Privacy Policy

1. Introduction

This Privacy Policy describes how We collect, access or use Your Personal Information. All terms capitalized herein but not defined shall have the meaning ascribed under the Services Agreement or Terms of Use. By using or accessing the Services in any manner, You: (i) accept this Privacy Policy; and; (ii) consent to and authorize Us to collect, use, and share Your Personal Information in the manner described herein. (collectively referred to as the “Authorization”). If You do not agree with this Privacy Policy, You may not use or access the Services.

2. Business Associate

If You are a Provider, You may have signed a Business Associate Agreement (‘BAA’) with Us. The BAA is hereby incorporated as part of the Privacy Policy.

3. Types of Personal Information.

We use, collect and store certain types of Personal Information that We obtain either directly from You or from third-party sources. The Personal Information that We collect includes the following:

3.1.    PHI.  Under the HIPAA, some of the collected Personal Information may be considered “protected health information” (“PHI”). HIPAA restricts the purposes and uses of PHI. Upon Your request or with Your consent, Your Provider may share Your PHI with Us in our capacity as a Business Associate. We as Business Associate will need to use and disclose the PHI in a manner consistent and permitted by HIPAA in order to perform the Services.
3.2.    Information Provided. This includes without limitation information that You provide, when You (i) create an account, (ii) use interactive tools and services, (ii) search for appointments and Services, (iii) complete general forms; (iv) voluntarily provide information in surveys, and questionnaires; (v) post reviews; (vi); call support services, (vii) send Us email or (viii) use the Services.
3.3.    Information Collected. We automatically collect Your information when You use the Services for the purpose of: (i) providing You the Services; (ii) improve our Services; (iii) promote patient wellbeing, enhance patient safety and ensure that patients are being provided the best Services possible. Your information is collected, without limitation, through:
  1. cookies, use of applications, website and software;
  2. Your use or access of Services;
  3. enabling updates or notifications;
  4. recording of relevant interactions and communication between Customers and Providers (including but not limited to transcriptions of said communications)
  5. third party vendors and with whom Leap or You interact with respect to any services, including without limitation, the health information exchanges, electronic health records vendors, data aggregators; and
  6. third-party sources, such as business partners that offer co-branded services or help us sell or distribute our products or services.

3.4.    Examples of Personal Information. Personal Information may include, without limitation:

  • payment information
  • device/IP information
  • web analytics
  • geolocation data
  • other identifying information that You voluntarily choose to provide
  • contact information
  • email address
  • user demographic data
  • medical data
  • mobile device data
  • insurance information
  • appointment data
  • social network data;
  • interaction and use;
  • transactions;
  • ad impressions to unique visitors;
  • positioning.
4. De-Identified Information.
4.1.      Authorization. You agree, and authorize Us to de-identify Your Personal Information, (including PHI in conformity with HIPAA) (‘De-Identified Information’). De-identification means that Your Personal Information shall be anonymized and shall no longer be personally identifiable. You authorize us to de-identify Your Personal Information, and use it to:

  1. Provide, enable, improve and customize Services, third party services and Your user experience of Services;
  2. Notify and market services, products or resources about which We thinks that You may be interested in;
  3. Provide You updates and information about our products and services;
  4. Conduct analysis and support development for improving or developing Services or products;
  5. disclose it in any way permitted by law, including to third parties in connection with their commercial and marketing efforts.

4.2.      Ownership. You acknowledge and agree that such information will be reviewed and approved by You or someone authorized by You at the time of Your appointment to ensure its accuracy. You also acknowledge that Leap may use the data or information You provide in medical history form in accordance with our Privacy Policy.

The Leap acknowledges and agrees that Your Personal Information that is provided by You through the Services, specifically relating to You, and all rights, title and interest therein, is and shall remain Your exclusive property. Notwithstanding the aforesaid, to the extent permitted by the Privacy Policy and any other applicable laws and regulations, You agree to grant the Leap an irrevocable, perpetual license to use Your data, ad any de-identified information for research and development purposes and to improve the Services. You warrant and represent that the information You provide on the Services is up to date, complete and accurate. The De-Identified Information shall form the sole and exclusive ownership of Leap.

