Privacy Statement

Last updated:  February 22, 2023

I.          Scope of this Privacy Policy

PatientPay, Inc. (“PatientPay,” “us,” “we” or “our”) respects your privacy. This Privacy Policy describes our practices with respect to Personal Information that we collect from you or that you provide to us when you visit our websites, www.patientpay.net, www2.patientpay.net and www.patientpay.com (the “Websites”), or sign up to use our online services for health care invoices or payments (“PatientPay Platform”).  As used in this Privacy Policy, “Personal Information” means information that identifies or that could be used to identify you, and “Services” means, collectively, the Website and the PatientPay Platform.

For certain information provided to us through the Site, we have entered into agreements, including Business Associate Agreements as required by HIPAA, with our third-party medical group clients (“Patient Providers”), which govern our use of such information. If you are a patient of a Patient Provider, this Privacy Policy does not govern our use of Personal Information (including Protected Health Information as defined below) provided to us by Patient Providers using the Services. Our use of such information is governed by our agreements with Patient Providers. If you have questions about the information practices of a Patient Provider that uses the PatientPay Platform for billing and payment purposes, please review the Patient Provider’s privacy policy or contact the Patient Provider directly for a description of how they use your Personal Information.   

II.         Personal Information We Collect

A.         Information We Collect Directly from You

We collect Personal Information that you choose to share with us when you use the Services, which may include the categories described below.

●      Registration Information: When you sign up for the Services and/or use the Services, you are required to provide information such as your name, username, password, phone number, and email addresses. In addition, you may be asked to provide optional information, including your doctor preference, to better assess the scope of our customers’ health needs and thereby enhance the Services experience.  You may also be required to submit credit card information to the Services to fulfill orders or other information required to validate orders through the Services, including potential information of a family member or other guarantor, if such a guarantor is paying and has granted you permission to enter their data through the Services.

●     Payment Information:  If you decide to purchase any services or products through the Services, we will need to collect your credit card number, credit card expiration date, credit card type (Visa, MasterCard, Discover or American Express account information), and billing name and address (“Payment Information”), in order to qualify and bill you for these services or products. In addition, you will provide us with information about your doctor, appointment time, and the services you intend to receive. For billing purposes, clinical data including Current Procedural Terminology (CPT) codes are also collected by the Services in connection with the processing of payments. 

●      Additional Information: Additional information that you may provide to us, such as through feedback, messages or emails sent to us, and/or answers to surveys or questionnaires that you may submit. 

B.         Location Information.  When you use the Services, we may collect information about your location, including general location information that may be associated with your device’s IP address (such as location derived from an IP address or data that indicates a city or postal code level), and with your consent, precise location data (such as latitude/longitude data). When you visit the Services via a native mobile application, we use, with your consent when required under applicable law, GPS technology (or other similar technology) to determine your current location in order to determine the city you are located in and display a relevant location map. We will not share your current location obtained in this manner with other users.

C.         Information We Collect from Third Parties.  In some cases, we receive Personal Information about you from third parties. For instance, your Patient Provider may provide Personal Information about you in connection with bills and payments for health care services provided to you.

Information We May Receive as a Business Associate

Patient Providers that use the Services are subject to laws and regulations governing the use and disclosure of information that is considered “Protected Health Information” or “PHI” under the Health Insurance Portability and Accountability Act of 1996 and the regulations promulgated thereunder and the Health Information Technology for Economic and Clinical Health Act of 2009 and the regulations promulgated thereunder (“HITECH”) (collectively referred to herein as “HIPAA”). If your Patient Provider uses the Services, your Patient Provider may share information about you, including your Personal Information or PHI, with us in accordance with and subject to the Patient Provider’s privacy policy and practices. With regard to such information, PatientPay will comply with the applicable provisions of HIPAA, to the extent such privacy laws are applicable to us as a “Business Associate” of a “Covered Entity” (as defined by HIPAA).

D.         Information We Collect Automatically from Your Use of the Services. We also may collect certain other information automatically when you use or access the Services, such as the following:

  • Browser and Device Information. Certain information may be automatically collected by most browsers or devices, such as information about user devices (such as IP addresses and MAC addresses), operating systems, and browsers.

  • Information Stored in Cookies and Web Beacons. The Services may also use available web-based technologies to collect Personal Information, such as cookies or web beacons. Cookies are pieces of information stored directly on users’ computers or devices. Cookies allow us to collect information such as browser type, time spent on the online services, pages visited, referring URL, and other traffic and usage data. We may also use cookies for purposes such as determining what features interest our users, revising our site features or operations, and as further described below. For more information, see our Cookie Policy at www.patientpay.com/cookie-policy.

  • Pixel Tags and Log Files. The Services may also use other tracking systems such as log files and pixel tags. For example, pixel tags, sometimes called web beacons, are similar in function to a cookie and can tell us certain information like what content has been viewed.

