Last Updated: June 28, 2023
At Firefly Health, Inc. (“Firefly Health”, ” we”, “us” and/or “our”) your privacy is important to us. Our Privacy Notice describes the information we collect, how we collect information, and the reasons we collect information. This Privacy Notice also describes the choices you have with the information we collect, including how you can manage, update, or request to delete information.Please take a moment to review this Privacy Notice. You may scroll through this Privacy Notice or use the links below to navigate to specific sections. It is important that you understand this Privacy Notice. By using our website, mobile app, and/or services, you are agreeing to the terms of this Privacy Notice. If you have any questions or concerns about this Privacy Notice, you may Contact Us at any time.
Table of Contents
I. Who is Firefly Health?
II. Key Terms & Definitions and Our Privacy Notice
- When does our Privacy Notice apply?
- When does our Privacy Notice not apply?
- Our Privacy Notice and Terms of Service.
III. Personal Data
- What is Personal Data?
- What types of Personal Data do we collect?
- Health Information
- How do we collect your Personal Data?
- How do we use your Personal Data?
- How do we share your Personal Data?
- Your choices about how we share your Personal Data.
- How do I access or correct my Personal Data?
IV. Who may use the Services?
V. Children's Privacy
VI. Does Firefly Health respond to Do Not Track signals?
VII. Data Security
VIII. California’s Shine the Light Law
IX. Changes to our Privacy Notice
X. Contact Us
- Who is Firefly Health?
At Firefly Health, our mission is to deliver healthcare at its best — proactive, seamless, accessible, and affordable — because it’s what everyone deserves.
Firefly Health is not a medical group or a health care provider. Firefly Health provides its users with the ability to obtain a telemedicine consultation provided by independent medical practitioners including, but not limited to, Firefly Medical Group, P.C. (“Medical Group”), an independent medical group with a network of United States based health care providers (each, a “Provider”). Medical Group (or your own medical provider if you do not use a Medical Group Provider) is responsible for providing you with a Notice of Privacy Practices describing its collection and use of your health information, not Firefly Health.
- Key Terms & Definitions and Our Privacy Notice
It is helpful to start by explaining some of our key terms and definitions used in this Privacy Notice.
Key Term: our “App(s)”
Definition: Firefly Health, our mobile application
Key Term: our “Platform”
Definition: Our Website and App.
Key Term: “Privacy Notice”
Definition: This privacy notice.
Key Term: our “Services”
Definition: Any services provided through our Website or App.
Key Term: our “Website(s)”
Definition: Our websites, including: https://www.firefly.health/
When does our Privacy Notice apply?
This Privacy Notice describes the types of information we may collect from you when:
- You visit or use our Platform, including our Website and App;
- We communicate in e-mail, text message, and other electronic messages between you and us; and
- We communicate in person, such as on the phone or through a telehealth visit.
When does our Privacy Notice not apply?
Our Privacy Notice and Terms of Service.
- Personal Data
What is Personal Data?
Personal data is information from and about you that may be able to personally identify you. We treat any information that may identify you as personal data. For example, your name and e-mail address are personal data.
What types of Personal Data do we collect?
We may collect and use the following personal data (hereinafter, collectively referred to as “Personal Data”):
Categories of Personal Data
Specific Types of Personal Data Collected
a real name, birth date, e-mail address, shipping address, Social Security number, or unique personal identifier.
Information that identifies, relates to, describes, or is capable of being associated with a particular individual
name, username or online identifier, physical characteristics or description, shipping address, telephone number, health or medical information, insurance policy number, employment, or signature
Characteristics of protected classifications under California or federal law.
Race, Color, Age, National origin, Ancestry, Martial Status, Medical Conditions, Physical/Mental disabilities, genetic information (including familial genetic information), Sex (including gender, gender identity, sex at birth, gender expression, sexual activity, pregnancy/childbirth and related conditions), or Disability
Fingerprints, faceprints, health data, or exercise data
Internet or other electronic network activity information
IP address, device mode, device ID, OS version, device language, operating system, browser type, and information regarding a consumer’s interaction with an Internet Web site, application, or advertisement.
