Last updated 18 June 2020 03:23 PM AEST
“Client” or “Client user” (singular or plural) refers to any individual person, group of persons, or organization that has paid the Company for Services or has created an account on the Website, without limitation.
“Coach” or “Coach User” (singular or plural) refers to a person who the Company subcontracts as a Coach and who created an account on the Website.
“Company” or “the Company” refers to the entity registered with the Australian Securities & Investments Commission as 24:7 Friend, ABN 46500600767.
“Services” or “the Services” refers to the one-on-one conversations, training, workshops, Gift Certificates and other (paid or otherwise) products or services offered by Coaches.
“User” (singular or plural) or “All Users” refers to any person(s) using, visiting, or interacting with the Website and Services.
“Website” refers to the web platform found on www.247friend.org and all of its pages, content, forms, and data. It also collectively includes any other domains or subdomains that the Company owns or on which its products or services are directly sold. This does not include external websites or retail platforms that are not owned or managed directly by the Company.
Users may browse the Website without manually providing personal information. However, upon using the service as a Client or Coach, the Company requires and collects personal information that Users provide. Personal information may include a User’s name, email address, postal address, Skype ID, Voxer ID, contact numbers, etc. Additionally, as a one-on-one coaching conversation progresses, Users may need to provide information necessary for assessment purposes. This information will be used primarily to have an effective coaching conversation. This information may also be used to send updates regarding the Company or to share other services or benefits that may be of interest to a User.
Regarding personal information as it relates to American Health Insurance Portability and Accountability Act (HIPAA) compliance, please see the HIPAA section below.
The Company does not collect or have access to any user financial information, even though it may request information about a User and their credit card and/or bank account. That financial information is handled, processed, and stored by a third party payment service (such as Braintree), which facilitates credit card payments in order to purchase a product through the Website. Currently, the Website uses Braintree as its third party payment service. Braintree takes the privacy of a User’s personal information seriously and will use the information only in accordance with the terms of Braintree’s privacy policies.
The Company and its third party service providers, including analytics and third party content providers, may automatically collect certain information from Users whenever they access or interact with the Website and/or Services. This information may include internet address and other web log information such as web request, Internet Protocol (“IP”) address, browser and operating system used, URL or advertisement that referred a User to the service, number of clicks, landing pages, pages viewed and the order of those pages, the amount of time spent on particular pages, the date and time of request, and other information commonly shared when browsers commonly communicate with a website. The Company and its third party service providers may combine this automatically-collected log information with other information they collect about a User. This information is logged for internal use to help diagnose technical problems and to administer the Website and Services in a manner that allows the Company and its third party service providers to constantly improve the Website and Services, to improve marketing, analytics, and site functionality. 24:7 Friend is the sole owner of information collected on the Website. The Company reserves the right to screen, copy, transmit, and review all communications conducted by or through the Website. The Company and its third party service providers may conduct these activities for technical support purposes and in order to enforce their policies and agreements. At the Company and its third party service providers’ sole discretion, they may decide to conduct these activities at various times or not at all.
Like many websites, the Company and its marketing partners, affiliates, analytics, and service providers use “cookies” to monitor visitors browsing the Website. Cookies allows the server to store its own information on the User’s own device/s. This information can be used to customize pages based on information provided by the User to the Website. Cookies may help the Company better serve Users with information tailored specifically for each User and for their return visit to the Website. Cookies are a typical part of web browsing today. Many websites that require users to type a password prior to entering a website use a cookie to facilitate the action. Additionally, many websites that do not require passwords also collect and utilize cookies. Users may be able to change the browser settings and options to stop accepting cookies or to prompt before accepting cookies. However, doing so may interfere with a User’s use of the Website and Services.
Use and Retention of Information
The Company uses the information it collects in order to administer and develop the relationship with Users. Unless a User requests to delete certain information, the Company will retain the information it collects for as long as needed for business and legal purposes.
