Privacy Policy 

This policy was last updated July 15, 2022.

The HealthCheck App (the “App”) Privacy Policy describes the information Safe Health Systems, Inc. and its affiliates, authorized service providers and agents, including but not limited to  Safe PMC (collectively, “SHS”, “us” or “we” or “our”) in connection with your use of the App and its associated websites, mobile applications, and all other related services (the “Services”), and the privacy choices we offer. This Policy applies to information we collect when you access or use our Services, or when you otherwise interact with us with regard to the Services.

Changes to this Privacy Policy

We may change this Privacy Policy from time to time. If we make changes, we will notify you by posting the updated policy via our Services, revising the “Last Updated” date above, and by notifying you at your next sign in to the App.  We encourage you to review this Privacy Policy whenever you use our Services to stay informed about our information practices and about ways you can help protect your privacy.

  • Important Notices

      • EU Privacy Rights.  For users that are citizens of the European Union (“EU”), this Privacy Policy is subject to the provisions of the General Data Protection Regulation (“GDPR”) and other applicable privacy laws.  In such a case, we are a data “Controller” and you are a “Data Subject” with certain protected privacy rights concerning your “Personal Data.”  We will take commercially reasonable steps to maintain compliance with GDPR requirements.  Your Personal Data may identify you as a person, and thus is often referred to as Personally Identifiable Information (“PII”).

      • California Privacy Rights.  The California Consumer Privacy Act (“CCPA”) of 2018 enhances privacy rights and consumer protection for residents of California. Under the CCPA, California residents have the rights to: 1) know what Personal Data are being collected about them; 2) know whether their Personal Data are sold or disclosed, and to whom; 3) say ‘no’ to the sale of their Personal Data; 4) access their Personal Data; and 5) not be discriminated against for exercising their privacy rights under the CCPA.  California law allows California residents to request information regarding our disclosures in the prior calendar year, if any, of their PII to third parties. To make such a request, please contact us at  Please include enough detail for us to locate your file; at a minimum, your name, email and username, if any.  We will attempt to provide you with the requested information within thirty (30) days of receipt.  We reserve our right not to respond to requests sent more than once in a calendar year, or requests submitted to an address other than the one posted in this notice. Please note that this law does not cover all information sharing.  Our disclosure only includes information covered by the law.

      • Health Insurance Portability and Accountability Act (“HIPAA”) Privacy Rights.  HIPAA (as amended by the Health Information Technology for Economic and Clinical Health (“HITECH”) Act of 2009 and the HIPAA Omnibus Final Rule) protects your rights to privacy with respect to your healthcare-related Personal Data.  We have the duty and responsibility to protect the privacy and security of your Protected Health Information (“PHI”) and Electronic Health Records (“EHR”) (as defined in the HIPAA Regulations) that we access or that come into our possession.  We will take commercially reasonable steps to maintain compliance with HIPAA requirements.  We support and facilitate the timely and unimpeded flow of health information for lawful and appropriate purposes.

Use of Services

Your access to and use of our Services are subject to certain terms and conditions, which are set forth in our Terms of Service.


Collection of Information

Information You Provide

We collect information you provide, such as when you email us, sign up for the Services, or submit information through the Services. We may collect, but are not limited to collecting:

  • Personally Identifiable information (“PII”), such as your name, email address, residence and mailing address, phone number, sex, date of birth, other demographic information and sensitive PII, such as race, and ethnicity;

  • Protected Health Information (“PHI”), such as your symptoms and exposure to infectious disease, diagnostic test results and related information, your medical history, and elevated temperature readings, and your questions regarding medical issues.

Informed Consent For Telehealth Services

Telehealth is the use of electronic communications to enable healthcare providers at different locations to share individual patient medical information for the purpose of improving patient care. Providers may include primary care practitioners, specialists, and/or subspecialists. The information exchanged between the patient and the healthcare provider may be used for diagnosis, therapy, follow-up and/or education, and may include any of the following:

  •  Patient medical records
  •  Medical images
  •  Live two-way audio and video
  •  Output data from medical devices and sound and video files

We integrate software within our systems to protect the confidentiality of your identification and imaging data and we include certain protocols and measures to safeguard such information and data to ensure the integrity of our systems against intentional or unintentional corruption.

