Privacy Policy
Last updated: December 12, 2025
This privacy notice for LN Welsh MD Anesthesiologist, LLC (we, us, or our) describes how and why we collect, store, use, and share (process) personal information when you use our services (Services), such as when you:
- Download and use our mobile application, PreOpApp™, or any other application of ours that links to this privacy notice
- Visit our websites or web portals that link to this privacy notice
- Engage with us in other related ways, including sales, marketing, customer support, or events
Questions or concerns? Reading this privacy notice will help you understand your privacy rights and choices. If you do not agree with our policies and practices, please do not use the Services. You can contact us with questions at privacy@preopapp.com. If you are located outside the United States, you may have additional rights under your local laws; see the Your Privacy Rights section below.
Controller. Unless we state otherwise, LN Welsh MD Anesthesiologist, LLC, can be reached at support@preopapp.com, is the controller responsible for processing your personal information for the purposes described in this notice.
Summary of key points
What personal information do we process? When you visit, use, or navigate the Services, we may process personal information depending on how you interact with us and the Services, the choices you make, and the products and features you use. This may include account and contact information, device and usage data, and application data. For clinical features, we may also process patient- or guardian-provided information and instructions synchronized from a healthcare provider’s electronic medical record (EMR) relevant to a scheduled procedure. Do we process any sensitive personal information? Yes. When necessary and permitted by law (and, where required, with appropriate consent), we may process sensitive information related to a child’s perioperative preparation, including data synchronized from a hospital’s EMR or patient portal for preoperative instructions and screening.
Do we collect information from third parties? Yes. With appropriate authorization, we may receive information from healthcare providers and their electronic medical record systems (for example, schedule changes, fasting instructions, and illness protocols) and, where enabled, from patient portals.
How do we process your information? We process information to provide, improve, and administer the Services (including real-time updates, notifications, and educational content), communicate with you, enhance safety and fraud prevention, and comply with law. We may also process information for other purposes with your consent.
In what situations and with which parties do we share personal information? We may share information as needed to deliver the Services and clinical integrations (for example, with your healthcare providers and their service platforms), to comply with law, or with your consent.
How do we keep your information safe? We use organizational and technical safeguards designed to protect personal information, including encryption and secure token exchange for EMR connectivity. However, no system is 100% secure, and we cannot guarantee protection against all unauthorized access. What are your rights? Depending on your location, you may have rights regarding access, correction, deletion, portability, objection, and restriction of processing, as well as choices about consent and communications.
How do you exercise your rights? You can submit a data subject request through our designated request method or contact us at privacy@preopapp.com. We will consider and act on any request in accordance with applicable data protection laws.
Table of Contents
- WHAT INFORMATION DO WE COLLECT?
- HOW DO WE PROCESS YOUR INFORMATION?
- WHAT LEGAL BASES DO WE RELY ON TO PROCESS YOUR PERSONAL INFORMATION?
- WHEN AND WITH WHOM DO WE SHARE YOUR PERSONAL INFORMATION?
- DO WE USE COOKIES AND OTHER TRACKING TECHNOLOGIES?
- HOW LONG DO WE KEEP YOUR INFORMATION?
- HOW DO WE KEEP YOUR INFORMATION SAFE?
- DO WE COLLECT INFORMATION FROM MINORS?
- WHAT ARE YOUR PRIVACY RIGHTS?
- CONTROLS FOR DO-NOT-TRACK FEATURES
- DO UNITED STATES RESIDENTS HAVE SPECIFIC PRIVACY RIGHTS?
- DO WE MAKE UPDATES TO THIS NOTICE?
- HOW CAN YOU CONTACT US ABOUT THIS NOTICE?
- HOW CAN YOU REVIEW, UPDATE, OR DELETE THE DATA WE COLLECT FROM
1. What Information Do We Collect?
Personal information you disclose to us
In Short: We collect personal information that you provide to us.
We collect personal information that you voluntarily provide when you register for the Services, request information about our products or Services, participate in activities on the Services, or otherwise contact us.
Personal Information Provided by You. The personal information we collect depends on how you interact with the Services, the choices you make, and the features you use. This may include:
- Names
- Email addresses
- Phone numbers
- Usernames and account credentials for your account on the Services (we do not collect or store your patient-portal credentials)
- Contact or authentication data
- Usability and communication preferences
- Billing address and payment details if you make purchases through the
Services (payment card information is processed by our payment processor;
we do not store full card numbers)
Guardian Information. If you are a parent or legal guardian using the Services for
a child, we may collect:
- Relationship to the child, preferred language, and contact preferences
- Scheduling preferences, reminder settings, and confirmations of readiness
or task completion
Child Information Used for Clinical Preparation. Our neutral age screen routes users 13–17 to a teen experience; we may collect parent/guardian authorization where required by provider policy or law. For features related to clinical preparation, and only as necessary for those features, we may collect:
- Name or initials and basic identifiers needed to match records
- Procedure date/time and facility information
- Relevant medical history provided by you (for example, illness screening responses)
- Allergies, current medications, and special instructions you provide.
