Effective Date: April 2021
At Mindstrong, we believe that measurement-based care is fundamental to improving mental health care outcomes. Our suite of Apps measures brain health and provides access to healthcare services. Our Health App and Care App allow individuals to obtain care in a convenient location from providers who may be remote, and likewise enable providers to provide care to individuals who may be at a remote location, using these measurements of brain health. Please note the providers who deliver professional services through the Services are independent professionals practicing through Mindstrong Clinical Services, PC, or another independently owned professional practice.
Our Apps are designed to help us understand your activity, behavior and brain health so that we can tailor treatment specifically to your needs. To help us tailor our treatment, the Apps need to collect information about the ways in which you interact with your mobile device. For example, with your permission, the Apps may automatically collect information such as the patterns of your keystrokes, taps and scrolls, information collected from your device’s sensors, such as the gyroscope, accelerometer, or GPS. We also use the information we collect for other business purposes, such as to communicate with you to try and keep you engaged in your treatment, and to develop new products and services that may improve the treatment we provide.
COLLECTION OF INFORMATION
When you access and use the Services, we may collect the following types of information from you:
Information You Provide to Us
We collect Personal Information and other information you provide directly to us. For example, we collect information when you register with our Services, contact us with inquiries and comments, complete and submit forms offered on the Services, engage with our Services, including use of their interactive features.
The types of information we may collect from you include:
- Identifiers, such as your full name, phone number, email address, postal mail address, and any other information you may provide.
- Demographic Information, such as your age and gender.
- Any other information you choose to provide.
Information We Collect Automatically When You Use the Services
When you access or use the Services, the types of information we may automatically collect about you include:
- Log Data: When you visit the Services, our servers automatically collect certain Log Data and other information about your activities on the Services.
Please see the following section titled “How We Collect Your Information Through Our Apps” for app-specific information practices.
How We Collect Your Information Through Our Apps
- The Health App collects your information when you are actively using the Health App, the Mindstrong Keyboard (on iOS devices), or when the Mindstrong Service (on Android devices) is running in the background. It will automatically collect information about the ways in which you interact with the touch screen on your mobile device, such as the patterns of your keystrokes, taps, swipes, and scrolls. The Health App will also automatically collect information about the other apps that you use, including the time of day that you opened each app. It may also collect Location Information and information from device sensors, such as accelerometers, gyroscopes, and other device functionality.
- Outside of the Health App, (a) we will never collect any Personal Information typed when using your mobile device, such as names, addresses or credit cards, (b) without your express permission, we will not collect any specific letter, numbers, words or phrases typed when using your mobile device. Although the Mindstrong Keyboard will have visibility into the characters you type using the Mindstrong Keyboard, that information is stored locally on your device, and we do not process that information except as specified in this paragraph.
- The Health App provides patients and members of Organizations with functionality to communicate with their healthcare providers remotely.
- As described in the section titled, “How We Share Your Information”, we share information collected on the Health App with Organizations of which you are a patient or member. For example, if you use the Health App to communicate with your healthcare provider that is an Organization, we will share your information with such Organization.
- The Discovery App supports academic medical centers and other Organizations in conducting clinical research studies to gather measurements about brain health or other information needed for their clinical research studies. The Discovery App is only used for participants of research studies, and only once the study participants have provided their written informed consent to participate in the study and any additional required privacy consent.
- The Discovery App will collect information about the way you interact with the touch screen on your mobile device, such as the patterns of your keystrokes, taps and scrolls. Except for your response to questions and messages that you receive in the Discovery App, the Discovery App does not capture any other content from the use of your phone. It does not collect letters, numbers, words, or phrases that you type when using your phone. However, if you participate in an applicable study and have provided informed consent for the collection of additional information, the Discovery App may collect the following additional information:
- Data relating to the frequency in which you type certain words using the Mindstrong Keyboard (“Histogram Data”);
- Location Information and information from device sensors, such as accelerometers, gyroscopes, and other device functionality; and
- Particular commands that you speak into your device (“Voice Data”) if prompted by the Discovery App in studies that require Voice Data.
