Last Updated: January 11, 2023
ContactPoint 360 Inc. built the TPV360 app as a free app. This SERVICE, the application, is provided by ContactPoint 360 at no cost and is intended for use as is. This page is used to inform visitors regarding our policies with the collection, use and disclosure of Personal Information if anyone decides to use our service.
ContactPoint 360 Inc. and its platform TPV360 (ContactPoint 360, “The Company”) is sensitive to privacy issues with respect to the use of user information provided to us. The Company is committed to maintaining the privacy and confidentiality of the personal information that we collect. For these reasons, we are disclosing to you our practices in gathering and using information that you provide us.
Categories of Who Is Covered in this Privacy Statement
1.) If you are a User of our Hosted Programs, please see the section “Business Services Programs” below
for information on our Business Services practices with respect to data about you.
2.) If you are a visitor to the portions of the TPV360 Website or a TPV360-Powered Website that can be
accessed without a password (our “Public Website”), please see the section “Public Website Privacy”
with respect to data about you. We refer to you as a “Public Website Visitor”.
- A “TPV360 Powered Website” means a website not owned by TPV360, but which has a license from TPV360 to utilize certain TPV360 technologies.
- Personally Identifiable Information (“PII”) means data that is about, or relates to, recorded information about an identified or identifiable individual that can be linked to that individual. Examples of PII may include combinations of an individual’s name, address, phone number, e-mail address and social security numbers. For further clarity, the term “PII” does not include data that pertains to a specific individual, but from which that individual cannot reasonably be identified.
- Personally Identifiable Information (“PII”) is any information that can be used to identify, contact, or locate an individual, either alone or combined with other easily accessible sources. It includes information that is linked or linkable to an individual, such as medical, educational, financial and employment information. Examples of data elements that can identify an individual include name, fingerprints or other biometric (including genetic) data, email address, telephone number or social security number. Unless otherwise indicated, references herein to PII include sensitive PII (as defined below).
- Sensitive PII means data that is a subset of PII that indicates an individual’s racial or ethnic origin, financial account information, political opinions, religion, union membership, sexual orientation, medical or health condition (see “PHI” below), or actual or alleged criminal activity.
- Protected Health Information (“PHI”) is information that is created or received by a health care provider, health plan, public health authority, employer, life insurer, medical school or university, or health care clearinghouse; and relates to the past, present or future physical or mental health or condition of an individual, the provision of health care to an individual, or the past, present or future payment for the provision of health care to an individual. Perhaps most importantly, PHI is information that either obviously identifies an individual; or that provides for a reasonable basis to believe it can be used to identify the individual. Examples of individually identifiable information include patient name, address, and date of birth, age, medical record number, phone number, fax number, and email address.
- “Users” has the meaning of Participants in our Business Services Practices and Public Website Visitors. A “User” means any individual who has access using a password to a Company Website or TPV360 Powered Website, including buyers of Company Services, participants of programs provided through the Company Website or TPV360 Powered Website, and employees and agents of corporate clients and Suppliers. Business Services performed for our clients is defined in our contracts with our Clients.
Business Services Programs (For Clients)
If you are a participant using business services on behalf of our client, the following terms are applicable to you:
General Information PII and other pertinent information will be collected when you register for a program managed by TPV360 and purged as necessary.
The PII you provide is the property of a third party, our client, to whom you have provided the information. This third-party provider is regarded as the Data Controller and as such, all personal information (PI/PII) is completely accessible to the respective provider and its agents.
With regards to PHI, the Privacy Rule sets the standards for how all PHI should be controlled and defines what information must be protected, who is authorized to access, use or disclose information, what processes must be in place to control the access, use, and disclosure of information, and patient (end customer) rights. The purpose of the Privacy Rule is to protect and enhance the rights of consumers by providing them access to their health information and controlling the inappropriate use of that information. Since some services provided by divisions within the Company give the Company access to personal information that identifies individuals and their eligibility for Medicaid and/or Medicare, the Company is under obligation to protect that information, and the identity of those individuals from improper disclosure.
