Last updated on October 11th 2022.
MyHeartDiseaseTeam (also referred to as www.MyHeartDiseaseTeam.com or the "Platform") operated by MyHealthTeam, Inc. ("MHT," "we," "our," "us") respects the privacy of our users. We never sell your personal information to third parties.
We are a company established in the United States with a registered office at One Post Street, Suite 2250, San Francisco, CA 94104. For the purpose of the General Data Protection Regulation (the GDPR), we are the data controller. You can contact our Data Privacy Officer (DPO) at firstname.lastname@example.org should you have any issues in connection with personal information processed through our Platform.
Information We Collect From You
Information You Provide About Yourself:
To join the MyHeartDiseaseTeam community, you must provide a username (either your real name or a username that does not identify you), e-mail address, date of birth, and role (patient, parent, or spouse). While participating in the community, responding to a survey or poll, or otherwise using the Platform, you can also provide additional information such as your city, gender, profile image, diagnosis, treatment information, responses to questions, and other health-related information.
Technical and Usage Information:
We collect de-identified technical and activity information when you visit MyHeartDiseaseTeam. This data includes the kind of device you are using (phone, desktop computer, etc.), browser type, operating system, your IP address, time zone, pages you view, searches on the Platform, length of time on a page and page interaction information (scrolling, clicks, and mouse overs). This information will never be shared with anyone and is stored in a secure database.
Information You Provide as a Caregiver of a Child Under 18 Years of Age:
Information You Provide as a Caregiver of Your Spouse [or Other Family Member Above 18 Years of Age]:
Information You Provide about Doctors, Specialists or Other Providers:
We collect information such as name, e-mail address, phone number, business address and area of specialization of health care providers you add to our Platform directory.
Why We Collect Information and How Your Information May Be Viewed on the Platform:
This Platform is about connecting with and learning from other people going through the same thing as you. We provide areas on our Platform where you can post information about yourself and others, communicate with and ask questions of others, post recommendations for doctors or other establishments, and upload content (e.g., pictures, videos, audio files). Such postings are governed by our Terms of Service or TOS: https://www.myheartdiseaseteam.com/about/tos. This Platform is password protected, and your personal content is only visible to those who have signed up for an account.
All content you share on MyHeartDiseaseTeam can be viewed by all members of the MyHeartDiseaseTeam community. By joining the MyHeartDiseaseTeam community, you consent to the information you post being shared with all members of the MyHeartDiseaseTeam community.
While we encourage openness and transparency, you should only post content you are comfortable sharing with everyone else who has signed up for an account on MyHeartDiseaseTeam. We cannot control who reads your posts or what other users may do with the information you voluntarily post. We encourage you to exercise discretion and caution. Only post information that you are happy to share publicly.
Information You Provide About Yourself:
With your consent, we use the information that you provide to communicate with you, deliver the services that you have requested, connect you to the MHT social networks that you choose to join, and develop and display content tailored to your interests on our Platform. We also use your information to respond to customer service requests, provide technical support, and enforce our terms and conditions, based on our legitimate interest to ensure the proper functioning of our Platform and offer you the best experience as a member.
Information You Provide as a Caregiver About Your Child Under 18 Years of Age:
With your consent on behalf of your child, we use the information that you provide about your child to deliver the services you have requested, connect you to the MHT social networks you choose to join on the child's behalf, and develop and display content tailored to your child's condition on our Platform.
Information You Provide as a Caregiver About Your Spouse [or Other Family Members Over 18 Years of Age]:
Based on your representation of the consent from your spouse or other family members above 18 years old, or with your legal consent on their behalf, when applicable, we use their information to deliver the services you have requested, connect you to the MHT social networks you choose to join on their behalf, and develop and display content tailored to your interests on their behalf.
Information You Provide About Doctors, Specialists, or Other Providers:
Based on your and our legitimate interest to provide useful information for Platform users, we add information that you provide about doctors, specialists and other providers to our "provider directory" on the Platform. Note, however, that we are not a medical referral site and we do not recommend or endorse any particular provider or medical treatment. No information on our Platform should be construed as medical and/or health advice.
MyHeartDiseaseTeam is not a "covered entity" for purposes of determining applicability of the Health Insurance Portability and Accountability Act of 1996 (HIPAA) and the rules promulgated thereunder to the site and the treatment of user content (defined in the Terms of Service) provided by you.
