HOPCo Digital HCP and Partners Privacy Policy
Last Updated: March 15,
2025
PRIVACY SNAPSHOT
1. Introduction
HOPCo Digital, LLC and its subsidiaries and affiliates, collectively, “HOPCo Digital”, “we”, “us”, or “our”, provide a web portal and mobile application (the “App”) for patients (“Patients”) and online dashboards (the “Dashboards”) for healthcare professionals (HCPs), and related services (collectively, the “Services”).
2.
Who does this Privacy Policy apply to?
This
Privacy Policy applies to HCPs and Partners (as defined below) who are users of
any HOPCo Digital online dashboard (i.e. the myrecovery
Dashboard or the Vitals Portal) and related Services.
This Privacy Policy describes how we collect and process personal information relating to HCPs or Partners (as defined below) so they can use the Services in connection with the medical care and treatment of Patients, to improve the treatment and care of Patients and support Patient safety and other relevant purposes as described in this Privacy Policy.
This Privacy Policy does not apply to Patients (users of the myrecovery App). Please read the myrecovery App Privacy Policy, available at https://www.myrecovery.com, to understand how we collect and process personal information relating to Patients. This policy also relates to our websites, including https://www.myrecovery.com, and governs how we handle personal information in connection with those websites.
We refer in this Privacy Policy to the following parties:
● Healthcare Professional User (or HCP): an individual associated with healthcare institutions and other HOPCo Digital customers (each a “Provider”) who is our contact at a Provider, or who otherwise accesses the App and Dashboard in their capacity as a person responsible (whether as a surgeon, doctor or other healthcare professional) for the medical care and treatment of Patients, or persons responsible for the management, support or oversight of the foregoing.
● Partner: an entity (or individual acting on behalf of an entity) who has separately contracted with a Provider, and who is involved in research and development relating to the treatment of diseases, including the improvement of existing and development of new technologies and devices, to improve the treatment and care of Patients and support Patient safety, and who is a registered user of the Dashboard.
3. Personal information we
collect
Information you (or your employer) provide to us.
● Identity, contact and login information, such as your first and last name, login and password details, email address and your phone number, that you provide by creating an account with us, or completing forms on the Services.
● Communications that we exchange with you, including the content of any communications you send to us, for example with questions, feedback, to report a problem or to submit queries, concerns or comments regarding the Services or content made available through the Services.
●
Employment information, such as your job
title, professional contact information, and your employer.
●
Marketing information you may provide
us, such as your preferences for receiving our direct marketing communications. Except where
consent is required, we undertake such marketing on the basis
of our legitimate business interests. You can opt out of such
communications by following the unsubscribe mechanism on any communication, or
by otherwise emailing us at support@myrecovery.
If you provide us with personal information of a third party, for example another HCP or Partner or if you are an employer of a HCP, please ensure that you have directed them to this Privacy Policy and have obtained any necessary consents to provide us with their personal information.
Automatic data collection. We and our service providers may automatically log information about you, your computer or mobile device, and your interaction over time with the Services and our communications with you, including:
● Device data, such as your computer’s or mobile device’s operating system type and version, manufacturer and model, browser type, screen resolution, RAM and disk size, CPU usage, device type (e.g., phone, tablet), IP address, unique identifiers (including identifiers used for advertising purposes), language settings, mobile device carrier, radio/network information (e.g., WiFi, LTE, 3G).
● Online activity data, such as pages or screens you viewed, how long you spent on a page or screen, the website you visited before browsing to the Services, navigation paths between pages or screens, information about your activity on a page or screen, access times, and duration of access, and whether you have opened our marketing emails or clicked links within them.
We collect this information using cookies and other similar technologies. For more information, please visit our Cookie Policy.
4. How we use your personal
information
We use your personal information for the following purposes or as otherwise described at the time of collection:
● Providing our Services. We use personal information to operate, maintain, and provide you with our Services, including to register you on the Services. We do so to perform our contractual obligations under our Terms of Use.
● Communicating with you about our Services. It is in our legitimate business interests to use personal information to respond to your requests, provide support, and communicate with you about our Services, including by sending announcements, updates, security alerts and support and administrative messages. For example, we may notify you about changes to our terms or privacy policy, or ask you to leave a review.
