Terms of Service
EFFECTIVE DATE: February 5, 2019
Serenium’s Privacy Policy (“Policy”) describes how Serenium, Inc. (“we,” “us,” or “our”) collects, uses, and discloses information that we obtain about your use of the Serenium-inc.com or SleepScreenforYou.com websites (the “Site”) and the Serenium Mobile App software (“the App”), collectively the “Service,” including information that we collect from related Serenium or independent third party devices, that you connect to a the mobile device while running the App.
Serenium is a global company. If you are located in the United States or a country outside the European Union, your information is stored in the United States. If you are a European Union data subject, we store your information in the European Union. If you are a Chinese data subject, we store your information in China. By using or downloading the Service, you agree that your personal information, including any information about your health that you provide directly to us or that we collect through your use of the Service, may be transferred to and stored in the United States and handled as described in this Policy.
The information we collect and how it is collected and accessed:
The information we collect about you. We collect information directly from you, from the App, devices, third party services and from the Site you connect, as well as automatically through your use of our Service.
When you create, update, or add information in your registration process or to your profile. When you register to use the Service, we collect the personal information you provide us, including your name, email address, parent’s email address, password, gender, height, and birthdate. We may also collect additional information including: weight, height, body mass index (BMI), neck circumference, whether you are a smoker or non-smoker, other medical conditions, information related to medications you are taking, patient ID, and activity levels. You also review and answer medically validated sleep survey questions on the user’s sleep.
-
When you use the oximeter device that is connected to the App. We collect your raw oximetry (“oximeter data”) measuring heart rate, oxygen levels, and other standard measurements. We collect additional information from your mobile device or your phone at the time of recording, such as local time, local time zone, and geographic location and other information.
-
Information collected from the phone running the App. In addition to the collection described above, we collect basic information from your mobile device, including device model and operating system, device ID, device language, activities within the App and how long the App is open.
-
Payment information. We do not collect or store financial account information. Your Treating Physician will directly bill you for the payment of our Services. Serenium will be reimbursed for the Service by your Treating Physician. Serenium does not receive your credit card or bank account numbers information.
-
Treating Physicians and Diagnosing Physicians information. Information on the Treating and Diagnosing Physicians supporting the Service for you is also collected. When a Treating Physician is identified by a patient, we will try to secure and save their National Provider Identifier (NPI) number. Diagnosing Physicians will also provide their NPI numbers which will be saved in the Service.
-
After completing a night’s test. After completing a night’s sleep test with the equipment, the user or parent of the user will be notified by email that the test results have been successfully completed. They will not directly get any clinical data. They will be notified that the Diagnosing Physician will review their screening results.
-
Test results will be shared with the Diagnosing Physician. After a patient’s at-home testing, the Diagnosing Physician will be notified by email to go to a secure server to access screening results in a credentialed account using a password to access the patient’s data. The Diagnosing Physician will review the all the data for the patient and provide a Physician Diagnosis Report for the Treating Physician.
-
Physician Diagnosis Report will be shared with the Treating Physician. After the Physician Diagnosis Report is completed, an email will go to the Treating Physician to register and invite them to access the Physician Diagnosis Report on a secure server. The Treating Physician will sign in to a credentialed account and securely access this Physician Diagnosis Report. The Treating Physician will consider this report in developing a treatment plan for the patient. The Treating Physician will then contact the patient in their standard manner independent and separate from our Service.
-
When the patient contacts Serenium. When you contact Serenium directly, such as when you contact our Customer Support team, we will receive the contents of your message or any attachments you may send to us, as well as any additional information you choose to provide. We will also respond to you in a timely manner.
How we use your information
We process your information, including your personal information, for the following purposes:
-
To provide our Service to you, to communicate with you about your use of our Service, to respond to your inquiries, and for other customer service purposes.
-
To tailor the content and information that we may send or display to you, to offer location customization, and personalized help and instructions, and to otherwise personalize your experiences while using the Service.
-
To research and develop new clinical insights, products and features.
-
For marketing and promotional purposes, to the extent permitted by law and, where required, with your consent. For example, we may use your information, such as your email address, to send you news and newsletters, special offers, and promotions, or to otherwise contact you about products or information we think may interest you. We also may use the information that we learn about you to assist us in advertising our services on third party websites. You can opt-out of receiving marketing at any time as described below.
-
To better understand how users access and use our Service, both on an aggregated and individualized basis, in order to improve our Service and respond to user desires and preferences, and for other analytical purposes.
-
To tailor the content and information that we may send or display to you, to understand if a recorded sleep record is your personal data or a guests’ data (chain of custody), to offer location customization, and personalized help and instructions, and to otherwise personalize your experiences while using the Service.
