Summus Privacy Policy: Your Privacy Rights
Summus knows that your privacy is important to you, and we want you to know that it is important to us too. We created this Policy to explain the types of information we collect from individuals outside our organization including customers, visitors to our websites and our mobile applications (each, a “Site”), and other users of our services (together “you”), how we will use, disclose and protect this information once it is collected, and how you can opt-in and opt-out of some of our uses and disclosures of your information.
Here are a few general principles to keep in mind as you read through this Policy:
- The Site is owned and operated by Summus Global, Inc. with its principal place of business at 25 West 39th Street, 8th Floor, New York, New York 10018 (referred to collectively in this policy as “Summus,” “we,” “us,” “our” and other similar pronouns).
- As our business evolves and the law changes, this Policy may change, so check back to this page periodically to make sure you understand how your Personal Data will be treated.
- If you are located outside of the United States, you should know that the information you provide to us is being transmitted to us and processed in the United States and will be protected subject to this privacy policy and United States laws, which may not be as protective as the laws in your country. If you are located in the European Union, we also protect your information in accordance with the General Data Protection Regulation (GDPR).
- This Site uses cookies and other tracking technologies which are further described here in our Policy on Cookies and Tracking Technologies and at www.allaboutcookies.org. By continuing to use the Site (or for users located in the European Union, by agreeing to the use of cookies via the cookie banner on our Site), you agree to our use of cookies and tracking technologies in accordance with our Policy.
What Personal Data is collected on this Site?
“Personal Data” is information that can be used to identify you as an individual as well as any other information relating to you or a combination of information which, if put together, could identify you. We take every reasonable step to ensure that your Personal Data we collect is limited to the Personal Data reasonably necessary in connection with the purposes set out in this Privacy Policy. We collect your Personal Data in several different ways described below.
User-Provided Information
We collect Personal Data such as your name; postal addresses; e-mail addresses; telephone numbers; wireless device addresses (including text message addresses); date of birth; gender; marital status; health information; credit card and other payment information; site browsing and transaction history; and demographic information. For example, we collect Personal Data when you register as a member on our Site; request a consultation with consulting physicians, psychologists, and other licensed professionals (“Professionals”); complete surveys; or submit information to us using our “contact us” or similar feature on the Site.
Site Usage Information
As is the case with many websites, our servers automatically collect your IP address when you visit our Site, and we may associate that with your domain name or that of your Internet access provider. We may also capture certain “clickstream data” pertaining to your Site usage. Clickstream data includes, for example, information about your computer or device, Web browser and operating system and their settings, the referring page that linked you to the Site, the pages, content you see or click on during your visit and when and for how long you do so, items you download, and any search terms you have entered on the Site or a referral site. Among other things, this information enables us to generate analytics reports on the usage of our Site. To opt-out of your Site usage being included in our Google Analytics reports, you may follow these instructions.
Social Networking
We maintain presence on several social networking and blogging platforms, such as Facebook and Twitter, and we also incorporate some third party social networking features onto our Site. Through these platforms and features, we receive some Personal Data and some Site usage information about you, and this Privacy Policy applies to that information as well. We may also include tools on our Site that allow you to share and/or publicly post content or information from our Site to your profile on a third party social network. Third party social networking platforms and blogging platforms have their own privacy policies which explain how they will use, protect and share your information, including any information you share on those platforms from our Site, and we encourage you to read them.
How do we use (process) your Personal Data?
We or our providers of services such as hosting, data analysis, IT services and infrastructure, customer service, e-mail delivery, auditing and other similar services may use Personal Data we collect from and about you for the following purposes:
- providing you with the services and information you request;
- enabling users to use our Site and its features;
- administering the Site and your account with us;
- processing and fulfilling your transactions;
- furthering our business purposes, such as quality assessment, data analysis, audits, developing new products and services, enhancing the services, identifying usage trends, and determining the effectiveness of our promotional campaigns;
- responding to your requests, questions, and concerns;
- conducting research surveys and market research;
- developing new features and offerings on the Site;
- sending you marketing and other communications, including information about products and services of ours and of others, that we think might interest you; you may opt-in or out of receiving such notices from us by following the instructions in the Opt-In and Opt-Out section below;
- protecting our rights and property;
- recovering debt and preventing fraud;
- customizing our Site to your interests and history with us; and
- other purposes disclosed when Personal Data is submitted to us.
To perform the above functions, we may match information collected from you through different means or at different times, including both Personal Data and Site usage information, and use such information along with information obtained from other sources (including third parties) such as demographic information and updated contact information. We or our service providers may also use your information to assess the level of interest in, and use of, the Site, our e-mails and our other messaging campaigns both on an individual basis and in the aggregate.
What is our lawful basis for processing your Personal Data?
