The Information ShareSmart CollectsShareSmart may obtain the following types of information from or concerning you or your mobile phone device, which may include information that can be used to identify you as specified below (“Personally Identifying Information”):
User Provided Information: You provide certain Personally Identifiable Information, such as your mobile phone number, push notification name (if applicable), billing information (if applicable) and mobile device information to ShareSmart when choosing to participate in various uses of the ShareSmart Service, such as registering as a user, updating your status or requesting status for your contacts. In order to provide the ShareSmart Service, ShareSmart will periodically access your address book or contact list on your mobile phone to locate the mobile phone numbers of other ShareSmart users (“in-network” numbers), or otherwise categorize other mobile phone numbers as “out-network” numbers, which are stored as one-way irreversibly hashed values.
Cookies Information: When you visit the ShareSmart Site, we may send one or more cookies – a small text file containing a string of alphanumeric characters – to your computer that uniquely identifies your browser. ShareSmart uses both session cookies and persistent cookies. A persistent cookie remains after you close your browser. Persistent cookies may be used by your browser on subsequent visits to the site. Persistent cookies can be removed by following your web browser help file directions. A session cookie is temporary and disappears after you close your browser. You can reset your web browser to refuse all cookies or to indicate when a cookie is being sent. However, the ShareSmart Site may not function properly if the ability to accept cookies is disabled.
Log File Information: When you use the ShareSmart Site, our servers may automatically record certain information that your web browser sends whenever you visit any website. These server logs may include information such as your web request, Internet Protocol (“IP”) address, browser type, browser language, referring / exit pages and URLs, platform type, number of clicks, domain names, landing pages, pages viewed and the order of those pages, the amount of time spent on particular pages, the date and time of your request, one or more cookies that may uniquely identify your browser, your phone number, phone number you are requesting the status of and various status information. When you use the ShareSmart Service, our servers log certain general information that our application sends whenever a message is sent or received, or if you update or request any status information, including time and date stamps and the mobile phone numbers the messages were sent from and to.
The Information ShareSmart Does Not CollectShareSmart will collect names, emails or other contact information from its users’ mobile address book or contact lists other than mobile phone numbers. We do not collect location data, but users may voluntarily share their location with other users via the ShareSmart Service. The contents of messages that have been delivered by the ShareSmart Service are copied, kept or archived by ShareSmart in the normal course of business pursuant to applicable health information and privacy laws. Users will have full control and use over the contents of their messages. The ShareSmart Service is meant to be a SMS replacement, using data service through a user’s phone (either via cell network or wifi). Users type their messages, which are sent via data service to our servers, and routed to the intended recipient (who must also be a ShareSmart user), if that recipient is online. If the recipient is not online, the undelivered message is held in ShareSmart’s server until it can be delivered. If the message is undelivered for thirty (30) days, the undelivered message is deleted from our servers. Once a message has been delivered, it resides on our servers – NorthCloud (and which may be deleted at the user’s option). The contents of any delivered messages are kept or retained by ShareSmart — the no records of the content of any delivered messages reside directly on the sender’s and recipient’s mobile devices. Notwithstanding the above, ShareSmart may retain date and time stamp information associated with successfully delivered messages and the mobile phone numbers involved in the messages, as well as any other information which ShareSmart is legally compelled to collect. Files that are sent through the ShareSmart Service will reside on our servers after delivery for a period of time, but are deleted and stripped of any identifiable information within a period of time in accordance with our general retention policies.
When ShareSmart Discloses InformationOther users of the ShareSmart Service may see your Status Submissions in a way that is consistent with the use of the ShareSmart Service. For example, a status of “Can’t talk, please SMS instead” set by phone number +1 (604) 888-8888 will be available to every user of the ShareSmart Service who has that mobile phone number in their mobile phone’s address book or contact list. In other words: If another user has your mobile phone number stored in their mobile phone address book or contact list, they will be able see your status information unless you have chosen to block such user. “Last Seen” information is available and displayed to each user who has your mobile phone number in their mobile phone address book or contact book (and which you have not blocked), and reflects the last approximate time the ShareSmart mobile application has been used or brought to the foreground on your mobile phone. “Last Seen” information is reported to ShareSmart when a user brings the mobile application to the foreground. We do not sell or share your Personally Identifiable Information (such as mobile phone number) with other third-party companies for their commercial or marketing use without your consent or except as part of a specific program or feature for which you will have the ability to opt-in or opt-out. We may share your Personally Identifiable Information with third party service providers to the extent that it is reasonably necessary to perform, improve or maintain the ShareSmart Service. We may share non-personally-identifiable information (such as anonymous User usage data, referring / exit pages and URLs, platform types, asset views, number of clicks, etc.) with interested third-parties to assist them in understanding the usage patterns for certain content, services, advertisements, promotions, and/or functionality on the ShareSmart Site. We may collect and release Personally Identifiable Information and/or non-personally-identifiable information if required to do so by law, or in the good-faith belief that such action is necessary to comply with state and federal laws (such as Canadian Copyright Law), international law or respond to a court order, subpoena, or search warrant or equivalent, or where in our reasonable belief, an individual’s physical safety may be at risk or threatened. ShareSmart also reserves the right to disclose Personally Identifiable Information and/or non-personally-identifiable information that ShareSmart believes, in good faith, is appropriate or necessary to enforce our Terms of Service, take precautions against liability, to investigate and defend itself against any third-party claims or allegations, to assist government enforcement agencies, to protect the security or integrity of the ShareSmart Site or our servers, and to protect the rights, property, or personal safety of ShareSmart, our users or others.
Third-party Advertisers, Links to Other SitesShareSmart is currently ad-free and we hope to keep it that way forever. We have no intention to introduce advertisement into the product, but if we ever do, will update this section.
Duties – Users of ShareSmartThe data collected by you may concern third party individuals that may not have been well enough to provide legal consent for the use of the data and so must be treated by you with the utmost care and respect and only as a tool to enable medical professionals to send images to approved recipients in order to aid in the professional medical assessment of patients. As a user, you are responsible for assessing and complying with all laws, policies and other requirements applicable to your use of ShareSmart, including health records, privacy and freedom of information laws and any applicable institution policies. In particular, as a user of the ShareSmart, you are responsible for ensuring that:
- You have fully explained to the patient, or their authorized representative/guardian, how data and images relating to the patient will be used, including complying with all applicable laws and institution policies regarding consent and written collection statements. As such, the explanation should include making the patient generally aware of:
- the identity of the organization and how to contact it;
- the fact that the patient is able to gain access to the information;
- the purposes for which the information is collected;
- to whom (or the types of individuals or organizations to which) the organization usually discloses information of that kind, including to ShareSmart and to third party services for the purpose of the secure hosting and communication of the information;
- any law that requires the particular information to be collected; and
- the main consequences (if any) for the patient if all or part of the information is not provided.
- Fully informed consent is obtained from the patient or their authorized representative/guardian, or a medical professional has assessed that consent is not required in the specific situation, before capturing data and images. In particular, you are responsible for: ensuring that the patient has consented to the transfer and/or communication of patient information to ShareSmart and secure third party hosting and exchange services; or determining that patient consent for the above activities is not legally required in the circumstances and in providing ShareSmart, ShareSmart is reliant upon you obtaining such consents and making such determinations.
- You only grant access to a patient’s data and images to appropriate medical professionals who are authorized and have consent to access such data and images in accordance with the uses specifically stipulated within that patient’s consent; and