Collected and Received Data
Aesto Health receives and collects the following type of data or information.
Data in a RemoteVisit account can be added or created by Authorized Users in the RemoteVisit account, whether they be Team users (healthcare service providers, administrative users) or Patient users. This data belongs to the Customer.
- Personal information includes name, email address and/or phone number used to create Authorized User accounts. It also includes other personally identifiable information that users may choose to add to their user account profile.
- Personal health information that patient users and/or healthcare providers, who are Authorized Users of the RemoteVisit account, enter into the Personal Health Record of a patient includes data that is entered manually, synched with a health monitoring device or from a third party source that users alone authorize. It also includes files that users choose to upload.
Other Data (Administrative information about the services provided to Patient Users in the RemoteVisit account)
- RemoteVisit account Account Info: Information that the Customer provides to Aesto Health at the time of setting up their RemoteVisit account account. This also includes information required for subscription and billing of the account. Aesto Health does not store the Customer’s credit card or other payment method information.
- Additional Information: You may also provide other information to Aesto Health through support channels.
Note for EU customers and users: With regard to the definition of data controller and data processor, as defined by Data Protection laws in the EU, the Customer is the data controller of Customer Data and Aesto Health is the data processor. Aesto Health is the data controller of Other Data, as defined above.
Use of Information
The Customer is the owner and controller of the Customer Data, which is processed by Aesto Health as per the configuration settings and instructions of the Customer. The Customer alone decides which Authorized Users to create and terminate; and what access such Authorized Users have to add, update, delete, export or share the data. The Customer defines the policies, practices and usage terms for Authorized Users of the RemoteVisit account and it is the sole responsibility of the Customer to enforce that. A Customer can terminate Authorized Patient User accounts at any time and such Patients will no longer have further access to their personal health information in event of that happening. Whether or not to share that information with the Patient User before termination of the Patient User account is the prerogative of the Customer only.
Other information and data provided to Aesto Health is used as follows:
- Payment Information: A Customer making a subscription payment for the RemoteVisit account will be providing secure third party payment providers with access to information on your payment method and billing address details at the time of your making online payments. Aesto Health does not store your credit card details nor that of any other online payment methods you may choose to use.
- Contact Information: The services platform will send you automated system communications (email and other notifications), as per your notification settings, as part of essential functioning of services that you may avail. Your contact information may also be used for customer support services, should you choose to avail of them. In addition, we may use your contact information to provide you with information about, our products and services. If you decide at any time that you no longer wish to receive such information or communications from us, please follow the unsubscribe instructions provided in any of the communications. Your identifiable contact information is not shared with any third-party service.
- Anonymized data: Aesto Health may analyze anonymized and aggregated data collected through the services, for purposes of issue diagnostics, security assessment and monitoring, evaluating usage trends and requirement patterns and to measure the effectiveness of services and content. Such anonymized and aggregated information is not considered as personal information.
Disclosure of Information
We may disclose any information to government or law enforcement officials if we believe doing so is required to comply with law enforcement and legal process; to prevent or stop any illegal, unethical, or legally actionable activity; to protect your, our or others rights and safety.
Customers determine their own policies and practices for the sharing and disclosure of their own Customer Data and this is expected to be in compliance with legal requirements. Aesto Health will disclose Customer Data only as per the request and instructions of the Customer, whether as defined in terms of the service configuration that they apply in use of the RemoteVisit account or by direct requests. Disclosure of Customer Data to Authorized Users of the Customer’s RemoteVisit account is determined by the Customer, while creating and configuring such Authorized User accounts. The Customer may also be able to request and view usage information of Authorized Users in the Customer’s RemoteVisit account. All Aesto Health employees are bound by strict privacy policies and do not have access to Customer Data.
Sub-Processors: Aesto Health may utilize third party services to sub-process other information and support our business by providing hosting, storage, communications, webRTC and analytics services.
If Aesto Health becomes involved in a merger, acquisition, or any form of sale of some or all of its assets, other information will be transferred to the new entity for the continued performance of service, subject to standard confidentiality agreements.
Aesto Health does not collect personal information about online activities of our Customers or visitors to our website across third-party websites or other online services. Do-no-track signals transmitted from web browsers, therefore do not apply to our Platform Services or website. It is important to note that most browsers allow you to disallow cookies from sites that you do not trust.
Transmission and Storage Security
All data is stored only in our cloud infrastructure on the highly secure Amazon Web Service platform in the United States of America. We take all necessary measures in providing secure transmission of personal health information before it is transferred across the Internet from your personal computer or devices to our servers and in securing such personal information stored on our systems. However, you should be aware of possible risk involved in transmitting information over the Internet as no data transmission can be guaranteed to be 100% secure and of risk that others could find a way to thwart our security systems. As a result, while we strive to protect your personal information, we cannot ensure or warrant the security and privacy of personal information you transmit to us, and you do so at your own risk.
Restriction on the basis of age
All users of the RemoteVisit.care Platform Services are expected to be above 18 years of age. Customers are to ensure that only parents or authorized guardians of minors are allowed to operate Authorized Patient User accounts on their behalf. Any Authorized User providing, storing or submitting information on behalf of a child/person under guardianship assumes full responsibility over the submission, use, and transmission of such information.
Users located in the EU, have certain statutory rights with regard to their personal data as defined by the General Data Protection Regulation. You have the right to seek to request access to your personal data, delete or update it. The Platform Service features and settings support this to some extent. If you cannot use the service features to do this, please contact our support desk for help. In the case of Authorized Users of a Customer RemoteVisit account, it is important to directly contact the Customer for such support including objection to processing of your data, as the Customer is the data controller of Customer Data. Based on its legitimate interests and compliance requirements, Aesto Health may process Other Data that includes user data for legitimate purposes.
Links to Other Websites
Our website may contain links to other websites. The fact that we link to a website is not an endorsement, authorization or representation of our affiliation with that third party. We do not exercise control over third party websites. These other websites may place their own cookies or other files on your computer, collect data or solicit personally identifiable information from you. Other sites follow different rules regarding the use or disclosure of the personally identifiable information you submit to them. We encourage you to read the privacy policies or statements of the other websites you visit.
Changes to this Policy