Last update: June 20, 2020
The Solutions is operated by Massive Bio, Inc. (“Company”, “we”, “us” or “our”), 90 West St. #12M, New York, NY 10006. Massive Bio is a data analytics firm that provides a medical second opinion and clinical trial matching by evaluating a cancer patient’s existing clinical information, leveraging our proprietary artificial intelligence platform and providing consulting services to patients oncologists by identifying and explaining treatment options that best fit the patient’s genomic profile, treatment objectives, and resources (collectively, the “Services”).
THE COMPANY IS NOT A MEDICAL PROVIDER NOR IS IT A “COVERED ENTITY” SUBJECT TO STATE OR FEDERAL LAWS GOVERNING THE PRIVACY OF MEDICAL RECORDS OR INFORMATION, INCLUDING THE HEALTH INSURANCE PORTABILITY AND ACCOUNTABILITY ACT OF 1996, COMMONLY REFERRED TO AS “HIPAA”.
I. INFORMATION WE COLLECT
1. Personally-identifiable information
Our Solutions and our Service Providers only collect personally identifiable information (“PII”) with your agreement or consent. Collection of PII occurs if you register for an appointment on the Solutuions, subscribe to a newsletter, tweet to us, or use other features and resources on the Solutions. You may visit our Site anonymously, but that may prevent you from accessing certain features or Services or Solutions. The PII we may collect might include the following items for:
1. Your patient profile:
- First and last name
- Home address
- Home telephone number
- Credit card number, security code and expiration date
- Cancer diagnosis
- Health insurance account numbers
- Medical history
- Cancer screenings
- Cancer history and treatments
- Genetic information
- Pathology reports
- Your diagnostic images
- Your clinical information and data
2. Health provider profiles:
- Oncologist first and last name
- Oncologist email address
- Oncologist employer
- Oncologist address
- Oncologist telephone number
- Oncologist’s notes
3. Service Provider profiles:
- Service Provider first and last name
- Service Provider email address
- Service Provider employer
- Service Provider address
- Service Provider telephone number
- Service Provider work product
2. Protected Health Information and Sensitive Personal Information
We will collect and store sensitive personal information and data about you, including credit card numbers, health insurance account numbers, protected health information about your cancer treatment, such as your cancer diagnosis, cancer screenings, cancer history and treatments, and genetic information and treatments that your oncologist can use to identify your choice of cancer treatment options. Please be aware that:
- Loss, misuse, modification, or unauthorized access of your Sensitive Personal Information can adversely affect your privacy or welfare depending on the level of sensitivity and nature of the information.
- You may refuse to provide your protected health information to the website or the solutions but you and your health care providers will not be able to use our services.
3. Non-Personally Identifiable Information:
Our Website, Solutions and service Providers may collect non-personally identifiable (anonymous) information (“Non-PII”) from visitors including cancer patients, health care providers and staff, clinical staff, oncology experts, data analysts, and health plan administrators. Non personally-identifiable information is any information that, by itself, cannot be directly associated with you. This may include age, gender, cancer type, genetic information, cancer screening, cancer treatment, oncologist’s name, and other information we collect. It may also include data about your visit to the website or solutions collected by cookies.
“Cookies” are short computer codes known as cookies, web beacons, and other technologies that collect and store Non-PII when you visit our website, solutions or share website content or solutions through a social media account. The following are examples of Non-PII third party service providers collect with cookies:
- Cookies that may uniquely identify your browser session and the other website, solutions you have visited
Browser type and operating system
- Hardware settings
- Date and time of visit
- Website pages you visited
- Web page that referred you to Massive Bio
- Web pages your visit after leaving the website
4. California Online Personal Privacy Act Disclosures:
1. When you visit our website, solutions, our service providers may drop a cookie on your browser to remember your preferences and collect analytical data about your visit. The website or the solutions does not employ technology to track you across multiple websites, solutions or override the privacy settings in your web browser or services.
2. Our service providers do not track website visitors across multiple websites or override the privacy settings in your web browser. If you access our social media sites from the website or the solutions, be aware that the social media platforms may track you by across multiple websites and disregard the privacy settings in your web browsers.
5. Social Media
If you sign in to the website or the solutions through your social media account, you consent to our collecting your user name and email address.
6. Canadian and European Union Users
We do not intend to collect PII from Canadian and European Union users. If you are from the European Union or Canada, do not provide us with PII, use our services, the website or the solutions. If we learn that we collected PII from a user from the European Union or Canada, we will promptly delete that information.
The Company does not knowingly collect, store or disclose information about children under the age of 18 without parental consent. If we receive information from a child that we know to be under the age of 18, we will use that information only to inform the child that we must have parental consent.
8. Information about You from Other Sources:
We collect personal information about you on the website, the solutions, and from other sources, including data from: your oncologists, oncology practice staff, clinical staff, health claims administrators, and patient benefits organizations. All information we collect about you may be combined by us to provide services to you including: data analysis for identifying testing and treatment options, and, when de-identified, for our research efforts and to improve our services and website.