5. Purposes of Personal Information Collection or Disclosure.
We disclose Your Personal Information to certain categories of third-parties.
5.1.      Categories of Third Parties. In certain circumstances, We may share Your Personal Information with the following categories of Service Providers, Advertising Partners, Government and other third parties for the purposes detailed under Section 5.2:

  1. Service Providers. Including without limitation:
    • Insurance providers
    • Health information exchanges
    • Parties You authorize, access or authenticate
    • Security and Fraud Prevention Consultants
    • Payment Processors
    • Fulfillment Providers;
    • Hosting, Technology and Communications Providers;
    • Data Storage Providers;
    • Analytics Providers;
    • Insurance Verification Providers;
    • Staff Augmentation Personnel;
    • Health Information Organizations


  2. Advertising Partners (“Advertising partners”). We may disclose Your De-Identified Information to our advertising partners or service providers. We may serve advertisements, and also allow third-party ad networks, including third-party ad servers, ad agencies, ad technology vendors and research firms, to serve advertisements through the Services. These advertisements may be targeted to users who fit certain general profile categories or display certain preferences or behavior.


  3. Parties You Authorize, Access or Authenticate. We may share Your Personal Information with third-party business partners You access through the Services, if You choose to use any Service to log in to the Services to meet or fulfill the reason You provided the information to us.


  4. Government or Public Records (“Government”). We may use government or other public records for onboarding or verifying Providers. We may disclose Your Personal Information when We believe in good faith that such disclosure is reasonably necessary to: (i) comply with applicable law or legal process; (ii) investigate and prevent measures against suspected or actual illegal activities or to cooperate with public and government authorities; (2) enforce our contractual requirements; (3) protect and defend ourselves against any third-party claims or allegations; (4) maintain the security or integrity of our Services; or (5) safeguard the rights and safety of our Services, our workforce and others. We will undertake good faith efforts to notify You about any legal demands for Your Personal Data when appropriate in our judgment, unless restricted by law or court order or when the request is an emergency. We may dispute such demands when we believe, in our discretion, that the requests are overbroad, vague or lack proper authority, but we do not promise to challenge every demand.

5.2.      Purposes. Your Personal Information shall be shared with the entities detailed under Section 5.1. for the following purposes (‘Purposes’):

  • Providing, customizing, and improving the Services
  • Marketing the Services
  • Corresponding with You
  • Complying with legal requirements
  • Health information exchanges
  • Onboarding verification
  • Maintaining or servicing accounts,
  • Providing customer service,
  • Processing or fulfilling orders and transactions,
  • Verifying customer information,
  • Processing payments,
  • Providing financing,
  • Providing advertising or marketing services,
  • Providing analytic services, or providing similar services on behalf of the business or service provider.
  • Undertaking internal research for technological development and demonstration.
  • Undertaking activities to verify or maintain the quality or safety of our Services.
  • Advertisement and Marketing
  • Auditing;
  • and other relevant standards and rules compliance.
6. Your Rights.
You have the right to delete, access or seek clarity regarding the use and disclose of Your Personal Information.

6.1.      Right to Deletion. You can ask us to delete Your Personal Information maintained by us subject to the provision of a verifiable request. However, we may retain Your Personal Information for as long as necessary to (i) comply with federal or state data retention requirements or other applicable laws, and (ii)enable Your use of the Services. We may also retain non-PHI and De-Identified Information upon such verifiable request, if we determine that We are not legally obligated to delete. However, please note that many features of our website or our Services will not be able to function without Your Personal information.

6.2.    Right to Access. You can ask us for access to Your Personal Information maintained by us subject to the provision of a verifiable request.

6.3.    Other Rights. You can ask Us to enumerate the different categories of Your Personal Information. You can also ask us to provide You with a list of third parties (if any) to whom Your Personal Information has been disclosed.

7. Privacy Notice for California Residents.
This notice describes the rights of Californian residents under the California Consumer Privacy Act of 2018, as amended by the California Privacy Rights Act of 2020 (collectively, “CCPA”), updated 2023.

