Effective Date: August 29, 2022
Last updated: September 15, 2022
AEG Vision operates only within the United States and complies with applicable U.S. privacy and security laws. Simply visiting www.aegvision.com or any affiliated practice sites from any other country does not subject AEG Vision to that country’s laws, nor does it indicate AEG Vision’s intention from doing business in any other country.
Interpretation and Definitions
The following definitions shall have the same meaning regardless of whether they appear in singular or in plural.
• Account means a unique account created for you to hold your personal information for purposes of treatment, payment or health care operations.
• Company (referred to as either “the Company”, “We”, “Us” or “Our” in this Agreement) refers to AEG Vision and its managed practices.
• Cookies are small files that are placed on your computer, mobile device, or any other device by a website, containing the details of your browsing history on that website among its many uses.
• Country refers to the United States.
• Device means any device that can access the website such as a computer, a cellphone, or a digital tablet.
• Personal Data is any information that relates to an identified or identifiable individual.
• Service refers to the Website.
• Service Provider means any natural or legal person who processes the data on behalf of the Company. It refers to third-party companies or individuals employed by the Company to facilitate service, to provide service on behalf of the Company or to assist the Company in analyzing services used.
• Usage Data refers to data collected automatically, either generated by the use of the website or from the infrastructure itself (for example, the duration of a page visit).
• Website refers to https://www.aegvision.com or any of its managed practice provider sites.
• You refers the individual accessing or using the website.
Collecting and Using Your Personal Data
Types of Data Collected
When using our online service to schedule an appointment, you will be asked to provide personal information to book the appointment. For us to provide care and bill any insurance company(s) necessary for payment, we ask for certain information that can be used to assist with the normal business activities of health care operations. Personally identifiable information may include, but is not limited to:
• First and Last name
• Date of Birth
• Social Security Number
• Email address
• Insurance Information
• Phone number
• Address, State, Province, ZIP/Postal Code, City
• Primary Care Physician Name
• Pharmacy Name
• Medical History
• Emergency Contact
• Gender Identity
Usage Data is collected automatically when using the website.
Usage Data may include information such as your devices Internet Protocol address (e.g. IP address), browser type, browser version, the pages of our website that you visit, the time and date of your visit, the time spent on those pages, unique device identifiers and other diagnostic data.
When you access the website by or through a mobile device, we may collect certain information automatically, including, but not limited to, the type of mobile device you use, your mobile device unique ID, the IP address of your mobile device, your mobile operating system, the type of mobile Internet browser you use, unique device identifiers and other diagnostic data.
We may also collect information that your browser sends whenever you visit our website or when you access the website by or through a mobile device.
Tracking Technologies and Cookies
Use of Your Personal Data
The Company uses Personal Data for the following purposes:
• To provide services, including booking and confirming your appointment as well as providing treatment and examination services.
• To manage your account: including processing any necessary claims to insurance company(s), billing outstanding balances, or issuing refunds if necessary.
• To contact you: To contact you by email, telephone calls, texts, or other equivalent forms of electronic communication, such as a mobile application’s push notifications regarding updates or informative communications related to the functionalities, products or contracted services, including the security updates, when necessary or reasonable for their implementation.
• For other purposes: We may use your information for other purposes, such as data analysis, identifying usage trends, determining the effectiveness of our promotional campaigns and to evaluate and improve our service, products, services, marketing, and your experience.
Sharing of Your Personal Data
AEG and managed practices do not sell any of your information with third-parties, marketing or advertising partners, or program affiliates without prior notification and your consent. We may share your personal information in the following situations:
• With Service Providers (Our Doctors): This includes the practice location and its clinical providers responsible for your care.
• For Payment: This includes with any health or vision insurance company(s) provided by you, for either prior authorization for treatment (if required) or payment for services rendered.
• With Payors as Contractually Required: This includes both commercial and government sponsored health insurance plans in the event of an audit.
• As Legally Required: This includes cooperating with government and law enforcement officials or private parties to enforce and comply with the law. We only share information when we believe it is necessary or appropriate, including:
o Subpoenas and warrants
o To protect our property, and the safety of our associates or the public in general; and
o To investigate and stop any activity considered to be illegal, unethical or legally actionable.
• With Your Consent: We may disclose your personal information for any other purpose with your consent.
Retention of Your Personal Data
The Company will also retain Usage Data for internal analysis purposes. Usage Data is generally retained for a shorter period of time, except when this data is used to strengthen the security or to improve the functionality of our services, or we are legally obligated to retain this data for longer time periods.
How to Opt-Out
As AEG Vision and its managed practices do not sell your personal data to any third parties, marketing or advertising partners, or program affiliates. All information collected is solely for treatment, payment, and health care operations. Patients are provided an opportunity to opt-into text and email communication both when utilizing the online scheduling service and at their initial appointment on intake paperwork. Patients simply need to select or not select the checkbox to opt-in or opt-out of electronic communications. To opt-out of text or email services after initial sign-up, reply STOP for the text messages and click on the “Unsubscribe” link in our emails.
If you would like to ask us to limit what we do use or share, you may do so as outlined in our Notice of Privacy Practices, located on our website. Please note we are not required to agree to your request.
Security of Your Personal Data
The security of your personal data is important to us. AEG takes reasonable and appropriate efforts to encrypt personal data and PHI at rest and in transit, to prevent unauthorized access, alteration, or destruction of ePHI. AEG uses industry-standard best practices for data encryption using the latest algorithms, such as SHA-256 encryption with a 2048-bit key.
Our online web services are not intended for children under the age of 14. We ask that if you are 13 and under, you please do not attempt to confirm an appointment or enter any personally identifiable information unless you are doing so with the consent of your parent or legal guardian.
Access to Your Information
You are allowed to view, update, request to amend and receive a copy of your personal information by the rights granted to you under the Health Insurance Portability and Accountability Act. We will ensure we verify your identity, or the identity of your legal guardian or representative, prior to granting access to your information. If records are being requested either for personal use or to be shared, we will ask that you complete a HIPAA Authorization to Release form granting us the right to provide the records to the individual listed on the form in the manner indicated. If you have any questions about accessing your information you may contact our Compliance Department at [email protected]