Important Agreements & Compliance Information
Health Gorilla Privacy Policy
Last Updated: August 30, 2024
Introduction
This Privacy Policy explains how Health Gorilla and our partners collect, use, and share information about you to provide you with our services. This Policy also describes how our services gather and use information about other individuals or information about you that may be submitted by another participant.
Health Gorilla is committed to protecting the privacy of individuals whose health information is stored or transmitted by our service and the users of any of our services. By using our services, you agree to the terms of this Policy.
This Privacy Policy applies to the services we offer through our website (www.healthgorilla.com) and other platforms. These services include ordering lab tests or procedures, exchanging health information, viewing and analyzing results, and using data from health monitoring devices.
You authorize us, to use and disclose your health information, subject to the recipient’s agreement to comply with our Policies and Procedures and applicable laws and regulations.
Health Gorilla (referred to as “Health Gorilla,” “we,” or “us”) is committed to protecting your privacy. This Policy also describes how we collect, use, secure, and share your personal information when you:
- Access or use our various products or services.
- Access or use our website that links to this Policy.
- Interact with us, including by email, telephone, and in person.
- Apply for a job at Health Gorilla.
- Otherwise communicate with Health Gorilla.
Separate Terms of Use
This Policy is not a contract and does not create any contractual rights or obligations. Your use of the services is governed by the terms of use or contract linked to the particular services, if any.
Revisions, Changes, and Updates
Health Gorilla may revise, change, or update this Policy and/or our terms of use at any time, without notice to you. We encourage you to periodically reread this Privacy Policy and any applicable terms of use to see if there have been any changes that may affect you.
All updates to this Policy will be posted on the website. An updated Policy will supersede all previous versions. Your continued use of our services after we have posted the updated Policy and/or terms of use on the website constitutes your acceptance of such changes.
Account Access
If we provide you with an account, you must supply your account identifier to access such an account. With this information, we can verify you and permit you to view data in the services. We log and audit systems to ensure that participants are using the services appropriately. If we have questions about your use of the services, we may contact you. We may also disclose your identity in the investigation of suspected misuse of our services, and otherwise to ensure the proper operation of our services.
Surveys, Questionnaires, and Polls
Health Gorilla may ask you to participate in surveys, questionnaires, or polls to get feedback from our participants. When you respond to these, we may collect information that identifies you.
Types of Personal Information We Collect
This section lists the general categories of personal information we may collect. “Personal Information” means any information that identifies, relates to, describes, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, to a particular person or household. This Policy covers all personal information that we collect from you or on your behalf through our services or website. We may collect the following types of personal information:
- Personal information provided by you or your clinician
- This includes any personal information such as health information you provide to us or your clinician, or that your clinician provides to us to facilitate our services. If you are an ordering clinician, we may collect your name, phone number, place of business, and other contact information you submit to use the services.
- Communications between you and Health Gorilla
- This includes personal information you submit when contacting us (such as your name and email address).
- Registration information
- When you register with Health Gorilla or create a user account to access our services, we collect personal information and contact information. We will use your registration information to provide services to you.
- Job application information
- If you apply for a position with Health Gorilla, we will collect your resume, contact information, employment and education history, and other related information. We may also receive information from references you identify and other third parties (for instance, via background checks).
- Device information
- When you use a mobile device (e.g., a tablet or smartphone) to access our services, we may collect information about your device. This includes your device’s hardware, operating system or software, device name, unique device identifier, your mobile network information, and any other information about your device’s interaction with our services. Some features of the services may not function properly if the use or availability of device identifiers is impaired or disabled.
- Information about your use of the Services
- When you browse our website, our system automatically collects information
such as your web request, Internet Protocol (“IP”) address, browser type, browser language, domain names, referring and exit pages and URLs, platform type, pages viewed, the date and time of your request. This information is used to ensure the secure delivery of our services, analyze trends, administer our website, improve the design of our website, and otherwise enhance our services.
- When you browse our website, our system automatically collects information
- Cookies
- We use technologies like cookies to gather information about how you are
interacting with our services and/or website. We use two types of cookies: “session” cookies and “persistent” cookies.- A “session cookie” is temporary and expires after you end a session and close your web browser. We use session cookies to help customize your experience with our services and/or website and maintain your signed-on status as you navigate the services.
- “Persistent cookies” remain on your hard drive after you have exited from our services or website until you erase them and/or they expire. Persistent cookies will not contain any personal information about you, unless as otherwise allowed pursuant to our terms of use.
- We use technologies like cookies to gather information about how you are
Use and Sharing of Personal Information
This section lists some of the general ways Health Gorilla uses and shares your personal information we may collect:
- Maintain legal and regulatory compliance
- Our services require us to use or disclose your personal information and/or
protected health information to comply with applicable laws and regulations. For example, we may use or disclose your personal information to fulfill our legal and regulatory obligations, ensure compliance with employment laws, or business obligations.
- Our services require us to use or disclose your personal information and/or
- Ensure the security of the services
- We may process your personal information to combat spam, malware, malicious
activities, or security risks; improve and enforce our security measures; and monitor and verify your identity so that unauthorized users do not access your account.
