Privacy Policy

Effective Date: 22 September 2023

Note: This privacy policy applies to our collection, use, and disclosure of data received or created due to your access to and use of certain items provided by us, Simple Access Healthcare, Inc. dba Tembo Health (referred to here as “Tembo,” “we,” “us,” or “our”).   These items consist of our website at https://www.tembo.health/ (the “Site”), and the user-facing application providing access to virtual care visits and remote patient monitoring (“RPM”) capabilities (the “Application”).  The Site, Application, and any associated services are referred to collectively as the “Services.”

Your Consent

By accessing or using the Services, you are consenting to our processing of the information described in this Privacy Policy. “Processing,” means using cookies on a computer or mobile device or using or touching information in any way, including, but not limited to, RPM, collecting, storing, deleting, using, combining, and disclosing information. Information processed by the Services will be transferred, processed, and stored in accordance with United States state and federal law.

What information is collected by the Services and how is it used?

We collect personal information (such as your name, mailing address, email address and phone number) from you when you download and log into the Application and/or submit information to us through the Site (“User Information”). We keep User Information to provide you with the Services. For us to provide you with the Services, it is required that we collect the User Information.

We collect electronic data about you, including but not limited to health and wellness information, inputs from user surveys, synced devices, etc., as a result of your use of the Application and through the Services workflow (“Application Information”).  Application Information may include clinical information (such as height and weight, current disease information, symptom history and other medical data related to your health) and non-clinical lifestyle information (such as eating habits and exercise activity).  We will only use this information as it relates to providing the Services. Because our Application is used by health care providers, certain Application Information, as well as some categories of User Information, may be subject to the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”), as described in more detail below.

In addition, the Site and Application may collect certain information automatically, such as the type of mobile device you use, your mobile device’s unique device ID, the IP address of your mobile device, your mobile operating system, the type of mobile Internet browsers you use, and information about your use of the Application (“Usage Data”). Usage Data will be used by us either individually or in aggregated form to enhance and improve the Application.

A note about Cookies: Cookies are pieces of information stored directly on the device that you are using. Cookies allow us to collect information such as browser type, time spent on our Website or Application, pages visited, language preferences, and other anonymous traffic data. We and our service providers use the information for security purposes, to facilitate navigation, to display information more effectively, and to personalize your experience while using the Website and Application. We also use cookies to gather statistical information about use of the Website and Application in order to continually improve their design and functionality, to understand how they are used, and to assist us with resolving questions regarding them.

We may use information that we collect from you to contact you or send you information, for example, to send you our newsletters, marketing or promotional materials, and other information that we think may be of interest to you. You may opt out of receiving any, or all, of these communications from us by following the unsubscribe link or the instructions provided in any email we send.

Do third parties see and/or have access to information obtained by the Services?

User Information and Usage Data may be shared with the third-party service providers who host and support the application on Tembo’s behalf. These service providers do not have any right to independently use any personal information that we share with them.

We only use and disclose Application Information in accordance with HIPAA. We only share Application Information with third parties who have entered into a written Business Associate Agreement (“BAA”) and only for the purposes of providing you with the Services.

We may provide paid products and/or services within the Site or Application. In those cases, we work with third-party service providers to perform payment processing on our behalf (e.g. payment processors).

We will not store or collect your payment card details. Information that you provide to our third-party payment processors is governed by their Privacy Policy. These payment processors adhere to the standards set by PCI-DSS as managed by the PCI Security Standards Council, which is a joint effort of brands like Visa, MasterCard, American Express and Discover. PCI-DSS requirements help ensure the secure handling of payment information.

What are my opt-out rights?

We only collect the User Information, Usage Data, and Application Information that is necessary to provide you with the Services. Because of this, the only way to opt out of information collection is by stopping your use of the Services, not visiting the Site, and uninstalling the Application.

Data retention policy

We retain personal information about you for as long as you use the Site, Application, or consume the Services, and for a reasonable period after you stop using the Application. We use and retain Usage Data, in both individualized and/or in aggregate form, indefinitely.

Statement regarding the California Consumer Privacy Act of 2018 (“CCPA”)

For the purposes of documenting compliance with the California Consumer Privacy Act of 2018, as amended, and its associated regulations (“CCPA”), we may collect “Personal Information” from the following categories:

(A) Identifiers (ex. real name, alias, postal address, unique identifiers, online identifiers, internet protocol (“IP”) address, email address, account name, social security number, driver’s license number, passport number, or other similar identifiers.

(B) Categories of personal information described in subdivision (e) of Section 1798.80 (Identifiable information contained in Customer Records).