  • Information Collected in Connection with Analytics Technology. We may use various technologies to learn more about how visitors use the Services, such as Google Analytics. Google Analytics uses cookies to help us analyze how visitors use the Services. The information generated by the cookies about your use of the Services includes your IP address. If you so choose, you may be able to opt out by turning off cookies in the preferences settings in your browser. For more information on Google Analytics, including how Google Analytics collects, uses, and discloses information, refer to the following page: www.google.com/policies/privacy/partners/. We may also use other technologies to monitor your activities on our Services.

  • Location Information.
    When you use the Services, we may collect information about your location, including general location information that may be associated with your device’s IP address (such as location derived from an IP address or data that indicates a city or postal code level), and with your consent, precise location data (such as latitude/longitude data). When you visit the Services via a native mobile application, we use, with your consent when required under applicable law, GPS technology (or other similar technology) to determine your current location in order to determine the city you are located in and display a relevant location map. We will not share your current location obtained in this manner with other users.

We collect some of this information through tracking technologies such as cookies and web beacons. For more information, please see the “How We Use Cookies and Other Tracking Technologies” section below.

III.        How We Use Personal Information

We may use the Personal Informationthat we collect or receive through the Services for the following purposes: 

●               Providing billing services and processing your payments from healthcare providers, medical groups and other health care organizations;

●               Administering and processing orders and accounts relating to customers, subscribers, and suppliers of goods and services;

●               Responding to your questions and feedback;

●               Providing the services you select through the Services;

●               Contacting you, whether by email, postal mail, or telephone with information about the Services, our products or our services, , payment, or changes to our terms, conditions and policies;

●               For such purposes as you may authorize at the time you submit the information;

●               Auditing, research, and analysis to maintain, protect, and improve the Services;

●               Ensuring the technical functions of our network;

●               Improving and customizing the content and layout of the Services;

●               Developing new products and services;

●               Compiling Personal Information and other information collected through the Services on an aggregate basis;

●               Identifying potential customers or subscribers;

●               Analyzing and managing our workload or business activity;

●               Conducting market research analysis; and

●               Providing you with information about our products or services or the products and services we offer jointly with or on behalf of other organizations.

Mobile Phone Numbers. PatientPay will use your mobile phone number to call or send recurring text messages to you to provide you notifications about your account and to administer the Services. If you would like more information about our policy, or how to opt out, please review the “Your Choices” section below. You may be liable for standard SMS and per-minute charges by your mobile carrier. Patient Pay may also message you via push notifications (with your consent when required under applicable law), which you can opt-out of on your mobile device. Data rates may apply.

IV.        Disclosure of Your Personal Information We Share

We may disclose Personal Information we collect about you as follows.

●               In Connection with our Offerings.  The Services involve the sharing of certain Personal Information collected through the Services with (i) other users of the Services (such as your Patient Provider), and (ii) as you otherwise provide your consent. Information which you upload, post, e-mail, submit or otherwise transmit in connection with the Services to a public message board, chat area or other public area of the Services will be made public to users of the Services, including certain metadata related to such activities (such as timestamps).  You are solely responsible for any such information you choose to post on or through the Services.  All information that is posted to a message board, chat area, or other public area of the Services may be shared by us with (i) other users of the Services, and (ii) as you otherwise provide your consent. Please be aware that anything you share publicly may be further shared by other users of the Services (for example, by emailing a screenshot of your post to non-users).

●               Subsidiaries and Affiliates.  We may share Personal Information with our subsidiaries and affiliates for the purposes for which you provided the information or as reasonably necessary for our internal administrative and business purposes.

●               Service Providers.  We work with third parties that provide services on our behalf.  Such services may include payment processors, website hosting, marketing, and website usage analytics.  For example, we use certain third party providers to process your credit or debit card transactions, using the information that you provide. PatientPay may share Personal Information, including your payment information, with such third parties for the purpose of enabling such parties to provide such services. s.  

●               Consent.  We may share Personal Information in accordance with any consent you provide.

●               Certain Transactions.  We may disclose or transfer Personal Information or any information collected through this Services to third parties who acquire all or a portion of our business, whether such acquisition is by way of merger, consolidation, or purchase of all or a portion of our assets, or in connection with any bankruptcy or reorganization proceeding brought by or against us. 

●      PatientPay Business Partners.  PatientPay collects information from this Site and may share that information with partners at the direction and request of its partners, such as doctor’s offices, who are offering our service to their users. For example, we will share the information you provide at our site with the doctor's offices where you set appointments. The Personal Information PatientPay provides to its partners is subject to our partners' privacy policies once it is in their possession. These partners maintain their own privacy policies.  PatientPay does not exercise any control over, and is not responsible for, the privacy practices of these partners.

Required by Law. If we have a good faith belief that such action is necessary to comply with a judicial proceeding, a court order, warrant, administrative order, civil investigative demand, subpoena or other valid legal process, PatientPay may disclose information about you such as IP addresses, Personal Information or any contents of PatientPay, or when PatientPay has a good faith belief that disclosure is necessary or appropriate to prevent physical harm or financial loss or in connection with an investigation of suspected or actual illegal activity.

