Effective Date: December 1, 2022
1. INTRODUCTION. This Privacy Policy (the “Policy”) explains how Mendel Health Inc. (“Mendel”) collects, uses, and discloses information through its Carbon web interface (“Carbon”). By using or accessing Carbon in any manner, you acknowledge that you accept the practices and policies outlined in this Policy, and you hereby consent that we will collect, use, and share your information in the following ways. Any capitalized terms that are not defined in this Policy are defined in our Terms of Service.
2. INFORMATION COLLECTED.
2.1. Voluntarily Disclosed Information.
2.1.1. Account Creation. In order to create your account on Carbon, you will need to provide your name and email address. You will also be required to choose a password. We will use your email address to communicate with you about your account.
2.1.2. Data Annotation. You may be able to annotate data on Carbon that Mendel processes on behalf of your Organization.
2.2. Automatically Collected Information.
2.2.1. Browser & Device Information. Whenever you interact with Carbon, we automatically receive and record information on our server logs from your browser or device, which may include your IP address, geolocation data, device identification, “cookie” information, the type of device you’re using to access Carbon, the amount of time spent on Carbon, patient records accessed, patient record updates,and the page or feature you requested. “Cookies” are identifiers we transfer to your browser or device that allow us to recognize your browser or device and tell us how and when pages and features in Carbon are visited and by how many people. You may be able to change the preferences on your browser or device to prevent or limit your device’s acceptance of cookies, but this may prevent you from taking advantage of some of our features.
2.2.2. Emails. We may receive a confirmation when you open an email from us.
3. DISCLOSURE OF INFORMATION.
3.1. Third Party Service Providers. We employ other companies and people to perform tasks on our behalf and need to share your information with them to provide products or services to you. For example, we use the Google Cloud Platform to store information that we collect and Auth0 to authenticate all users. Unless we tell you differently, our agents do not have any right to use the personally identifiable information we share with them beyond what is necessary to assist us.
3.2. Public Information. Please note that if you submit any information to a portion of Carbon that is accessible by other users, including through annotations to data that you view on Carbon, other users at your Organization will be able to see that information. Accordingly, only include information in such submissions and meetings that you are comfortable sharing with other users at your Organization.
3.3. Business Transfers. If we (or our assets) are acquired, or if we go out of business, enter bankruptcy, or go through some other change of control, personally identifiable information could be one of the assets transferred to or acquired by a third party.
3.4. Legal Compliance. We reserve the right to access, read, preserve, and disclose any information that we believe is necessary to comply with law or court order, or enforce or apply our Terms of Service and other agreements.
4. SECURITY. We use commercially reasonable physical, managerial, and technical safeguards to preserve the integrity and security of your personal information. In addition, we rely on the technical safeguards provided by the third party service providers we use to host, store, and process your information. We cannot, however, ensure or warrant that your information on Carbon may not be accessed, disclosed, altered, or destroyed by breach of any of our physical, technical, or managerial safeguards. We are not responsible to our users or to any third party due to any such loss, misuse, or alteration.
5. MODIFICATION/DELETION OF INFORMATION. If you have an administrative account on Carbon for your Organization, you may access and edit the account information of all individuals from your Organization that have an account on Carbon. If you request, we will remove account information for users who are no longer using Carbon on behalf of your Organization. If you do not have an administrative account, please consult with your Organization if you wish to modify or delete any of your account information. Please understand, however, that it may be impossible to delete this information completely, due to backups and records of deletions. You may not request the removal of de-identified, anonymous, or aggregate data from our databases.
If you have any questions about viewing or updating information we have on file about you, please contact us at privacy@mendel.ai.
6. HOW WE RESPOND TO DO NOT TRACK SIGNALS. We do not track you or collect your information across third party websites or online services. Thus, we do not receive Do-Not-Track signals, or other similar signals. To the extent that we do receive any such signals, we will not comply with them as it is not an aspect of the functionality of Carbon.
7. CHANGES TO POLICY. We’re constantly trying to improve Carbon, so we may need to change this Policy from time to time as well. If we modify these Terms, we will either post a notification of the modification on our website or otherwise provide you with notice of the change. The date of the last modification will also be posted at the beginning of this Policy. It is your responsibility to check from time to time for updates. By continuing to access or use Carbon, you are indicating that you agree to be bound by the modified Policy.
8. CONTACT US. If you have any questions or concerns regarding this Policy, please send us a detailed message to privacy@mendel.ai, and we will try to resolve your concerns.