This Privacy Notice does not cover the collection, use or disclosure of protected health information (“PHI”). Some Personal Data we collect may constitute PHI as defined by HIPAA. As set forth above, your Provider will provide you with a Notice of Privacy Practices describing their collection and use of your health information, not Firefly Health. We will only collect and use PHI for the purposes of providing the Services on our Platform and we only collect the minimum amount necessary to fully perform and provide the Services on our Platform. We may combine your PHI with Personal Data that we have either obtained from you or through a third-party, such as your Provider, health insurer, employee benefits program, or other health care providers. PHI will not be used for any other purpose, including marketing, without your consent.
How do we collect your Personal Data?
We collect most of this Personal Data directly from you. For example, when you set up an account through the App or sign up for Services, when we speak to you by phone, text message, and e-mail. Additionally, we will collect information from you when you visit our Website or App and fill out forms.
We may also collect Personal Data in the following ways:
- From your mobile device.
- From third-party apps you choose to connect your mobile device to, such as Apple Health or Google Fit.
- When You Contact Us. When you contact Firefly Health directly, such as when you contact our Customer Support team, we will receive the contents of your message or any attachments you may send to us, as well as any additional information you choose to provide.
We will also collect information automatically as you navigate through our Platform. We use the following technologies to automatically collect data:
- Facebook Pixel and Instagram. We use Facebook Pixel and Instagram, a web analytics and advertising service provided by Facebook Inc. (“Facebook”) on our Platform. With its help, we and our customers can keep track of what users do after they see or click on a Facebook or Instagram advertisement, keep track of users who access our Platform or advertisements from different devices, and better provide advertisements to our target audiences. The data from Facebook Pixel and Instagram is also saved and processed by Facebook. Facebook can connect this data with your Facebook or Instagram account and use it for its own and others advertising purposes, in accordance with Facebook’s Data Policy which can be found at https://www.facebook.com/about/privacy/. Please click here if you would like to withdraw your consent for use of your data with Facebook Pixel https://www.facebook.com/settings/?tab=ads#_=_.
- Google Ads (AdWords). Google Ads (AdWords) remarketing service is provided by Google Inc. You can opt-out of Google Analytics for Display Advertising and customize the Google Display Network ads by visiting the Google Ads Settings page: http://www.google.com/settings/ads. Google also recommends installing the Google Analytics Opt-out Browser Add-on – https://tools.google.com/dlpage/gaoptout– for your web browser. Google Analytics Opt-out Browser Add-on provides visitors with the ability to prevent their data from being collected and used by Google Analytics. For more information on the privacy practices of Google, please visit the Google Privacy Terms web page: https://policies.google.com/privacy?hl=en.
- Social Media Services. We use social media services provided by social media companies, such as Facebook and LinkedIn. These social media companies provide web analytics and related advertising services on or in conjunction with our website. With their help, we and our customers can keep track of what users do after they see or click on a social media advertisement, keep track of users who access our website or advertisements from different devices, and better provide advertisements to our target audiences. The data from social media companies is also saved and processed by the social media sites themselves. Such social media sites can connect this data with your social media accounts and use it for its own and others advertising purposes, in accordance with their privacy notices available on the homepage of each social media website.
- Other third party tools. We use other third party tools which allow us to track the performance of our Services. These tools provide us with information about errors, app and website performance, and other technical details we may use to improve our Platform and/or the Services. For more information related to these third-party analytics providers please review How do we collect your Personal Data?.
How do we use your Personal Data?
We may use your Personal Data for the following purposes:
- Operate, maintain, supervise, administer, and enhance our Platform and/or the Services, including monitoring and analyzing the effectiveness of content of the Platform, aggregate site usage data, and other usage of the Platform and/or the Services such as assisting you in completing the registration process.