- We may process your personal information to combat spam, malware, malicious
- Sale, Merger, or Bankruptcy
- In connection with a bankruptcy, merger, acquisition, or sale or other business transaction involving all or a portion of our assets or business, user information will be transferred as part of or in connection with the transaction.
- In connection with a bankruptcy, merger, acquisition, or sale or other business transaction involving all or a portion of our assets or business, user information will be transferred as part of or in connection with the transaction.
Retention
We may store your personal information for as long as we need it to provide you with our services and to perform the activities described in this Policy, to the extent permitted by law.
Security
Portions of this site require a valid username, e-mail address, part of your social security number, a photo of a valid government-issued ID, a photograph, code or password, and/or other unique identifiers (or a combination of the foregoing) to access and use services or materials on the site. You are solely responsible for (1) maintaining the strict confidentiality of any username, e-mail address, code or password (collectively, “User IDs”) assigned to you, (2) not allowing another person to use your User IDs to access the services, (3) any damages or losses that may be incurred or suffered as a result of your failure to maintain the strict confidentiality of your User IDs, and (4) promptly informing Health Gorilla in writing of any need to deactivate a User ID due to potential or actual security breaches. Health Gorilla is not liable for any harm related to the theft of your IDs, your disclosure of your User IDs, or your authorization to allow another participant to access and use the site using your User IDs. You agree to immediately notify Health Gorilla in writing of any unauthorized use of any of your User IDs.
Account Information for Account Creation & Maintenance
When you sign up for and use Health Gorilla services, we collect personal information from you for account creation and maintenance (“Account Information”). Such Account Information includes, as applicable or permitted under law, items such as your name, address, e- mail address, telephone number, and your contact preferences, device identifiers, and IP address. From time to time, we may send you emails that communicate information about your account, about the services, or emails that Health Gorilla reasonably deems are required by law or necessary to prevent or mitigate a security or fraud risk, or to continue to provide you with the services.
Records Collection and Sources
We collect personal information about you, including health information, using one or more of the following processes:
- If applicable, sending a request for your health information to one or more healthcare data exchange networks (collectively, the “Networks”).
- Any information we receive from outside sources will be treated in accordance with this Privacy Policy.
- We are not responsible or liable for the accuracy of the information provided to us by third parties, including the Networks, and are not responsible for any third party’s policies or practices.
Other Information that Health Gorilla Collects
- Product Interaction and Feedback
- We collect search queries within the services and transactions you make regarding
the services. We collect product interaction and feedback that you provide to us through our service to provide you with the services, improve and enhance the services, and conduct research and analytics.
- We collect search queries within the services and transactions you make regarding
- Marketing Products and Services
- We will NOT place advertisements of any type on the interface (“GUI”) to our
services.
- We will NOT place advertisements of any type on the interface (“GUI”) to our
- User Forums and User-Generated Content
- We may offer forums for the exchange of information among authorized participants. You agree to assume all responsibility for your use of such forums. In particular, you understand that we do not assure the accuracy, reliability, confidentiality, or security of information made available through the use of our forums. You agree not to disclose any unauthorized data and/or health information. Health Gorilla may provide you with an opportunity to engage in blog discussions, message boards, chat rooms, and other forms of social networking and post reviews and post content, such as messages relating to healthcare experiences, and interact with other users (“User Generated Content” or “UGC”) and such information may include communications maintained by outside platforms such as LinkedIn, YouTube, or X.
- Additional Information
- We collect any other information you choose to include in communications with us, for example, your e-mail address or telephone number when sending a message or submitting information through a web form. We may use this information to communicate with you, such as sending you emails, solicitations, invitations, newsletters, awareness campaigns, and announcements. You may also provide data, and/or content or material to the services by participating in forums, discussion groups, and the like.
- We collect any other information you choose to include in communications with us, for example, your e-mail address or telephone number when sending a message or submitting information through a web form. We may use this information to communicate with you, such as sending you emails, solicitations, invitations, newsletters, awareness campaigns, and announcements. You may also provide data, and/or content or material to the services by participating in forums, discussion groups, and the like.
How Health Gorilla Uses Your Information
Health Gorilla will use your information to create and manage your account, and also for the following purposes:
- To help us deliver and improve the services and, when necessary, for loss prevention and anti-fraud purposes and account and network security purposes.
- To send important notices regarding the services, including changes to terms, conditions, and policies.
In addition to the sharing identified earlier in this Policy, Health Gorilla may share data related to your usage of the services – including Account Information as follows:
- To enforce any applicable terms of service.
- When you request us to share certain information with third parties.
When you make a decision to share your data outside of Health Gorilla, including personal or health information, the data practices under this Privacy Policy will no longer apply to the information held by that outside entity. We recommend that you review and determine you are comfortable with that entity’s privacy policy prior to sharing your data (including Account Information and health information) outside of Health Gorilla.
