimally necessary to assist us. We do not permit these agents to rent or sell any of the Personal Information about you that they receive from us.
Reporting to Sponsors and Third-Party Administrators
We may, in our sole discretion, share, transfer, or otherwise disclose certain of your Protected Health Information to entities that are authorized to receive that information for legally permitted purposes under HIPAA, which may include the companies paying for your participation in an Starling Medical Program. We only share your Protected Health Information in accordance with HIPAA and other applicable legal requirements, such as your Treating Provider’s NOPP.
Information Available to App Providers
By downloading the App from an App Provider, such as the Apple App Store or Google Play, please note that the App Provider and its agents may be able to identify you as a user of our Services.
Referrals to Family, Colleagues, and Friends
From time to time, we may ask or invite you to refer our Services to family members, colleagues, or friends. We ask you to limit your invitations to people in your inner circle that may have an interest in our Services. If we refer one of these persons to the Services, we may inform them that you have suggested that they may be interested in trying our Services. If they request that we do not contact them again, we will not contact them again.
Our Business Transfers
Protection of Starling Medical and Others
We may release your Personal Information when we believe in good faith that releasing that information is necessary to comply with applicable law, to enforce our conditions of use and other agreements, or to protect the rights, property, or safety of Starling Medical, our employees, our users, or others. We may exchange information with other companies and organizations to detect, suppress, or protect against fraud and for credit risk reduction. If necessary and required by law, we will disclose any breach of the security, confidentiality, or integrity of your Personal Information, including, without limitation, breaches of your unencrypted, electronically stored “personal information” or “medical information” (as defined by applicable laws). To the extent permitted by applicable laws, we may make these disclosures to you via email or a conspicuous posting on your private profile in the Services in the most expedient time possible and without unreasonable delay, so long as this is consistent with the legitimate needs of law enforcement and any other measures necessary to determine the scope of the breach and restore the reasonable integrity of the data system.
IS MY PERSONAL INFORMATION SECURE?
We employ industry-standard administrative, physical, and technical measures designed to safeguard and protect information under our control from unauthorized access, use, and disclosure. In addition, when we collect, maintain, use, disclose, and process your Personal Information, we will do so using systems and processes consistent with the information privacy and security requirements of applicable federal and state laws, including HIPAA.
Your individual user account is also protected by your unique user ID. To help avoid unauthorized access to your account and Personal Information, we suggest that you safeguard your phone by creating a passcode, and limit access to your devices and browsers.
In addition, to the extent that you use our App and Device, your smartphone permits our App to send you push notifications, we may send you push notifications that include Personal Information and, in limited instances, PHI that is not encrypted. Depending on your device settings, push notifications may be visible to other people who encounter your device. In most cases, you can opt out of receiving push notifications by adjusting the settings on your device. This may affect the communications you receive. To the extent that you do not opt of receiving push notifications, you agree to receive push notifications and to be responsible for the security and confidentiality of any information displayed in push notifications on your devices.
Although we take great care to protect your Personal Information, we cannot guarantee that criminals or others acting unlawfully will not succeed in efforts to undermine our security measures. Unauthorized entry to, access to, or use of our systems or locations, hardware or software failure, loss, and other factors may compromise the security of your information at any time.
WHAT PERSONAL INFORMATION CAN I ACCESS AND CORRECT?
If you have an account with us to receive one of the Starling Medical Programs, you can access certain information about you described below through the App or otherwise through the Starling Medical Program in order to view, and in certain situations, update that information. This list may change as the Services change.
- First and last name
- Account and user profile information
- User email address
- User mailing address
- User phone number
- User ID unique link
- Communication preferences (e.g., email and push notifications)
- Health data
- Health signs and symptoms
- Any other health activity (if applicable to the Services you receive)
WHAT RIGHTS AND CHOICES DO I HAVE REGARDING MY PERSONAL INFORMATION?
Choosing Not to Disclose
You may choose not to disclose information to us, even though that information may be required to take advantage of certain features of the Services.
You also have the right to request certain information from us, specifically:
- a copy of the Personal Information that we collect from you,
- a description of the specific pieces of Personal Information that we collect from you,
You also have rights concerning our access to and use of your Protected Health Information, which are described more fully in your Treating Provider’s NOPP.
Unsubscribing from Communications
Deleting Your Personal Information
HOW CAN YOU CONTACT US WITH QUESTIONS OR CONCERNS?
℅ Privacy Officer
7505 Fannin Street, Suite 600
Houston, TX 77054
We will make every effort to respond to your questions, concerns, and requests within a reasonable time.