Disclosure of Information to Coaches and Company
Similar to how a patient of a medical doctor’s office understands that their personal information will be shared with office staff, likewise the Client understands and agrees to the sharing of their personal information with Coaches and the Company. Client provides personal information when interacting with various functionalities of the Website and also during one-on-one conversations with Coaches.
By using the Website and Services, Users expressly consent to share their personal information with the Company and Coaches strictly for the purposes of conducting business, understanding the needs of Clients, and providing Services. Users understand that all information is subject to the Coach’s professional, ethical, and legal duties of confidentiality and responsibility, which are not monitored directly by 24:7 Friend due to the subcontractor relationship between Coach and Company.
Users understand that by choosing to contact a Coach, they authorize their personal and contact information to be shared with the Coach so that the Coach can contact them when necessary for the purpose of holding Scheduled Conversations or responding to Unscheduled Conversations.
When Clients sign up for services on the Website, they are required to answer a questionnaire, which may be referred to as a “Life Inventory” or another name, and the purpose of this questionnaire is to identify areas of life they would like to work on. Client responses will be shared with Coaches so that the Coaches can review the information and form a plan for moving forward with each Client. The Website is programmed so that Coaches can access this information only after Client interacts with Coach’s profile by clicking one of the three contact methods: Message, Schedule, or Talk buttons.
American Health Insurance Portability and Accountability Act (HIPAA) Compliance
For Clients living the United States, the U.S. Department of Health and Human Services (HHS) protects the privacy and security of certain health information through The Health Insurance Portability and Accountability Act of 1996 (HIPAA). As their website states, this Act “establishes national standards to protect individuals’ medical records and other personal health information and applies to health plans, health care clearinghouses, and those health care providers that conduct certain health care transactions electronically.”
While the Company does not require medical records from medical or healthcare providers, the Company or Coach may receive such information voluntarily from the Client or, with Client’s permission, from the Client’s healthcare provider. In the case that Client provides such information to the Company through the Website or to any Coach or in case Client authorises their healthcare provider to do so, the Company and Coach aims to protect the privacy and security of the protected health information.
As mentioned on their website, “Individuals, organizations, and agencies that meet the definition of a covered entity under HIPAA must comply with the Rules’ requirements to protect the privacy and security of health information and must provide individuals with certain rights with respect to their health information.”
The Company does not qualify as a “covered entity” under this rule and is therefore not obligated to its requirements, but the Company may at times qualify as what they call a “business associate”. Therefore, in accordance with legal requirements as a business associate, when a covered entity discloses a Client’s protected health information to the Company or to a Coach, the covered entity “will help the covered entity comply with some of the covered entity’s duties under the Privacy Rule,” as stated on the U.S. Department of Health & Human Services website.
The Company takes commercially reasonable means in order to protect the integrity and safety of the information Users provided. Transmission of sensitive information (such as a credit card number) is encrypted using secure socket layer technology (SSL). The Company also uses HTTP strict transport security to add an additional layer of protection for each User. However, there is no known method of transmission over the Internet, or method of storage, that is guaranteed to be secure. The Company cannot guarantee that third parties will not improperly access the database. Thus, while we strive to protect Users’ personal data, the Company cannot ensure and does not warrant the security of any information that Users transmit to the Company.
To protect their account from unauthorized access, A User should use unique numbers, letters, and special characters and not disclose their 24:7 Friend password to anyone. When a User shares their password or personal information with a third party, they are responsible for all actions taken in the name of that account. If a User loses control of their password, they may also lose substantial control over their personal information and may be subject to legally binding actions taken on their behalf. Therefore, if a User’s password has been compromised for any reason, they should immediately notify the Company and change their password.
Changes to the Policy
The Company reserves the right to replace, modify or amend this policy at any time as needed. Changes will be effective upon posting to the Website. Reviewing this policy from time to time is highly recommended. In the event that there are material changes to the way the Company treats Users’ personal information, the Company will send a notice prior to the changes becoming effective. The use of the Website and Services by a User following any change to this policy shall represent consent to the new policy to the fullest extent permitted by the law.
For any questions and concerns about this policy, please contact the Company via https://247friend.org/contact/ or mail directly to email@example.com.