If a research study does not require Histogram Data, Location Information or Voice Data we do not collect it.
- On iOS devices, the Discovery App requires the installation of the included Mindstrong Keyboard. On Android devices, the Discovery app requires the activation of the Mindstrong Service. Please note that not providing consent to download the Mindstrong Keyboard or activate the Mindstrong Service, or subsequently disabling the Mindstrong Keyboard or Mindstrong Service, will affect certain features of the Discovery App.
- As described in the section titled, “How We Share Your Information”, if you participate in a clinical research study, we share information collected during your use of the Discovery App with the Organization is conducting or sponsoring the research study.
- The Care App is intended for use by Organizations, particularly healthcare professionals who will use the Care App to communicate with their patients.
- If you are an employee, agent or contractor of an Organization and access or use the Care App on behalf of an Organization, we may ask you to provide information regarding your professional licensure or other qualifications.
Information We Collect from Other Sources
We may also obtain information about you from other sources and combine that information with information we collect from you directly. For example, if you are a health plan member or patient of an Organization, we receive Personal Information about you from your Organization so that we can provide Services to you. In addition, if you link your account to another service (like a social media platform, Apple HealthKit, or another third-party service), we may receive information from the other service, like how you use that service. Lastly, we may collect information about you when you post content to our pages and/or feeds on third party social media platforms.
By using the Services or contacting Mindstrong, you consent to be recorded, and for us to analyze and share such information for the purposes described in the section titled, “How We Use Your Information.” For example, when you conduct a virtual session with one of our Healthcare Professionals, we may record the session.
HOW WE USE YOUR INFORMATION
We may use your information in the following ways:
- Administer your account: We may use your information to register you to use our Services, administer your account, and display and monitor your Service history, such as the sessions you have had with a Healthcare Professional.
- Provide you the Services: We may use your information to provide our Services to you.
- Fulfill your requests: We may use your information to provide you the information that you request. For example, we respond to your questions when you contact us, assist with any problems you report about our Services.
- Communicate with you: We may contact you to share information and materials that we think might be of interest to you, including information about our Services and other products and services that promote health and wellness. You may unsubscribe from receiving emails about these products and services by using the unsubscribe link included in an email.
- Enhance your experience: We use your information to personalize and enhance your experience when you use the Services, such as tailoring and remembering your preferences.
- Improve our Services and Develop New Services: Your information helps us evaluate our Services and improve the content and functionality of our Services. In addition, your information may help us add new functionality to our existing Services or research and develop new products and services. For example, we may measure, research, and analyze trends, usage and activities in connection with the Services to create new features and content.
- Protect Mindstrong and our Users: We may use information about you to detect, investigate and prevent fraudulent transactions and other illegal activities and protect the rights and property of Mindstrong and others.
- Creation of De-Identified Information: We may use your Personal Information to create information that is de-identified in accordance with HIPAA, other applicable laws and our Organization Agreements with applicable Organizations. This de-identified information is not Personal Information, because it cannot be used to identify you, and may be used by us for any lawful purpose.
In addition to those purposes listed above, we may use your information for any other purpose disclosed to you at the time of collection. If any applicable law requires us to obtain your consent or other permission to use your Personal Information for a particular purpose, then we will request and obtain your permission before using your Personal Information for that purpose.
HOW WE SHARE YOUR INFORMATION
- With Organizations: If you are a health plan member or patient of an Organization, then we will share your information with the Organization in accordance with the Organization Agreement and applicable law. You should review the Notice of Privacy Practices and/or other privacy policies of the Organization to understand how the Organization uses your information.
- Clinical Service Providers. We may share your information with Mindstrong Clinical Services, PC, or any other medical groups or healthcare professionals who provide physician or other clinical services to you through our Services.
- Other Service Providers: We may share your information, in an encrypted format, with third-party hosting and information security providers that provide computer, storage and information security resources to Mindstrong.