Sharing Information Relevant to You:
If you have consented to receive e-mails, text messages, or phone calls from MyHeartDiseaseTeam, we may send you communications about features or services related to the use of this social network, as well as information on upcoming clinical trials, research, patient education, or other services relevant to you. We do not, however, share your contact information without your explicit consent. For instance, if you learn of a clinical trial opportunity through this social network and want to be contacted by a trial site near you, it would be up to you to either click through to the trial website and share your contact information there or provide your explicit consent to be contacted on a form provided by this social network. In some instances, anonymized information members share regarding side effects from medicines may be reported to manufacturers or regulators to further improvements in drug safety and efficacy, but no personally identifying information is shared without your explicit consent. Your privacy is paramount.
For more information about the cookies used on our Platform, the third-party service providers we use to gather such information, and reports that we receive based on the use of tracking technologies, please refer to our Cookies Policy.
How We Use or Share Your Information
MHT never sells personal information to third parties.
We do not share your personal information with others except as indicated below or when you have expressly consented and requested that we share such information on your behalf (for example if you have indicated interest in participating in a clinical trial, we may share your e-mail address with a clinical trial center.)
MHT shares your personal information with our authorized vendors, suppliers, partners, and sponsors only to the extent needed for them to provide their services to us for use on our Platform; they are not permitted to share or use your personal information for any other purposes. These Platform services include:
- With your explicit consent, business partners who may contact you about your interest in a clinical trial
- Services which help us understand how users engage with the Platform
- E-mail marketing services to create and send e-mails and advertise our services
- Help desk services for customer support
- Cloud services for backend storage
- Technology or survey services that help us better understand our users experience and which enables us to build and maintain our service with user feedback
MyHeartDiseaseTeam will share trends and insights based on de-identified content about the data on the social network to make sure real patients have a de-identified voice in shaping treatments for this condition. (This in no way includes any personally identifiable information.) We may, for example:,
- Partner with a pharmaceutical company developing therapies for a condition and share de-identified data or aggregated data from MyHeartDiseaseTeam that does not identify any of our users
- Report to our business partners, vendors, suppliers, or sponsors about the use of various aspects of our service
- Share insights with other users or prospective users of our service
- Use data to support advertisers and advertising networks to select and serve relevant advertisements on our MyHeartDiseaseTeam and other websites or services
Other Times MHT May Disclose Your Information:
MHT may disclose your information in response to a subpoena or similar investigative demand, a court order, or a request for cooperation from a law enforcement or other government agency – including to meet national security or law enforcement requirements, to establish or exercise our legal rights, to defend against legal claims, or as otherwise required by law. In such cases, we may raise or waive any legal objection or right available to us.
Disclosure may also be appropriate in connection with efforts to investigate, prevent, or take other action regarding illegal activity, suspected fraud, or other wrongdoing, to protect and defend the rights, property, or safety of our company, our users, our employees, or others, to comply with applicable law or cooperate with law enforcement, or to enforce our Platform terms and conditions or other agreements or policies.
In the event that we sell MyHeartDiseaseTeam or MyHealthTeam we will disclose your data to the prospective buyer of such business or assets. If we or substantially all of our assets are acquired by a third party, information held by us about our users will be one of the transferred assets to that third party.
Where We Store the Information We Collect
Our Platform is hosted in the United States and, based on your consent, the information you submit to us will be held by MHT in the United States.
Any onward transfers of your personal information by MHT to third service providers in the United States will be made either:
- In compliance with the E.U.-U.S. Privacy Shield framework as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of your personal data from European Union member states, in case the third service provider certifies that it adheres to the Privacy Shield Principles of notice, choice, accountability for onward transfer, security, data integrity and purpose limitation, access, recourse, enforcement, and liability. To learn more about the Privacy Shield program, please visit https://www.privacyshield.gov.
- Under the European Commission's model contracts for the transfer of personal data to third countries (i.e., the standard contractual clauses), pursuant to Decision 2010/87/EU. Please contact our Data Privacy Officer if you wish to examine the standard contractual clauses.
How Long We Store Your Data
We will retain your information as follows:
- Data that you provide to us about yourself – until you delete your data or your account, or, until such time as your account is inactive for a period of 10 years.