9. SMS/MMS Mobile Messaging
We respect your privacy. We will only use information you provide to transmit your mobile messages and respond to you, if necessary. This includes, but is not limited to, sharing information with platform providers, phone companies, and other vendors who assist us in the delivery of mobile messages.
WE DO NOT SELL, RENT, LOAN, TRADE, LEASE, OR OTHERWISE TRANSFER FOR PROFIT ANY PHONE NUMBERS OR CUSTOMER INFORMATION COLLECTED THROUGH THE WEBSITE OR THE SOLUTIONS TO ANY THIRD PARTY.
Nonetheless, we reserve the right at all times to disclose any information as necessary to satisfy any law, regulation or governmental request, to avoid liability, or to protect our rights or property. When you complete forms online or otherwise provide us information in connection with the services, you agree to provide accurate, complete, and true information. You agree not to use a false or misleading name or a name that you are not authorized to use. If, in our sole discretion, we believe that any such information is untrue, inaccurate, or incomplete, or you have opted into the program for an ulterior purpose, we may refuse you access to the program and pursue any appropriate legal remedies.
California Civil Code Section 1798.83 permits users of the services that are California residents to request certain information regarding our disclosure of the information you provide through the program to third parties for their direct marketing purposes. To make such a request, please contact us at the following address:
Massive Bio, Inc.
90 West Street, #12M
New York City, NY, 10006
We and/or any third-party agency acting on its behalf, service providers may communicate with you at such number(s) by phone call, voice message, internet-to-phone message, SMS text message, interactive voice recordings using auto dial systems, or prerecorded artificial or voice messages (“Communications”) regarding orders, delivery updates, requests for transactional feedback, and other informational purposes.
Standard message, data, voice, or other rates may apply from your landline, mobile service, or wireless device carrier for communications you receive.
You may also call 1-844-627-7246 to get help any time.
You may send any of the following messages in response to a SMS text message to opt out of receiving further SMS text messages from Massive Bio: Stop” or “Unsubscribe”. After sending one of these messages, you might receive one final SMS text message as confirmation of your opt-out request.
Additional terms and conditions may be provided to you in the future (e.g., as part of an opt-in confirmation text message), and such terms and conditions will supplement and not replace these terms.
You further represent and warrant that you are the subscriber for the phone number(s) provided and you possess the phone(s) associated with such number(s). You agree to notify us if your phone number(s) change or you no longer possess the phone(s) associated with such number(s).
BY PROVIDING YOUR TELEPHONE AND/OR CELL PHONE INFORMATION, YOU KNOWINGLY AND VOLUNTARILY AGREE TO INDEMNIFY, DEFEND, AND MASSIVE BIO, ITS PARENTS, SUBSIDIARIES, AFFILIATES, PREDECESSORS, SUCCESSORS, AND ASSIGNS, AND EACH OF THEIR RESPECTIVE OFFICERS, DIRECTORS, EMPLOYEES, AND AGENTS, HARMLESS FROM AND AGAINST ANY AND ALL LOSSES, COMPLAINTS, DEMANDS, CLAIMS, CAUSES OF ACTION, LIABILITIES, COSTS, JUDGMENTS, DAMAGES, FINES, PENALTIES, COMPENSATION, ATTORNEY’S FEES, AND EXPENSES OF ANY KIND, INCLUDING ANY AND ALL TYPES OF INJURIES AND/OR DAMAGES SUFFERED BY YOU, WHICH ARISE AS A RESULT OF (OR ARE RELATED TO) THE COMMUNICATIONS. YOU KNOWINGLY AND VOLUNTARILY AGREE NOT TO SUE, OR CAUSE ANY LAWSUIT, COMPLAINT, CLAIM, OR CHARGE TO BE FILED ON YOUR BEHALF AGAINST MASSIVE BIO OR ITS VENDORS WITH RESPECT TO ANY SUCH DAMAGES.
Wireless carriers are not responsible for delayed or undelivered messages, which may occur due to factors outside carriers’ control.
II. HOW WE USE AND SHARE YOUR PERSONAL INFORMATION
1. How we use Personally-Identifiable Information (PII)
We will use your PII to: (i) communicate with you and your oncologist about our services; (ii) register you as a patient, oncologist, health care provider staff, expert oncologist, or practice administrators that assist or support patients; (iii) collect data for patient profile; (iv) interpretation of genetic profiling data to provide a range of treatment options for difficult or complex cases; (v) determine patient eligibility for assistance programs for certain out-of-pocket health care costs; (vi) submitting requests to your health insurer for reimbursement purposes; and (viii) provide: (a) guidance and recommendations regarding an array of treatment options ranging from standards of care to experimental treatments; (b) clinical data to support use of off-label medications; (c) range of various clinical trials appropriate for and convenient to you; and (d) consulting and remote access to bioinformatics and molecular expertise to support your patient presentations at tumor boards.