In any circumstance where your consent is sought before Health Gorilla shares personal or health information about you, you will be able to withdraw that consent at any time, provided we can individually identify you in such data. Such withdrawal of consent will apply only to new uses or disclosures of personal or health information about you within a reasonable amount of time after Health Gorilla has received the withdrawal or at such other time as required by applicable law.
California Residents
This Section only applies to users of our services that reside in the State of California. For purposes of this Section, the term “personal information” does not include information subject to HIPAA or the California Confidentiality of Medical Information Act.
California privacy rights
In addition to the rights described elsewhere in this Policy, as applicable California residents have the right to:
- Request additional disclosures about your personal information we collect, use, disclose, and sell.
- Request access to and deletion of your personal information.
- Opt out of the sale of your personal information.
- Obtain a copy of your personal information. We will not discriminate against you for exercising any of these rights, for example, by charging a different price or denying services. However, we may charge a different price or rate or provide a different level or quality of services when that difference is reasonably related to the value provided to you by the data.
If you make a request related to personal information about you, you will be required to supply a valid means of identification as a security precaution. We will verify your identity with a reasonably high degree of certainty using the following procedure where feasible: we will match identifying information you provide when making the request to the personal information maintained by us or use a third-party identity verification service. If it is necessary to collect additional information, we will use the information only for verification purposes and will delete it as soon as practicable after complying with your request. For requests related to particularly sensitive information, we may require additional proof of your identity. We will process your request within the timeframe provided by applicable law.
Categories of personal information we collect
In the previous 12 months, Health Gorilla has collected the following categories of personal information:
- Identifiers such as names, date of birth, and contact information
- Information protected by the California Customer Rights Statute such as names and
contact information - Characteristics of protected classifications under California or Federal Law
- Commercial information such as records of services purchased
- Internet or other electronic network activity information
- Professional or employment-related information
Sources from which we collect personal information
Health Gorilla may collect personal information from you directly. Health Gorilla may also receive personal information about you from third parties or through automated means.
Additional disclosures
- Purpose for collecting or selling personal information
- Your personal information may be collected or used for the purposes described in this Policy, as well as for other purposes that may be described to you at the timewe collect your personal information.
- Categories of third parties with whom we share your personal information
- Health Gorilla may share your personal information with the third parties including the Networks and the Networks’ participants, in accordance with theNetworks’ terms-of-use and applicable law.
- Sale and disclosures of personal information
- In the preceding 12 months, Health Gorilla has not sold personal information.
- In the previous 12 months, Health Gorilla has disclosed the following categories of personal information for a business purpose, but only to: (a) service providers that are prohibited from using that information for any purpose other than providing services to us; or (b) the Networks and the Networks’ participants, in accordance with the Networks’ terms-of-use and applicable law:
- Identifier
- Information protected by the California Customer Rights Statute and characteristics of protected classifications under California or Federal law
- Commercial information such as records of services purchased
- Internet or other electronic network activity information
- Professional or employment-related information
California Shine the Light law
California residents may also request information from us once per calendar year about any personal information shared with third parties for the third party’s own direct marketing purposes, including the categories of information and the names and addresses of those businesses with which we have shared such information. To make such a request, please reach us at the contact information listed below. This request may be made no more than once per calendar year, and we reserve our right not to respond to requests submitted other than to the email or mailing addresses specified below.
Do Not Track Signal
Certain web browsers and other devices you may use to access the website may permit you to submit your preference that you do not wish to be “tracked” online. Like many websites, our website is not currently designed to recognize a Do Not Track signal from a web browser.
Other locations around the world
If you live in another part of the world not specifically mentioned here, please contact us as detailed in the Contacting Us section of this Policy.
Links to Other Materials
This service may provide links to sites operated by third parties. Health Gorilla, Inc. has no control over the content of such linked sites and is not responsible for it or for the effect of your accessing a site through a link on our site. You should assume that any information that does not bear the Health Gorilla logo is operated by a third party, and you should read the site’s privacy notice before using it.
Applicable Law
Any claim relating to the use of this site or the systems or information to which it gives access shall be governed by the internal substantive laws of the State of Delaware.
Term; Modification; Suspension; Termination
The initial term of this Policy shall commence on your date of first use and continue for as long as you use the services, or interact with Health Gorilla as an entity, unless continued as indicated in Health Gorilla’s terms of use and/or the terms of an express written contract. Other terms and conditions regarding the suspension and/or termination of access to services are fully described in the terms of use or contract linked to the particular services, if any.
We may update or change the services and/or the terms set forth in this Policy from time to time and recommend that you review the agreement on a regular basis. You understand and agree that your continued use of the services after the agreement has been updated or changed constitutes your acceptance of the revised Policy. We reserve the right to make changes to our Policy at any time without prior notice and to apply the changes to information received by us before the effective date of the change.
Contacting Us
Our website is owned and operated by Health Gorilla, Inc.
If you have any questions about this Policy or our services, you can email us at support@healthgorilla.com, call us at (844) 446-7455, or write to us via regular mail at Health Gorilla, Inc., Attention: Associate General Counsel, 2555 Ponce de Leon Blvd., Suite 300, Coral Gables, FL 33134.