- Data that you provide to use as caregiver for your child under 18 years of age – until you deleted your data or your account, or, until such time as your account is inactive for a period of 10 years.
- Data that you provide to use as a caregiver about your spouse [or other family members above 18 years of age] – Until you delete your data or your account, or, until such time as your account is inactive for a period of 10 years.
- Data you provide about doctors, specialists, or other providers – Reviews you provide are removed if you delete that specific data, or deleted your account, and if an account remains inactive for one year, then we will delete your data after 10 years.
After you have terminated your use of our services, we may store your information in an aggregated format for up to 12 months via disaster recovery backups.
Your Rights Over Personal Information
Generally, a Platform user can review, update, and delete inaccuracies related to personal information through the user's MHT account interface by clicking: https://www.MyHeartDiseaseTeam.com
In certain circumstances, individuals also have the following rights under the GDPR as set out below:
Access and Portability
You have the right to know whether we process personal data about you, and if we do, to access data we hold about you and certain information about how we use it and who we share it with. (In some circumstances you are entitled to a copy of that data in commonly used machine-readable format, or you can ask us to send it to another provider or third party.)
Correction, Erasure and Restriction of Processing
You have the right to require us to correct any personal data held about you that is inaccurate and have incomplete data corrected. You can ask us to delete data
- Where you believe it is no longer necessary for us to hold the personal data
- Where we are processing your data on the basis of our legitimate interest and you object to such processing
- If you believe the personal data we hold about you is being unlawfully processed by us
You can ask us to restrict processing data we hold about you other than for storage purposes if you believe the personal data is not accurate (while we verify accuracy); where we want to erase the personal data as the processing we are doing is unlawful but you want us to continue to store said data; where we no longer need the personal data for the purposes of the processing but you require us to retain the data for the establishment, exercise or defense of legal claims or where you have objected to us processing personal data and we are considering your objection.
Withdrawal of Consent
You can withdraw the consent that you provided when you signed up to join the MyHeartDiseaseTeam community by deleting your account here: https://www.myheartdiseaseteam.com/users/account/edit. If you withdraw consent you will lose all access to the MyHeartDiseaseTeam Community.
You have the right to object to our processing of data about you, based on legitimate interests, and we will consider your request. Please provide us with detailed reasoning so that we can assess whether there is a compelling overriding interest for MHT to continue to process such data or whether we need to process it in relation to legal claims.
Newsletters, Clinical Trials, and Research
You have the right to ask us not to send you information about or not to process your personal data for purposes of our newsletter, clinical trial or research purposes. You can exercise your right to prevent such processing at any time by changing your email settings here: https://www.myheartdiseaseteam.com/users/account/email_notifications
If you wish to make a complaint about how we process your personal data, please contact us in the first instance at email@example.com and we will respond to your request. This is without prejudice to your right to launch a claim with the data protection supervisory authority in the EU country in which you live or work where you think we have infringed data protection laws.
You can exercise these rights by sending an email to firstname.lastname@example.org or by mailing MHT at the address listed in this policy. Before we respond to your request, we will ask you to verify your identity.
Privacy Statement — California
The California Consumer Privacy Act (CCPA) provides consumers (California residents) with specific rights regarding their personal information. We extend these rights to any member requesting such information. This section describes your CCPA rights and explains how to exercise those rights.
Access to Specific Information and Data Portability Rights
You have the right to request that we disclose certain information to you about our collection and use of your personal information over the past 12 months. Once we receive and confirm your verifiable consumer request, we will disclose to you:
- The categories of personal information we collected about you
- The categories of sources for the personal information we collected about you
- Our business or commercial purpose for collecting that personal information (We do not sell your personal information)
- The categories of third parties with whom we share that personal information (as listed above)
- The specific pieces of personal information we collected about you (also called a data portability request)
If we disclosed your personal information for a business purpose you may request a list of the disclosures for a business purpose, which identifies the personal information categories that each category of recipient obtained.
Deletion Request Rights
You have the right to request we delete any personal information we collected from you and retained, subject to certain exceptions. Once we receive and confirm your verifiable consumer request, we will delete (and direct our service providers to delete) your personal information from our records, unless an exception applies.