-
To administer surveys and questionnaires.
-
To comply with legal obligations, as part of our general business operations, and for other business administration purposes.
-
Where we believe necessary to investigate, prevent or take action regarding illegal activities, suspected fraud, situations involving potential threats to the safety of any person or violations of our Terms of Use or this Privacy Policy.
How we share your information. We may share your information, including personal information, as follows:
-
With your consent. With your prior consent, we may share information from the Service with other third-party partners, including your personal information and data collected from your devices.
-
With the Diagnosing Physician and the Treating Physician. The Service provides your information, including your personal information, surveys and screening data and analyses, with the Diagnosing Physician. The Diagnosing Physician reviews all the data and provides their independent clinical diagnoses, which is shared with the Treating Physician you identified in your registration process. If no Treating Physician is identified, then you will be contacted to see where the Physician Diagnosis Report should be sent.
-
Your healthcare providers or family. With your consent, we may share your information, including information collected from your connected devices, with your other healthcare providers and/or family members (e.g., immediate family or friends) that you designate to receive your information.
-
Medical, clinical trial and machine learning research. The Service may use or share your data in an anonymous manner or de-identified information, so that it cannot reasonably be used to identify an individual, to conduct medical, clinical and machine learning research to improve healthcare and our Service. For example, we may utilize or share information such as your gender, height, weight, information about medications you have provided, and data from your connected devices, but we will not share your name or other information that could identify you.
-
Other health-focused Mobile Apps. With your consent, we may share your profile information and data collected from your connected devices with other health-focused mobile applications installed on your mobile device to help you track your health and wellness information. If you share your information with these apps, your personal information, including your health information, will be used in accordance with those apps separate privacy policies, not this one.
-
Aggregate and De-Identified information. We may share aggregate or de-identified information—so that it cannot reasonably be used to identify an individual—with third parties for marketing, advertising, research or similar purposes.
-
Affiliates. We may disclose the information we collect from you to our affiliates or subsidiaries; however, if we do so, their use and disclosure of your personal information will be subject to this Policy.
-
Service Providers. We may disclose the information we collect from you to third party vendors, service providers, contractors or agents who perform functions on our behalf, such as providers of hosting, email communication, customer support services, analytics, marketing, and advertising, based on our instructions, and in compliance with this policy and any other appropriate confidentiality and security measures.
-
Business transfers. If we are acquired by or merged with another company, if substantially all of our assets are transferred to another company, or as part of a bankruptcy proceeding or reorganization, we will give affected users notice before transferring any personal information to a new entity.
-
In response to Legal process. We also may disclose the information we collect from you in order to comply with the law, a judicial proceeding, court order, or other legal process, such as in response to a court order or a subpoena.
-
Please note: Our policy is to notify you of legal process seeking access to your information, such as search warrants, court orders, or subpoenas, unless we are prohibited by law from doing so. In cases where a court order specifies a non-disclosure period, we provide delayed notice after the expiration of the non-disclosure period. Exceptions to our notice policy include exigent or counterproductive circumstances, for example, when there is an emergency involving a danger of death or serious physical injury to a person.
-
-
To protect us and others. We also may disclose the information we collect from you where we believe it is necessary to investigate, prevent, or take action regarding illegal activities, suspected fraud, situations involving potential threats to the safety of any person, violations of our Terms of Use or this Policy, or as evidence in litigation in which Serenium is involved.
-
Third Party analytics. We use automated devices and applications, such as Google Analytics and other services, to evaluate usage of our Service. We use these tools to help us improve our Service, performance and user experiences.
Privacy Shield information for EU and Swiss individuals
Serenium is currently not selling our Service in the EU. When we do, Serenium will comply with the EU-U.S. Privacy Shield Framework and the Swiss-U.S. Privacy Shield Framework as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal information transferred from the European Union and Switzerland to the United States pursuant to the Privacy Shield. Serenium will certify to the Department of Commerce that it adheres to the Privacy Shield Principles. If there is any conflict between the terms in this privacy policy and the Privacy Shield Principles, the Privacy Shield Principles shall govern. To learn more about the Privacy Shield program, please visit http://www.privacyshield.gov.
The Federal Trade Commission has jurisdiction with enforcement authority over Serenium’s compliance with the Privacy Shield.
The Privacy Shield Principles describe Serenium’s accountability for personal data that it subsequently transfers to a third-party agent. Under the Privacy Shield Principles, Serenium shall remain liable if third party agents process the personal information in a manner inconsistent with the Privacy Shield Principles, unless Serenium proves it is not responsible for the event giving rise to the damage.
