This Privacy Notice summarizes the privacy practices that Data Method, Inc. (“Datamethod”) applies to data it collects from visitors to its website (“Site Data”) at https://www.datamethod.com (the “Site”) and to data it collects or accesses from its clients (“Services Data”) in connection with providing Datamethod’s software products, software-as-a-service solutions, customer support, and consulting services (collectively, the “Services”). By using the Site and the Services, each Site visitor and Client end-user accepts and agrees to the practices described in this Privacy Notice. Specific terms relating to Services Data may be included in the applicable commercial agreements (each, a “Client Agreement”) between Datamethod and its clients (each, a “Client”). In the event of conflict between a Client Agreement and this Privacy Notice, the Client Agreement shall control.

Website Data. Website Data consists of information visitors to the Site provide by filling out forms on the Site, such as a demo-request form or a feedback form. Datamethod uses such Website Data to respond to the applicable request or feedback and does not sell or otherwise share with third parties any personal information that may be contained in Website Data.

Datamethod uses Google Analytics to evaluate aggregated, non-personal information about Site visitors, such as referring websites, general demographic information, and Site usage. To be able to provide its services, Google Analytics places browser cookies on the storage units of Site visitor’s computers or other devices used to view the Site. Site visitors can delete or block cookies by following instructions provided by the supplier of their browser. Information about how Google Analytics collects and processes data is available at www.google.com/policies/privacy/partners/.

Services Data. Services Data consists of information Clients provide in connection with their use of the Services. This includes client-relationship information, such as user names, contact information, roles, authorizations, and configuration data, all of which are determined and managed by the applicable Client. Datamethod places session cookies to capture user settings and related information. Session cookies expire automatically. Datamethod uses client-relationship information to communicate with Clients, provide support, and configure and deliver the Services in accordance with the applicable Client Agreement.

Services Data also includes claims and audit information that is delivered or otherwise made available by Clients and processed by Datamethod as necessary to deliver the Services in accordance with the applicable Client Agreement. Claims-audit information required by Datamethod in order to deliver the Services does not include patient names or any other information that could enable Datamethod to identify an individual patient associated with a claim or group of claims being audited using the Services, and Datamethod does not use or intentionally process any such information. Clients should not include or attempt to include any such information, whether in form fields or attachments or otherwise, in providing Services Data to Datamethod. Claims-audit information provided by each Client is retained for a period determined mutually by Datamethod and the Client. All applicable audit workflows, rules, data fields and field values are determined and managed by the Client. Datamethod’s access to Services Data is based on job role/responsibility. Client access to Services Data residing in Datamethod systems is controlled via an access control list mechanism. As each Client determines its internal use of Services Data and controls access to Services Data by its end-users, end-users should direct any requests related to their personal information to the applicable Client.

Datamethod technical staff may require access to Services Data and results to monitor system performance, test systems and develop and implement upgrades to the Services. In addition, Datamethod may use aggregated Services Data or results to analyze the performance and functionality of the Services, suggest improvements in how customers configure applicable elements of the Services, and streamline processes. Any temporary copies of Services Data created as a necessary part of these processes are retained only for the time periods relevant to such processes.

All Services Data is stored and processed by Datamethod in the U.S. and is encrypted, both in transit and at rest. Datamethod offers its Services for use solely in connection with U.S.-based claims and claims auditing.

Notwithstanding the foregoing, Datamethod may transfer, access and/or process Services Data globally as required for the purposes specified in the applicable Client Agreement and this Privacy Notice or otherwise at the applicable Client’s direction. If Datamethod engages subcontractors to assist in providing Services, their access to and use of Services Data will be consistent with the terms of the applicable Client Agreement and this Privacy Notice.

Datamethod may disclose Services Data if ordered to do so by a court or other governmental authority of competent jurisdiction. Datamethod reserves the right to retain, use or disclose Services Data to the extent necessary, as determined by Datamethod in its reasonable discretion, in order to protect the health and safety of Datamethod employees, a Client’s employees, or the general public, or to enforce its rights or defend against claims associated with Client Agreements or to comply with applicable law or regulations.

Datamethod does not use Services Data except as stated above or as provided in the applicable Client Agreement. Datamethod processes Services Data but does not control any Client’s information-collection or use practices for Services Data. Each Client is responsible for complying with applicable law and regulations and for providing any notices and/or obtaining any consents necessary for Datamethod to access and use Services Data as specified in this Privacy Notice and the applicable Client Agreement.

Modifications to This Privacy Notice. Datamethod reserves the right to modify or supplement this Privacy Notice at any time. The most recent version of this Privacy Notice will appear on the Site and will include the relevant modification date. Continued use of the Site or the Services after a new version of this Privacy Notice has been posted constitutes acceptance by the applicable Site visitor or Client of such version.

Contact. If you have any questions about this Privacy Notice or Datamethod’s privacy practices relating to Website Data or Services Data, please contact Datamethod’s Corporate Privacy Contact at: compliance@datamethod.com
Current as of September 11, 2018.