Bypa-ss LLC, an Egyptian LLC company (“Bypa-ss”) is the owner and operator of https://www.healthtag.me (“the Website”) and any other software, online platform, website, mobile or tablet application or domains used to provide our services, including but not limited to HealthTag patient cards, and HealthTag patient information management system(s) (together with the Website and mobile applications, referred to as the “Services").
1. Protected Health Information
“Protected Health Information'' or “PHI” is information about patient users, including information that can reasonably be used to identify you and that relates to your past, present or future physical or mental health or condition, the provision of health care to you and/or the payment for that care. Bypa-ss provides its services to healthcare providers, and when we process PHI on behalf of such health service providers, we are acting as a “Processor” to them. Therefore, Bypa-ss has adopted and maintains appropriate physical, technical, administrative, and organizational procedures to safeguard and secure the Protected Health Information we process. We shall not access, use, or disclose the Protected Health Information except as permitted by the health care providers, you, and/or applicable law. Bypa-ss strives to protect the privacy of the Personal Information it processes, and to avoid inadvertent disclosure.
2. Information Provided Directly By You
We may collect certain information about you provided directly to us, such as when you request information, create, modify or log into your Bypa-ss account, request Services, complete a Bypa-ss form, survey, questionnaire or application, contact customer support, enter into a service provider agreement, make a purchase, join or enroll for an event or otherwise communicate with us in any manner. This information may include, without limitation: name, date of birth, e-mail address, physical address, business address,
phone number, photograph, credit card or other method of payment information, or any other personal information you choose to provide.
3. Information Collected Through Your Use of Our Services
We may collect certain information about you, your activity on our Website and/or mobile application and your computer or device when using our Services, for instance how you use them (e.g., date and time you logged in, features you’ve been using, searches, clicks and pages which have been shown to you, referring web-page address, advertising that you click on) and how you interact with other users and us. The following are examples of situations in which you may provide us with Information:
1. When you fill out forms or fields through our Services.
2. When you register for an account with our Service.
3. When we receive information from a healthcare facility.
4. When we receive information from a medical professional or physician.
5. When you interact with us through Customer Support.
6. When you order products or services from, or through our Service.
7. When you provide responses to a survey.
8. When you answer questions on a questionnaire.
9. When you join or enroll in an event through our Services.
10. When you sign up for any newsletters or other materials through our Services.
11. When you provide information to us through a third-party application, service or Website.
12. When you communicate with us or request information about us or our products or Services, whether via email or other means.
13. When you participate in any of our marketing initiatives, events or promotions; and
14. When you participate in forums, reviews or provide or post user generated content or other submissions.
We also automatically collect information via the Website or Service using various technologies, including, but not limited to Cookies and Web Beacons (explained below). We may collect your IP address, browsing behavior and device IDs. This information is used by us in order to enable us to better understand how our Services are being used by visitors and allows us to administer and customize the Services to improve your overall experience.
4. Information Collected from Third-Party Sources
We may also receive information about you from publicly and commercially available sources, as permitted by applicable law which we may combine with other information we collect through our Services. For example if you choose to link, create, or log in to your Bypa-ss account with a social media service, or a payment provider, or if you engage with a separate App or Website that uses our API, or whose API we use, we may receive information about you or your connections from that Website or App. This includes, without limitation, profile information, profile picture, gender, user name, user ID associated with your social media account, age range, language, country, friends list, your contact names, e-mail addresses, phone numbers, and other identifiers and any other information you permit the social network to share with third parties. The data we receive is solely dependent upon your privacy settings with the social network.
5. Cookies, Log Files and Anonymous Identifiers
1. When you visit our Services, we may send one or more Cookies – small data files – to your computer to uniquely identify your browser and let us help you log in faster and enhance your navigation through the Sites. “Cookies” are small text files that websites and other online services use to store information about users on the users own computers. A Cookie may convey anonymous information about how you browse the Services to us so we can provide you with a more personalized experience but does not collect personal information about you. Cookies allow the Sites to remember important information that will make your use of the site more convenient. For example, cookies can be used to store your sign-in credentials so that you do not have to enter them each time you return to a website. Cookies also may be used to store a unique identification number tied to your computer so that a website can recognize you as the same user across different visits to the website. A Cookie will typically contain the name of the domain from which the Cookie has come, the “lifetime” of the Cookie, and a randomly generated unique number or other value. Certain Cookies may be used on the Sites regardless of whether you are logged in to your account or not.