7.1.      Categories of Personal Information, purposes for collection and third-parties with whom We share Personal Information. Please refer to Section 3 and Section 5 of this Privacy Policy.

7.2.      Your Rights. Under Californian law, You may have the following rights with regards to the Personal Information:

  1. To request information regarding (i) the categories of Personal Information We have collected about You, (ii) categories of sources from which We collected the Personal Information, (iii) purposes for collection/disclose of Your Personal Information, (iv) categories of third-parties with whom We share Your Personal Information with.
  2. To request deletion of Your Personal Information
  3. To request correction of Your Personal Information.
  4. We do not sell Your Personal Information; therefore, We don’t provide the right to opt out of the sale of Your Personal Information.

7.3.      How can You exercise Your rights? . You can exercise Your rights by sending us a request to the contact details detailed under Section 14. Someone legally authorized to act on Your behalf may submit a request pertaining to Your Personal Information. This shall include any guardian or parent acting on Your behalf if You are a minor. We may require You to reasonably verify Your identity before accepting Your request.

Certain Personal Information may be exempt from such exercise. Any denial, in whole or in part, may be appealed. We may review our decision to accept Your request.

All requests can only be made in respect of Personal Information collected, used and disclosed over the duration of 12 months.

7.4.      Response Times. We shall use our best efforts to response to Your requests within forty-five (45) days of its receipt. We shall inform You in advance if We require up to ninety (90) days to respond to Your request. All disclosures shall only cover the 12-month period preceding the date of Your request.

7.5.    Under Civil Code Section§ 1798.83.  You may request certain information concerning our disclose of Personal Information to third-parties for their direct marketing purposes. In such case, You may request (i) a list of categories of Personal Information disclosed to third-parties during the immediately preceding calendar year, and (ii) a lsit of categories of third parties to whom We disclose such Personal Information. 

8. Business Transfers.

All Personal Information may be transferred to a third party if We undergo a merger, acquisition, bankruptcy or other transaction in which that third party assumes control of our business (in whole or in part). Should one of these events occur, We will make reasonable efforts to notify You before Your information becomes subject to different privacy and security policies and practices.

9. Non-Discrimination.

Unless permitted by applicable law, and to the extent reasonably practicable, We will not discriminate against You for exercising any of Your rights under this Privacy Policy, such as:

  • Deny You products, goods or Services;
  • Charge You different prices or rates for goods, products or Services, including through granting discounts or other benefits, or imposing penalties;
  • Provide You a different level or quality of goods, products or services.
10. Cross-Border Export of Personal Information.

We may transfer Your Personal Information to Leap, or to third parties described under Section 5.1. You consent to the transfer, processing, and storage of Your Personal Information outside of Your country of residence.

11. Correcting & Updating Personal Information.

 You may update or correct Personal Information maintained by Leap, either by logging into Your account or by sending us a request. Upon receipt of Your request, Leap will either (a) provide You with reasonable access to the Personal Information or (b) forward Your request to the relevant Provider. It is at our discretion whether to directly update or correct the Personal Information or forward it to the Provider for correction.

12. Sale of Information.

We do not sell any of Your Protected Health Information.

13. Termination.
This Authorization shall remain in effect until You provide a written notice of revocation to Leap. YOU MAY REVOKE THIS AUTHORIZATION AT ANY TIME AND FOR ANY OR NO REASON. SUCH REVOCATION SHOULD BE COMMUNICATED TO USTHROUGH support@leap.health. THE REVOCATION SHALL ONLY BE EFFECTIVE AFTER RECEIPT BY LEAP; PRIOR USES OF YOURPERSONAL INFORMATION SHALL NOT BE EFFFECTED BY THE REVOCATION. SUCH REVOCATION SHALL NOT EFFECT OUR USE OF YOUR NON-PHI INFORMATION AND DE-IDENTIFIED INFORMATION
14. Contact Information.
If You have questions or complaints regarding this Privacy Policy You can reach out to our Data Protection Officer at:
legal@leap.health
934-888-5327
Scroll to Top