● Improving, monitoring, personalizing, and protecting our Services. It is in our legitimate business interests to improve and keep our Services safe for our users, which includes:
o understanding your needs and interests, and personalizing your experience with the Services and our communications;
o troubleshooting, testing and research and to keep the Services secure; and
o investigating and protecting against fraudulent, harmful, unauthorized or illegal activity.
● Research and development. We use personal information for research and development purposes in our legitimate business interests, including to analyse and improve the Services and our business. We may create aggregated and/ or anonymized datasets before using your personal information in this way. If it is no longer possible to personally identify you, such data will no longer be personal information. We will use this data and share it with third parties for our lawful business purposes, including to analyse and improve the Services and promote our business. For example, we may produce anonymized and aggregated datasets to derive statistical research data about the effectiveness of medical devices, treatments and care practices.
●
Marketing. We may collect and use personal information
for marketing purposes, including for direct marketing as permitted by law. You
can opt out of such communications by following the unsubscribe mechanism on
any communication, or by otherwise emailing us at support@myrecovery.
● Compliance and protection. We may use personal information to comply with legal obligations, and it is in our legitimate business interests to use your personal information to defend us against legal claims or disputes, including to:
o protect our, your or others’ rights, privacy, safety or property (including by making and defending legal claims);
o audit our internal processes for compliance with legal and contractual requirements and internal policies;
o enforce the terms and conditions that govern the Services;
o prevent, identify, investigate and deter fraudulent, harmful, unauthorized, unethical or illegal activity, including cyberattacks and identity theft; and
o comply with applicable laws, lawful requests and legal process, such as to respond to subpoenas or requests from government authorities.
5. How we share personal
information
We do not sell personal information or share it for cross-context behavioural advertising purposes.
We may share your personal information with the following parties and as otherwise described in this Privacy Policy or at the time of collection:
● Affiliates. We may share your personal information with our corporate parent, subsidiaries, and affiliates, for purposes consistent with this Privacy Policy.
● Patients. Patients will not have access to this information.
● Service providers. We may share your personal information with companies and individuals that provide services on our behalf or help us operate the Services or our business (such as [hosting, information technology and cybersecurity, support, email and SMS delivery, and website analytics services]).
● Professional advisors. We may share your personal information with professional advisors, such as lawyers, auditors, bankers and insurers, where necessary in the course of the professional services that they render to us.
● Authorities and others. We may share your personal information with law enforcement, government authorities and private parties, as we believe in good faith to be necessary or appropriate for the compliance and protection purposes described above.
● Business transferees. We may share your personal information with acquirers and other relevant participants in business transactions (or negotiations for such transactions) involving a corporate divestiture, merger, consolidation, acquisition, reorganization, sale or other disposition of all or any portion of the business or assets of, or equity interests in, HOPCo Digital or our affiliates (including in connection with a bankruptcy or similar proceedings).
6. Privacy rights and choices
Opt out of marketing communications. You may opt out of marketing-related communications by following the opt-out or unsubscribe instructions contained in the marketing communication we send you or by contacting us as provided in the How to Contact Us section below. You may continue to receive Services-related and other non-marketing emails.
Online tracking opt out. You can opt out of third-party cookies as described in our Cookie
Policy.
Personal information requests. We also offer you choices that affect how we handle personal information that we control. Depending on your location and the nature of your interactions with our Services, you may request the following in relation to personal information:
● Information about how we have collected and used personal information. We have made this information available to you without having to request it by including it in this Privacy Policy.
● Access to a copy of the personal information that we have collected about you. Where applicable, we will provide the information in a portable, machine-readable, readily usable format.
● Correction of personal information that is inaccurate or out of date.
● Deletion of personal information that we no longer need to provide the Services or for other lawful purposes.
● Withdrawal of consent, where we have collected and processed your personal information with your consent. Withdrawing your consent will not affect the lawfulness of any processing we conducted prior to your withdrawal, nor will it affect processing of your personal information conducted in reliance on lawful processing grounds other than consent.
● Additional rights, such as the rights to object to and request that we restrict our use of personal information.
To make a request, please email us or write to us as provided in the How to Contact Us section below. We may ask for specific information from you to help us confirm your identity. Depending on where you reside, you may be entitled to empower an “authorized agent” to submit requests on your behalf. We will require authorized agents to confirm their identity and authority, in accordance with applicable laws. You are entitled to exercise the rights described above free from discrimination.