Each TPV360 provider has its own privacy statement. By providing your personal information to the Company for use by a provider you consent to the Company providing a copy of your personal information to that provider for collection, processing and any further transfer in accordance with the privacy statement (if any) of that third party provider. TPV360 is not responsible for any actions of its clients once the data is provided to them.
Our Clients may have optional third-party service providers that can perform additional functions outside of the standard platform offering where individual’s personal information may be shared.
TPV360 provides the tools necessary for the Client and the Client workforce to manage the Clients collected information/records.
Information Collection and Use
The app does use third-party services that may collect information used to identify you.
The Company may only disclose PI/PII to third parties for new purposes or uses only with the prior implicit consent of the Client and only if the individual has previously given permission for new uses.
Any individuals refusing to provide personal information or denying or withdrawing consent to use their personal information for services provided by the Company is the responsibility of the Client.
Any complaints or questions should be first sent to us by email at firstname.lastname@example.org
Choice and Consent
Personal information is collected only with those who have, or are in the process of establishing, a business relationship with the Client and have obtained consent (explicit or implied) to share their personal information (transfer to or from) with the Company and other third parties, only for the purposes for which it was collected. The Company will work with the Client if any requests are submitted to the Company for removal or updates to individual’s personal information.
When the Client requests to the Company that information that was previously collected is used for purposes not previously identified in the privacy notice, the Client will be responsible to notify the individual and obtain consent prior to such new use or purpose.
When the Company will use information that was previously collected for purposes not previously identified in the privacy notice, the individual will be notified and consent will be obtained prior to such new use or purpose.
The Company will only disclose Personal Information to third parties for new purposes or uses only with prior implicit or explicit consent of the individual.
The company takes security measures designed to protect against unauthorized access to or unauthorized alteration, disclosure or destruction of data. These measures include internal reviews of our data collection, storage and processing practices and security measures, as well as physical security measures designed to guard against unauthorized access to systems where we store PII.
Information We Share, Disclosures We do not share your personal information with third parties other than as follows:
- Service Providers. We may share personal information with authorized third parties who provide services to accomplish Client objectives. This includes third-parties, other than our client, if (a) the individual has granted consent to the Client or Company via methods listed in ‘Choice and Consent’ section above, (b) the disclosure is necessary to meet national security, public interest, or law enforcement requirements or (c) allowed by a law that creates conflicting obligations for the Company or that explicitly authorizes disclosure (except that we will limit such disclosure to the extent necessary).
- Third Party Verification Services. We may share limited personal information (e.g., address, phone number) with non-TPV360 entities to assist with identity verification, and to prevent fraud and identity theft.
The Company restricts access to PII internally to TPV360 agents and partners, who need to know that information in order to operate, develop or improve our services. These parties are bound by confidentiality obligations and may be subject to discipline, including termination and criminal prosecution, if they fail to meet these obligations.
The Company reviews and performs a risk analysis prior to contracting with a third-party that collects, handles, processes, stores or protects personally identifiable information are reliable, operate fairly and lawfully and maintain the controls necessary to meet the terms of the Business Agreements and this policy.
The Client is responsible for monitoring and enforcement of security measures in regard to collection of personal information about their data subjects.
The Company maintains controls in attempt to prevent the misuse of personal information by
third-parties and mitigates, to the extent practicable, any harm caused by the use or disclosure of personal information by a third-party in violations of the privacy policies and procedures and will take remedial action on any third-party that misuses personal information.
The Company will maintain a record of detected and reported unauthorized disclosures of personal information that is reviewed annually for completeness, accuracy, and timeliness.
Data Integrity/Quality of Personal Information
It is the responsibility of the Client and the Client workforce to ensure the quality of information collected prior to storage within our system. The Company is not responsible for the quality of information collected by the Client within our system prior, during, or after storage within our system. The Company takes reasonable steps to ensure that PII collected and processed within the system remains as reliable, accurate, complete, current and relevant as possible for the purposes for which it was collected.
We want to inform you that whenever you use our Service, in a case of an error in the app we collect data and information (through third-party products) on your phone called Log Data. This Log Data may include information such as your device Internet Protocol (“IP”) address, device name, operating system version, the configuration of the app when utilizing our Service, the time and date of your use of the Service, and other statistics.