- In the Event of a Corporate Transaction: In the event we go through a business transition, such as a merger, acquisition, divestiture, restructuring, reorganization, dissolution, bankruptcy or sale of all or a portion of our assets, we may disclose your information to the party or parties to such transaction.
- For Legal Purposes: We will disclose your information when we think it is necessary to investigate or prevent actual or expected fraud, information security breaches, criminal activity, injury or damage to us or others or when otherwise required by law, regulation, subpoena, or court order, or if necessary to protect our rights.
- At Your Direction: We will share your information with third parties if and when you direct us to.
- With Your Permission: If any applicable law requires us to obtain your consent or other permission to share your Personal Information for a particular purpose, then we will request and obtain your permission before sharing it for that purpose.
We may share de-identified information and other De-identified Non-Personal Information in all legally permissible ways.
LINKS TO OTHER SITES
The security of your Personal Information is important to us. We have implemented and maintain reasonable technical, physical and administrative security measures intended to protect against unauthorized use, disclosure, alteration or destruction of the Personal Information we collect and maintain. You should keep in mind, however, that no information transmitted over the Internet is 100% secure and any information disclosed online can potentially be collected and used by persons other than the intended recipient. As a result, while we strive to protect your Personal Information, we cannot guarantee or warrant the security of any information you transmit to or from our Services.
DO NOT TRACK
Some web browsers incorporate a “Do Not Track” feature (“DNT”) that signals to the websites that you visit that you do not want to have your online activity tracked. Many websites and applications, including our Services, do not currently respond to web browser DNT signals because such signals are not yet uniform. For more information about DNT signals, please visit https://allaboutdnt.com.
NOTE TO INTERNATIONAL USERS
Subject to any restrictions in our Organization Agreements, you may update, correct or otherwise modify information that we maintain about you at any time by logging into your online account or by emailing us at [email protected] If there are restrictions in an applicable Organization Agreement, we will provide contact information for the Organization so that you can ask the Organization to modify your information. If you wish to deactivate your account, please email us at [email protected] but note we may continue to store information about you as required by law or for our legitimate healthcare business purposes.
If you do not want us to collect Location Information from your device, please disable the location setting(s) on your device or delete the Apps. Please note that disabling the location setting may affect certain features of the Apps.
With your consent, we may send push notifications or alerts to your mobile device. You can deactivate these notifications at any time by changing the notification settings on your mobile device or within our Apps.
If we make material changes that would impact your use of the Services, we will endeavor to notify you of the changes, such as by posting a notice directly on the Services, by sending an email notification (if you have provided your email address to us), or by any other reasonable method.
101 Jefferson Dr, Suite 228
Menlo Park, CA 94025
- “HIPAA” is the Health Insurance Portability and Accountability Act of 1996 and its implementing regulations.
- “Personal Information” is information that can be used to identify, contact or locate you. Examples of Personal Information such as your name, address, email address, telephone number, unique device identifier of the device you use to access the Services and other information you choose to provide as well as Protected Health Information under HIPAA.
- “Protected Health Information” is a subset of Personal Information that is protected by HIPAA. Your Personal Information is generally Protected Health Information if you are a health plan member or a patient of an Organization that is a “covered entity” under HIPAA and we are a “business associate” of the Organization under the Organization Agreement.
- “Location Information” is information that can be used to locate the device you use to access the Services. Location Information may include: (i) with your consent, the location of the device derived from GPS or WiFi use; (ii) the IP address of the device or internet service used to access the Services, and (iii) other information made available by a user or others that indicates the current or prior location of the user. Generally, we consider Location Information to be Personal Information unless the information is not Personal Information under applicable law. For more information about how you can control the collection of Location Information, please see “Your Choices” above.
- “Log Data” is information that we automatically collect about your use of the Services and your mobile device. This type of information does not usually, by itself, uniquely identify an individual. It may include your IP address, web browser and operating system, device model and manufacturer, hardware or other device model number, mobile network information and time spent connected via an App or viewing a webpage. Generally, we do not consider Log Data to be Personal Information unless the Log Data is Personal Information under applicable law or linked to Personal Information for so long as it is linked.