Privacy Policy
Mun Health Data Privacy and Privacy Policy
Effective Date: January 1, 2025
Mun Health (“we,” “us,” or “our”) is committed to protecting your privacy, ensuring the security of your personal information, and complying with all applicable laws and regulations. This Privacy Policy explains how we collect, use, disclose, and protect your data when you use our services, including the Mun Health emotional distress support platform, mobile application, and website (collectively, the “Services”).
Information We Collect
Personal Information You Provide:
a. Account Information: Name, email address, phone number, and other registration details.
b. Health Information: Information about your chronic illness, mental health, or other health-related data that you choose to share with us.
c. Payment Information: Billing details if you purchase paid features of the Service.
Automatically Collected Information:
a. Usage Data: Information about how you interact with the Services, such as login times, pages viewed, and features used.
b. Device Information: Details about the device you use, including IP address, browser type, and operating system.
c. Cookies and Tracking Technologies: Information collected through cookies, web beacons, and similar technologies.
d. Anonymous Usage Data: We collect anonymized data on how users interact with our site, tools, and Services. This includes message patterns, button clicks, or common emotional themes.
Information from Third Parties:
a. Integrated Services: Data from third-party services that you integrate with Mun Health (e.g., wearable health devices or calendar integrations).
How We Use Your Data
Service Delivery: To provide personalized and localized emotional distress support and chronic illness distress management tools.
Communication: To send you notifications, updates, and support-related communications.
Improvement and Research: To analyze usage patterns, improve the functionality of our Services, and develop new features.
Compliance and Legal Requirements: To comply with legal and regulatory requirements, including those under HIPAA, the RHPA, and other applicable laws, and to protect your rights and safety.
Note on AI Processing: Certain features of the Services use AI-based technology. Any information you provide to these AI features (including chat logs or transcripts) may be processed to improve the Service. We apply safeguards to protect personally identifiable information and PHI, but please avoid sharing unnecessary PHI.
How We Share Your Information
Sharing with Your Consent:
We may share your information with third parties when you provide explicit consent (e.g., sharing your progress with a healthcare provider).
Service Providers: We engage third-party vendors (e.g., cloud storage, payment processors) who process your data under strict confidentiality and security agreements.
Legal Obligations: We may disclose your information if required by law, court order, or other legal processes.
De-Identified Data: We may share aggregated or anonymized data that cannot be used to identify you for research, analytics, or business purposes.
Data Security
We use industry-standard measures to protect your data, including:
Encryption: Sensitive information is encrypted in transit and at rest.
Secure Authentication: We use robust authentication protocols and password protection.
Monitoring and Testing: We conduct regular security audits, monitoring, and vulnerability testing. Despite these efforts, no method of electronic transmission or storage is completely secure, and we cannot guarantee absolute security.
SMS/MMS Privacy Policy
We respect your privacy. We will use information you provide to transmit your mobile messages and respond to you, if necessary. This includes, but is not limited to, sharing information with platform providers, phone companies, any companies who engage Us to promote their goods and services to you, and other vendors who assist Us in the delivery of mobile messages. Nonetheless, We reserve the right at all times to disclose any information as necessary to satisfy any law, regulation or governmental request, to avoid liability, or to protect Our rights or property. When you complete forms online or otherwise provide Us information in connection with the Program, you agree to provide accurate, complete, and true information. You agree not to use a false or misleading name or a name that you are not authorized to use. If, in Our sole discretion, We believe that any such information is untrue, inaccurate, or incomplete, or you have opted into the Program for an ulterior purpose, We may refuse you access to the Program and pursue any appropriate legal remedies. This Privacy Policy is strictly limited to the Program and has no effect on any other privacy policy(ies) that may govern the relationship between you and Us in other contexts.
HIPAA and RHPA Compliance
HIPAA Compliance:
Protected Health Information (PHI): Mun Health safeguards PHI in compliance with the HIPAA Privacy, Security, and Breach Notification Rules.
Authorization Controls: We limit access to PHI to authorized personnel on a need-to-know basis.
Business Associate Agreements (BAAs): We enter into BAAs with third-party service providers that handle PHI on our behalf.
Minimum Necessary Rule: We adhere to the principle of using or disclosing only the minimum amount of PHI necessary to accomplish the intended purpose.
Data Breach Notification: In the event of a breach involving PHI, we will comply with HIPAA’s breach notification requirements, including notifying you and any relevant authorities as required by law.
Reproductive Health Privacy Act (RHPA) Compliance:
Mun Health's Services are not intended for individuals who are pregnant, and as such, specify pregnancy as a disqualifing condition upon registering for access.
Enhanced Privacy: We require explicit consent before sharing reproductive health data.
Legal Protections: Mun Health does not disclose reproductive health information without proper authorization.
Restricted Access: Access to reproductive health information is limited to authorized individuals with a legitimate need within the organization.
Your Privacy Choices
Access and Correction:
You can request access to your personal data and update or correct inaccuracies by contacting us at info@munhealth.org.
Appeals Process for Denied Requests: If you believe your request to exercise privacy rights has been wrongfully denied, you can appeal the decision by contacting us atinfo@munhealth.org. We will review your appeal and respond within the timeframes required by law.
Data Deletion: You can request that your data be deleted from our systems. Note that we may retain certain data to comply with legal obligations or for legitimate business purposes.
Marketing Opt-Out: You can opt out of marketing emails by clicking the “Unsubscribe” link in the email or contacting us directly.
Cookie Preferences: You can manage cookie settings through your browser or device preferences.
Children’s Privacy
Mun Health’s Services are not intended for individuals under the age of 18 without parental consent. If we learn that we have collected information from a child without appropriate consent, we will delete it.
Updates to This Privacy Policy
We may update this policy from time to time. The updated version will be indicated by the “Effective Date” at the top of this Policy. Your continued use of the Services after updates constitutes acceptance of the revised Policy.
Contact Information
If you have questions or concerns about this Privacy Policy or Mun Health’s data practices, please contact us at: info@munhealth.org