remotEMDR Ltd. (“remotEMDR”, “we”, “us” or “our”) provides content, functionality and other products and services for certified Eye Movement Desensitization and Reprocessing (“EMDR”) therapists, Developmental Needs Meeting Strategy (“DNMS”) therapists, Accelerated Resolution Therapy (“ART”) therapists, and trainees under the direct supervision of certified EMDR, DNMS and ART therapists (“Providers”) and their patients (“Patients”) by way of our website at www.remotEMDR.com (the “Website”), our mobile application (“App”), and through use of our proprietary online EMDR therapy tools accessed through the Website and the App, including our videoconferencing and video recording features, our Provider record keeping tools (the “remotEMDR Tools”) during an EMDR therapy session with a Provider (an “EMDR Session”), and our networking feature for Providers (the “Provider Referral Network”). The Website, the App, the remotEMDR Tools, and the Provider Referral Network are referred to collectively herein as the “Services”. By accessing, browsing, and/or using the Services, You acknowledge that You have read and agree to be bound by the Terms of Service ("Terms") and this Privacy Policy.
Only Providers are permitted to register for an account via the Website or App to use the Provider Referral Network or the remotEMDR Tools with their Patients in EMDR Sessions. Patients are not permitted to register for an account to use the Services and are prohibited from using EMDR Tools alone and/or without Provider involvement.
ACCESS TO, AND USE OF, THE SERVICES BY PROVIDERS, PATIENTS, AND ANY OTHERS (COLLECTIVELY, “YOU, “YOUR,” or “USER”) ARE SUBJECT TO YOUR ACCEPTANCE OF AND COMPLIANCE WITH ALL APPLICABLE TERMS AND THIS PRIVACY POLICY.
remotEMDR is committed to protecting and respecting Your privacy.
This Privacy Policy describes how we collect, use, protect and share information about You, as an individual, that we obtain when You access and use our Services. All capitalized terms not otherwise defined herein shall have the meanings ascribed thereto in the Terms.
This Privacy Policy also governs the collection and use of information when You use the App, as a part of our Services, although we may provide additional notice and choice options within the App itself. In addition, this Privacy Policy applies to information that we obtain when You communicate or interact with us outside of the Services, including by e-mail, telephone and otherwise.
The Health Insurance Portability and Accountability Act (HIPAA) and implementing regulations govern the receipt, protection, use and release of individually identifiable health information, also known as “protected health information” or “PHI”. PHI is information, including demographic data, that relates to: (i) the individual’s past, present or future physical or mental health or condition; (ii) the provision of health care to the individual, or (iii) the past, present, or future payment for the provision of health care to the individual; and that identifies the individual or for which there is a reasonable basis to believe it can be used to identify the individual.
Under the HIPAA Security Rule, both “Covered Entities” and “Business Associates” are required to undertake measures to ensure the safety and security of PHI, and to report any unauthorized disclosures of any such PHI, among other undertakings.
remotEMDR has undertaken security measures to reasonably and appropriately implement the standards and implementation specifications as required in the HIPAA Security Rule, including by (1) ensuring the confidentiality, integrity, and availability of all PHI that remotEMDR creates, receives, maintains, or transmits; (2) protecting against any reasonably anticipated threats or hazards to the security or integrity of such information; (3) protecting against any reasonably anticipated uses or disclosures of such information that are not permitted or required under HIPAA; and (4) undertaking ongoing activities to comply with the requirements of HIPAA and the rules promulgated thereunder.
remotEMDR will NEVER use, disclose, or share any Patient PHI, unless expressly permitted by HIPAA and its implementing rules and regulations, and only strictly in accordance therewith.
We collect and store information that You provide directly to us, including when You register for the Services, for the App, create a profile, submit information, when You update Your e-mail preferences, respond to a survey, contact us with questions or comments, or provide other feedback.