2. Session Cookies are temporary Cookies that remain in the Cookie file of your browser until you leave the Website.
3. Persistent Cookies remain in the Cookie file of your browser for much longer (though how long will depend on the lifetime of the specific Cookie).
4. We may use session Cookies to track the total number of visitors to our Website, this is done on an anonymous aggregate basis (as Cookies do not in themselves carry any personal data).
5. We may also employ Cookies so that we remember your computer when it is used to return to the Website to help customize your Bypa-ss web experience. We may associate personal information with a Cookie file in those instances.
8. Our Website may use remarketing services, to serve ads on our behalf across the internet on third party websites to previous visitors to our Sites. It could mean that we advertise to previous visitors who haven’t completed a task on our site. This could be in the form of an advertisement on the Google search results page or a site in the Google Display Network.
9. You can block or delete cookies used on the Website via your browser options. Your cookie preferences will be reset if different browsers are used to access the Website. If you reject Cookies, you may still use our Website or Service, but your ability to use some features or areas of our Service may be limited.
11. When you use our Services, we may employ Web Beacons (also known as clear GIFs or tracking pixels) to anonymously track online usage patterns. No Personally Identifiable Information from your account is collected using these Web Beacons.
6. Device Information
When you use our Services through your computer, mobile phone or other device, we collect information regarding and related to your device, such as hardware models and IDs, IP address, other unique identifiers, device type, operating system version, browser type, the request type, the content of your request, settings of the device and basic usage information about your use of our Services, such as date and time. In addition, we may collect information regarding application-level events and associate that with your account to provide customer service. We may also collect and store information locally on your device using mechanisms such as browser web storage and application data caches.
7. Use of Mobile App
In general, any information and data which you provide to Bypa-ss over the App, or which is otherwise gathered via the App, in the context of the use of Bypa-ss’s services provided via the App (“App Services”), we will process in a lawful, fair and transparent manner. To this end, and as further described below, Bypa-ss takes into consideration internationally recognised principles governing the processing of personal data, such as purpose limitation, storage limitation, data minimisation, data quality, accuracy, integrity and confidentiality.
8. Data related to your Device
By selecting the “Install” option at the Store regarding the App, you authorize Bypa-ss to set up the App on your mobile device (“Device”), as well as information inherent to the App’s set-up and, as such, you may not object to it unless you uninstall the App from your Device.
During use of the App, access will be requested to your Device’s storage (e.g., when you register shipping addresses on the App), camera (e.g., so that you can scan your credit card to insert its details as a payment method in the App) and Internet access, among other functions where necessary.
9. SDKs and tracking technologies
SDKs (Software Development Kits) and similar technologies are information that applications can record and/or read on your Device. In general, these technologies allow an analysis of the use of an application, with purposes varying from avoiding malfunctions and improving users’ experience, to providing additional functionalities related to the App Services.
Bypa-ss uses SDKs and similar technologies provided by third parties acting, as the case may be, as independent data controllers from Bypa-ss (using the data they collect for their own purposes and under terms defined by them) or as data processors (processing personal data on Our behalf).
If you wish to prevent your Device’s operating system from sharing your Personal Data with Bypa-ss or with the third parties mentioned for profiling purposes, we encourage you to set up your Device accordingly – namely, by changing the privacy settings on your Device to disable / restrict any advertising tracking features. For more information on this, please see the following links:
iOS Devices: https://support.apple.com/en-us/HT202074;
Android Devices: https://support.google.com/ads/answer/2662922?hl=en
10. Location Information
11. Call and SMS Data
In connection with providing Service, we may receive call and SMS data, including the date and time of the call or SMS message, the parties phone numbers, and the content of the SMS message. if we have to use this data, we would seek your consent.
