• Some of the Services require us to learn more about you so that we can best meet your needs.
  2.1 Personal Information We Collect Directly From You
  We receive Personal Information directly from you when you voluntarily provide us with such Personal Information, including, without limitation, the following:
  (1) contact data (such as your e-mail address and phone number);
  (2) demographic data (such as your gender, your date of birth and your zip code);
  (3) insurance data (such as your insurance carrier, insurance plan, member ID, group ID and payer ID);
  (4) Payment, credit cards, and banking information
  (5) medical data (such as the doctors, dentists or other healthcare specialists, professionals, providers, organizations, or agents or affiliates thereof (collectively, “Healthcare Providers”) you have visited, your reasons for visit, your dates of visit, your medical history, and other medical and health information you choose to share with us); and
  (6) other identifying information that you voluntarily choose to provide to us, including without limitation unique identifiers such as passwords, and Personal Information in emails or letters that you send to us.
  
  We may also collect additional information, which may be Personal Information, as otherwise described to you at the point of collection or pursuant to your consent. You may still access and use some of the Services if you choose not to provide us with any Personal Information, but features of the Services that require your Personal Information will not be accessible to you.
• 2.2 Billing, Collection and Payment Information
  Information from our billing partners: When you make a payment through our Services (as further described in and subject to other provisions of the Agreement), your payment card information is collected and stored by our payment processing partner. Our payment processing partner collects your voluntarily provided payment card information necessary to process your payment. Such partner’s use and storage of information is governed by its applicable terms of service and privacy policy. The information we store includes your payment card type and the last four digits of the payment card.
• 2.3 Information From Third Party Sources
  Some third parties, such as our business partners and service providers, provide us with Personal Information about you, such as the following:
  Account information for third party services: If you interact with a third party service when using our Services, such as if you use a third party service to log-in to our Services (e.g., Facebook or Google), or if you share content from our Services through a third party social media service, the third party service will send us certain information about you if the third party service and your account settings allow such sharing. The information we receive will depend on the policies and your account settings with the third party service. You understand the information transmitted to us is covered by this Privacy Policy; for example, the basic information we receive from Facebook about you.
• 2.4 Information we automatically collect when you use our Services
  Some information, which may include Personal Information, is automatically collected when you use our Services, such as the following:
  Traffic Data: We also may automatically collect certain data when you use the Services, such as (1) IP address; (2) domain server; (3) type of device(s) used to access the Services; (4) web browser(s) used to access the Services; (5) referring webpage or other source through which you accessed the Services; (6) geolocation information; and (7) other statistics and information associated with the interaction between your browser or device and the Services (collectively “Traffic Data”). Depending on applicable law, some Traffic Data may be Personal Information.
• 2.5 HIPAA and PHI
  Under a federal law called the Health Insurance Portability and Accountability Act (“HIPAA”), some demographic, health and/or health-related information that QureNet collects as part of providing the Services may be considered “protected health information” or “PHI.” Specifically, when QureNet receives identifiable information about you from or on behalf of your Healthcare Providers, this information is considered PHI.
  
  HIPAA provides specific protections for the privacy and security of PHI and restricts how PHI is used and disclosed. QureNet may only use and disclose your PHI in the ways permitted by your Healthcare Provider(s). In addition, you may be asked to e-sign the QureNet authorization (the “QureNet Authorization”). Your decision to e-sign the QureNet Authorization is entirely voluntary. If you choose to e-sign the QureNet Authorization, you agree that QureNet may use and disclose your PHI in the same way it uses and discloses your Personal Information that is not PHI. These uses and disclosures are described in this Privacy Policy. To the extent any provision in the QureNet Authorization is inconsistent with this Privacy Policy or other provisions of the Agreement, then the provision in the QureNet Authorization only controls with respect to your PHI. If you do not e-sign the QureNet Authorization, then your Personal Information that is not PHI is governed by this Privacy Policy and your Personal Information that is PHI is used and disclosed only as permitted by your Healthcare Provider(s).