Cookies are files with a small amount of data that are commonly used as anonymous unique identifiers. These are sent to your browser from the websites that you visit and are stored on your device’s internal memory.
This Service does not use these “cookies” explicitly. However, the app may use third-party code and libraries that use “cookies” to collect information and improve their services. You have the option to either accept or refuse these cookies and know when a cookie is being sent to your device. If you choose to refuse our cookies, you may not be able to use some portions of this Service.
Data Retention & Disposal
Consistent with any applicable client commitments, the Company does not retain PI/PII/PHI longer than necessary to fulfil the stated business purposes unless a law or regulation specifically requires otherwise. Consistent with any applicable client commitments and government regulations, the Company maintains processes that captures, identifies and flags PI/PII/PHI for destruction in a manner that data becomes entirely unreadable (destroyed/anonymized or redacted) and unable to be reconstructed/reconstituted, thereby preventing information loss, theft, misuse, or unauthorized access.
We value your trust in providing us your Personal Information, thus we are striving to use commercially acceptable means of protecting it. But remember that no method of transmission over the internet, or method of electronic storage is 100% secure and reliable, and we cannot guarantee its absolute security.
Consistent with any applicable Client commitments, the Company will permit Users upon their request to access their PII to:
- Determine if the Company maintains personal information about them and, upon request, may obtain access to their personal information. Personal information is provided to individuals in an understandable and reasonable manner.
- The individual may need to provide sufficient identifying information, such as name, address, birth date, and social security or national health insurance or an equivalent number to prove identity.
- Correct or update any individual’s personal information that does not affect point-in-time transaction information that must be retained for business, regulatory and/or compliance reasons…
- Users can contact the Company customer services team at email@example.com to request access to change personal information.
- Any personal information updated will be shared (where applicable) to any third-parties that were previously provided with the individuals personal information
Requests for access or updates to personal information may be denied or limited by the Company if providing such access is unreasonably burdensome, expensive under the circumstances or if in giving such access would violate another person’s rights. If denied or limited, the Company will inform the individual of the denial, and reason for denial. It is the individual’s right to challenge any denial.
Links to Other Sites
These Services do not address anyone under the age of 13. We do not knowingly collect personally identifiable information from children under 13 years of age. In the case we discover that a child under 13 has provided us with personal information, we immediately delete this from our servers. If you are a parent or guardian and you are aware that your child has provided us with personal information, please contact us so that we will be able to do the necessary actions.
Users may raise any concerns or complaints regarding their PII directly with the Company by first contacting us by email at firstname.lastname@example.org
Public Website Privacy
Your Use of the Website/Services Implies Your Consent Your use of TPV360 Websites or Services signifies your acceptance of this Privacy Statement. If you do not agree or are not comfortable with any policy described in this Privacy Statement, your remedies are to discontinue your use of the relevant website or to follow instructions described elsewhere in this Privacy Statement.
Changes in this Privacy Statement
We reserve the right to modify this privacy statement at any time, so please review it frequently. If we make material changes to this policy, we will notify you here and by means of a notice on our home page, your program website, another appropriate place or by email.
We occasionally post customer testimonials on our web sites which may contain Personally Identifiable Information such as the customer’s name. We obtain the customer’s consent prior to posting any testimonials.
Security for Privacy/Data
The security of your personal information is important to us. When you enter sensitive information within services provided on behalf of our clients, the information is encrypted using secure socket layer technology (SSL) when in transit. When we store your information in databases or in files, we utilize advanced encryption technologies to ensure extremely high levels of data protection. We follow generally accepted industry standards to protect personal information submitted to us (both during transmission and at rest). No method of transmission over the Internet, or method of electronic storage, however, is 100% secure. Therefore, while we use commercially acceptable means to protect your personal information, we cannot guarantee its absolute security.