Cookies
Cookies are small text files stored on your device and used by web browsers to deliver personalized content and remember logins and account settings. In addition to improving user experience, we use cookies and similar technologies for analytic and advertising purposes. You can manage your cookies locally by adjusting your browser settings, or you can opt-out of targeted advertising through cookies by visiting networkadvertising.org/choices or aboutads.info/choices. Because there is not yet a common understanding of how to interpret Do Not Track signals, we are unable to respond to Do Not Track requests from browsers, however we are monitoring for updates and will revisit this policy once a common standard is established.
Third-Party links
Our Service may contain links to third-party websites. Any access to and use of such linked websites is not governed by this Policy, but instead is governed by the privacy policies of those third party websites. We are not responsible for the information practices of such third party websites.
Security of my personal information
We have implemented reasonable precautions to protect the information we collect from loss, misuse, and unauthorized access, disclosure, alteration, and destruction. Please be aware that despite our best efforts, no data security measures can guarantee security.
You should take steps to protect against unauthorized access to your password, phone, and computer by, among other things, signing off after using a shared computer, choosing a robust password that nobody else knows or can easily guess, and keeping your log-in and password private. We are not responsible for any lost, stolen, or compromised passwords or for any activity on your account via unauthorized password activity.
Access to and deleting my personal information
We acknowledge the right of EU and Swiss individuals to access their personal data pursuant to the Privacy Shield. You may modify personal information that you have submitted by logging into your account and updating your profile information. Please note that copies of information that you have updated, modified or deleted may remain viewable in cached and archived pages of the Service for a period of time.
We store information associated with your account until your account is deleted. You can delete your account at any time by contacting Customer Support at privacy@serenium-inc.com. Please note that it may take a bit of time to delete your account information, and we may preserve it for legal reasons or to prevent harm, including as described in the How Information Is Shared section.
What choices do I have regarding promotional emails?
We may send periodic promotional emails to you. You may opt-out of such communications by following the opt-out instructions contained in the email. Please note that it may take up to 10 business days for us to process opt-out requests. We may still send you emails about your account or any services you have requested or received from us.
Users under 18
Our Service is intended for children and adults. The parents of a child under age 18 should be the individual providing the registration information, completing the survey questions and assisting in conducting the home sleep screen. The information from the Treating Physician will be directed to that identified parent when the evaluation is completed. Our services are not designed for users under 18 without their parent’s participation. If we discover that a user under 18 has provided us with personal information without parental input, we will delete such information from our systems.
GDPR – Rights for EEA Users and Serenium’s capabilities for Worldwide Users
What rights do I have? Individuals located in the European Economic Area (EEA) have certain rights in respect of your personal information and Serenium will provide these capabilities to all our worldwide users, including:
-
the right of access to your personal data;
-
the right to correct or rectify any inaccurate personal data;
-
the right to restrict or oppose processing of personal data;
-
the right to erase your personal data; and
-
the right to personal data portability.
We rely on your consent as a lawful basis processing personal data for the following purposes:
-
initial collection of personal data through the Service;
-
providing you with marketing or promotional communications. You may opt out of such communications at any time by clicking the “unsubscribe” link found within Serenium email updates and changing your contact preferences.
We process personal data in order to perform our contract with you.
Additionally, we process personal data based on our “legitimate interests” in providing you the Service as described in the section “How we use your information”, including:
-
To enable the Service to function as expected;
-
To communicate with you in response to customer service inquiries, to deliver non-promotional, service-related emails, or to administer surveys and questionnaires; and
-
To tailor your experience based on your general region.
In some cases, Serenium may process personal information pursuant to a legal obligation or to protect your vital interests or those of another person.
How may I exercise my individual rights? Serenium users located worldwide may access and update their personal information as follows:
-
Account holders may access and update personal information through their account settings in the Serenium platform;
-
Account holders may exercise their rights to data deletion and data portability by contacting Serenium at privacy@serenium-inc.com.
-
Serenium does not retain any personal information from users who do not create Serenium accounts.
Please note that Serenium may request additional information from you to verify your identity before we disclose any personal or account information.
Contact Us
If you have questions about our privacy practices, please contact us at privacy@serenium-inc.com.
Serenium Inc
Attn. Privacy
4065 Wilkie Way
Palo Alto, CA 94306
If you are an EEA customer and are unable to reach Serenium at the contact information provided above regarding your issue, you have the right to contact your local Data Protection Authority.
Changes to this Policy
This Policy is current as of the Effective Date set forth above. We may change this Policy from time to time, so please be sure to check back periodically. We will post any changes to this Policy on our Service. If we make any changes to this Policy that materially affect our practices with regard to the personal information we have previously collected from you, we will endeavor to provide you with notice in advance of such change.