Information We Collect from Your Use of the Services

We collect information about you when you use our Services, including, but not limited to the following:

  • Device Information. We may automatically collect certain information about the computer or devices (including mobile devices) you use to access the Services. For example, we may collect and analyze information such as (a) IP addresses, geolocation information (as described in the next section below), unique device identifiers and other information about your mobile phone or other mobile device(s), browser types, browser language, operating system, the state or country from which you accessed the Services; and (b) information related to the ways in which you interact with the Services, such as: referring and exit pages and URLs, platform type, the number of clicks, domain names, landing pages, pages and content viewed and the order of those pages, the amount of time spent on particular pages, the date and time you used the Services, the frequency of your use of the Services, error logs, and other similar information. As described further below, we may use third-party analytics providers and technologies, including cookies and similar tools, to assist in collecting this information.

  • GPS Location Services. If you allow the App to access your location, the App may use your location to identify nearby lab testing facilities and/or shipping facilities for returning samples to diagnostic laboratories.  In addition, we may collect information about your location, including general information (e.g., IP address, zip code) and more specific information (e.g., GPS-based functionality on mobile devices used to access the Services), and may use that information to customize the Services with location-based information, advertising, and features. For example, if your IP address indicates an origin in Los Angeles, California, the Services may be customized with Los Angeles-specific information. In order to do this, your location information may be shared with our agents or vendors. If you access the Services through a mobile device and you do not want your device to provide us with location-tracking information, you can choose not to allow the App to access your location via GPS, but the App may still collect general information such as your IP address that does not rely on GPS Location Services.

  • Camera.  Once you have given permission, the App may access your device’s camera for several purposes, depending on how you use the App. If you opt to use a biometric login on your device, the App will ask the operating system for permission to authenticate using the stored information on the device, such as device owner Face ID, Sensor or Touch ID. The biometric information used to verify the user is not stored in the App, and is not accessible to anyone except the owner of the device. If you choose to take and upload a profile photo, or to scan your insurance card, the App will access your camera to perform these functions.  If you use the App to assist you in taking a remote diagnostic test, your camera will be needed to scan a QR or 2D Data Matrix code to identify the test kit you are using.  If you use the App to allow a proctor review of your specimen collection for a test, the App will access your camera in order to display your actions to a proctor who can confirm that your specimen was collected according to instructions. This interaction is not recorded or stored. If the App supports a digital interpretation of your test results, the App will access your camera in order to scan your test to determine the result. If you use the App to import vaccination records from a receipt, your camera will be needed to scan a QR or 2D Data Matrix code to pull in the appropriate vaccine record. The App also supports a mode of use designed for staff and administrators of test and vaccine verification programs, such as those implemented by employers or schools.  While not applicable for most users, in this mode the App will access your camera in order to scan QR codes indicating the verification status of those being checked. 

  • Audio and Video. We do not store Audio or Video. Only the Proctor has access to stored information during the Telehealth Session. The Proctor has no way to access specific account data. We save the data if the user marks it for saving. No additional processing is done with the data after a users selects the save option. If the account is removed, we remove all correlated data to that account.

  • External Storage The App may access external file storage, such as an SD card, to access a few types of information.  The App may retrieve your profile image for use on the App home page, if you choose to upload one. Your profile image will be used on the homepage to personalize your account.  The App also may access photos of your insurance card or diagnostic tests, if you have chosen to take such photos while using the App.  Administrators of your account are able to access these images, even when the app is closed and not in use.

  • Cookies and Other Electronic Technologies. We may use the tools outlined below in order to better understand users. As we adopt additional technologies, we may also gather additional information through other methods.

