Last Revised: 23 April, 2013
Your Medical Privacy. Our Services enable account holders to upload and share medical images, such as x-rays, together with related health information. Jack's Services comply with all applicable federal and state laws pertaining to the privacy of such medical images and information. Healthcare providers such as doctors may also have accounts with Jack. Such providers in the United States of America ordinarily have more stringent privacy requirements and practices required under the Health Insurance Portability and Accountability Act of 1996 ("HIPAA") and subsequent modifications, i.e., "Modifications to the HIPAA Privacy, Security, Enforcement, and Breach Notification Rules Under the Health Information Technology for Economic and Clinical Health Act and the Genetic Information Nondiscrimination Act; Other Modifications to the HIPAA Rules" (2013), and Jack must adhere to them when healthcare providers use our Services to manage on their behalf the medical information of their patients. To learn about your healthcare provider's privacy practices and how they collect, use, and disclose the personal health information of their patients, ask to review their Notice of Privacy Practices.
Personal Information. When you register for an account to use Jack's Services, you provide and Jack collects information that identifies you as a specific person, such as your name, email address, mailing address, and telephone number ("Personal Information"). Our Services enable account holders to upload and share medical images, together information regarding these images and your health, that when combined with your Personal Information is considered Personal Information as well.
Other Content You Provide. You may also provide Jack with information that provides us with a better idea of who you are, such as your gender, birthday, marital status, and family relations. When this information is connected with information that identifies you as a specific person, this information is considered Personal Information as well. You may also write status messages, add reviews, and provide other content as you use our Services, all of which our systems collect.
Service Data. When you use the Services, our servers, our mobile apps and the functionality of your Internet browser automatically record comprehensive information about the use and operation of the Services including user activity and interaction data ("Service Data"). Doing so enables us operate and improve the Services, provide better features and functionality, understand user experiences, compile statistical reports, and deliver specific content. As examples, Service Data includes performance metrics, Internet protocol addresses assigned by your internet service provider, and the diagnostic and configuration information about the browser, mobile device, operating system and computer you use to run our apps and access the Services.
Tracking pixels. Web pages may contain electronic images known as tracking pixels (sometimes called single-pixel gifs) that may assist in delivering cookies on our sites, to enable us to count users who have visited those pages, and to deliver co-branded services. We may include tracking pixels in e-mail messages or in our newsletters to determine whether you opened or acted upon those messages. Jack may also employ tracking pixels from third parties to help us compile aggregated statistics and determine the effectiveness of Web servers and content delivery, and to determine appropriate content to serve you, including ads. We prohibit third parties from using tracking pixels on our sites to collect or access your Personal Information.
Use and Sharing of Personal Information
Profile and Account Information. We may provide a profile page for you ("Profile") to share information about you and provide the information to other service providers, such as healthcare providers, separate programs and systems that can connect with the Service ("Programs"), other account holders, and the public. We will allow you to review and change the information you submit for your Profile by accessing your profile through your account.
Granting Access: Healthcare Providers and Programs. You can give healthcare providers and Programs permission to view, add, use, modify, or delete information in a record that has your Personal Information, including your health information once you grant access to them. As between you and the healthcare provider or Program, the healthcare provider or Program's notice of privacy practices govern the personal health information that you make accessible to them and that they collect. Th Service provides links to these notices of privacy practices when you to grant access to them. Please read these notices carefully for information such as where and how they may use, store and transfer your information; what additional information it may collect; how you can review, edit and delete the information it held; and other choices you may have. Jack requires healthcare providers and Programs to agree to provide accurate information about their privacy practices and comply with applicable laws. However, Jack does not control or actively monitor their privacy practices or their compliance, and their privacy practices will vary. The access you grant is valid until you revoke that access. Some Programs and healthcare providers store their own copy of the information they access and collect, and in some cases are legally required to retain the information for a period of time.
Service Operation. Jack may use your Personal Information and other information we collect about you and your use of the Services:
Connections to Your Other Accounts. The Services enable you to connect your Jack account with your accounts at third-party sites and services which we do not control (examples might include Google, Facebook, LinkedIn, and Yahoo). To do so, you must authenticate your account with the other site, and consent to having the other site share information about you with Jack. Once you connect the accounts, Jack may relay and format information you provide so that you may post the information onto your other account, and that site or service may send Jack information about your other account administered by them. Depending on the settings configured for your other accounts, your name, user name, email, and other information may be used by Jack and displayed to others to identify you. The information that these third parties collect is governed by their respective privacy policies, not ours.
