Privacy Notice

 

Welcome to Weiss Heart and Longevity Clinic.  This Privacy Notice describes how personal information is collected, used and stored through use of the clinic management platform by our office.  (“Weiss Heart and Longevity Clinic” or “we” or “us” or “our”) and through use of our websites and web-based resources. We refer to our platform, websites and web-based resources as the “Services”.In this Notice, we use the word “Subscriber or Patient” to refer to anyone who has subscribed to and paid or has become a patients for use of our clinic management platform (for example, a health clinic or health practitioner), and also includes their individual sub-users. We use the word “you” and “your” to refer to any individual user of our Services, such as a practitioner, staff member, or patient, or an individual browsing or using our websites and web-based resources. We use the word “Patient” to refer to any individual that interacts with our software (Jane’s clinic management platform) to book or use the services of the patient. Be assured that we commit NOT to transfer patient (consumer) data to external organizations except unless it is necessary for providing services, complying with legal obligations, or with the explicit consent of the patient (consumer). For any comments or concerns regarding the SMS process or policy please contact our office at 480- 775-0575 or our directer of privacy (D.O.P.) Ines Dufoort at info@drdeckerweiss.com. 

 

Notice to Patients

​

If you are a patient of our clinic or practitioners, your clinic or practitioner controls your patient information, including your contact information, billing details and patient records. The only exception is if you setup an account for booking appointments using the Jane Mobile App, (through the WHLC website) using your Jane ID authentication credentials (user ID or email and password) are controlled by Jane. Please contact your clinic or practitioner for any questions about your patient information or contact Jane for any questions about management of your Jane ID authentication information. See the section titled Patient Data below for further information.

​

Why Jane and WHLC (Weiss Heart and Longevity Clinic) Collect Personal Information? 

 

Our software and scheduling platform, Jane and WHLC, collect personal information in order to provide our services to our patients and their users for our own business purposes (such as managing your subscription and payments), to learn about use of our services (for improvement, accessibility and relevant content), and to provide you with information about our services, including features and promotions. We collect only the minimum amount of personal information needed for these purposes. We do not sell or trade personal information, and we will only share your personal information with third parties in the ways that are described in this privacy notice.

 

Information Weiss Heart and Longevity Clinic and Jane Collect from You

 

Contact Information. We collect your contact information, such as your name, email address and organization, when you fill out our online forms or set up your user account for our Services. We use your contact information to activate your user account, give you access to the Services, and to send you notices about your user account. Please note that other than email addresses used in authentication credentials, Weiss Heart and Longevity Clinic and  Jane do not collect or manage the contact information of patients, or any marketing or other communications between a Subscriber and its patients. Patient Authentication Information. We collect your authentication credentials (user ID or email and password) (“Patient Authentication Information”) when you create an account to link, book and obtain services from one or more Subscriber clinics as a Patient. We manage the authentication process to allow you to use the same authentication credentials for the different Subscriber clinics you elect to have an account with.

 

Billing Information. When a person becomes a patient of our clinic, we ask them to provide credit card information to process payments. We do not keep your credit card information. Credit card information is provided directly to our payment processor who is PCI-compliant. We receive a ‘token’ from the payment processor that replaces sensitive information and acts as a non-sensitive identifier which can be used by the payment processor to reference your credit card information when future payments need to be processed.

 

Log and Device Information. When you access and browse our Services, we collect information about how you are accessing our Services, such as your internet or mobile network connection, your browser or the type of mobile device you are using (if applicable). We use this log and device information to identify how our Services are being accessed and used so we can optimize them for the types of connections, browsers and devices being used. This information is not used to market or send promotions at an individual user level.

 

Cookies and Tracking Information. Our website uses cookies. Cookies are small data files that are downloaded to your computer or device by a website. Your web browser lets you manage cookies through its “settings” or “options” menus. You can change your browser settings to display a warning before accepting a cookie or to refuse all cookies other than essential cookies required for the functioning of the Services. You can also delete cookies at any time; however, please note that certain cookies must remain in order to use certain portions of the Services. We also use web beacons, which are tiny graphic objects embedded in a web page or an email which allows us to determine if a user has viewed the web page or email.

We use cookies and web beacons:

To learn about use of our websites, such as user traffic patterns and the effectiveness of our navigational structure

To identify email open rates in order to gauge the effectiveness of certain communications or marketing campaigns to clinics

To allow you to login to secure areas of our Services

To store your login credentials for easy access to our Services

​

Social Media. If you login to our Services using a third-party sign-in service, such as Google, Facebook Connect or Twitter, we will receive personal information from those services, such as your name and email address in order to pre-populate our online forms. We also include social media “Like” and “Share” buttons on our websites. These features may collect your IP address and the page you are visiting on our website. They may also set a cookie to enable the feature to function properly. Your interactions with these features are governed by the privacy policies of the third parties who provide them.