Providers: To create a profile and access the Services, we collect your first name, last name, email address, phone number, and billing information in addition to technical information described above. We also collect and store Your consent to receive direct marketing materials from us as well. To participate in the Provider Referral Network, you may provide professional, biographical, credential, and experiential information, along with a headshot photograph for the Provider’s profile on the Provider Referral Network (collectively, the “Provider Profile Information”).
Patients: Your Provider will create a profile about you, which includes your first name, last name and email address. The Provider may also save EMDR settings related to your specific therapy. The Provider is not permitted to share, download, copy or transfer your profile.
We will not ask for or request sensitive information such as government identifiers, or financial information, except in connection with payments. Please do not provide this information to us, including through e-mails, feedback forms or otherwise.
We also collect and store certain technical information when You access, browse and use our Services. This technical information helps us operate our Services and provide access to You, and includes standard information about visits and system capabilities, such as:
We may also collect information using cookies and beacons. (See Cookies and Beacons below.)
We may use any of the information we collect to:
In some cases, how we treat and use information will depend on the type of information. Some of the information we collect through Your use of our Services or communications with us, such as Your name, address, phone number, e-mail address, Provider Profile Information, or billing information associated with Your account may personally identify You. We describe this information as “Personally Identifiable Information.” We will also treat as Personally Identifiable Information any non-identifiable information that is combined with Personally Identifiable Information.
We may use Provider information, including Personally Identifiable Information, to:
We may use information that is neither PHI, nor Personally Identifiable Information (referred to as “non-Personally Identifiable Information”), to:
We may also combine technical information or non-Personally Identifiable Information about Your use of our Services with similar information that we obtain from other Users to use in an aggregate or anonymous manner for similar purposes.
We will not sell Your Personally Identifiable Information or share Your Personally Identifiable Information with third parties, except with:
We may also disclose Your Personally Identifiable Information:
In the event that we receive a request from a governmental entity to provide Your Personally Identifiable Information, we will make reasonable attempts to notify You of such request, to the extent reasonably possible and legally permissible.
We may share non-Personally Identifiable Information, aggregated, or -de-identified data:
We may use cookies, beacons and similar technologies, now or in the future, to support the functionality of our Services and to identify You when You visit or access the Services. This provides a better experience when You use our App or Website and allows us to improve our Services. remotEMDR or third parties may use cookies and similar technologies to identify You across different websites or apps and to better market remotEMDR or third-party products or services to You, in compliance with applicable law.
Browser Cookies. A browser cookie is a small file placed on the hard drive of Your computer. That cookie then communicates with servers, ours or those of other companies that we authorize to collect data for us, and allows recognition of Your personal computer. We associate cookies with Personally Identifiable Information only if You use the automatic recognition capabilities on restricted areas of the Services, view content, use the personalization services available as part of the Services, or ask us to contact You with additional marketing information. We do not otherwise collect Personally Identifiable Information from browser cookies and we do not associate browser cookies with Your Personally Identifiable Information.
You may use the tools available on Your computer or other device to set Your browser to refuse or disable all or some browser cookies, or to alert You when cookies are being set. However, if You refuse or disable all browser cookies, You may be unable to access certain parts or use certain features or functionality of our Services.
You may choose whether to activate automatic recognition when You register for an account. After registration, You may disable the persistent cookie that supports recognition using the tools in Your browser. If You choose to disable the cookies that support automatic recognition, You will need to re-enter Your User ID and password each time You access a gated portion of the Services.
Unless You have adjusted Your browser settings so that it refuses all cookies, we may use cookies when You direct Your browser to our Services.
Flash Cookies. Certain features of our Services may use local stored objects called flash cookies to collect and store information about Your preferences and navigation to, from and on our Services. We also include cookies in our third-party hosted video players to count the number of unique viewers who see a video and to provide aggregate reporting. The cookies do not identify You as an individual or track Your online behavior. We do not collect Personally Identifiable Information from flash cookies and we will not associate them with Your Personally Identifiable Information.