We may deny your deletion request if retaining the information is necessary for us or our service providers to:
- Complete the transaction for which we collected the personal information, provide a good or service you requested, take actions reasonably anticipated within the context of our ongoing business relationship with you, or otherwise perform our contract with you
- Detect security incidents; protect against malicious, deceptive, fraudulent, or illegal activity; or prosecute those responsible for such activities
- Debug products to identify and repair errors that impair existing intended functionality
- Exercise free speech, ensure the right of another consumer to exercise their free speech rights, or exercise another right provided for by law
- Comply with the California Electronic Communications Privacy Act (Cal. Penal Code § 1546 seq.)
- Engage in public or peer-reviewed scientific, historical, or statistical research in the public interest that adheres to all other applicable ethics and privacy laws, when the information's deletion may likely render impossible or seriously impair the research's achievement, if you previously provided informed consent
- Enable solely internal uses that are reasonably aligned with consumer expectations based on your relationship with us
- Comply with a legal obligation
- Make other internal and lawful uses of that information that are compatible with the context in which you provided it
Exercising Access, Data Portability, and Deletion Rights
To exercise the access, data portability, and deletion rights described above, please send an email to email@example.com or send us a written request via mail at the address listed in this policy. Before we respond to your request, we will ask you to verify your identity.
Only you, or a person registered with the California Secretary of State who you authorize to act on your behalf, may make a verifiable consumer request related to your personal information. You may also make a verifiable consumer request on behalf of your minor child.
You may only make a verifiable consumer request for access or data portability twice within a 12-month period. The verifiable consumer request must provide sufficient information that allows us to reasonably verify you are the person about whom we collected personal information or an authorized representative.
Describe your request with sufficient detail to allow us to properly understand, evaluate, and respond to it.
We cannot respond to your request or provide you with personal information if we cannot verify your identity or authority to make the request and confirm the personal information relates to you. Making a verifiable consumer request does not require you to create an account with us. We will only use personal information provided in a verifiable consumer request to verify the requestor's identity or authority to make the request.
Response Timing and Format
We endeavor to respond to a verifiable consumer request within 45 days of its receipt. If we require more time (up to 90 days), we will inform you of the reason and extension period in writing. If you have an account with us, we will deliver our written response via email to that account. If you do not have an account with us, we will deliver our written response by mail or electronically, at your option. Any disclosures we provide will only cover the 12-month period preceding the verifiable consumer request's receipt. The response we provide will also explain the reasons we cannot comply with a request, if applicable. For data portability requests, we will select a format to provide your personal information that is readily useable and should allow you to transmit the information from one entity to another entity without hindrance.
We do not charge a fee to process or respond to your verifiable consumer request unless it is excessive, repetitive, or manifestly unfounded. If we determine that the request warrants a fee, we will tell you why we made that decision and provide you with a cost estimate before completing your request.
We will not discriminate against you for exercising any of your CCPA rights. Unless permitted by the CCPA, we will not:
- Deny you goods or services
- Charge you different prices or rates for goods or services, including through granting discounts or other benefits, or imposing penalties
- Provide you with a different level or quality of goods or services
- Suggest that you may receive a different price or rate for goods or services or a different level or quality of goods or services
How We Protect Your Personal Information
This social network is password protected. The only content that search engines such as Google are able to see are anonymized versions of the Q+A section, and anonymized versions of the provider listings, and anonymized versions of the blog posts and resource sections.
We take appropriate security measures (including physical, electronic and procedural measures) to help safeguard your personal information from unauthorized access and disclosure. For example, only authorized employees are permitted to access personal information, and they may do so only for permitted business functions. In addition, we use firewalls to help prevent unauthorized persons from gaining access to your personal information.
While MHT strives to use commercially acceptable standards to protect personal information, MHT cannot guarantee absolute security. Therefore, although we take steps to secure your information, we do not promise, and you should not expect, that your personal information, searches, or other communications will always remain secure. Users should also take care with how they handle and disclose their personal information and should avoid sending personal information through insecure email. Please refer to the Federal Trade Commission's Consumer Advice at consumer.ftc.gov for information about how to protect yourself against identity theft.
Our Platform is for use only by those over the age of 18. If you are under the age of 18, you are not permitted to use our Platform. The conditions under which we process information of children below 18 years of age are described above.
How To Contact Us
MyHealthTeam One Post Street, Suite 2250, San Francisco, CA 94104 firstname.lastname@example.org