Emails, Messages and Invitations. If you are using our mobile app, then we may use the email or phone number you provide to verify that you are the user of your phone or mobile device. We may use your email address to send you notices, updates, newsletters, or news regarding the Services. You may wish to grant our mobile app access to the contact information on your device as permitted by your device's operating software. If the recipient responds to a message sent by our server, we may collect the associated information. You may invite others to view or otherwise access your account information or your content, or to join Jack by sending invitations via email or the Services. When you do, we store the message information to register the respondents properly.
Custodian Access and Control. A key value of the Service is the ability to share your health information with people and services who can help you meet your health-related goals. For example, you can share health information from records you control:
You can share information in a health record you are custodian of with another person by sending a sharing invitation e-mail through the Service. If the person accepts your sharing invitation and has or creates a Service account, you have given him or her access to that information. You can specify how long they have access (custodian access does not expire but, like all sharing access, it can be revoked at any time) and whether they can modify the information in the record. Each person who accepts a sharing invitation can grant Programs the same level of access that the person has.
You can also choose to grant custodian access to other persons, such as your spouse, for any record of which you are a custodian. Custodian access is the broadest level of access, so you should think carefully before you grant custodian access to a record. Every custodian of a record has the same access to the record, including accessing, modifying, deleting, and sharing all the information in the record. A custodian can also revoke access to a record from any other custodian of the record, including you.
Embedded Information in Medical Images. Take special care when sharing medical images such as x-rays. These images may have Personal Information about you embedded in them. The Personal Information may be visible, attached as metadata, or readable only by a computer. If you share such images with anyone else, you will be sharing all such Personal Information as well. Jack will ask for your consent to strip the Personal Information from the image file before using the image file for research purposes.
Advertising, Promotions, and Marketing. Jack may use Personal Information for marketing and survey purposes only on its own behalf, or for its corporate affiliates and subsidiaries. Jack does not disclose your Personal Information for advertising or marketing purposes (a) without requesting and receiving your consent, or (b) unless you request offers, promotions, or information about the products or services of that party. For example, Jack or a marketing company that we work with may sponsor a promotion, sweepstakes or contest. You may be asked to provide Personal Information including your name, email address or home address or to answer questions to participate. We may then transfer your Personal Information to advertisers from whom you have requested to receive information.
Additionally, Jack can decide in its sole discretion to destroy any information provided by you, collected from you, or relating to you at any time, and for any reason, without any liability arising against Jack or its Contractors.
Age and Adult Supervision. Persons under the age of 18 are not eligible to use the Services and must not submit any Personal Information to us. However, legal guardians of persons between the ages of 13-18 may act as a custodian of an account that the guardian creates and maintains on behalf of his or her ward.] Jack does not knowingly collect contact or Personal Information from persons under the age of 13. The Services are not intended to solicit information of any kind from children under the age of 13, or to target advertising to children under the age of 13. If you are a parent or guardian and dis cover that your child under the age of 18 has obtained a Services account, then you may alert Jack at
Your Data and Content May Travel Worldwide. As a result of Jack's network architecture and business practices and the nature of electronic communications, even communications that seem to be intrastate in nature can result in the transmission of interstate and international communications regardless of where you are physically located at the time of transmission. Accordingly, by agreeing to our Terms of Service, you acknowledge that use of the Services results in interstate and international data transmissions and storage. Your information may be stored and processed in the United States of America or any other country in which Jack or its Contractors, affiliates, subsidiaries, successors or agents maintain facilities. By using the Services, you consent to any such transfer of information outside of your country.
Data Security. We use procedural and technical safeguards to protect Personal Information stored at our facilities. User accounts are secured from the public by user-created passwords. Messages between you and healthcare providers are encrypted. Even if a healthcare provider is alerted to incoming messages by email or other non-encrypted medium, the recipient must return to the website or mobile app and view the contents of the encrypted messages. We restrict access to Personal Information of users to those employees and Contractors who need access to perform their job functions, such as our customer service personnel and technical staff. However, perfect security does not exist. We cannot guarantee the absolute security of user account information. Unauthorized entry or use, hardware or software failure, and other factors may compromise the security of user information at any time. Also, please be aware that significant portions of your Personal Information and other information may be stored locally on your phone, computer or other device, and secured by your physical possession and use of the password security that you enable and maintain for the device's operating system. Please also note that the information that we collect on or through our mobile apps may be transmitted through your mobile carrier's network and your carrier may have access to it. For information regarding your carrier's treatment of your information, please consult your carrier's privacy policies.
The following trademarks, service marks, logos and slogans are the trademarks of Nephosity, Inc.: "Jack", "Jack Imaging", and "Nephosity".
"Google", "Facebook", "LinkedIn", and "Yahoo" are the trademarks of Google Inc, Facebook Inc, LinkedIn Inc, and Yahoo Inc, respectively.