●               Other. Subject to our compliance with applicable law, we may disclose any messages or other information that you transmit for the purposes of (i) enforcing our agreement terms; (ii) complying with any laws, regulations or rules of any federal, state or local government or agency; (iii) responding to claims that any messages or other information violate the rights of third parties; or (iv) protecting the rights or property of PatientPay, its affiliates, its customers and the public.

V.         Aggregate Information 

We may compile de-identified Personal Information and other information collected through the Services on an aggregate basis.  This information may include, without limitation, the number of users who have registered for the Services and demographic information about users of the Services.  Such aggregate information does not identify you individually.  We may use aggregate information and share aggregate information with third parties for any of the purposes specified in this Privacy Policy, and for any other lawful purpose.

VI.        How We Use Cookies and Other Tracking Technologies

We collect information about your use of the Services through tracking technologies such as cookies and web beacons. A “cookie” is a unique numeric code that is transferred to your computer to track your interests and preferences and to recognize you as a return visitor. A “Web beacon” is a transparent graphic image placed on a website, e-mail or advertisement that enables the monitoring of things such as user activity and site traffic.

We and third parties with whom we work may use cookies and web beacons on the Services to improve user experience, to help remember your preferences and allow us to bring you the content and features that are likely to be of interest to you, and to analyze the use of our Services and to improve the Services’ functionality. These third parties may collect information about your online activities over time and across different Web sites.

VII.       Children

We do not knowingly allow individuals under the age of 13 to create accounts that allow access to the Services.

VIII.      Updating Personal Information

You may request access to, request corrections of, or ask for deletion of Personal Information collected, used, or stored on the Services, and Patient Pay may comply with the request in its discretion.  If you are a patient, PatientPay does not have the right to delete medical information that is controlled by your healthcare provider. Please refer to your Patient Provider’s privacy policy or notice of privacy practices or contact them directly to make a request about your health information.

To make such a request, please How to Contact Us using the information below.

IX.        Our Global Practices

We process and store your Personal Information in the United States. By your use of the Services, you acknowledge that we will maintain your Personal Information in jurisdictions which may have different data protection rules than in your country, and that your Personal Information may become accessible as permitted by law in those jurisdictions, including to law enforcement and/or national security authorities. 

X.         Your Choices

We provide you with choices with regard to your Personal Information. For example, you can choose not to give us the Personal Information we request. However, in some cases, if you decide not to provide the information we request, we will not be able to provide the service or information you requested.

Other examples of your choices include:

  • You can browse the Services without registering or directly submitting any information to us (although we may still collect some limited information automatically, as described above);

  • You may opt out of receiving our messages at any time by using the opt-out mechanism provided in the message. Even if you opt-out of receiving promotional communications, we will continue to send you non-promotional communications, such as those about your account, Engagements, transactions, servicing, or our ongoing business relationship with you;

  • You may change your browser settings or take other steps to block, manage, or delete cookies. The Services do not currently respond to browser “do not track” signals, so you will need to use your browser settings to effectively manage cookies. In some cases, blocking or disabling cookies may cause the Services not to work as intended and some features may not be available; and

·       You may access, update, and correct inaccuracies in your Services profile at any time by contacting your medical provider.

XI.        Links to Other Websites and Services

The Services may contain links to other third-party websites and services. These websites and services are not subject to this Privacy Policy. They are not controlled by PatientPay and we are not responsible for their content or their privacy policies, which may differ from ours. We have not reviewed and make no representations about the accuracy of information on third-party websites, or about their information handling practices. Visits you make to these websites are at your own risk, and we encourage you to review their privacy policies.

XII.       Information Storage and Security

This Services are operated from a secure environment with integrated security measures to help protect against the loss, misuse, and alteration of Personal Information provided on or through this Services.  PatientPay uses Secure Socket Layer (SSL) technology for this Services to provide security during transmissions of personal information. No method of transmitting or storing data is completely secure. As a result, although we have security measures in place to protect your Personal Information, we cannot guarantee the security of any information you transmit to us through or in connection with this Services. If you have reason to believe that your Personal Information is no longer secure, please notify us immediately by contacting us in accordance with the last section below. In addition, we request that you do not send Personal Information to us by email. Instead, please use the online forms within the Services. We cannot protect the security of your emails before they reach us.

XIII.      How to Contact Us

If you have any questions or comments about this Privacy Policy or if you need to report a problem, please contact us at or using the information below. Please include your name, contact information, and the nature of your request so that we can respond appropriately and promptly to your communication.

‍PatientPay, Inc

Attention: Contract Notices

600 Park Offices Dr

Suite 300

PO Box 13965

Durham, NC 27709

Email:  privacy@patientpay.com

XIV.      Modifications to this Privacy Policy

We reserve the right to change the terms of this Privacy Policy at any time. Any changes to this Privacy Policy will be reflected on this page with a new “Last Updated” date. We encourage you to review this Privacy Policy regularly for any changes. Your continued use of the Services after we post changes is deemed to be acceptance of those changes.

Effective Date: February 22, 2023

Last Updated: February 01, 2020