- Provide our products and services to you, in a custom and user-friendly way.
- Provide you with information, products, or services that you request from us or that may be of interest to you.
- Promote and market our Platform and/or the Services to you. For example, we may use your Personal Data, such as your e-mail address, to send you news and newsletters, special offers, and promotions, or to otherwise contact you about products or information we think may interest you. We also may use the information that we learn about you to assist us in advertising our services on third party websites. You can opt-out of receiving these e-mails at any time as described below.
- To provide you notices or about your account.
- Contact you in response to a request.
- To notify you about changes to our Platform and/or the Services or any products or services we offer or provide through them.
- Fulfill any other purpose for which you provide consent.
- Anonymize and aggregate information for analytics and reporting.
- To respond to law enforcement requests, court orders, and subpoenas and to carry out our legal and contractual obligations.
- Authenticate use, detect fraudulent use, and otherwise maintain the security of our Platform and the safety of others.
- Any other purpose with your consent.
How do we share your Personal Data?
We do not share, sell, or otherwise disclose your Personal Data for purposes other than those outlined in this Privacy Notice. However, we may disclose Personal Data that we collect or you provide as described in this Privacy Notice for the following reasons:
- Our business purposes. We may share your Personal Data with our affiliates, vendors, service providers, and business partners, including our data hosting and data storage partners, analytics and advertising providers, technology services and support, and data security advisors. We may also share your Personal Data with professional advisors, such as auditors, law firms, and accounting firms.
- Your healthcare providers or family. With your consent, we may share your information, including information collected from your use of our Platform, with your health care providers and/or family members (e.g., immediate family or friends) that you designate to receive your information.
- Other health-focused mobile apps. With your consent, we may share your profile information and data collected from your connected devices with other health-focused mobile applications installed on your mobile device to help you track your health and wellness information. If you share your information with these apps, your Personal Data, including your health information, will be used in accordance with privacy policies for those separate apps, not this Privacy Notice.
- With your consent. We may share your Personal Data if you request or direct us to do so.
- Compliance with law. We may share your Personal Data to comply with applicable law or any obligations thereunder, including cooperation with law enforcement, judicial orders, and regulatory inquiries.
- Business Transfer. We may share your Personal Data to a buyer or other successor in the event of a merger, divestiture, restructuring, reorganization, dissolution, or other sale or transfer of some or all of our assets, whether as a going concern or as part of a bankruptcy, liquidation, or similar proceeding, in which Personal Data held by us about our users are among the assets transferred.
- De-identified information. We may also disclose de-identified information (cannot be reasonably used to identify any individual) with third parties for marketing, advertising, research, or similar purposes. For example, we may share information such as your gender, height, weight, information about medications you have provided, and data from your connected devices, but we will not share your name or other information that could identify you.
- To improve our Platform. We may use your Personal Information for internal testing, research, analysis, and product development, including to develop and improve our website/application, and to develop, improve, or demonstrate our products and services
- To market our products and services. We may share your Personal Data with affiliates and third parties to market our products and services.
- To market third party products and services. We may share your Personal Data with affiliates and third parties to market their products or services to you if you have not opted out of these disclosures. For more information on opting out, see Your Choices about how we share your Personal Data.
- Third Party Analytics. We use Google Analytics and Mixpanel to understand and evaluate how visitors interact with our Platform and/or the Services. These tools help us improve our Platform and/or Services, performance, and your experience.
Your choices about how we share your Personal Data.
This section of our Privacy Notice provides details and explains how to exercise your choices. We offer you choices on how you can opt out of our use of tracking technology, disclosure of your Personal Information for our advertising to you, and other targeted advertising. We do not control the collection and use of your information collected by third parties. These third parties may aggregate the information they collect with information from their other customers for their own purposes. You can opt out of third parties collecting your Personal Information for targeted advertising purposes in the United States by visiting the National Advertising Initiative's (NAI) opt-out page and the Digital Advertising Alliance's (DAA) opt-out page.