 

Legal Basis (GDPR EU/UK)

 

For personal information that is subject to the General Data Protection Regulation (GDPR), we rely on the following legal bases for collecting and using your personal information:

Your consent

The performance of the contract between the patients or user and us, as the provider of the Services

Our legitimate interests (which are not overridden by your privacy rights), such as operating our business, understanding and improving our Services, direct marketing related to our Services, communicating with patients and users about our Services, events or related resources, improving our websites and protecting our legal rights and interests.

 

You may withdraw your consent at any time. Where we are using your personal information for our legitimate interests, you have the right to object to that use. See below underYour Rights for how to withdraw consent or object.

​

If you are a Patient of our clinic, please contact your clinic or practitioner if you have any questions about the legal basis for collecting and using your personal information other than your Jane ID authentication information, about which you can contact us. Our patients may have a different legal basis for collecting and using a Patient’s personal information, such as providing health care or treatments as a regulated healthcare professional.

 

Patient Data

 

Patients use our clinic management platform (Jane)  to collect personal information from the patients themselves  and create patient records. These records may include a patient’s name, address, health insurance and billing information, medical charts, appointment history and other patient data (“Patient Data”). This information is sometimes referred to as “personal health information”, “protected health information”, “data concerning health” or “sensitive data” depending on the location of the Subscribers and the privacy laws applicable to them. If you are a Patient, Patient Data is collected from you when you visit your Subscriber clinic or practitioner and when you create a profile or book appointments with the Subscriber clinic through our online booking Service.

 

Patients Role

 

Patients retain sole control over their data and may be referred to as a “health information custodian”, a “covered entity” or a “controller” depending on their location and the privacy laws applicable to them.

Subscribers determine:

What Patient Data to collect;

How the Subscriber will use the Patient Data;

Who has access to Patient Data;

How long the Subscriber will store Patient Data;

On what basis the Subscriber may delete Patient Data.

 

Subscribers are responsible for complying with laws and regulations governing the use of Patient Data, and for determining the legal basis for such use.

 

WHLC's  Role.

 

Jane is a service provider to the patients of WHLC and may be referred to as an “agent”, “business associate” or “processor” of the Subscriber. Jane stores Patient Data in its secure data centers and makes it available to WHLC  and their users through our clinic management platform. Therefore, except in relation to Patient Authentication Information, Jane and WHLC  has no control over Patient Data. Jane and WHLC will only access Patient Data on the instructions of the Subscriber or its representatives or, in rare cases, where needed in order to prevent or address technical problems, your requests for support, or if required by law or court order. Please note that in order for Jane to verify that we have true consent to access your account and its data, that we may verify the person requesting that we access. We may store and access non-identifiable usage data in connection with managing your subscription and licenses.

 

Patient Authentication Data.  In the interest of facilitating a more convenient and comprehensive experience to Patients, Jane allows Patients to use their Patient Authentication Information to link, book and obtain services from multiple Subscribers; the user ID, email, phone number and password for these unified accounts used by Patients are referred to as Patient Authentication Data. Jane shall be considered a “personal information custodian” or a “controller” of Patient Authentication Data for the purpose of administration of authentication and access to the clinic management platform and to each of the Subscriber accounts that the Patient is linked to. Patient Authentication Data shall not be considered Subscriber Data. Furthermore, for the purpose of Patient Authentication Data, Jane does not qualify as a “covered entity” because Patient Authentication Data is not deemed to be personal health information. Jane assumes responsibility for the safeguarding of Patient Authentication Data and will not disclose Patient Authentication Data to any practitioner of WHLC without the prior consent of the Patient. Jane and WHLC shall be responsible to ensure that only Patients who have successfully authenticated and are linked to a specific Subscriber account are allowed to access such patient  account.

 

Storage Location. Patient Data is stored in the regional data centre for the location chosen by the Subscriber during the sign-up process. We currently have regional data centres in Canada, the United States, UK, and Australia, though this may change from time to time. If we do not have a data centre in the Subscriber’s region, Patient Data will be stored in our Canadian data centre, unless otherwise requested by the Subscriber. Please note that we use US-based service providers for appointment reminders sent by SMS and, therefore, Patient Data contained in appointment reminders will go through and may be stored temporarily in the United States. Similarly, the group telehealth Service is facilitated by a provider which utilizes the nearest available data centre to ensure quality of calls; therefore, in such cases, we do not guarantee that the processing of your data will always remain within your chosen region. We require all our data centres and service providers to maintain a high level of security and to comply with applicable privacy laws.

 

Patient Rights. Patients have certain rights with respect to their Patient Data, which may include knowing what information your Subscriber clinic has about you, correcting any inaccurate Patient Data, obtaining a record of your Patient Data and, in certain circumstances, deleting or removing your Patient Data. Please note that Subscribers have strict legal and regulatory obligations around Patient Data and may not always be permitted to delete or remove Patient Data.