12. Children's Privacy
Our Services are intended for users who have attained the age of majority where they reside (18 years of age or older in most jurisdictions). Furthermore, we do not knowingly collect personally identifiable information (PII) from persons under the age of majority, the "Protected Age" without parental consent unless permitted by law. If you are under the Protected Age, please do not provide us with information of any kind whatsoever. If you have reason to believe that we may have accidentally received information from a child under the Protected Age, please contact us immediately. If we become aware that we have inadvertently received Personal Information from a person under the Protected Age, we will delete such information from our records. Bypa-ss does permit users who have attained the age of majority (i.e. parents, legal guardians, medical professionals and physicians) to submit, store and share personal information regarding parties under the Protected Age provided that they certify that they have the authority to use our Services on their behalf.
13. Protective Measures We Use
We have put in place physical, technical and administrative measures that are intended to help protect your information in our possession against loss, theft, misuse, unauthorized access, disclosure and alteration. Some of the safeguards we use are firewalls and data encryption, physical access controls to our data centers, and information access authorization controls. Although we take measures to secure your information, and that of your patients, we do not promise, and you should not expect, that your personal information, or searches, or other information will always remain secure. We cannot guarantee the security of our information storage, nor can we guarantee that the information you supply will not be intercepted while being transmitted to and from us over the Internet including, without limitation, email and text transmissions. In the event that any information under our control is
compromised as a result of a breach of security, we will take reasonable steps to investigate the situation and notify those individuals whose information may have been compromised and take other steps, in accordance with the applicable laws and regulations.
14. Payment Information
15. The Legal Basis and Reasons for The Collection and Processing of Your Personal Information
The legal basis upon which we rely for the collection and processing of your Personal Information is the following:
3. It is necessary to register you as a user, manage your account and profile, and authenticate your access when you log in.
4. It is necessary for our legitimate interests in the proper administration of our Website, Mobile Application, Service and our business; to analyze the use of the website and our Services; insure the security of our website and Services; maintain back-ups of our databases; and communicate with you;
5. To resolve technical issues you encounter, to respond to your requests for assistance, comments and questions, to analyze crash information, to repair and improve the Services and provide other customer support.
6. To send communications via email and within the Services, including, for example, responding to your comments, questions and requests, providing customer support, and sending you technical notices, product updates, security alerts, and administrative, billing and account management related messages.
7. To send promotional communications that you have consented to receive or have expressed a legitimate interest in receiving.
8. It is necessary for our legitimate interests in the protection and assertion of our legal rights, and the legal rights of others, including you.
9. It is necessary for our compliance with certain legal provisions which may require us to process your personal data. By way of example, and without limitation, we may be required by law to disclose your personal data to law enforcement or a regulatory agency.
10. How We Use Information We Collect
Our primary purpose in collecting, holding, using and disclosing your Information is for our legitimate business purposes and to provide you with a safe, smooth, efficient, and customized experience while using the Service.
We will use this information in order to:
1. Provide users with our Services and Customer Support including, but not limited to verifying your account and for informational and operational purposes, such as account management or system maintenance.
2. Track your billing and payment history and to contact you for account and promotional purposes.
3. Contact you and provide you with important notices.
4. Analyze, improve and manage our Services and operations.
5. Resolve problems and disputes and engage in other legal and security matters.
6. Detect and prevent fraud or abuse.
7. Enforce our Terms of Service and any terms and conditions of any other agreements for our Services. 8. Build new services and other purposes as deemed necessary by Bypa-ss upon notification to you.
9. For research purposes with our non-profit and/or commercial research partners and collaborators. Research may be sponsored by, conducted on behalf of, or in collaboration with our partners and collaborators, such as non-profit foundations, academic institutions or pharmaceutical companies that conduct or support scientific research, the development of therapeutics, medical devices or related material to treat, diagnose or predict health conditions. The research data will be anonymized.
Additionally, we may use the information we collect about you to:
1. Send you communications we think will be of interest to you, including information about products, services, promotions,news, and events of Bypa-ss and other companies, where permissible and according to local applicable laws.
2. Display advertising, including advertising that is targeted to you or other users based on your location, interests, as well as your activities on our Services.
3. Verify your identity and prevent impersonation, spam or other unauthorized or illegal activity including, without limitation, infringement of intellectual property rights of third parties.