Each type of web browser provides ways to restrict and delete cookies. Browser manufacturers provide resources to help you with managing cookies. Please see below for more information.
For other browsers, please consult the documentation that your browser manufacturer provides.
If you do not wish to have your e-mail address used by Firefly Health to promote our own Products and Services, you can opt-out at any time by clicking the unsubscribe link at the bottom of any e-mail or other marketing communications you receive from us or logging onto your Account Preferences page. This opt out does not apply to information provided to Firefly Health as a result of a product purchase, or your use of our Platform and/or the Services. You may have other options with respect to marketing and communication preferences through our Platform.
How do I access or correct my Personal Data?
You may send us an email at email@example.com to request access to or correct any Personal Data that you have provided to us. We may not accommodate a request to change Personal Data if we believe the change would violate any law or legal or contractual requirement or cause the Personal Data to be incorrect.
- Who may use the Services?
Firefly Health operates subject to state and federal regulations, and the Services may not be available in your state. You represent that you are not a person barred from enrolling for or receiving the Services under the laws of the United States or other applicable jurisdictions in which you may be located. Access to and use of the Services is limited exclusively to users located in states within the United States where the Services is available. The Services are not available to users located outside the United States. Accessing the Platform and/or obtaining the Services from jurisdictions where content is illegal, or where we do not offer the Platform and/or the Services, is prohibited.
- Children's Privacy
Our Services are not intended for children under 13 years of age. We do not knowingly collect or sell Personal Data from children under the age of 13. If you are under the age of 13, do not use or provide any information on or in these Services or through any of its features. If we learn we have collected or received Personal Data from a child under the age of 13 without verification of parental consent, we will delete it. If you are the parent or guardian of a child under 13 years of age whom you believe might have provided use with their Personal Data, you may Contact Us and we will endeavor to delete that information from our databases.
- Does Firefly Health respond to Do Not Track signals?
Some web browsers have a “Do Not Track” feature. This feature lets you tell websites you visit that you do not want to have your online activity tracked. Our Website and App incorporate third-party technology designed to honor such signals and some similar mechanisms that may be sent by your browser or device and we may limit the information we collect and how we use that information based upon whether such a signal is transmitted by your browser or device and received by us.
- Data Security
We have implemented commercially reasonable measures designed to secure your Personal Data from accidental loss and from unauthorized access, use, alteration, and disclosure. All information you provide to us is stored on servers behind firewalls.
The safety and security of your information also depend on you. Where we have given you (or where you have chosen) a password for access to certain parts of our Services, you are responsible for keeping this password confidential and not disclosing your password to any third parties.
Unfortunately, the transmission of information via the internet is not completely secure. Although we take commercially reasonable steps designed to protect your Personal Data, we cannot guarantee the security of your Personal Data transmitted to our Services. Any transmission of Personal Data is at your own risk. We are not responsible for circumvention of any privacy settings or security measures employed by the Services.
- California’s Shine the Light Law
California Civil Code Section 1798.83 (California’s “Shine the Light” law) permits users of our Platform and/or the Services that are California residents and who provide Personal Data in obtaining products and services for personal, family, or household use to request certain information regarding our disclosure of Personal Data to third parties for their own direct marketing purposes. If applicable, this information would include the categories of Personal Data and the names and addresses of those businesses with which we shared your Personal Data with for the immediately prior calendar year (e.g., requests made in 2022 will receive information regarding such activities in 2021). You may request this information once per calendar year. To make such a request, please contact us via the information found in the “Contact Us” section below.
- Changes to our Privacy Notice
- Contact Us
If you have any questions, concerns, complaints or suggestions regarding our Privacy Notice or otherwise need to contact us, please email us at firstname.lastname@example.org or write to us at:
Firefly Health, Inc.
101 Walnut St.
Watertown, MA 02472.