In processing your Personal Data in connection with the purposes set out in this Privacy Policy, we may rely on one or more of the following legal bases, depending on the circumstances:
- Consent: We may process your Personal Data where we have obtained your prior, express consent to the processing, and in the case of special categories of data such as your health information, your explicit consent to the processing;
- Contractual necessity: We may process your Personal Data where the Processing is necessary to fulfill our contractual obligations to you;
- Compliance with applicable law: We may process your Personal Data where the processing is required by applicable law;
- Vital interests: We may process your Personal Data where the processing is necessary to protect the vital interests of any individual; or
- Legitimate interests: We may process your Personal Data where we have a legitimate interest in the processing.
Do we share Personal Data and Site usage information with others?
Yes. We may share the information we collect on the Site with others for a variety of reasons. In addition to the kinds of information sharing you might expect, such as sharing with third parties who need your information in order to provide services to us (or on our behalf), we may share your information:
- with Professionals;
- with our third-party service providers that provide services such as hosting, data analysis, IT services and infrastructure, customer service, e-mail delivery, auditing and other similar services;
- when we believe in good faith that disclosure is necessary to protect our rights or property, protect your safety or the safety of others, investigate fraud or respond to a government, judicial or other legal request, or to comply with the law;
- in connection with a corporate change or dissolution, including for example a merger, acquisition, reorganization, consolidation, bankruptcy, liquidation, sale of assets or wind down of business.
In addition, we may share non-personally identifiable Site usage information (including aggregate data) with others, for their own use, in a form that does not contain Personal Data about you.
We cooperate with government and law enforcement officials to enforce and comply with the law. We may disclose Personal Data necessary or appropriate to protect the safety of the public or any person, to respond to claims and legal process (including but not limited to subpoenas), and to prevent or stop activity that may be illegal or dangerous. You should also be aware that Professionals may be obliged to disclose information to law enforcement or other authorities to conform to their professional and legal responsibilities. Specifically, and without limitation, you should be aware that the law requires mental health professionals to disclose information and/or take action in the following cases: (a) reported or suspected abuse of a child or vulnerable adult; (b) serious suicidal potential; (c) threatened harm to another person; (d) court-ordered presentation of treatment.
What are my rights regarding my Personal Data?
You have certain rights regarding your Personal Data, subject to local law. These include the following rights to:
- access your Personal Data;
- rectify the Personal Data we hold about you;
- erase your Personal Data;
- restrict our use of your Personal Data;
- object to our use of your Personal Data;
- receive your Personal Data in a usable electronic format and transmit it to a third party (right to data portability); and
- lodge a complaint with your local data protection authority.
We encourage you to contact us to update or correct your information if it changes or if the Personal Data we hold about you is inaccurate. You may review, update or modify certain of the Personal Data that is stored in your user account on the Site (if you have one) by logging in to the “My Profile” or similar area of the Site. We may ask you to verify your identity and to provide other details before we are able to provide you the ability to change any information, correct any inaccuracies, or delete any information. Please note that we may be unable to provide you with the full benefit of our Site, or our services, if you do not provide us with your Personal Data. If you would like to discuss or exercise such rights, please contact us at privacy@summusglobal.com.
How is my Personal Data secured?
We take the security of your Personal Data seriously. We have implemented appropriate technical and organizational security measures to protect your Personal Information from unauthorized access, use, or disclosure. However, due to the inherent nature of the Internet as an open global communications vehicle, we cannot guarantee that any information, during transmission through the Internet or while stored on our system or otherwise in our care, will be absolutely safe from intrusion by others.
If you correspond with us by e-mail, text message, or using Web forms like a “contact us” feature on our Site, you should be aware that your transmission might not be secure. A third party could view the information you send in transit by such means. We will have no liability for disclosure of your information due to errors or unauthorized acts of third parties during or after transmission.
If you create an account on our Site, you are responsible for maintaining the strict confidentiality of your account password, and you shall be responsible for any activity that occurs using your account credentials, whether or not you authorized such activity. Please notify us of any unauthorized use of your password or account or any other breach of security.
If we believe that the security of your Personal Data in our care may have been compromised, we may seek to notify you of that development. If a notification is appropriate, we will endeavor to notify you as promptly as possible under the circumstances and in accordance with applicable law.
How long will you retain my Personal Data?
We take every reasonable step to process your Personal Data for the minimum period necessary for the purposes set out in this Privacy Policy. We will retain your Personal Data only for as long as we maintain an ongoing relationship with you or your Personal Data is necessary in connection with the lawful purposes set out in this Privacy Policy, plus any applicable limitation period under applicable law. After none of the above apply to your Personal Data, we will permanently delete or destroy the relevant Personal Data or anonymize the relevant Personal Data.
