In general, the Conversa Services are provided to individual users on behalf of a Conversa Customer, which may be a healthcare provider, insurer, employer, or other entity.PLEASE NOTE – If you use Conversa Services that are made available to you by a Conversa Customer, we will share the information you provide, including your chat sessions, with the Conversa Customer.
The personal information in the Services is subject to applicable privacy and security laws. Where the Services are made available by a Conversa Customer that is subject to a federal medical privacy law called HIPAA (Health Insurance Portability and Accountability Act), that law will also apply.
1. Information Collected from All Visitors to our Website
As background, cookies are small text files that websites can send to your browser, which your computer stores, that can automatically collect server domain names, IP addresses, type of computer, type of browser, and information about what pages are visited. We may use both session cookies and persistent cookies. You can set your browser to decline cookies or notify you before accepting cookies, although if you decline them, the website may not function properly. Web beacons, which are small bits of code embedded invisibly in web pages or emails, can be used to communicate with cookies, count visitors, and understand usage patterns. Web log data may include visitors’ IP address, browser data, operating system, prior web page, pages visited and how long visits lasted, links clicked on, and similar statistics.
If you visit our website from a mobile device, our site may collect certain information sent by your mobile browser, such as device identifier, user settings, your device’s operating system, and information about your visit and use of the site.
2. Information Collected about Patients Who Use Conversa Services
Your signup process may vary depending on the Conversa Customer that has made the Services available to you. For example, some Conversa Customers place a link on their websites that their users can click to reach a webpage to start using the Services. Other Conversa Customers may talk to their users in person about whether the users would like to use the Services, and, if so, the Conversa Customer initiates the enrollment process based on the user’s input. Or, the Conversa Customer may give us certain information about you so that we can contact you to initiate Services. This information may include your name, email address, phone number, gender, age, whether you prefer to receive invitations to chat sessions via text or email, and other relevant information, depending on how the Services are deployed. A Conversa Customer that is your healthcare provider may also give us with certain medical information, which may come from your electronic health record, to help us provide you the appropriate type of Services. For example, the automated chat sessions used with patients who have diabetes are different from those used with patients recovering from knee surgery.
If you use the Services, you will receive regular invitations to start an automated chat session. These invitations will come to you by email or text. (See below for more information about these emails or texts.) Once you click on a link in that email or text, you’ll be taken to a website where you’ll be asked automated questions and you’ll select answers based on your experience. For example, you might be asked if your knee pain today is better than, worse than, or the same as yesterday. Your responses to the questions you’re asked in these automated chat sessions will be part of the personal information we collect.
We use information about our users to perform and provide the Services, to improve and expand the Services, and, for related business operations, such as communicating with you.
Disclosures of personal information about our users can be grouped as follows:
Except as explained here, we will not share your personal information with third parties unless you specifically authorize us to do so.
Conversa gives you important choices about your personal information, including:
Important note about privacy and security—ordinary email and text messages are not considered secure. That’s why we won’t include any details about your health in the invitations to automated chat sessions that we send by email or text. Instead, your email or text invitation to a chat session will take you to a dedicated website where the actual session discussing your health will take place. In some cases, the chat sessions will be available by text invitations only, whereas in other cases, you can choose whether you want to receive chat invitations by email or by text.
By agreeing to use the Services, which involve sending you invitations to individual chat sessions by ordinary email or text messages, as applicable, you are indicating that you understand that ordinary email or text may not be secure and you nonetheless want to receive your invitations to chat sessions via ordinary email or text messages.
You may have certain rights under applicable privacy law to access, amend, delete, or make do-not-sell requests regarding the personal information we have collected about you. Most Conversa Customers require that these requests be handled through them. If you’d like to exercise your rights regarding your personal information, you should contact the Conversa Customer making the Services available to you. You may also contact us at firstname.lastname@example.org. but please be aware that we may direct you to send your request to the Conversa Customer.
We are committed to maintaining the security of personal information. We use reasonable and appropriate technical, administrative, and physical controls to protect personal information from loss, misuse, or alteration. If we share personal information with vendors, we subject them to contractual and legal controls regarding the protection, use, and disclosure of the information. However, because there is always some risk that unauthorized or illegal access to your information could occur or that data sent over the Internet could be intercepted, we cannot guarantee absolute data security.
In general, Conversa users must be 18 years of age or older. However, some Conversa Customers make the Services available to users who are 16 years of age or older. Check with the Conversa Customer making the Services available to you about age-based eligibility.
California law requires websites to explain certain online practices regarding tracking of visitors. Some web browsers have a “Do Not Track” feature that lets a user have the browser notify websites that the user does not want to have his or her online activities tracked. Our website and Services currently do not respond to such browser-initiated signals.
Conversa does not disclose personal information to third parties for their direct marketing purposes.
Conversa does not sell personal information, as defined by the California Consumer Privacy Act (CCPA), and therefore we do not have a mechanism for you to instruct us not to sell your personal information. Where a Conversa Customer makes the Services available to you, Conversa acts as a service provider, as defined by the CCPA, to that Customer. Conversa follows the instructions provided by Conversa Customers with respect to CCPA consumer rights. If you would like to exercise the rights afforded you as a California consumer under the CCPA, please contact the Conversa Customer that is making the Services available to you.