We collect information (including Personal Information and Traffic Data) when you use and interact with the Services, and in some cases from third party sources. Such means of collection include:
When you use the Services’ interactive tools and services, such as searching for Healthcare Providers, searching for available appointments with Healthcare Providers and completing medical history forms (“Medical History Forms”) prior to Healthcare Provider appointments;
When you voluntarily provide information in free-form text boxes through the Services or through responses to surveys, questionnaires and the like;
If you download and install certain applications and software we make available, we may receive and collect information transmitted from your computing device for the purpose of providing you the relevant Services, such as information regarding when you are logged on and available to receive updates or alert notices;
If you download our mobile application or use a location-enabled browser, we may receive information about your location and mobile device, as applicable;
Through cookies, web beacons, analytics services and other tracking technology (collectively, “Tracking Tools”), as described below; and
When you use the “Contact Us” function on the Site, send us an email or otherwise contact us.

4.1. Tracking Tools
We may use tools outlined below in order to provide our Services to, advertise to, and to
better understand users.
Cookies: “Cookies” are small computer files transferred to your computing device that
contain information such as user ID, user preferences, lists of pages visited and activities
conducted while using the Services. We use cookies to improve or tailor the
Services, customize advertisements by tracking navigation habits, measuring performance, and
storing authentication status so re-entering credentials is not required, customize user
experiences with the Services, and for analytics and fraud prevention. For more information
on cookies, including how to control your cookie settings and preferences, visit
http://www.allaboutcookies.org.
Some cookies are placed by a third party on your device and provide information to us
and third parties about your browsing habits (such as your visits to our Services, the pages
you have visited, and the links and advertisements you have clicked). These cookies can be
used to determine whether certain third party services are being used, to identify your
interests, and to serve advertisements relevant to you. We do not control third party
cookies.
Web Beacons: “Web Beacons” (a.k.a. clear GIFs or pixel tags) are tiny graphic image files
embedded in a web page or email that may be used to collect information about the use of our
Services, the websites of selected advertisers and the emails, special promotions or
newsletters that we send. The information collected by Web Beacons allows us to analyze how
many people are using the Services, using selected publishers’ websites or opening emails,
and for what purpose, and also allows us to enhance our interest-based advertising
(discussed further below).
Web Service Analytics: We may use third-party analytics services in connection with the
Services, including, for example, to register mouse clicks, mouse movements, scrolling
activity and text typed into the Site. We use the information collected from these services
to help make the Services easier to use and as otherwise set forth in Section 5 (How We Use
Your Information). These analytics services generally do not collect Personal Information
unless you voluntarily provide it and generally do not track your browsing habits across web
services that do not use their services.
Mobile Device Identifiers: As with other Tracking Tools, mobile device identifiers help
QureNet learn more about our users’ demographics and internet behaviors in order to
personalize and improve the Services. Mobile device identifiers are data stored on mobile
devices that may track mobile device and data and activities occurring on and through it, as
well as the applications installed on it. Mobile device identifiers enable collection of
Personal Information (such as media access control, address and location) and Traffic
Data.
4.2. Behavioral Advertising
We may use a type of advertising commonly known as interest-based or online behavioral
advertising. This means that some of our partners use Tracking Tools, such as cookies, pixel
tags, and web beacons, to collect information about a user’s online activities to display
QureNet ads to the user based on the user’s interests (“Behavioral Advertising”). Such
partners may include third-party service providers, advertisers, advertising networks or
platforms, traffic measurement service providers, marketing analytics service providers, and
other third party service providers (collectively, “Advertising Service Providers”). Other
Tracking Tools used by our partners may collect
information when you use the Services, such as IP address, mobile device ID, operating
system, browser, web page interactions, geographic location and demographic information,
such as gender and age range. These Tracking Tools help QureNet learn more about our users’
demographics and internet behaviors.

4.3. Options for Opting out of Cookies and Mobile Device Identifiers
Some web browsers allow you to reject cookies or to alert you when a Cookie is placed on
your computer, tablet or mobile device. You may be able to reject mobile device identifiers
by activating the appropriate setting on your mobile device. Although you are not required
to accept QureNet’s cookies or mobile device identifiers, if you block or reject them, you
may not have access to all features available through the Services.
You may opt out of receiving certain cookies and certain trackers by visiting the Network
Advertising Initiative (NAI) opt out page or the Digital Advertising Alliance (DAA) consumer
opt-out page, or by installing the DAA’s AppChoice app (for iOS; for Android) on your mobile
computing device. When you use these opt-out features, an “opt-out” Cookie will be placed on
your computer, tablet or mobile computing device indicating that you do not want to receive
interest-based advertising from NAI or DAA member companies. If you delete cookies on your
computer, tablet or mobile computing device, you may need to opt out again. For information
about how to opt out of interest-based advertising on mobile devices, please visit
http://www.applicationprivacy.org/expressing-your-behavioral-advertising-choices-on-a-mobile-device.
You will need to opt out of each browser and device for which you desire to apply these
opt-out features.
Even after opting out of Behavioral Advertising, you may still see QureNet advertisements
that are not interest-based (i.e., not targeted toward you). Also, opting out does not mean
that QureNet is no longer using Tracking Tools — QureNet still may collect information about
your use of the Services even after you have opted out of Behavioral Advertising and may

still serve advertisements to you via the Services based on information it collects via the
Services.

This Privacy Policy does not cover the use of cookies and other Tracking Tools by any
third
parties, and we aren’t responsible for their privacy policies and practices. Please be aware
that some cookies placed by third parties can continue to track your activities online even
after you have left our Services.

4.4. How QureNet Responds to Browser “Do Not Track” (DNT) Signals
Some web browsers (including Safari, Internet Explorer, Firefox and Chrome) incorporate a
“Do Not Track” (DNT) or similar feature that signals to web services that a visitor does not
want to have his/her online activity and behavior tracked. If a web service operator elects
to respond to a particular DNT signal, the web service operator may refrain from collecting
certain Personal Information about the browser’s user. Not all browsers offer a DNT option
and there is currently no industry consensus as to what constitutes a DNT signal. For these
reasons, many web service operators, including QureNet, do not proactively respond to DNT signals. For more information about DNT signals, visit http://allaboutdnt.com.

We may use information that is neither Personal Information nor PHI (including non-PHI
Personal Information that has been de-identified and/or aggregated) to better understand who
uses QureNet and how we can deliver a better healthcare experience (for example, testing
different kinds of emails has helped us understand when and how patients prefer to get
Wellness Reminders for preventive care), or otherwise at our discretion.

We use information, including Personal Information, to provide the Services and to help
improve the Services, to develop new services, and to advertise (for example, to display
QureNet ads on other web services). Specifically, such use may include:
Providing you with the products, services and information you request;
Responding to correspondence that we receive from you;
Contacting you when necessary or requested, including to remind you of an upcoming
appointment;
Providing, maintaining, administering or expanding the Services, performing business
analyses, or for other internal purposes to support, improve or enhance our business, the
Services, and other products and services we offer;
Customizing or tailoring your experience of the Services, which may include sending
customized messages or showing you Sponsored Results;
Notifying you about certain resources, Healthcare Providers or services we think you may be
interested in learning more about;
Sending you information about QureNet or our products or Services;
Sending emails and other communications that display content that we think will interest you
and according to your preferences;
Combining information received from third parties with information that we have from or
about you and using the combined information for any of the purposes described in this
Privacy Policy;
Showing you advertisements, including interest-based or online behavioral advertising;
Using statistical information that we collect in any way permitted by law, including from
third parties in connection with their commercial and marketing efforts;
Fulfilling our legally required obligations, such as preventing, detecting and investigating
security incidents and potentially illegal or prohibited activities;
Resolving disputes;
Protecting against or deterring fraudulent, illegal, or harmful actions; and
Enforcing our Terms of Use and other agreements.