Opt-In and Opt-Out
You may have the right to opt-in to or opt-out of certain of our uses and disclosures of your Personal Data. For example, when you are asked to provide Personal Data on this Site, you may have the opportunity to elect to, or elect not to, receive messages from us by e-mail or text message. If you change your mind after you opt-in, you may tell us that you do not want to receive our promotional messages by emailing us at privacy@summusglobal.com. You can also opt-out of our promotional emails by clicking on the opt-out link within the e-mail you receive. To opt-out of our SMS text messages, please login to your online profile and opt-out of text message notifications. Please understand that it may take us a few days to process any opt-out request and that even if you opt-out of receiving promotional correspondence from us, we may still contact you in connection with your relationship, activities, transactions and communications with us.
Wireless Addresses
If the e-mail address you provide to us is a wireless e-mail address, you agree to receive messages from us at such address unless and until you tell us not to send messages to that address, by following the instructions in the Opt-In and Opt-Out section above. You may change your e-mail preferences at any time, but your wireless carrier’s standard rates will apply as long as you are receiving messages at a wireless e-mail address. If you give us a wireless e-mail address, you represent that you are the owner or authorized user of the device on which messages will be received and that you are authorized to approve the applicable charges.
Text Message Service
By submitting your mobile phone number in your profile, you consent for Summus to send text messages (“Text Messaging”) as part of our normal workflow to alert you to physician availability, scheduled consultation times, and other related case steps. Text messages will never include private health information and will always be linked back to your secure Summus Dashboard. You may receive 2-3 text messages during a consultation workflow. Message and data rates may apply. You can opt-out of our text messages any time by logging into your profile and adjusting your preferences or by e-mailing us at privacy@summusglobal.com. You represent that you are legally competent and have legal authority to form a contract and provide this consent with regard to the phone number you provide. You may not consent on behalf of someone else or provide someone else’s phone number. Text Messages may not be available on all carriers. Print this page using your Internet-connected computer or device and web browser to retain a copy of your consent. We will use the information we obtain in connection with our Text Messaging in accordance with this Privacy Policy. If fees are charged to your wireless account invoice, we may provide information to your carrier about them. Your wireless carrier and other service providers may also collect data about your wireless device usage, and their practices are governed by their own policies. We may also access the content of your account and/or wireless account with your carrier for the purpose of identifying and resolving technical problems and/or service-related complaints.
Do Not Track Disclosures
Some Web browsers may transmit “do-not-track” (DNT) signals to the Web sites with which the user communicates. Because of differences in how web browsers incorporate and activate this feature, it is not always clear whether users intend for these signals to be transmitted, or whether they even are aware of them. We currently do not change our tracking practices (which are explained in more detail under “Site Usage Information” above) in response to DNT settings in your web browser.
Our third party partners, such as web analytics companies, collect information about your online activities over time and across our Site and other online properties. These third parties may not change their tracking practices in response to DNT settings in your web browser and we do not obligate these parties to honor DNT settings. We may utilize Google Analytics for our web analytics and you can opt-out of your Site usage data being included in our Google Analytics reports by visiting https://tools.google.com/dlpage/gaoptout.
“Linked-To” Websites
The Site may contain links that lead to other Websites. We are not responsible for these other sites, and so their posted privacy policies (not this Policy) will govern the collection and use of your information on them. We encourage you to read the privacy statements of each Website visited after leaving the Site to learn about how your information is treated by others.
Children
We are committed to protecting the privacy of children. The Service is not designed or intended to attract anyone under the age of 13. The Service does not collect or solicit Personal Data from any person we actually know is under the age of 13. If you are under 13, please do not attempt to register for the Service or send any Personal Data about yourself to us. If we learn that we have collected Personal Data from a child under age 13, we will delete that information as quickly as possible. If you believe that a child under 13 may have provided us personal information, please contact us at privacy@summusglobal.com.
California Residents
Under California Civil Code Sections 1798.83-1798.84, California residents are entitled to contact us to prevent disclosure of Personal Data to third parties for such third parties’ direct marketing purposes; in order to submit such a request, please contact us at privacy@summusglobal.com. California residents are entitled to ask us for a notice identifying the categories of Personal Data which we share with our affiliates and/or third parties for marketing purposes, and providing contact information for such affiliates and/or third parties. If you are a California resident and would like a copy of this notice, please submit a written request to privacy@summusglobal.com.
Changes to this Privacy Policy
We may change this Policy from time to time. When we do, we will let you know by posting the changed Policy on this page with a new “Effective Date.” In some cases (for example, if we significantly expand our use or sharing of your Personal Data), we may also tell you about changes by additional means, such as by sending an e-mail to the e-mail address we have on file for you.
Contact Us
If you have any questions or comments regarding our privacy practices, you may contact us at:
Summus Global, Inc.
25 West 39th Street, 8th Floor
New York, NY 10018
U.S.A.
privacy@summusglobal.com
Last Updated: February 11th, 2021