Information We Collect
When you first visit one of our Sites, we may ask that you take certain action and may request and/or require further information about you, including, but not limited to, your name, your employer’s name, address, telephone and facsimile number, email address and other identity and contact information. If you choose not to supply the information, we may be unable to provide you with the services we make available to other users of and visitors to our website. When you submit any personally identifiable information over this website, the Company will (i) use the information for the purposes described at the time of submission (for example, your name, address, telephone number, and e-mail) and (ii) may use the information to contact you to make you aware of other services of interest. Of course, if you want to remain completely anonymous, you’re still free to take advantage of the publicly available content on our website without registration.
TPV360 allows Users from whom it collects PII the opportunity to choose not to allow the Company to disclose his or her PII to a third party or to use it for a purpose incompatible with the purpose for which it was originally collected (the “opt-out” rights). For Sensitive PII, TPV360 requires such User to affirmatively choose to allow for the data is to be disclosed to a third party or used for a purpose other than its original purpose (the “opt-in” choice).
How We Use the Collected Information
The information we collect from and about you may be used in the following ways, among others: to fulfil requests; to provide you with information about offers we believe you will find useful; or to notify you of updated information, changes to the Sites, or new products and services that we think might be beneficial to you. We also may combine information you have provided to us in communications offline with the information you have given us online, to, among other things, provide a more customized experience for visits to the Sites. All data is retained for at least the minimum time required by law.
Information We Share
- We do not share your personal information with third parties other than as follows:
- Service Providers. We may share personal information with third parties who perform services on our behalf.
- We may employ third-party companies and individuals due to the following reasons:
- To facilitate our Service;
- To provide the Service on our behalf;
- To perform Service-related services; or
- To assist us in analyzing how our Service is used.
We want to inform users of this Service that these third parties have access to their Personal Information. The reason is to perform the tasks assigned to them on our behalf. However, they are obligated not to disclose or use the information for any other purpose.
- Third Party Verification Services. We may share limited personal information (e.g., address, phone number) with non-TPV360 entities to assist with identity verification, and to prevent fraud and identity theft.
Information We Maintain on Behalf of Our Customers
The information we store, process and protect within our system boundaries is the property of our customers. We do not manage or maintain the content provided, nor do we ensure the quality of the information provided to our systems.
Choice & Consent
Personal information is collected only with those who have, are interested in, or are in the process of requesting information on, or establishing a business relationship with the Company and have obtained consent (explicit or implied).The Company will ensure the individual has obtained consent to share their personal information (transfer to or from) with Third Parties before doing so.
The Company will work with individuals who request removal of, or updates to, their personal information as allowed by business requirements or relevant Laws & Regulations.
When the Company intends to use personal information that was previously collected for purposes not previously identified in the privacy notice, the individual will be notified, and consent will be obtained prior to such new use or purpose.
Onward Transfer to Third Parties
The Company may disclose PII to a third party if (a) the Company has received the applicable User’s permission to make the disclosure, (b) the disclosure is necessary to meet national security, public interest, or law enforcement requirements, (c) allowed by a law that creates conflicting obligations for the Company or that explicitly authorizes disclosure (except that we will limit such disclosure to the extent necessary), or (d) the Principals allow for other exceptions provided that it is applied to other Users equally.
The Company may only disclose PI/PII to third parties for new purposes or uses only with the prior implicit or explicit consent of the individual.
Public Website Privacy Statement
This section describes how the Company uses and disseminates information collected about Public Website Visitors through our Public Website; it does not cover any other data processing activities.
Changes to the Policy
This document is subject to the annual document review process incorporated by the Company Governance, Risk & Compliance team. Covered in this annual review is:
- This document is subject to the annual document review process incorporated by the Company Governance, Risk & Compliance team. Covered in this annual review is:
- identifying new or changed privacy related laws, regulations, contracts;
- identifying inconsistencies or conflicts with customer commitments and ensuring updates as needed to bring policy into alignment with all IT & Business procedures;
- regular review of third parties whose products and services are part of the system and who have access to protected information processed by the system is assessed on a periodic and as needed basis, and corrective action is taken, if necessary.
- This policy is effective as of 2022-11-07
If you have questions or concerns regarding this Privacy Statement, you should first contact us by email at email@example.com a Company representative will respond to personal information change requests within 30 days of receiving such requests