    • Cookies: “Cookies” are small computer files transferred to your computing device that contain information such as user ID, user preferences, lists of pages visited and activities conducted while using the Services. We may use Cookies to help us improve or tailor the Services by tracking your navigation habits, storing your authentication status so you do not have to re-enter your credentials each time you use the Services, customizing your experience with the Services, and for analytics and fraud prevention.  For more information on cookies, visit

    • Web Beacons: “Web Beacons” (a.k.a. clear GIFs or pixel tags) are tiny graphic image files embedded in a web page or email that may be used to collect anonymous information about your use of our Services, the websites of selected partners, and the emails, special promotions or newsletters that we send you. The information collected by Web Beacons allows us to analyze how many people are using the Services, using the selected partners’ websites or opening our emails, and for what purpose.

    • Website Analytics: We may use third-party website analytics services in connection with the website, including, for example, to register mouse clicks, mouse movements, scrolling activity and text that you type into the website or mobile application. These website analytics services generally do not collect personal information unless you voluntarily provide it and generally do not track your browsing habits across websites which do not use their services. We use the information collected from these services to help make the website easier to use.

    • Mobile Device Identifiers: Mobile device identifiers are data stored on your mobile device that may track the mobile device, and the data and activities occurring on and through it, as well as the applications installed on it. Mobile device identifiers enable collection of personal information (such as media access control, address and location) and traffic data. Mobile device identifiers help us learn more about our users’ demographics and internet behaviors.


Information from Third Parties

We may obtain additional information about you from third parties, such as healthcare entities or laboratory providers of testing and analytics services, researchers, and others. We may combine information that we collect from you with information about you that we obtain from such third parties and information derived from any other service we provide.

Aggregate or De-identified Data

We may aggregate and/or de-identify information collected by the Services or via other means so that the information is not intended to identify you. Our use and disclosure of aggregated and/or de-identified information is not subject to any restrictions under this Privacy Policy, and we may disclose it to others without limitation for any purpose, in accordance with applicable laws and regulations.

Use of Information

We use the information that we collect for the following purposes:

  • To personalize your experience with the Services by informing you of products, programs, events, services, and promotions of ours, our partners and/or third parties that we believe may be of interest to you (see the “Opt-In Policy” below);

  • To provide, maintain, administer, improve, or expand the Services, perform business analysis, or for other internal purposes to support, improve or enhance our business, the Services, and other products and services we offer;

  • To contact you when necessary or requested;

  • To customize and tailor your experience of the Services;

  • To send mobile notifications (you may opt-out of this service);

  • To send emails and other communications that display content that we think will interest you and according to your preferences;

  • To send you news and information about our Services;

  • To track and analyze trends and usage in connection with our Services;

  • To better understand who uses the Services and how we can deliver a better user experience;

  • To combine information received from third parties with the information that we have from or about you and use the combined information for any of the purposes described in this Privacy Policy;

  • To use statistical information that we collect in any way permitted by law, including from third parties in connection with their commercial and marketing efforts;

  • To prevent, detect, and investigate security breaches, fraud, and other potentially illegal or prohibited activities;

  • To enforce the legal terms that govern your use of the Services;

  • To protect our rights or property;

  • To administer and troubleshoot the Services; and

  • For any other purpose disclosed to you in connection with our Services.

We may use third-party service providers to process and store personal information in the United States and other countries. 

Sharing of Information

We may share personal information about you as follows:

  • With third parties to provide, maintain, and improve our Services, including service providers who access information about you to perform services on our behalf;

  • With our affiliates and partners so that they may use such information for the purposes described in this Privacy Policy;

  • If we believe that disclosure is reasonably necessary to comply with any applicable law, regulation, legal process or governmental request; to enforce applicable user agreements or policies; to protect the security or integrity of our Services; and to protect us, our users or the public from harm or illegal activities; and

  • With your consent, we may also share aggregated, non-personally identifiable information with third parties.


      • We take reasonable measures, including administrative, technical, and physical safeguards, to help protect personal information from loss, theft, misuse, unauthorized access, disclosure, alteration, and destruction. Unfortunately, no data transmission over the Internet can be guaranteed to be 100% secure. As a result, although we take industry-standard steps to protect your information (e.g., strong encryption), we cannot ensure or warrant the security of any information you transmit to us or from our online products or services, and you do so at your own risk.