(C) Characteristics of protected classifications under California or federal law.

(D) Biometric information.

(E) Internet or other electronic network activity information, including, but not limited to, browsing history, search history, and information regarding a consumer’s interaction with an internet website, application or advertisement.

(F) Geolocation data.

(G) Audio, electronic, visual, thermal, olfactory, or similar information.

(H) Professional or employment-related information.

(I) Education information, defined as information that is not publicly available personally identifiable information in the Family Educational Rights and Privacy Act (“FERPA”).

(J) Inferences drawn from any of the information identified in this subdivision to create a profile about a reflection of the consumer’s preferences, characteristics, psychological trends, predispositions, behavior, attitudes, intelligence, abilities, and aptitudes.

Statement Regarding the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”)

Application Information and User Information may meet the definition of Protected Health Information (“PHI”) regulated by HIPAA. We access and process PHI through the Application subject to a Business Associate Agreement (“BAA”) between us and the health care providers that use our Services to provide telehealth and RPM to patients. More information about how clinicians may access and use your PHI, and the rights granted to you by HIPAA is provided in our HIPAA Notice of Privacy Practices.

Because our Website is generally accessible to the public, we do not consider any information collected by our website to be PHI.

Your Personal Information Rights

You may make certain requests regarding our use of your personal information by emailing us at support@tembo.health. If you are a resident of the State of California, some of these requests may be governed by CCPA. If you are not a California resident, or a response to any given request is not required by CCPA or other applicable law, you agree that we are under no obligation to provide a specific response to any such request, however, we agree to make commercially reasonable efforts to respond to any request we receive, subject to local laws.  For your protection, we may need to verify your identity before acting on your request.

You may request to review and obtain a copy of your personal information. We will provide a copy or a summary of your information, usually within 30 days of your request. We may charge a reasonable, cost-based fee.

You may request to amend your personal information. You can ask us to correct personal information about you that you think is incorrect or incomplete. In your request, please make clear what personal information you would like to have changed. We may say “no” to your request, but we’ll tell you why in writing within 60 days.You may request to restrict use or disclosure of Personal Information in certain circumstances. Although we do not sell personal information about our users, you do have the right to explicitly ask us not to sell your personal information to third-parties. This opt-out right does not apply to personal information that we share with third-party service providers involved in the operation of the Site or the Application.

You may ask for a list of those with whom we’ve shared personal information with. You can ask for a list of who we’ve shared your personal information with, and why. We will usually deliver the list within 30 days of your request.

You may request confidential communications. Within reason, we will act upon requests to contact you in a specific way (for example, home or office phone) or to send mail to a different address.

You may request a copy of this Privacy Notice. You can ask for a paper copy of this notice at any time, even if you have agreed to receive the notice electronically. We will provide you with a paper copy promptly.

Age Requirements

The Site and Application are not designed or intended to appeal to minors and we do not knowingly collect User Data from children under the age of 13. As a tool for providing the Services, users of the Application may enter Application Information related to minors into the application where a parent or guardian has consented to use of the Services with that individual. It is your responsibility to make sure that consent from the parent or guardian is collected and documented.

If a parent or guardian becomes aware that his or her child has provided us with information without their consent, he or she should contact us at support@tembo.health so we can promptly delete such information.

Security

We are concerned about protecting the confidentiality of all information that we interact with in providing the Services. We and our service providers make use of physical, electronic, and procedural safeguards to protect the information that we process and maintain. Although we endeavor to provide security for the information that we process and maintain based on the sensitivity of that information, no security system can prevent all potential security breaches.

In addition to the security safeguards we provide, we urge you to take precautionary measures in maintaining the integrity of your data. Please be responsible for making sure that no one can see or access your account or log-in/password information, or your mobile device.

Links to other sites and services

The Site or Application may contain links to other sites or services that are not operated by us. If you click an outside link, you will be directed to that outside site or service. We strongly advise you to review the privacy policy of every site you visit. We are not responsible for the privacy practices or the content of any outside sites or services

Changes

We reserve the right to modify this Privacy Policy at any time in our sole discretion by including such alteration and/or modification in this Privacy Policy, along with a notice of the effective date of such modified Privacy Policy. Any continued use by you of the Site after the posting of such modified Privacy Policy shall be deemed to indicate your agreement to such modified Privacy Policy. Accordingly, if at any time you do not agree to be subject to any modified Privacy Policy, you may no longer use the Site.

Simple Access Healthcare, Inc. (dba Tembo Health)

Match with a Dementia
Care Navigator today.

See who would be the best fit for you and your loved one.