This policy is in accordance with the U.S. Children’s Online Privacy Protection Act (“COPPA”), and outlines our practices in the United States and any other territories in which we operate regarding children’s personal information. For more information about COPPA and general tips about protecting children’s online privacy, please visit: https://www.ftc.gov/enforcement/rules/rulemaking-regulatory-reform-proceedings/childrens-online-privacy-protection-rule.
(1) THE INFORMATION WE COLLECT ABOUT CHILDREN, HOW WE USE IT, AND HOW AND WHEN WE COMMUNICATE WITH PARENTS
SnapMD offers to its users sites and applications, some of which can be used in the management of healthcare for children. Specifically, SnapMD’s Virtual Care Management (VCM) application allows for the entry of information about children by a parent or guardian as well as healthcare providers. However, children under the age of 13 are not eligible to register directly for a user account. A parent or guardian (healthcare proxy) can create a user profile on behalf of a dependent child and attest that they have legal authority to do so, but the user profile of the child is not directly accessible by the child. Below we summarize potential instances of collection. Any data entered into the VCM application about a minor child is retained in compliance with applicable law. In the event we discover we have collected information about a child in a manner inconsistent with COPPA’s requirements, we will either deactivate the user account or immediately seek the parent’s consent for that collection.
Children cannot directly register with our sites and applications. During the user registration process, we may ask the parent or guardian of a child to provide certain information for notification and security purposes, including a parent or guardian’s email address, the child’s first name and gender, the parent’s member or account username, and password. We also may ask for birth dates of children a parent or guardian have added to the application to validate their ages. Parents and guardians can choose whether to share information about their children with us, but certain actions cannot function without it. We will not require a parent or guardian to provide more information about a child than is reasonably necessary in order to participate in the function of the VCM application.
About the Collection of Parent or Guardian Email Address
Consistent with the requirements of COPPA, SnapMD’s VCM application, or in any instance where we ask for age and determine the account is for a user age 13 or under, we will ask for a parent or guardian’s email address before we collect any personal information about the child. We will not use a parent or guardian’s email address provided for parental consent purposes to market to the parent, unless the parent has expressly opted into email marketing or has separately participated in an activity that allows for such email contact.
Content Generated by a Child
Certain activities on VCM application allows parents and guardians to create or manipulate content and save it about a minor child. Because children cannot create a registered user account with SnapMD, they cannot create content or submit information directly. If we suspect a child has attempted to create an account and submit information we will seek verifiable parental consent by email for the collection.
About Verifiable Parental Consent:
In the event SnapMD wishes to collect personal information about a child, we require that parent to attest to their legal authority to do so, and we will require dual authentication of the account owners email address, parents and guardians do have the right to revoke consent.
Teacher Consent in Lieu of a Parent
With regard to school-based activities, COPPA allows teachers and school administrators to act in the stead of parents to provide consent for the collection of personal information from children. Schools should always notify parents about these activities.
Instant Message Chat
SnapMD will have no direct contact with a minor child via instant message chat. All communications about a child will be conducted between the authorized parent or guardian and their healthcare provider that is delivering healthcare services via our VCM application.
Email Contact with a Child
SnapMD will have no direct contact with a minor child via email. All communications about a child will be conducted between the authorized parent or guardian and their healthcare provider that is delivering healthcare services via our VCM application.
Push notifications are notifications on a mobile and other devices that are typically associated with downloaded applications, and which can communicate to the device holder even when the application is not in use. SnapMD will have no direct contact with a minor child via push notifications. All communications about a child will be conducted between the authorized parent or guardian and their healthcare provider that is delivering healthcare services via our VCM application.
If SnapMD’s VCM application collects geolocation information that is specific enough to equate to the collection of a street address, it will be related to the parent or guardian, and not directly with child.
When adult users interact with us, certain information may automatically be collected, to make our VCM application more useful for various purposes related to our business. Examples include the type of computer operating system, the user’s IP address or mobile device identifier, the web browser, the frequency with which a user visits various parts of our sites or applications, and information regarding the online or mobile service provider. This information is collected using technologies such as cookies and other unique identifiers. This data is principally used for internal purposes only, in order to:
Please contact us with questions about our privacy policies and collection and use practices.
(2) WHEN INFORMATION COLLECTED ABOUT CHILDREN IS AVAILABLE TO OTHERS
No personal information about a child will be made available to the public.
We may share information with our service providers if necessary for them to perform a business, professional, or technology support function for us; always in accordance with HIPPA and any other applicable law.
We may disclose personal information if permitted or required by law, for example, in response to a court order or a subpoena. To the extent permitted by applicable law, we also may disclose personal information collected about children (i) in response to a law enforcement or public agency’s (including schools or children services) request; (ii) if we believe disclosure may prevent the instigation of a crime, facilitate an investigation related to public safety or to protect the safety of a child; (iii) to protect the security or integrity of our sites, applications, and other technology, as well as the technology of our service providers; or (iv) enable us to take precautions against liability.
(3) PARENTAL CHOICES AND CONTROLS
At any time, parents can refuse to permit us to collect further personal information about their children in association with a particular user account. At any time a parent or guardian can elect to deactivate their user account or that of their minor child, in accordance with law.