 

Questions about Patient Data. If you have any questions about your Patient Data or wish to exercise any or your patient rights, please contact your Subscriber clinic or practitioner. If your Subscriber clinic or practitioner has any questions about the management of Patient Data in the Services, they may contact us and we will support them as needed to respond to your request. Please note that, in order to maintain strict security of your Patient Data, we can only access Patient Data upon instruction from the Account Owner of the Subscriber. If your questions are about your Patient Authentication Data, you may contact us directly and we will respond to your request.

 

Sharing Your Information

 

We do not sell or distribute personal information to third parties for their own commercial or marketing purposes. We will only share personal information we collect in the following circumstances:

Suppliers and Service Providers. In order to operate our business and provide the Services to our Subscribers and their users, we may need to share a limited amount of personal information, including Patient Data, with our third-party suppliers and service providers. Before sharing personal information, we ensure that the third parties receiving the personal information have provided appropriate safeguards, and that privacy rights are protected and preserved.

 

Some of the areas where we use third-party suppliers and service providers include:

Our data centers where all platform data is stored

Customer support services to help us collect feedback and manage our support services

Communication services to send out email and SMS notices or reminders

Payment processors

A list of the sub-processors we use for processing of Subscriber Data can be made available at the patients request.

​

Corporate Transactions. We may share personal information in connection with negotiating or carrying out a financing or acquisition of our business, a merger or amalgamation with another business, or a sale of all or part of our company assets. Before sharing personal information, we will ensure that appropriate confidentiality and non-disclosure undertakings are in place. We will not share Patient Data in these circumstances.

 

Compliance with Laws. We may disclose personal information to governmental or judicial authorities (to respond to a request, subpoenas, registrations, or legal processes) or other third parties (as required by law, to comply with our legal and regulatory obligations, or to protect and secure our interests, rights, and our assets), to enforce security requirements, or to respond to an emergency which we believe, in good faith, requires us to disclose personal information. . We may also be required to disclose personal information to enforce our legal rights, to enforce security requirements, or to respond to an emergency which we believe, in good faith, requires us to disclose personal information. In such instances, we carefully review a request to make sure it complies with applicable law; if we consider the request to be too broad, we may try to narrow it to minimize the scope of the request, and, if permissible, we will make every reasonable effort to give you as much notice and detail as we can regarding the disclosure of your personal information, what information was disclosed and why. We will not disclose Patient Data unless legally required to do so.

 

Patient Authentication Data. WHLC and Jane shall not share your Patient Authentication Data with any of the Subscribers that you, as a patient, elect to link your account to.

 

Anonymized / Aggregated Data. WHLC and Jane may use computer-generated algorithms to gather anonymous and aggregated information from Subscriber Data in order to assist in our continued development and improvement of the Services, and for the purpose of analysis or compiling statistical data. We will ensure that such anonymized individualized information is not shared outside of Jane without the consent of the Subscriber, but we are permitted to share aggregated analysis about the use of the Services.

 

Security

 

We take reasonable measures, including firewall barriers, SSL/TLS encryption techniques, and authentication procedures, to help protect personal information from accidental loss, theft, misuse, and unauthorized access, disclosure, alteration, and destruction. In addition, we limit access to Subscriber Data to those employees, agents, contractors and other third parties who have a business need to know. We protect your personal information, including Patient Data stored in our platform, by:

Using industry standard security controls such as encryption and an SSL (Secured Sockets Layers) certificate to ensure information is transmitted over a secured connection between your browser and our web server.

Using state-of-the-art data centres with appropriate security and compliance certifications, such as ISO-27001, SOC 2, etc.

Having our personnel sign strict confidentiality agreements in addition to completing periodic training to ensure they understand the confidential nature of the data we process, and only accessing your account when you request assistance from us.

Requiring password protection of your user account with a password set by you. We cannot access or identify your password. The only way to recover a password is for you to initiate a reset via the email address or mobile phone number you use for the Services.

 

While we employ industry standard measures to protect your information, no electronic communication can ever be completely secure. You share responsibility for protection of your personal information by setting a strong password and by keeping your username and password confidential, along with utilizing the security features available to you and according to your needs.

 

Storage Period

 

We retain personal information only for as long as necessary to achieve our stated purposes, or as required by applicable law. For example, Contact and Billing information is kept for as long as a Subscriber account is active and for a reasonable period after it has been deactivated in the event you or your Subscriber wish to re-activate the account as well as for Jane to meet legal requirements and internal record retention policies. User account information may also be retained as necessary to comply with our legal obligations, resolve disputes or maintain our relationship with a Subscriber.If you are a patient of one of our Subscriber clinics, please contact your clinic or practitioner for information regarding the storage period for your Patient Data.

 

International Transfers

 

Personal information may be transferred to and processed in Canada and the United States. Before transferring your personal information, we ensure that appropriate safeguards are in place and that your privacy rights are protected and preserved. Such safeguards may include the existence of an EU adequacy decision, certification and adherence to EU-US Data Privacy Framework, Swiss-US Data Privacy Framework and the UK Extension to the EU-US Data Privacy Frameworks, the Standard Contractual Clauses approved by the European Commission, the International Data Transfer Agreement approved by the Information Commissioner’s Office in the UK, binding corporate rules, or other legal mechanisms to safeguard the personal information being transferred.

 

Your Rights

 

Individuals have certain rights with respect to their personal information. These rights are set out below. If you are a patient of one of our Subscriber clinics, please contact your clinic or practitioner to exercise any of these rights with respect to your Patient Data. To exercise your rights over your Patient Authentication Data, please Contact Us.

 

Correction and Deletion. We will make reasonable efforts to ensure that the personal information we collect from you is accurate and complete. You may update, correct or delete your account information at any time by logging into your user account and modifying your personal information, including your preferences to receive messages from us. You may also update, correct or delete your personal information by contacting us as noted below.

 

Withdrawing Consent. Where we have relied on your consent to use your personal information, you have the right to withdraw that consent at any time by contacting us as noted below, which we will give effect to promptly. In addition, all our marketing email messages contain the ability to automatically “opt-out” or unsubscribe from our mailing lists and marketing messages.

 

Access and Portability. You have the right to request a record of the personal information that we have collected about you and to ask that the information be provided in a structured, used electronic format (where applicable and technically feasible). There may be some cases where we cannot provide you with certain information about you if it would mean disclosure of personal information of another person or other confidential information, or if it would compromise our security systems. If you require access to your personal information, please Contact Us. We will respond to you within thirty (30) days of receiving your request. We may charge a fee where permitted by applicable law.

 

Restriction and Objection. In certain limited circumstances, individuals in the EU, Switzerland or the UK may request that we restrict our use of their personal information and, where we rely on legitimate interests as the legal basis for using your personal information, you have the right to object to such use. In these cases, we can be required to no longer use your personal information; however, this may mean that certain components of our Services cannot be made available to you. If you wish to exercise your right to restrict or object, please Contact Us.

 

Complaints. You have the right to lodge a complaint with a supervisory authority (i.e., the independent public authority responsible for monitoring data protection laws in your country).

 

Contact Us

If you have any questions or concerns about our Privacy Notice and our privacy practices, please contact  our software company at: Jane Software Inc. 500 - 138 13th St E. North Vancouver, BCV7L 0E5 Canada Tel: 844-310-5263Email: privacy@jane.app Attention: Privacy Officer - Jonathan Friesen,

or

Ines Dufoort - Director of Operations Privacy (D.O.P.) at WHLC P.O. Box 6134 Carefree, AZ 85377

Email idufoortweiss@me.com or 480 775 0575 

​

​

Terms of Use

 These Terms of Use (the “Terms”) govern use of our website and the resources we make available on our websites, such as our Guides, videos, blog and more. We refer to our platform, websites and resources collectively as the “Services”.

Notice to Patients

If you are a patient of one of our patients, your clinic or practitioner controls your patient information, including your contact information, billing details and patient records, except your "Jane ID" (our software) authentication credentials (user ID or email and password), the use of which is controlled by Jane.

For questions about your information or how it is collected and used, you should speak with your practitioner or clinic who has chosen our clinic management platform to manage the services they provide to you. For information about how your patient information is collected in connection with our clinic management platform reach out to our director of privacy (D.O.P.) Ines Dufoort at info@drdeckerweiss.com

Acceptance

Please take a moment to read these Terms carefully before subscribing to or using any of the Services. These Terms are a legal contract between Weiss Heart and Longevity Clinic (WHLC) and  Jane Software Inc. (“Jane” or “we” or “us” or “our”) and each person who uses the Services, and are accepted by subscribing to our clinic management platform or by otherwise using our websites and resources. BY ACCESSING OR USING THE SERVICES, YOU ACKNOWLEDGE THAT YOU HAVE READ, UNDERSTOOD AND AGREE TO BE BOUND BY THESE TERMS AND OUR PRIVACY NOTICE. If you cannot enter into this agreement (for reasons such as not being authorized to do so on behalf of an entity), or not being over the age of majority), or do not want to accept these Terms, you should not access the Services. These Terms may be updated or amended from time to time.

In these Terms, we use the word “Subscriber” to refer to the patients of WHLC and the clinic who subscribes to and pays for our clinics management platform, and also includes their individual sub-users. We use the words “you” and “your” to refer to any individual user of our Services (such as a practitioner or staff member at a Subscriber’s clinic, or an individual browsing or using our websites and resources) who accepts these Terms. We use the word “Patient” to refer to any individual that interacts with Jane’s clinic management platform to book the services.

​

Intellectual Property

​

Ownership of the Services.

 

WHLC  owns, or has obtained the rights to use, all intellectual property rights in the Services. This includes the underlying software and technology that operates the Services; all materials and content posted or made available on our website or through the Services, such as our Guide, videos, photos, illustrative graphics, text, research and blog postings; and the trademarks

"Weiss Heart and Longevity Clinic (WHLC) and Jane™️

​

License to You

 

Jane and WHLC  grant each Subscriber, (patient)  and each individual using the Services, a limited license to access and use (i.e., display, print, download) the materials and content within the Services on a personal computer or device for (i) the Subscriber’s internal business purposes or (ii) your own personal, non-commercial use, provided that:

• You retain and keep intact all copyright, trademark or other proprietary notices (such as © 2024 Jane Software Inc. All Rights Reserved);

• You do not disseminate or distribute our materials or content publicly without getting our permission for doing so;

• You do not sell or otherwise commercialize our materials or content for your own gain or for the gain of any other person; and

• You abide by our Acceptable Use Policy below.

 

Confidentiality

You understand and agree that any non-public information we provide to you such as information about how the Service operates, the contents of any technical documentation, descriptions of any technical safeguards and measures, any communications related to this Agreement or the Services, and any other non-public information (collectively, “Confidential Information”) are our proprietary and confidential information. Unless disclosure is required by law or court order, you agree to not disclose Confidential Information to any person other than your legal advisor, accountant, financial advisor or employees who need to know such information for the purpose of advising you (“Advisor”), provided the Advisor uses such information solely for the purpose of advising you and also agrees to maintain the confidentiality of the Confidential Information.

Your Feedback and Contributions. We love to receive your feedback about our Services and to include your contributions in our resources where possible, such as adding your shared chart templates to our chart template library. To ensure we have the proper rights to do this, any feedback or contributions you submit to Jane will not be considered confidential or proprietary, and, you hereby grant Jane a non-exclusive, royalty-free, worldwide, perpetual and irrevocable right and license to use your feedback and contributions, including incorporating them into the Services and sharing them with other users. Please note that providing feedback or contributions does not make you an author, inventor or contributor of the Services and does not entitle you to any compensation or to any ownership rights in the Services.

Third-Party Services. We may offer integrations with third-party services that you may choose to use with our Services, such as email services, payment processing, patient assessment tools, online bookkeeping, electronic billing and insurance claims for your convenience. In such cases, your use of such third-party services may be subject to additional legal terms of those third parties, and not just these Terms of Use. For example, we enable Google’s Maps features and content to be used in booking emails and on online booking sites; the use of Google Maps features and content is also subject to Google Maps / Google Earth Additional Terms of Service and the Google Privacy Policy. Jane is not responsible for those third-party services.

​

​Messages Terms and Policy 

Messages will be sent for appointment announcements and in response to patient texts only. No marketing or sales messages will be sent or replied to from WHLC and/or Jane Software LLC. The frequency of the messages shall be limited to the patients request for information and  scheduled appointments only. 

It should also provide an estimate or general description of the frequency of messages (e.g., daily, weekly). Please make note that message and data rates may apply. To unsubscribe from messages, text STOP. For assistance or clarity on potential charges, "opting in","opting out" and/or guidance for obtaining help, text HELP for assistance.

​

Acceptable Use Policy

Users of our Services are expected to behave responsibly and to show respect for our people, our intellectual property, other users of Jane’s Services and WHLC , and the law. You agree that you will only use the Services in a manner that is compliant with law. You also agree to communicate with Jane team members in a mutually respectful manner at all times, and agree to abide by our Community Standards.

In addition, you must not:

• “frame” or “mirror” any content from our Services on any other website or server;

• post or transmit any material that is unlawful, harmful, defamatory, obscene, profane, discriminating, harassing, threatening, infringing of intellectual property, invasive of privacy rights, or otherwise objectionable;

• harvest, scrape or otherwise collect information about others from our Services, including names and email addresses; probe, scan or test the vulnerability of the Services or any web site, or breach the security or authentication measures of the Services;

• forge headers or otherwise manipulate identifiers in order to disguise the origin of any message or transmittal you send on or through the Services; or

• pretend that you are, or that you represent, someone else, or impersonate any other individual or entity.

Jane reserves the right to suspend or terminate your use of any or all of the Services, or take other appropriate remedial action, to address any inappropriate conduct or any violation or suspected violation of our Acceptable Use Policy or these Terms.

For Patients to Know 

Account Owners can manage the billing information and subscription through their account settings or by contacting us: Contact Us. Except as set forth below under Termination, all fees are non-refundable.

Availability of the Services. Once a Subscriber has subscribed and paid, Jane will make the Services available to the Subscriber’s users (i.e, practitioners, staff, patients) for the subscription plan purchased. Jane will make the Services available in accordance with our Service Level Agreement; however, please note that Jane cannot be responsible for any unavailability of the Services caused by circumstances beyond our reasonable control, such as internet outages or issues with your computer systems or devices.

Limitations. Our websites and resources are intended to provide general information about Jane products and services. They may not always be accurate, complete, or up-to-date and are not intended to provide legal or professional advice. 

​

Your Account(s)

In order to access and use the Services, you must create an account and specify a login ID and password. You must provide truthful and accurate information when you create an account. Do not create an account if you are not authorized to do so or impersonate anyone else when you create your account.

Account Owner. We will treat the person signing up for a subscription on behalf of a Subscriber as the “Account Owner” and will consider them as authorized to administer the account for the Subscriber. This includes authorizing additional user accounts for practitioners and staff, and granting and revoking user access rights and permissions in relation to a Subscriber. Each Subscriber can have only 1 associated Account Owner, and Jane will consider them as the authorized representative of the Subscriber and will be the person we will contact for all matters related to the Subscriber and Subscribers’ account or data. The Account Owner must be a named individual. Any questions about a Subscriber’s subscription and any associated user account(s) should be directed to the Account Owner. A Subscriber may change the person listed as the Account Owner through the account settings functionality on the platform.

User Accounts. Subscribers are responsible for all activities that occur under their user accounts and for any issues, claims or disputes arising out of the conduct of their users. You are responsible for maintaining the security and confidentiality of your login ID and password. Please reset your password immediately and notify us immediately at support@jane.app if:

• You believe that your login ID and password have been compromised

• It is no longer a secret

• A device that you use to access the Service has been lost or stolen

• You believe that someone is using your account without your permission, or if you believe that any unauthorized activity has occurred on your account. We may also temporarily restrict access to an account if we feel that the account credentials may have been compromised. For your account safety and convenience, Jane makes some optional security features available through the account settings which we encourage each user to use, and also recommends using strong, unique passwords for each user.

Weiss Heart and Longevity Clinic and Jane  will not be liable for any losses or damages caused by a Subscriber’s failure to maintain the confidentiality of its user accounts and its account credentials. We may access your account as needed, per Jane’s or WHLC's  role regarding Subscriber Data and/or in order to respond to your requests for account security, as well as for any technical or other support deemed necessary. In order to do so and to protect the security of your account, we may from time to time require you or an account administrator of your account to confirm / verify your identity, and provide any other information / documents we may consider appropriate at our discretion.

Patient Data

Ownership and Control. Each Subscriber retains ownership and control of its patient data and all information collected, entered, created or otherwise provided by the Subscriber and its users in the course of using the Services (“Subscriber Data”). Jane reserves the right to reclaim account URLs, including on behalf of businesses or individuals that hold legal claim, including trademark rights, in those URLs.

Subscribers may be referred to as a “health information custodian”, a “covered entity”, “trustee”, or a “controller” depending on their location and the privacy laws applicable to them. Subscribers are responsible for ensuring that their collection and use of Subscriber Data complies with applicable laws and regulatory requirements, including obtaining appropriate consent for collection, use, and disclosure of personal information.

Each Subscriber determines:

• What Subscriber Data to collect;

• How the Subscriber will use the Subscriber Data;

• Which practitioners and staff have access to Subscriber Data;

• How long the Subscriber will store Subscriber Data; and

• On what basis the Subscriber will delete Subscriber Data.

• On what basis to transfer ownership, custody, and control of Subscriber Data to another custodian

 

WHLC and Jane's Role Regarding Subscriber Data.

 

Weiss HEart and Longevity Clinic uses the software platform "Jane"  as a service provider to patients and may be referred to as an “agent”, “business associate”, “service provider”, or “processor” of the Subscriber. Jane will keep Subscriber Data stored securely as described below under Security. Jane and WHLC will only access patient data if authorized to do so or at the request of a patient or its users; where needed to access patient data to prevent or address technical problems affecting the Services; or if required to do so by law, regulation or court order. Jane and WHLC may also periodically review non personally-identifiable Subscriber Data for subscription auditing purposes or to ensure compliance with these Terms. Jane will not use, disclose, modify, archive, or destroy patient data except as directed by the patient or in accordance with these Terms or its record-retention practices. As we otherwise have no control over patient data, we are not responsible for incorrect, incomplete, lost or damaged patient data, except to the extent it is caused by our failure to meet our obligations under these Terms.

​

JWHLC and ane’s Role Regarding Account Ownership

 

As Jane is a processor of data (For WHLC) and relies on the instruction we receive from patients who own and control their data, Jane is unable to make a determination as to who the Account Owner should be. As such, we allow an existing Account Owner of a patient to change the designated Account Owner going forward. If there is a dispute about who is the designated Account Owner, Jane cannot intervene and would instead recommend seeking legal counsel to find a resolution; till we are validly instructed otherwise, we will continue to treat the person identified in our records as the Account Owner.

However, in limited cases, and at our discretion, Jane and the staff at WHLC  may be able to assist if it is not possible for a patient to resolve Account Ownership on its own. In these cases, patients  may contact info@drdeckerweiss.com to provide us with details of the situation; patients may be asked to provide further information or documents or assurances as Jane may request in order to address the issue. Please note that given the potential sensitivity of patient data, Jane (through WHLC) will follow all requirements and measures as required by law or as advised by our legal counsel before making a change to the listed Account Owner for a patient.

Jane and WHLC is not responsible for managing custody of patient data and will not guarantee that we will transfer ownership of an account or patient data in the event of the death, incapacitation, termination of employment etc. of a an Account Owner.

HIPAA / GDPR Compliance. If a patient is subject to the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”), we will, upon request, enter into our standard Business Associate Agreement (“BAA”) with the Subscriber. If a Subscriber is subject to the Health Information Act (”HIA”), we will, upon request, enter into our standard Information Manager Agreement (”IMA”) with the Subscriber. If a Subscriber is subject to the General Data Protection Regulation (“GDPR”), the terms of our Data Processing Addendum will apply and are hereby incorporated into these Terms. Please Contact Us at info@drdeckerweiss.com to request a copy of our standard BAA or IMA. For all other applicable legislation requiring a data controller to enter into a written contract with a service provider, these Terms will serve as a legal and written agreement between the patient, WHLC and Jane.

Questions About Subscriber Data. If you have any questions about your Subscriber Data, please contact your Account Owner. If you are an Account Owner who has any questions about the management of Subscriber Data in the Services, you can use the Contact Us functionality to get in touch with us.

Anonymized / Aggregated Data. Jane may use computer-generated algorithms to gather anonymous and aggregated information from Subscriber Data in order to assist in our continued development and improvement of the Services, and for the purpose of analysis or compiling statistical data. We will ensure that such anonymized individualized information is not shared outside of Jane without the consent of the Subscriber, but we are permitted to share aggregated analysis about the use of the Services.

Patient Authentication Data

In the interest of facilitating a more convenient and comprehensive experience to patients, Jane and WHLC allow  patients to use a single patient account to link, book and obtain services from multiple Subscribers; the user ID or email and password for these unified accounts used by patients are referred to as “Patient Authentication Data”. The Jane ID will only be linked to a Subscriber if a Patient elects to do so. Jane and WHLC shall be considered a “personal information custodian” or a “controller” of patient authentication data for the purpose of administration of authentication and access to the clinic management platform and to each of the subscriber accounts that the patient is linked to. Patient authentication data shall not be considered account data. Furthermore, for the purpose of patient authentication data, Jane and WHLC do not qualify as a “covered entity” because patient authentication data is not deemed to be personal health information. Jane and WHLC assume responsibility for the safeguarding of patient authentication data and will not disclose patient authentication data to any patient without the prior consent of the patient.

Security

Safeguards.

Jane and WHLC)  will establish and maintain an information security program that is in line with industry standards and is reasonably designed through administrative, physical and technical safeguards to: (i) protect the security and confidentiality of patient data and Patient Data;

(ii) protect against any anticipated threats or hazards to the security or integrity of the patient data;

(iii) protect against unauthorized access to or use of the patient data;

and (iv) ensure the proper disposal of patient data.

These program safeguards include, but are not limited to, security policies and training for our personnel, access controls, minimum security certifications and practices for our data centers, PCI-compliant payment processors and encryption.

Security Features. The Services also contain optional features designed to further enhance the security of patient data. For example, by establishing account access controls for each user; blurring part of your screen so it cannot be read by others around you; and the ability to sign and lock charts to prevent charts from being accidentally overwritten. See our online Guide for further details or Contact Us for assistance.

Security Breach. Jane and WHLC  will notify affected patients without undue delay if Jane and/or WHLC determine that the security of the services has been breached and this results in the patients "patient" data being accessed by or disclosed to an individual or entity who is not authorized to access or receive such information. Jane will report to the affected patients(s) on the corrective action being taken in response to such security breach and will reasonably cooperate with such patient(s) in mitigating the effects of any lost or compromised patient (s) data.

Jane and WHLC will directly notify patients if the security of patient authentication data has been breached which has resulted in an unauthorized disclosure, and will report to the affected Patient(s) on the corrective action being taken in response to such security breach and will reasonably cooperate with such Patient(s) in mitigating the effects the compromised patient authentication data may have had on the patient(s).

​

Patient Responsibility.

Patients  and their users should notify Jane and WHLC immediately if they become aware of any unauthorized use of their account(s), of any user ID and password, or any other known or suspected breach of security of their user account or credentials.

​

Data Retention Policy

During your term as a patient, our clinic management platform is designed to retain, protect and preserve the integrity of patient data in order to assist patients with their regulatory and compliance obligations around patient records. As a result, we will not delete or destroy patients data for such time as the patient has an active enrollment as a patient unless there is either a legal or regulatory requirement to do so, or, we receive a request for deletion / destruction from the account owner and we are permitted by law to delete/ destroy such patient data. If you have such a requirement, please have your Account Owner Contact Us.

​

Data Export

 Patients may export their patient data at any time and should do so prior to ceasing or terminating their use of our clinic management platform. Practitioners who change practices may also arrange with their account owner for export of their patient data. 

​

Termination

Patient Authentication Data.

In the event of termination, Jane and WHLC  shall terminate or suspend access to a specific patients account that a Patient may have previously elected to link or have access to. A Patient will still be allowed to use their credentials to access the clinic management platform and any other patient accounts the patient may have elected to be linked to.

Refunds. 

Termination does not relieve a patient of its obligation to pay fees for any period prior to the effective date of termination.

Legal Limits

Disclaimer. We want to provide great Services; however, there are certain things about the Services that we cannot promise. For example, Jane cannot promise, and does not represent or warrant that:

• The Services will meet your specific needs or requirements;

• The Services will be uninterrupted, timely, 100% secure or free from errors, viruses or other defects; or

• Information provided through the Services will be accurate, timely, complete or reliable.

YOU UNDERSTAND AND AGREE THAT: (A) EXCEPT AS SPECIFICALLY PROVIDED IN THESE TERMS, THE SERVICES ARE PROVIDED “AS IS” WITHOUT WARRANTY AND THAT USE OF THE SERVICES IS AT YOUR SOLE RISK; AND (B) JANE MAKES NO REPRESENTATIONS OR WARRANTIES OF ANY KIND, EITHER EXPRESS OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF FITNESS FOR A PARTICULAR PURPOSE, MERCHANTABILITY, QUALITY OR NON-INFRINGEMENT.

LIMITATION OF LIABILITY. THE TOTAL LIABILITY OF EITHER OF US UNDER THESE TERMS WILL BE LIMITED TO THE AMOUNT YOU PAID TO JANE FOR USE OF THE SERVICES IN THE THREE (3) MONTH PERIOD PRECEDING THE DATE OF THE CLAIM, OR ONE HUNDRED DOLLARS ($100) IF YOU HAVE NOT HAD ANY PAYMENT OBLIGATION TO JANE.

NO INDIRECT OR CONSEQUENTIAL DAMAGES. REGARDLESS OF THE ABOVE, NEITHER OF US WILL BE LIABLE, UNDER ANY CIRCUMSTANCES, FOR ANY INDIRECT, SPECIAL OR CONSEQUENTIAL DAMAGES ARISING OUT OF OR IN CONNECTION WITH THE SERVICES, SUCH AS LOST REVENUE OR BUSINESS INTERRUPTION. SOME JURISDICTIONS DO NOT ALLOW THE EXCLUSION OR LIMITATION OF LIABILITY FOR CONSEQUENTIAL OR INCIDENTAL DAMAGES, SO THIS LIMITATION MAY NOT APPLY DEPENDING ON WHERE YOU LIVE.

Notices, Governing Law and Disputes

​

Notices.

Jane and WHLC will provide patients with notices, alerts and communications regarding the services and these terms electronically to the email address on file for your Account Owner. Account Owners may update their account information at any time by using their account settings. Any notice you are required or wish to provide to Jane may be provided to the contacts shown on the Contact Us page.

Governing Law. The Services are provided by Jane from its offices in Vancouver, Canada, and WHLC in MAricopa COunty, Carefree, Arizona. All matters relating to access to and use of the Services will be governed by the laws of the Province of British Columbia, BC, Canada or Maricopa County, Carefree, Arizona. 

​

Disputes. In the event of a dispute, we both agree to try to settle the dispute through consultation and negotiation in good faith and a spirit of mutual cooperation. We also agree to use binding alternative dispute resolution, such as mediation. If we are unable to resolve the dispute within 60 days after it first arose, all disputes must be resolved by binding arbitration before a single arbitrator with relevant experience. You understand and agree that you are entering into these Terms electronically and that certain categories of information (“Communications”) may be provided by Jane and/or WHLC to you by electronic means (e.g., via email, through the Service by displaying links to notices generally on the website, or to your mobile device), unless and until you withdraw your consent as described below. The categories of Communications that may be provided by electronic means include:

• these Terms and any amendments, modifications, or supplements

• records of bookings, payments and other transactions through the services

• disclosures or notices provided in connection with the services, including any which we may be required to give under law (such as privacy notices, opt-out notices, and change-in-terms notices);

• customer service communications; and

• any other communication related to the Site or Services.

All Communications in either electronic or paper format (if we choose to do so) will be considered to be “in writing.” You should print a paper copy of these terms and any communications that are important to you and retain the copy for your records. By agreeing to the Terms, you are also agreeing to receive all documents, communications, notices, contracts, and agreements relating to your access and use of the Services electronically. If you do not wish to receive these Terms or the Communications electronically, you may not access or use the Services.

If you have opened an account with us and you wish to withdraw your consent to have Communications provided electronically, you must close your account by contacting us, and stop accessing and using the Services. Any withdrawal of your consent to receive electronic Communications will be effective only after we have a reasonable period of time to process your withdrawal and only after all amounts payable to us from you, if any, have been received by us.

Contact Us

If you have any questions regarding the Services or these Terms, please contact us at: security@jane.app  (for Jane) or info@drdeckerweiss.com for WHLC at the contact information shown above. We will make every effort to answer your questions.