RecoveryOne Privacy Policy

Welcome, and thank you for your interest in Trainer Rx, Inc. d/b/a RecoveryOne (“RecoveryOne”, “we,” or “us”) and our Web site at app.recoveryone.com (the “Site”), as well as all related web sites, networks, embeddable widgets, downloadable software, mobile applications (including tablet applications), and other services provided by us and on which a link to this Privacy Policy (this “Policy”) is displayed (collectively, together with the Site, our “Service”).

This Policy describes the information that we gather from you on the Service, how we use and disclose such information, and the steps we take to protect such information. By using the Service, you consent to the privacy practices described in this Policy.

This Policy is incorporated into and is subject to the RecoveryOne Terms of Use. Capitalized terms used but not defined in this Policy have the meaning given to them in the RecoveryOne Terms of Use.

Questions or Complaints about RecoveryOne or its use, retention and disclosure of Personal Data should be directed to: Director of Compliance & Governance, RecoveryOne, 1670 Riviera Ave. Suite #101, Walnut Creek, CA 94596; tel. 1-877-747-9411; email: privacy@recoveryone.com.

Your Rights with respect to Personal Data are outlined in this Privacy Policy here

The information we collect on the Service:

How we use your Protected Health Information:

RecoveryOne is dedicated to maintaining the privacy and integrity of your Personal Data including PHI. Under the US Health Insurance Portability and Accountability Act (HIPAA), PHI is information about you that may be used to identify you (such as your name, social security number, or address), and that relates to (a) your past, present or future physical or mental health or condition, (b) the provision of health care to you, or (c) your past, present or future payment for the provision of health care. In providing the Service, we will receive and create records containing your PHI and may use it to remind you of workout sessions, develop and conduct surveys with you to assist in providing you a better Service, conduct our management and administrative activities, and otherwise as stated in this Privacy Policy. You may also choose to grant access to your account to your health care provider or communicate directly with your health care provider. We may also use your de-identified PHI to run (or authorize third parties to run) statistical research on individual or aggregate health or medical trends. Such research would only use your PHI in an anonymous manner that cannot be tied directly back to you. We are required by law to maintain the privacy and confidentiality of your PHI, and we operate the Service consistent with applicable federal and state laws governing health information privacy and security.

How we use the information we collect. We use information we collect on the Service in a variety of ways in providing the Service and operating our business, including the following:

This Privacy Policy describes how we protect your privacy as a general user of the Service, not as a patient receiving care through the Service from your health care provider. You understand that all information shared with your health care provider is subject to your consent and to your health care provider’s professional and legal duties of confidentiality and responsibility, which we do not control. If you are receiving care through the Service from a health care provider, you have other rights with respect to the access, use and disclosure of PHI. For a more complete description of a patient’s rights under HIPAA, please refer to your health care provider’s Notice of Privacy Practices, which provides important information to you about how your PHI may be used and disclosed.

When we disclose information. Except as described in this Policy, we will not disclose your information that we collect on the Service to third parties without your consent. When we disclose your Personal Data, we will disclose the amount necessary for the purpose of the disclosure. We may disclose information to third parties if you consent to us doing so, as well as in the following circumstances:

 

Your Rights as a Data Subject

At any point while RecoveryOne is in possession of or processing your Personal Data, you, the data subject, have the following rights:

Complaints and Recourse

In the event that you wish to make complaint about how your personal data is being processed by RecoveryOne, or how your complaint has been handled, you have the right to lodge a complaint directly with the supervisory authority and RecoveryOne’s Director of Compliance & Governance.

The Contact Information: Director of Compliance & Governance, RecoveryOne, 1670 Riviera Ave. Suite #101, Walnut Creek, CA 94596; tel. 1-877-747-9411; email: privacy@recoveryone.com.

Your Choices

You may, of course, decline to share certain Personal Data with us, in which case we may not be able to provide to you some of the features and functionality of the Service. If you wish to update, correct, or de-identify your account information or any other Personal Data we hold, you may contact us at privacy@recoveryone.com. Please note that while any changes you make will be reflected in active user databases instantly or within a reasonable period of time, we may retain all information you submit for backups, archiving, prevention of fraud and abuse, analytics, satisfaction of legal obligations, or where we otherwise reasonably believe that we have a legitimate reason to do so.