Flash cookies are not managed by the same browser settings as are used for browser cookies. To learn how You can manage Your Flash cookie settings, visit the Flash player settings page on Adobe's website. If You disable or refuse Flash cookies, please note that some parts of our Services may be inaccessible or may not function properly.
Our Services and e-mails may contain small electronic files known as beacons (also referred to as web beacons, clear GIFs, pixel tags and single-pixel GIFs) that permit us to, for example, count Users who have visited those pages or opened an e-mail and for other website-related statistics. Beacons in e-mail marketing campaigns allow us to track Your responses and Your interests in our content, offerings and web pages. You may use the tools in Your device to disable these technologies as well.
You may have the opportunity to receive certain communications from us related to our Services. If You provide us with Your e-mail address in order to receive communications, You can opt out of marketing e-mails at any time by following the instructions at the bottom of our e-mails and adjusting Your e-mail preferences. Please note that certain e-mails may be necessary for the operation of our Services. You will continue to receive these e-mails, if appropriate, even if You unsubscribe from our optional communications.
Some browsers support a “Do Not Track” feature, which is intended to be a signal to websites that You do not wish to be tracked across different websites You visit. Our Services do not currently change the way they operate based upon detection of a Do Not Track or similar signal.
Please note that we cannot control how third-party websites or online services You visit through our Services respond to Do Not Track signals. Check the privacy policies of those third parties for information on their privacy practices.
You may opt out of our direct telemarketing contacts by requesting us to remove You from our direct telemarketing list. Please note that opting out from our direct telemarketing contacts does not limit us from contacting You for other purposes, including those contacts that are reasonably necessary to provide You with our Services. If You decide to opt out of our direct telemarketing contacts, kindly allow a reasonable time for us to process Your request, and do not hesitate to contact us at info@remotEMDR.com if You encounter any problems with Your request. We also comply with the FTC’s National Do Not Call Registry at www.donotcall.gov/register/reg.aspx and related rules.
The accuracy of the information we have about You is very important. Users may update their information at any time on the account registration page. Otherwise, to review or correct Your Personally Identifiable Information, You may contact us at info@remotEMDR.com.
The security of Your information is important to remotEMDR, and we have established reasonable administrative, technical, and physical safeguards designed to protect Personally Identifiable Information against loss, alteration, unauthorized access, theft, misuse or disclosure. We evaluate these safeguards on an ongoing basis to help minimize risks from new security threats as they become known. Unfortunately, no system can guarantee complete security of Your information. As a result, remotEMDR cannot ensure or warrant the Your information, including Your Personally Identifiable Information, is secure from unauthorized third parties. Thus, Your use of the Services and communication with us about them is at Your own risk.
You are responsible for protecting Your User credentials (username, ID, and password) and for the security of information that You transmit to us over the internet.
Our Services are directed to and are intended for use only by Providers that offer EMDR therapy to Patients. Patients that are under 18 years of age may not use the Services unless they possess written legal parental or guardian consent or are a parent or guardian accepting the Terms on behalf of such parent or guardian and such under 18 year old individual.
Furthermore, Patients under 18 years old may not participate in an EMDR Session with a Provider absent the presence of a parent or guardian throughout each EMDR Session, and only if the parent or guardian initiates each EMDR Session with such Provider.
We do not knowingly collect information from children under 13. If You are under 18 years of age, You are not permitted to register for an account or otherwise submit any personally identifiable information to us, including Your name, address or e-mail address, except with a parent or guardian as describe above. If we discover that we have collected any personally identifiable information from a child under the age of 13, we will suspend the associated account and remove that information from our database as soon as possible.
By registering for an account or submitting any personally identifiable information to us, You represent and warrant that You are 18 years of age or older.
Our Services may contain links to third-party websites and services, including those of our partners and advertisers. Please note that these websites and services may have their own privacy policies. This Privacy Policy applies to remotEMDR and our Services only. We do not accept any responsibility or liability for the policies or practices of any third parties. If You chose to access any websites or services linked from our Services, please check the applicable policies before You use or submit any personal data to such website or service.