4. How We Disclose Information We Collect
a. With your healthcare facility, medical professional or physician and their employees as applicable.
b. With third party Service Providers that provide a variety of services on our behalf. For example, we may rely on service providers to provide web analytics, data processing, advertising, email distribution and other services. These service providers are obligated by contract to protect the confidentiality, integrity and security of the information we share with them.
c. With the general public if you submit content to a part of our Services that are viewable by the general public, such as a forum or community area.
d. With third parties with whom you choose to let us share information, for example other websites or apps that integrate with our API or Services, or those with an API or Service with which we integrate.
e. With current and future Bypa-ss subsidiaries and affiliated entities that provide services, including payment processing services or conduct data processing on our behalf, or for data verification, data centralization and/or logistics purposes.
f. With affiliated entities that provide payment processing services on our behalf.
g. With vendors, consultants, marketing partners, and other service providers who need access to such information to carry out work on our behalf.
h. With research partners, service providers, collaborators and collaborators partners.
i. In response to a request for information by a competent authority if we believe disclosure is in
accordance with, or is otherwise required by, any applicable law, regulation, or legal process.
j. With law enforcement officials, government authorities, or other third parties if we believe your actions are inconsistent with our user agreements, Terms of Service, or policies, or to protect the rights, property, or safety of Bypa-ss or others.
k. In connection with, or during negotiations of, any merger, sale of company assets, consolidation or restructuring, financing, or acquisition of all or a portion of our business by or into another company.
l. If we otherwise notify you and you consent to the sharing; and
m. In an aggregated and/or de-identified form which cannot reasonably be used to identify you.
16. Aggregated Data
- Aggregated Data is de-identified or anonymized and does not constitute Personal Data as this data does not directly or indirectly reveal you, or the patients’ identity. We may collect, use and share Aggregated Data such as statistical or demographic data for any purpose including, without limitation, research (including medical research), education, analyzing usage trends and patterns, improving our Services and business operations, evaluating the performance of the Bypa-ss Service and measuring the effectiveness of our content, and Service components. We may receive compensation in exchange for sharing de-identified or anonymized Aggregated Data which shall be for the account of Bypa-ss.
- Bypa-ss may also uses this de-identified and anonymized Aggregated Data to improve the operation of various healthcare systems by sharing information with appropriate agencies and third parties. Most of this work will be in partnership with the public sector, as well as various NGO’s, Universities and Health Management Organizations (HMO’s). This information will be applied to enable more accurate treatment, monitoring health trends, improving resource allocation, enabling various healthcare operations, and improving research capabilities.
17. Sharing Information with Law Enforcement
Bypa-ss is committed to cooperating with law enforcement while respecting everyone’s right to privacy. If Bypa-ss receives a request for user account information from a government agency investigating criminal activity, we will review the request to be certain that it satisfies all legal requirements before releasing information to the requesting agency.
18. Social Media Sharing
18.1. Our Services may now or in the future integrate with social sharing features and other related tools which let you share actions you take on our Services with other Apps, sites, or media, and vice versa, depending on the settings you establish with the social sharing service. Please refer to the privacy policies of those social sharing services for more information about how they handle the data you provide to or share through them.
18.2. Any information or content that you voluntarily disclose for posting publicly to a social sharing service becomes available to the public, as controlled by any applicable privacy settings that you set with the social sharing service. Once you have shared User Content or made it public, that User Content may be re-shared by others. If you remove information that you posted to the social sharing service, copies may still remain viewable in cached and archived pages, or if other users or third parties, using the social sharing service, have re-shared, copied or saved that User Content.
18.3. User Content and Public Sharing
If you share User Content or post a comment or message that contains personally identifiable information to a page on our Services that is accessible to the public, third parties may use that information, or share it with other parties. As a
18.4. You will need to contact Bypa-ss if you wish to have this personally identifiable information removed from our Service. Please note that responding to your request may not ensure complete or comprehensive removal from the internet if the content or information has been reposted by another party. To request removal of content or information, please contact us at email@example.com .
19. Advertising and Analytic Services Provided by Others
For more information about Internet-based ads, or to opt out of receiving targeted advertising from participating companies, please visit www.aboutads.info/choices.