If you receive commercial email from us, you may unsubscribe at any time by following the instructions contained within the email. You may also opt-out from receiving commercial email from us, and any other promotional communications that we may send to you from time to time, by sending your request to us by email at privacy@recoveryone.com or by writing to us at the address given at the end of this policy. We may allow you to view and modify settings relating to the nature and frequency of promotional communications that you receive from us in user account functionality on the Service.

Please be aware that if you opt-out of receiving commercial email from us or otherwise modify the nature or frequency of promotional communications you receive from us, it may take up to ten business days for us to process your request, and you may receive promotional communications from us that you have opted-out from during that period. Additionally, even after you opt-out from receiving commercial messages from us, you will continue to receive administrative messages from us regarding the Service.

Third-Party Services

The Service may contain features or links to Web sites and services provided by third parties. Any information you provide on third-party sites or services is provided directly to the operators of such services and is subject to those operators’ policies, if any, governing privacy and security, even if accessed through the Service. We are not responsible for the content or privacy and security practices and policies of third-party sites or services to which links or access are provided through the Service. We encourage you to learn about third parties’ privacy and security policies before providing them with information.

Children’s Privacy

Protecting the privacy of young children is especially important. Our Service is not directed to children under the age of 13, and we do not knowingly collect Personal Data from children under the age of 13. Children aged 13 to 16 may use RecoveryOne only with the consent of a legally responsible parent or guardian. If you are under 13 years of age, then please do not use or access the Service at any time or in any manner. If we learn that personally identifiable information has been collected on the Service from persons under 13 years of age and without verifiable parental consent, then we will take the appropriate steps to delete this information. If you are a parent or guardian and discover that your child under 13 years of age has obtained an account on the Service, then you may alert us at privacy@recoveryone.com and request that we delete that child’s personally identifiable information from our systems.

Data Security

We use certain physical, managerial, and technical safeguards consistent with the HIPAA and HITRUST guidelines, that are designed to improve the integrity and security of your personally identifiable information. We cannot, however, ensure or warrant the security of any information you transmit to us or store on the Service, and you do so at your own risk. We also cannot guarantee that such information may not be accessed, disclosed, altered, or destroyed by breach of any of our physical, technical, or managerial safeguards.

If we learn of a security systems breach, then we may attempt to notify you electronically so that you can take appropriate protective steps. We may post a notice through the Service if a security breach occurs. Depending on where you live, you may have a legal right to receive notice of a security breach in writing. To receive a free, written notice of a security breach you should notify us at privacy@recoveryone.com.

Privacy Settings

Although we may allow you to adjust your privacy settings to limit access to certain Personal Data, please be aware that no security measures are perfect or impenetrable. We are not responsible for circumvention of any privacy settings or security measures on the Service. Additionally, we cannot control the actions of other users with whom you may choose to share your information. Further, even after information posted on the Service is removed, caching and archiving services may have saved that information, and other users or third parties may have copied or stored the information available on the Service. We cannot and do not guarantee that information you post on or transmit to the Service will not be viewed by unauthorized persons.

Changes and Updates to this Policy

Please revisit this page periodically to stay aware of any changes to this Policy, which we may update from time to time. If we modify the Policy, we will make it available through the Service, and indicate the date of the latest revision. In the event that the modifications materially alter your rights or obligations hereunder, we will make reasonable efforts to notify you of the change. For example, we may send a message to your email address, if we have one on file, or generate a pop-up or similar notification when you access the Service for the first time after such material changes are made. Your continued use of the Service after the revised Policy has become effective indicates that you have read, understood and agreed to the current version of the Policy.

Our Contact Information

Please contact us with any questions or comments about this Policy, your Personal Data, our use and disclosure practices, or your consent choices by email at privacy@recoveryone.com.

RecoveryOne

1670 Riviera Avenue, Suite 101

Walnut Creek, CA 94596

August 2023