2. How we use Non-Personally Identifiable Information (Non-PII)
We also use Non-PII to monitor and improve the quality of our services and website, to remember your website preferences and selections, and for data research and statistical purposes. We use Non-Personally Identifiable Information in consulting services to other users, for research, and to share, lease, or sell our data and analysis to patient assistance programs, clinical laboratories, cancer screening providers, pharmaceutical manufacturers, and oncologists for improvement of their professional services, screening and treatment products, and to educate the public about the services we provide.
3. Other Uses of Personal Information
We may transfer personal information to service providers such as outside contractors, auditors, consultants or others hired by the Company to assist in providing financial or operational activities on the Company’s behalf, including technical and processing services and analysis of website performance.
4. Legal Requirements
We may transfer PII to other third parties if we receive your permission or we are required to do so by law, or we have a good faith belief that such disclosure is necessary to comply with a current judicial proceeding, a court order, a legal process served on the Company or to resolve any potential fraud or perceived irregularity in any audits of the accuracy of any documentation or information submitted to the Company by you or on your behalf, as deemed appropriate by the Company.
5. Transfers of Business Assets
In the event the Company goes through a transaction, such as a merger, being acquired by another entity, bankruptcy, or selling all or a portion of its assets, your PII may be part of the business assets transferred. We can provide no assurance that you will be notified in advance of the transfer, if any, of your PII in connection with any such transition or transfer.
6. Protection of Massive Bio and Others
We reserve the right to access, read, preserve, and disclose any information that we reasonably believe is necessary to comply with law or court order; enforce or apply our conditions of use and other agreements; or protect the rights, property, or safety of our Company, employees, users, or others. This includes exchanging information with other companies and organizations for fraud protection and data breach risk reduction.
7. Aggregate or Anonymous Information
We may share your personal information and user data in aggregate or anonymously: to improve our services, to share with service providers and other third parties, and in our annual report and marketing materials.
8. With Consent
Except as set forth above, you will be notified when PII may need to be shared with third parties, and will be able to prevent the sharing of this information.
9. Links to Other Websites
The Company website includes links (the “Linked Sites”) to other websites. In providing access to these Linked Sites, the Company is by no means endorsing the products or services on these Linked Sites. The Company is not responsible for the privacy practices or the content of the Linked Sites, and hereby expressly disclaims all responsibility and liability associate with use of the Linked Sites. We recommend that you review the privacy statements posted on those sites to understand their procedures for using and disclosing personal information.
III. HOW WE PROTECT AND RETAIN YOUR INFORMATION
We take security measures to protect against unauthorized access to or unauthorized alteration, disclosure, or destruction of data. These include secure socket layers, firewalls and encryption, internal reviews of our data collection, storage and processing practices, and security measures, as well as physical security measures to guard against unauthorized access to systems. However, because the internet and mobile web are inherently insecure and no information system is 100% secure and even the most secure system can be compromised, we cannot guarantee security. If we retain PII on our systems or on cloud, we restrict access to PII to employees, contractors, and agents who need to know that information in order to operate, develop, or improve our website, solutions and services. These individuals are bound by confidentiality obligations and may be subject to discipline, including termination, if they fail to meet these obligations. We delete and destroy individual records of PII and all Non-PII according to Company’s Record Retention Schedule and based on HIPAA rules.
We have robust information security policies and procedures in place to protect personal information from unauthorised access, alteration, disclosure or destruction and have several layers of security measures, including:
SSL, access controls, password policy, encryptions, pseudonymisation, practices, restriction, IT, authentication, VPN, firewalls, token management.
IV. HOW TO CONTROL AND CORRECT YOUR INFORMATION
1. Correcting your Personal Information
To gain access to personal information about you collected online, and to keep it accurate, complete and current, or to request deletion, you may contact us at firstname.lastname@example.org. In some cases, where we are required to retain information by law or regulation, or to continue to manage a service you have requested, or to ensure that we honor your preferences, or for other necessary business purposes, we may not be able to delete certain personal information about you.
2. Your California Privacy Rights:
Under California Civil Code Section 1798.83, California residents who have an established business relationship with us have the right to request that we provide certain information regarding the disclosure of their personal information to third parties for their direct marketing purposes during the immediately preceding calendar year. You may send your request for such information to email@example.com. Requests shall only be accepted via this email address. We are not responsible for requests made over the telephone or by any other means.
3. Learn More about Cookies, Web Beacons, and other Technologies
- All About Cookies: www.allaboutcookies.org/cookies/
- Google: www.google.com/analytics/learn/privacy.html
- Google Chrome: http://www.google.com/chrome/intl/en/more/privacy.html
- Microsoft Internet Explorer: www.microsoft.com/info/cookies.htm
- Mozilla Firefox: http://support.mozilla.com/en-US/kb/Options+window+-+Privacy+panel
- Flash: www.macromedia.com/support/documentation/en/flashplayer/help/settings_manager.html
4. Limitation of Liability.
5. Unavailability of Website
The Company reserves the right to alter, suspend or discontinue this website at any time for any reason without notice or cause. This website may be temporarily unavailable due to maintenance or malfunction of computer equipment.