We may change this Privacy Policy from time to time to align with changes to our business practices and/or changes to our legal requirements. Your continued use of the Services or communication with us after any updated Privacy Policy has been posted (or any other indication of Your consent) will constitute Your acceptance of the updated Privacy Policy.
Please note that we may condition Your continued access to our Services on Your consent to changes to this Privacy Policy.
The processing and transfer of Personally Identifiable Information of Users based in the EEA is governed by the General Data Protection Regulation (“GDPR”). As used in this section, “personal data” means any information relating to an identified or identifiable User, including Personally Identifiable Information.
We are the data controller in connection with the Services. Our contact information can be found at the bottom of this Privacy Policy.
We are based in Israel, however our third party vendor managed cloud based server is based in the United States. If You are accessing the Services from the EEA or other regions with laws governing data collection and use, please note that Your Personally Identifiable Information will be transmitted to our third party vendor’s servers located in the United States as necessary to provide You with the Services, administer our agreement with You, or to respond to Your requests as described in this Privacy Policy. The United States has data protection laws that are different than the laws in effect in the country in which You are located. Where we transfer Your Personally Identifiable Information out of the EEA, we will take steps to ensure that Your Personally Identifiable Information receives an adequate level of protection and Your rights continue to be protected.
We process Your personal data on the basis of one or more of the following legal bases:
You may request to access Your personal data at any time; to have Your personal data corrected, restricted, or erased; to object to our processing of Your personal data; and to request that we provide You with a portable copy of Your personal data. To exercise any of these rights, please use the contact information found at the bottom of this Privacy Policy.
In addition to the rights listed above, You have the right to lodge a complaint with Your local supervisory authority if You believe that our processing of Your personal data infringes the GDPR. To find the relevant supervisory authority, please refer to this list: https://ec.europa.eu/justice/article-29/structure/data-protection-authorities/index_en.htm.
You can contact our Data Protection Officer using the following contact information:
tal@remotemdr.com
Our representative in the EU can be contacted at:
contact@datarep.com
YOU ARE PROHIBITED FROM INPUTTING, UPLOADING, DOWNLOADING, STORING, OR EMBEDDING ANY PERSONALLY IDENTIFIABLE INFORMATION OF ANY PATIENTS ON, IN, OR THOUGH THE WEBSITE, THE APP, AND/OR THE REMOTEMDR TOOLS.
The Services comply with the Israeli Privacy Protection Act, 1981 and Privacy Regulations (Data Security), 2018 (the “Israeli Law”).
Under the Israeli Law you have the right of access to Your Personally Identifiable Information as it appears in our database and may request to be deleted from it. We use personal information only as appropriate to provide the Services and security purposes in accordance with applicable laws.
For example, we may use the information collected from You to verify Your identity. We may also use this information to establish and set up Your account, verify or re-issue a password, log Your activity, and contact You from time to time. The information helps us improve our Services to You, customize Your browsing experience, and inform You about additional products, services or promotions that We have and which may be of interest to You.
In addition, this information helps us track any fraudulent activities and other inappropriate activities, and monitor content integrity. Should You ever deactivate Your account with us, we will keep Your Personally Identifiable Information on file, but only use it to comply with regulatory requirements and to contact you occasionally with the option to reactivate Your account. We will ask for Your consent before using Your Personally Identifiable Information for a purpose other than those that are set out in this Privacy Policy. We process personal information on our servers in different jurisdictions worldwide. We may process Your Personally Identifiable Information on a server located outside the country where You live. Please note that You may opt out of our information sharing policies at any time by notifying us of Your desire to do so as explained below.
You may opt out of marketing emails at any time by following the instructions in our emails and adjusting Your email preferences. Please note that certain emails as well as certain information (if mandatory required) may be necessary for the continued operation of our Services.