In certain circumstances, and in order to perform the Services, we may share certain
information that we collect from you, as described in this section:
Healthcare Providers: We may share your Personal Information with Healthcare Providers with
whom you choose to schedule through the Services. For example, if you complete a Medical
History Form using the Services in advance of an appointment and elect to share it with your
selected Healthcare Provider, we may share your Medical History Form with such selected
Healthcare Providers. Provided that you choose to use the applicable Services, we may share
your Personal Information with your Healthcare Providers to enable them to refer you to and
make appointments with other Healthcare Providers on your behalf or to perform analyses on
potential health issues or treatments. We may share your Personal Information with
Healthcare Providers in the event of an emergency.
Health Information Exchanges: To make your information more securely and easily accessible
to your Healthcare Providers, we may share your Personal Information with Health Information
Exchanges and related organizations that collect and organize your information (such as
Regional Health Information Organizations). The goal of such organizations is to facilitate
access to health information to improve the safety, quality, and efficiency of
patient-centered care. More information on Health Information Exchanges can be found here
and here.
We do not sell email addresses to third parties. We may share your Personal Information with
our partners to customize or display our advertising.
We may share your Personal Information and/or Traffic Data with our partners who perform
operational services (such as hosting, billing, fulfillment, data storage, security,
insurance verification, web service analytics, or ad serving) and/or who make certain
services, features or functionality available to our users.
Cross Device Matching: To determine if users have interacted with content across multiple
devices and to match such devices, we work with partners who analyze device activity data
and/or rely on your information (including demographic, geographic and interest-based data).
To supplement this analysis, we also provide de-identified data to these partners. Based on
this data, we may then display targeted advertisements across devices that we believe are
associated or use this data to further analyze usage of Services across devices.
We may share your Personal Information with the insurance provider you identify to us (and
do so via our partners) to determine eligibility and cost-sharing obligations, or otherwise
obtain benefit plan and other insurance-related information on your behalf.
Business Transfers: We may transfer your Personal Information to another company in
connection with a proposed merger, sale, acquisition or other change of ownership or control
by or of QureNet (whether in whole or in part). Should one of these events occur, we will
make reasonable efforts to notify you before your information becomes subject to different
privacy and security policies and practices.
Public Information and Submissions: You agree that any information that you may reveal in a
review posting, online discussion or forum is intended for the public and is not in any
way private. Carefully consider whether to disclose any Personal Information in any public
posting or forum. Your submissions may be seen and/or collected by third parties and may be
used by others in ways we are unable to control or predict.
Protection of QureNet and Others: We also may need to disclose your Personal Information or
any other information we collect about you if we determine in good faith that such
disclosure is needed to: (1) comply with or fulfill our obligations under applicable law,
regulation, court order or other legal process; (2) protect the rights, property or safety
of you, QureNet or another party; (3) enforce the Agreement or other agreements with you; or
(4) respond to claims that any posting or other content violates third-party rights.
Other Information: We may disclose information that is neither Personal Information nor PHI
(including non-PHI Personal Information that has been de-identified and/or aggregated) at
our discretion.

The security of your Personal Information is important to us. We endeavor to follow
generally accepted industry standards to protect the Personal Information submitted to us,
both during transmission and in storage. For example, when you enter sensitive information
on our Site, we encrypt that information using Secure Socket Layer (SSL) technology.

We store and process your information on our servers in the United States and abroad. We
maintain industry standard backup and archival systems.

Your account is protected by a password for your privacy and security. If you access your
account via a third party site or service, you may have additional or different sign-on
protections via that third party site or service. You must prevent unauthorized access to
your account and Personal Information by selecting and protecting your password and/or other
sign-on mechanism appropriately, and limiting access to your computer or device and browser
by signing off after you have finished accessing your account.
Although we make good faith efforts to store Personal Information in a secure operating
environment that is not open to the public, we do not and cannot guarantee the security of
your Personal Information. If at any time during or after our relationship we believe that
the security of your Personal Information may have been compromised, we may seek to notify
you of that development. If a notification is appropriate, we will endeavor to notify you as
promptly as possible under the circumstances. If we have your e-mail address, we may notify
you by e-mail to the most recent e-mail address you have provided us in your account
profile. Please keep your e-mail address in your account up to date. You can update that
e-mail address anytime in your account profile. If you receive a notice from us, you can
print it to retain a copy of it. To receive these notices, you must check your e-mail
account using your computer or mobile device and email application software. __You consent
to our use of e-mail as a means of such notification. If you prefer for us to use the U.S.
Postal Service to notify you in this situation, please
e-mail us at it@QureNet.com. __Please include your address when you submit your request. You
can make this election any time, and it will apply to notifications we make after a
reasonable time thereafter for us to process your request. You may also use this e-mail
address to request a print copy, at no charge, of an electronic notice we have sent to you
regarding a compromise of your Personal Information.

You can always opt not to disclose information to us, but keep in mind some information may
be needed to register with us or to take advantage of some of our features.
If you are a registered user of the Services, you can modify certain Personal Information or
account information by logging in and accessing your account. The information you can view,
update, and delete may change as the Services change.
If you wish to close your account, please email us at it@QureNet.com. QureNet will use
reasonable efforts to promptly delete your account and the related information. Please note,
however, that QureNet reserves the right to retain information from closed accounts,
including to comply with law, prevent fraud, resolve disputes, enforce the Agreement and
take other actions permitted by law.

You must promptly notify us if any of your account data is lost, stolen or used without
permission.

We retain Personal Information about you for as long as you have an open account with us or
as otherwise necessary to provide you Services. In some cases we retain Personal Information
for longer, if doing so is necessary to comply with our legal obligations, resolve disputes
or collect fees owed, prevent fraud, enforce the Agreement, or as otherwise permitted or
required by applicable law, rule or regulation. Afterwards, we retain some information in a
depersonalized or aggregated form but not in a way that would identify you personally.

As noted in the Terms of Use, the Services are not intended for use by children and children
under the age of 13 are prohibited from using the Services. QureNet does not knowingly
collect any information from children, nor are the Services directed to children. If you are
under 13, please do not attempt to register for the Services or send any Personal
Information about yourself to us.

By accessing, using and/or submitting information to or through the Services, you represent
that you are not younger than age 13. If we learn that we have received any information
directly from a child under age 13 without his/her parent’s written consent, we will use
that information only to respond directly to that child (or his/her parent or legal
guardian) to inform the child that he/she cannot use the Services, and we will
subsequently delete that information. If you believe that a child under 13 may have provided
us Personal Information, please contact us at it@QureNet.com.

If you are between age 13 and the age of majority in your place of residence, you may use
the Services only with the consent of or under the supervision of your parent or legal
guardian. If you are a parent or legal guardian of a minor child, you may, in compliance
with the Agreement, use the Services on behalf of such minor child. Any information that you
provide us while using the Services on behalf of your minor child will be treated as
Personal Information as otherwise provided herein.

If you use the Services on behalf of another person, regardless of age, you agree that
QureNet may contact you for any communication made in connection with providing the Services
or any legally required communications. You further agree to forward or share any such
communication with any person for whom you are using the Services on behalf.

The Services contain links to or embedded content from third party web services. A link to
or embedded content from a non-QureNet web service does not mean that we endorse that web
service, the quality or accuracy of information presented on the non-QureNet web service or
the persons or entities associated with the non-QureNet web service. If you decide to visit
a third party web service, you are subject to the privacy policy of the third party web
service as applicable and we are not responsible for the policies and practices of the third
party web service. We encourage you to ask questions before you disclose your information to
others.

You may have arrived at the Services from, or began your use of the Services at, a third
party web service, including a third party web service that links to QureNet or embeds
QureNet content. The presence of such links or content on third party web services does not
mean that we endorse that web service, the quality or accuracy of information presented on
the non-QureNet web service or the persons or entities associated with the non-QureNet web
service. You may be subject to the privacy policy of the third party web service as
applicable and we are not responsible for the policies and practices of the third party web
services. In addition, the policies and practices of third parties do not apply to your
information, including Personal Information, obtained pursuant to this Privacy Policy.

The effective date of this Privacy Policy is set forth at the top of this webpage. We will
notify you of any material change by posting notice on this webpage. Your continued use of
the Services after the effective date constitutes your acceptance of the amended Privacy
Policy. We encourage you to periodically review this page for the latest
information on our privacy practices. Any amended Privacy Policy supersedes all previous
versions. IF YOU DO NOT AGREE TO FUTURE CHANGES TO THIS PRIVACY POLICY, YOU MUST STOP USING
THE SERVICES AFTER THE EFFECTIVE DATE OF SUCH CHANGES.

If you have any comments, concerns or questions about this Privacy Policy, please
contact us at it@QureNet.com