Limits on your privacy rights and choices. In some instances, your choices may be limited, such as where fulfilling your request would impair the rights of others, our ability to provide a service you have requested, or our ability to comply with our legal obligations and enforce our legal rights. If you are not satisfied with how we address your request, you may submit a complaint by contacting us as provided in the How to Contact Us section below.
UK Right to complain. If you reside in the European Economic Area or United Kingdom, you may have the right to complain to a data protection regulator where you live or work, or where you feel a violation has occurred. Click here to find your local supervisory authority if you are in the European Economic area and here if you are in the United Kingdom.
7. Other sites and services
The Services may contain links to websites and other online services operated by third parties. In addition, our content may be integrated into web pages or other online services that are not associated with us. These links and integrations are not an endorsement of, or representation that we are affiliated with, any third party. We do not control websites or online services operated by third parties, and we are not responsible for their actions.
8. Security
We employ a number of technical, organizational and physical safeguards designed to protect the personal information we collect. Our security policies are periodically reviewed and enhanced as necessary and only authorised personnel have access to personal information. Whilst we cannot ensure or guarantee that loss, misuse or alteration of information will never occur, we use all reasonable efforts to prevent it. However, no security measures are failsafe and we cannot guarantee the security of your personal information.
You are responsible for keeping your password confidential to prevent unauthorised access to your personal information and we ask that you do not share your password with anyone.
9. International data
transfer
If you are based in the United States, your personal information will be stored on servers in the United States. If you are based anywhere else, your data will be stored in the European Economic Area or the United Kingdom. We may also transfer personal information to our affiliates and service providers in the United States and other jurisdictions. Please note that such jurisdictions may not provide the same protections as the data protection laws in your home country.
When we engage in cross-border data transfers, we will ensure that relevant safeguards are in place to afford adequate protection for personal information and we will comply with applicable data protection laws, in particular by relying on an EU Commission or UK government adequacy decision/regulation for transfers outside of the European Economic Area and United Kingdom, or on contractual protections for the transfer of personal information. For more information about how we transfer personal information internationally, please contact us as set out in the How to Contact Us section below.
10. Retention of personal
information
Where required under applicable laws, we retain personal information only for as long as is necessary to fulfil the purposes for which it was collected and processed, in accordance with our retention policies, and in accordance with applicable laws and regulatory obligations or until you withdraw your consent (where applicable).
To determine the appropriate retention period for personal information, we consider the amount, nature, and sensitivity of the personal information, the potential risk of harm from unauthorized use or disclosure of personal information, the purposes for which we use personal information and whether we can achieve those purposes through other means, and the applicable legal and regulatory requirements.
11. Changes to this privacy
policy
We reserve the right to modify this Privacy Policy at any time. We will post the updated Privacy Policy on the website. If we make material changes to this Privacy Policy, we will let you know.
12. How to contact us
Contact us. If you have any questions or comments about this Policy, our privacy
practices, or if you would like to exercise your rights with respect to your
personal information, please contact us by email at
EEA Representative Contact
Information. For users in the EEA, we have
appointed Lodewijk Olthof, at Olthof Support as our EU data representative. You
can contact our EU representative
Privacy Snapshot
Here is a high-level snapshot of how we collect, use and share your personal information when you access the Services as an HCP or Partner, but you need to read the entire Privacy Policy for complete information.
|
Data Categories Collected |
How We Collect |
Primary Purposes of Processing |
Key Third-Party Recipients* |
Can You Limit Sharing? |
|
Identifiers, including contact and login information Communications that we exchange with you Employment information Marketing information |
From you From your employer or affiliated company |
To provide and support our Services To improve, monitor, personalize, and protect our Services For marketing purposes |
N/A |
N/A |
|
Internet and other electronic network activity information, including automatically collected data, such as log data, cookies, device data, and usage information |
Access through your device |
To provide and support our Services To improve, monitor, personalize, and protect our Services |
N/A |
N/A You can control the collection information via cookies as described in our Cookies Policy |
*As described further in our Privacy Policy, we may
share all categories of personal information with our service providers,
affiliates, and professional advisors for the purposes described in the Privacy
Policy. We also may share personal information with authorities and others for
legal and compliance purposes, and with business transferees in the context of
an acquisition or the sale of our business or another corporate transaction.