By agreeing to use Our Services you hereby represent and warrant that you provide your express written consent for the following:
We do not sell or rent Your Personal Identifiable Information to third parties for their marketing purposes without Your explicit consent. We may combine your personal information with information we collect from automatically or obtain from other companies and use it to improve and personalize Our Services, content and advertising.
We may provide your personal details to third parties, only in order to provide Our Services and operate our business, and prevent fraud and illegal activities, as detailed below.
You hereby acknowledge and agree that we may share Your Personally Identifiable Information with other third parties on an anonymized and aggregate basis, as well as share such information for statistical purposes. In addition, we may share specific traffic data with our partners and subcontractors who collaborate with us in performing the Services (such as billing, data storage and security); provided that we use our best efforts to ensure that those business partners and contractors shall be bound by the substantially similar standards of security and confidentiality that ae set forth in this Privacy Policy, and that they will only use Your Personally Identifiable Information to carry out their specific business obligations.
Please note that if you request us to delete Your Personally Identifiable Information it may prevent you from continuing to receive the Services.
In addition, Your Personally Identifiable Information to the extent needed including the record of actions You have undertaken pursuant in connection with use of the Services will continue to be retained in accordance with the Israeli Laws, but will no longer be used by remotEMDR.
We retain information as long as it is necessary and relevant for our operations. In addition, we may retain personal information from closed accounts to comply with the Israeli Law, prevent fraud, collect any fees owed, resolve disputes, troubleshoot problems, assist with any investigation, enforce our Terms of Use and take other actions permitted by law.
Please note that opting out from our direct telemarketing contacts does not limit us from contacting You for other purposes, including those contacts that are reasonably necessary to provide You with the Services.
In the event we go through a corporate change or business transition such as a merger, acquisition, bankruptcy, or sale of all or a portion of our assets, Your Personally Identifiable Information may be among the assets transferred.
Disclosure or transfer of Your Personally Identifiable Information will be handled in accordance with the Israeli Law and may occur in the context of a transfer of Your Personally Identifiable Information pursuant to: (a) a corporate change as above stated; (b) adherence to applicable legal obligations or information requests by Israeli public authorities including protecting our rights or property, investigating fraud or other wrongdoing related to the Services, protection of your safety and other measures used to protect against legal liability; (c) disclosures to affiliated companies to facilitate our provision of Services to you and as otherwise necessary within the context of our business activities; or (d) disclosures to insurers or professional advisers to the extent reasonably necessary for the purposes of obtaining or maintaining insurance coverage, managing risks, obtaining professional advice, or the establishment, exercise or defense of legal claims.
Other than as set out above and subject to the Israeli Law, we will make all commercially reasonable efforts to notify you when Your Personally Identifiable Information will be shared with third parties and you will have an opportunity to choose not to have us share Your Personally Identifiable Information.
We retain Your information for as long as necessary to fulfill the purpose for which it was collected. Your information can be accessed by You through Your account where You can verify and correct the accuracy of such information. Alternatively, you can contact us at the contact information provided below. We strive to provide access to personal information in keeping with all applicable legislation. We will provide information from our records in a form that is easy to understand and will also endeavour to provide explanations for any abbreviations or codes used.
We reserve the right to decline to provide access to personal information where the information requested:
Where information will not or cannot be disclosed, the individual making the request will be provided with the reasons for non-disclosure.
Privacy is a priority at remotEMDR. We aim to answer your questions about our privacy practices in a timely and comprehensive manner. You can contact us at info@remotEMDR.com, or write to us at:
If we are unable to satisfy your questions or concerns, you may contact the Office of the Privacy Commissioner of Canada in writing or by calling toll-free at 1-800-282-1376, or please contact the applicable privacy commissioner in your province or territory.
If You have questions, comments or requests relating to this Privacy Policy, or would like to authorize us to release Your information to a specific third party or rescind a previous request, please e-mail us at info@remotEMDR.com, or write to us at: