“HIPAA” means Health InsurancePortability and Accountability Act of 1996, the Health Information Technology for Economic and Clinical Health Act and their implementing regulations as amended from time to time. “Protected Health Information” is individually identifiable health information that is protected by HIPAA and that we receive on behalf of practitioners subject to HIPAA. “Covered Entity”refers to a practitioner, lab or other entity subject to HIPAA.
What Information does Rupa Collect?
Information You Provide to Us:
We collect information you provide to us through the Site and offline, for example when you create or modify your account, register to use our Site, purchase products or services from us, request information from us, contact customer support, fill out any form on the Site, or otherwise communicate with us. If you are a patient, this information may include:
If you are practitioner or other user, in addition to information we collect for a patient, this information may also include:
If you are a patient of a practitioner, we may share the information described above with your practitioner, our service providers, marketing and advertising companies and with third parties who may acquire some or all of our assets. We may also share information with third parties with your consent or as required by law.
Information Collected Automatically:
Whenever you interact with our Services, we automatically receive and record information on our server logs from your browser or device, which may include your IP address, geolocation data, device identification, “cookie” information, the type of browser and/or device you’re using to access our Services, and the page or feature you requested. “Cookies” are a text file that we, or an included third party service, embed within the Site, and that may be transferred to your browser or device to allow us or the third-party service to recognize your browser or device and tell us or the third-party service how and when pages and features in our Services are visited and by how many people. The third-party service providers may aggregate that information across their sites and other sites that have the same services installed. You may be able to change the preferences on your browser or device to prevent or limit your device’s acceptance of cookies, but this may prevent you from taking advantage of some of our Site’s features.
The information we collect automatically may include personal information, or we may maintain it or associate it with personal information we collect in other ways or receive from third parties. It helps us to improve the Site and to deliver a better and more personalized service, including by enabling us to:
We may use this data to customize content for you that we think you might like, based on your usage patterns. We may also use it to improve the Services – for example, this data can tell us how often users use a particular feature of the Services, and we can use that knowledge to make the Services more helpful to as many users as possible.
We may share the information described above with your practitioner, our service providers, marketing and advertising companies and with third parties who may acquire some or all of our assets. We may also share information with third parties with your consent or as required by law.
No Information from Individuals Under the Age of 18
If you are under the age of 18, please do not attempt to register with us at this Site or provide any personal information about yourself to us. If we learn that we have collected personal information from someone under 18, we will promptly delete that information. If you believe we have collected personal information from someone under the age of 18, please email us at firstname.lastname@example.org.
To Provide Products, Services, and Information.
We collect information from you and use the information to:
Sharing among Patients, Healthcare Practitioners and Labs. Rupa acts as a third party between patients and practitioners to get lab work ordered effectively. We share patients’ personal information with the doctor and relevant medical staff as well as the lab company performing the tests and relevant lab personnel in connection with getting orders and lab results in.
Vendors and Service Providers. We may provide information to third-party vendors and service providers that help us operate and manage our Site, process orders, and fulfill and deliver products and Services that you purchase through us. These vendors and service providers will have access to your personal information in order to provide these services, but when this occurs we implement reasonable contractual and technical protections to limit their use of that information to helping us provide the service.
Legal Responsibilities and Proceedings. We will share personal information with third party companies, organizations or individuals outside of Rupa if we have a good-faith belief that access, use, preservation or disclosure of the information is reasonably necessary to:
To Create De-Identified Data. We may use your information to create data that is de-identified in accordance with the de-identification standards under HIPAA and other laws. We will use de-identified data only as permitted by applicable law. We will not sell de-identified data.
To Provide Analysis to Health Care Providers. Rupa may combine your information with information from other users of the Site to provide analysis in de-identified form to practitioners and lab companies.
Do I have access to my information?
You can access and update certain information we have relating to your online account by signing into your account and going to the Account section of our Site. If you have questions about personal information we have about you or need to update your information, you can Contact Us or call us at (669) 294-2703.
Your California Privacy Rights
California residents are entitled to the following additional privacy rights listed below.
The right to know. You have the right to request that we disclose what personal information we collect, use, disclose, and sell. Specifically, you have the right to know:
Within the preceding 12 months, Rupa collected the categories of personal information detailed in the “Information You Provide to Us” and the “Information Collected Automatically” sections above. The sources from and purposes for which Rupa collects personal information are also described in the same sections and in the section “How does Rupa Share or Use the Personal Information it Receives?” Rupa does not sell your personal information. In addition, except as set forth in the sections above, Rupa does not disclose your personal information for business purposes to third parties.
The right to deletion. You have the right to request that we delete the personal information that we have collected or maintain about you. Under certain circumstances, we have the right to deny your request, such as if needed to comply with our legal obligations. If we deny your request for deletion, we will inform you of the reason.
The right to opt out of sale. Rupa does not sell your personal information. If that were to change, we would give you the right to opt-out of our sale of your information.
The right to equal service. Rupa will not discriminate against you in any way if you exercise any of your California privacy rights. Please be aware that exercising your rights may result in you being unable to use or access certain features of our Site.
To exercise your right to know and right to deletion, contact us using the email address or phone number provided in the “Questions and How to ContactUs” section below. You may exercise your right to know twice a year free of charge. You may also contact us with questions or concerns concerning our privacy policies and practices using the information in the “Questions and How to Contact Us” section.
We will take steps to verify your identity before processing your request to know or request for deletion. We will not fulfill your request unless you have provided sufficient information for us to reasonably verify you are the individual about whom we collected personal information. We may request personal information from you in order to verify your identity, such as your name, email address, and physical address. We will only use the personal information provided in the verification process to verify your identity or authority to make a request and to track and document request responses, unless you initially provided the information for another purpose.
You may use an authorized agent to submit a request to know or a request to delete. When we verify your agent’s request, we may require the agent to provide proof that you gave the agent signed permission to submit the request. We may also ask you to verify your identity or to directly confirm with us that you provided the agent permission to submit the request.
California Civil Code Section 1798.83 (also known as the “Shine the Light” law) permits individual California residents to request certain information regarding our disclosure of certain categories of personal information to third parties for those third parties’ direct marketing purposes. To make such a request, please contact us using the information in the “Questions and How to Contact Us” section below. This request may be made no more than once per calendar year, and we reserve our right not to respond to requests submitted other than to the email or mailing addresses specified below. Note that we do not currently share personal information with third parties for those third parties’ direct marketing purposes.
Consent to Processing of Personal Data in the U.S.
Questions and How To Contact Us
121 2nd St. Unit 5
San Francisco CA 94107