      • For PHI and EHR data subject to HIPAA, we securely store and maintain such data and records in compliance with the HIPAA Privacy and Security Rule Standards.  We or our service providers maintain all HIPAA-related documentation in electronic form on HIPAA-compliant, HITRUST-certified data storage facilities.

      • If you are using the Services from outside of the USA, you understand that your connection will be through and to servers located in the USA, and the information you provide will be securely stored in our web servers and internal systems located within the USA.  By accessing or using the Services or otherwise providing information to us, you consent to the processing, transfer and storage of information in and to the USA, where you may not have the same rights and protections as you do under your local law.

Data Retention

      • General.  We store your Personal Data for as long as reasonably required for its purpose or for any additional period required by law.  We will delete your account information and Personal Data when you terminate your use of the Services, or when we delete your account. We may store information longer for legitimate business reasons (for example, Personal Data may remain in backups for a reasonable period of time), or as legally required.  Otherwise, we store your Personal Data until you request us to remove it from our servers.  We store our logs and other technical records indefinitely.

      • HIPAA-Related Data.  For PHI and EHR data subject to HIPAA, our data retention policy is as follows:

        • We retain all HIPAA-related data and records for a minimum period of six (6) years from the date of creation or modification, or the date when such data were last in effect, whichever is later.

        • In the event that local/state laws require a longer duration for retention of healthcare records, we retain such data for the duration specified by law, but no less than six (6) years.

        • When deleting HIPAA-related data, we use a soft-delete functionality wherever possible, so that the data can be accessed or recovered by a system administrator.  If you require permanent deletion of your Personal Data, you may send a written request to us for approval before the data can be deleted by an administrator.

        • We may delete HIPAA-related PHI or EHR in a verifiable manner only when required or permitted by applicable laws and regulations, and we maintain a record of such deletions for a minimum period of six (6) years from the date of the deletion.

        • We ensure that all HIPAA-related data and documentation are available to members of our workforce only on a need-to-know basis, and as required by their job functions via user-specific account access restrictions.

Your Privacy Choices

How You Can Access and Update Your Information

You may update or correct information about yourself at any time or by emailing us at ${support_email}.


Most web browsers are set to accept cookies by default. If you prefer, you can usually choose to set your browser to remove or reject cookies; however, our Services may not function properly if you do so.

Options for Opting out of Cookies and Mobile Device Identifiers

If you are interested in more information about how you can generally control cookies from being put on your computer to deliver tailored advertising, you may visit the Network Advertising Initiative’s Consumer Opt-Out link, the Digital Advertising Alliance’s Consumer Opt-Out link or TRUSTe’s Advertising Choices Page to opt-out of receiving tailored advertising from companies that participate in those programs.

How We Respond to Browser “Do Not Track” Signals

We do not recognize or respond to browser-initiated Do Not Track signals, as the Internet industry is currently still working on Do Not Track standards, implementations and solutions. For more information about DNT signals, visit

Links to Other Websites

Our Services may contain links to other websites and those websites may not follow the same privacy practices as we do. We are not responsible for the privacy practices of third-party websites. We encourage you to read the privacy policies of such third parties to learn more about their privacy practices.


We do not knowingly collect or maintain personally identifiable information from persons under 18 years of age without verifiable parental consent. If you are under 18 years of age, then please do not use the Services without a parent or legal guardian present. If we learn that personally identifiable information of persons less than 18 years of age has been collected without verifiable parental consent, then we will take the appropriate steps to delete this information. To make such a request, please contact us at

No Rights of Third Parties

This Privacy Policy does not create rights enforceable by third parties.

How to Contact Us

Please contact us with any questions or concerns regarding this Privacy Policy at:

Safe Health Systems, Inc.

Attn: Privacy

1475 N. Scottsdale Rd. Suite 200

Scottsdale, AZ 85257