20. Links to Third-Party Websites
21. Do Not Track Settings
Some web browsers may transmit or give you the ability to enable a "do not track" feature that sends signals to the websites you visit or other online services with which the browser communicates, indicating that you do not want your online activities tracked. This is different from blocking or deleting Cookies, as browsers with a "do not track" feature enabled may still accept Cookies. There currently is no accepted standard for how to respond to this signal, and we do not take any action in response to this signal. If a standard for responding is established, we may revisit our Policy on responding to these signals.
22. International Privacy Practices
Where we need to transfer your Personal Data to another country, we will take all reasonable steps to ensure that any such transfers comply with applicable laws. We will take all steps necessary to ensure that Your data is treated securely and in accordance with this Privacy Notice and no transfer of Your Personal Data will take place to an organisation or a country unless there are sufficient controls in place including the security of Your data. We would also ensure your data is transferred outside the country with appropriate safeguard in compliance with the applicable law.
23. Account Information
You may access or modify your account information at any time by logging into your online account. If you wish to cancel your account, please email us at firstname.lastname@example.org. Please note that in some cases we may retain certain information about you as required by law, or for legitimate business purposes to the extent permitted by law. For instance, if you have a standing credit or debit
on your account, or if we believe you have committed fraud or violated our Terms of Service, we may seek to resolve the issue before deleting your information.
24. Promotional Information opt Out
25. Your Access and Rights to Your Personal Information
25.1 You have certain rights in relation to Personal Information we hold about you. You can exercise any of the following rights by contacting us using any of the methods in the Contact section below. We may need to request specific information from you to help us confirm your identity and ensure your right to access your Personal Data (or to exercise any of your other rights). This is a security measure to ensure that Personal Data is not disclosed to any person who has no right to receive it. We try to respond to all legitimate requests within one month. Occasionally it may take us longer than a month if your request is particularly complex or you have made several requests. In this case, we will notify you and keep you updated.
- Right of Correction or Completion of Your Personal Data. If personal information we hold about you is not accurate, out of date or incomplete, you have a right to have the data corrected or completed. To make corrections to your account please contact us at the email address in our Contact section below.
- Right of Erasure or Deletion of Your Personal Data. In certain circumstances, you have the right to request that personal information we hold about you is deleted. If we cannot delete the information you want, we will let you know and explain why. To request information deletion please contact us at the email address in our Contact section below. Please note that while we are obligated to comply with your request to delete your personal data, we will note be able to send proof of deletion of your personal information.
- Right to Object to or Restrict Processing of Your Personal Data. In certain circumstances, you have the right to object to our processing of your personal information. For example, you have the right to object to use of your personal information for direct marketing purposes. Similarly, you have the right to object to use of your personal information if we are processing your information based on legitimate interests and there are no compelling legitimate grounds for our processing which supersede your rights and interests. You may also have the right to restrict our use of your personal information, such as in circumstances where you have challenged the accuracy of the information and during the period where we are verifying its accuracy. To object to or restrict processing please contact us at the email address in our Contact section below.
- Right to Data Portability or Transfer of Your Personal Data. You have the right to be provided with a copy of the information we maintain about you in a structured, machine-readable and commonly used format. To receive a copy of the information we maintain about you please contact us at the email address in our Contact section below.
- Right to Withdrawal of Consent. If you have given your consent to us to process and share your Personal Information after we have requested it, you have the right to withdraw your consent at any time. To withdraw your consent please contact us at the email address in our Contact section below.
25.2. Where you have submitted a complaint, we will endeavour to resolve such feedback/query within thirty (30) days from the date of
receipt. In the event that we are unable to resolve it before the expiration of the aforementioned timeline, we shall inform you about the extension of time needed to resolve such.
26. Our Information Retention Policy
Unless you request that we delete certain information, we retain the information we collect for as long as your account is active or as needed to provide you services. Following termination or deactivation of your account, we will retain information for at least 1 year or for as long as needed for our legal purposes in accordance with applicable law. We will only retain your Personal Data for as long as we reasonably need to unless a longer retention period is required by law (for example for regulatory purposes). We will also retain your personal data to comply with a legal obligation.
27. Contact Us
If you have any questions or if you would like to contact us about our processing of your personal information, including exercising your rights as outlined above, please contact us through any of the methods below. When you contact us, we will ask you to verify your identity.
Contact name: Customer Success
Our office address: 7 Al Golf Street, Maadi, Cairo, Egypt
Last updated: July 20, 2022