- Information from Your Healthcare Provider or Patient Portal (with authorization). With your authorization, we may receive limited information from your healthcare provider’s electronic medical record or patient portal that is necessary to deliver the Services, such as:
- Appointment details and updates (for example, schedule changes)
- Preoperative instructions (for example, fasting/NPO guidance, illness protocols)
- Allergy and medication lists and care-team contact details
- Where enabled by your provider, certain readiness confirmations or screening outcomes you submit through the Services may be sent back to your provider.
Information You Provide via Screening and Communications. This includes illness screening answers, symptom or status updates, messages you send through the Services, and responses to educational or preparation checklists.
Application and Device Data. We automatically collect certain information when you use the Services, such as:
- Device and app identifiers, operating system, app version, time zone, and language settings
- Usage data and analytics (for example, feature use, frequency, and timing)
- Push-notification tokens used to deliver reminders and alerts
- Diagnostic, crash, and performance logs
- IP address and general location derived from your device or IP (if enabled in your settings)
Optional Mobile Permissions. Depending on how you use the Services, you may choose to allow access to:
- Camera or photo library (for uploading documents or images relevant to preparation)
- Motion/haptics (to enable certain engagement experiences)
- Notifications (to receive reminders and updates)
- You can manage or revoke these permissions in your device settings.
Sensitive Information. When necessary, with appropriate authorization or consent and as permitted by applicable law, we process sensitive information related to a child’s clinical preparation, including procedure-related instructions and health data received from or sent to your healthcare provider. Some of this information may be handled by your provider as protected health information.
Application Data. If you use our mobile application, we may collect the following information if you grant access or permission in your device settings:
- Notifications. We may send push notifications related to your account and time-sensitive features (for example, reminders and updates). You can turn these off in your device settings.
- Camera/Photos. If you choose to upload documents or images relevant to preparation, we request access to your camera or photo library. You can disable this access in your device settings.
- Motion/Haptics. Certain engagement features may request access to motion sensors and haptic feedback. You can disable this in your device settings.
- Location (optional). We do not collect precise geolocation by default. If you enable location for optional features (for example, facility directions or location-based reminders), your device may share location data while those features are in use. You can change this at any time in your device settings.
- Diagnostic and performance data. We collect app and device identifiers, crash logs, and usage diagnostics to maintain security, troubleshoot issues, and support internal analytics and reporting.
We do not access your contacts or patient-portal passwords. You can change or revoke any app permissions at any time in your device settings.
All personal information that you provide to us must be true, complete, and accurate, and you must notify us of any changes to such personal information.
Information automatically collected
In Short: We collect limited device, usage, and diagnostic data automatically when you use the Services to keep them secure and functioning and to support analytics.
We automatically collect certain technical information when you visit, use, or navigate the Services. This information does not directly identify you (such as by name or email) but may include:
- IP address (and general location inferred from IP)
- Device and app identifiers, operating system, app version, time zone, and language settings
- Browser or device type, hardware model, mobile carrier or ISP, and system configuration
- Usage data (for example, pages or screens viewed, features used, session dates/times, and referring/exit pages)
- Diagnostic and performance data (for example, crash logs and error reports)
How we collect this: We use server logs, cookies, software development kits (SDKs), and similar technologies. See the Cookies and Similar Technologies section for details and your choices.
Location: We infer general location from your IP address for security, fraud prevention, and analytics. We do not collect precise GPS location as part of automatic collection. If you enable precise location for optional features, that is covered in Application Data.
Why we collect this: To maintain security and operation of the Services, measure and improve performance, troubleshoot issues, and support internal analytics and reporting.
2. How Do We Process Your Information?
In Short: We process your information to provide, improve, and administer our Services, communicate with you, enhance security and fraud prevention, and comply with law. We may also process your information for other purposes with your consent.
We process your personal information for a variety of reasons depending on how you interact with the Services, including:
To facilitate account creation and authentication and manage user accounts.
We process your information so you can create and log in to your account and keep your account in working order.
To deliver the Services and related features.
This includes delivering clinical preparation workflows (for example, checklists, reminders, educational content) and recording your preferences and completion status.
To synchronize with your healthcare provider (when authorized).
We receive procedure-specific details and instructions from electronic medical record or patient portal systems and, where enabled, send back readiness confirmations or screening outcomes necessary to support your care.
To communicate with you.
We send service-related messages and push notifications (for example, reminders, schedule updates), respond to inquiries, and provide customer support.
To enable communications with your care team (where integrated).
If messaging or forms are enabled, we process your submissions to route them to your provider or their service platforms.
To personalize your experience.
We use your settings, language, and usage patterns to tailor content, reminders, and in-app guidance.
To protect the Services and users.
We process information for security monitoring, fraud and abuse prevention, incident detection, and to enforce our terms and policies.
To analyze, improve, and develop the Services.
We use aggregated and de-identified analytics, diagnostics, and usage data to understand performance, fix bugs, and improve features. We may run limited testing and measurement to evaluate changes.
To process payments (if purchases are available).
If you make purchases, we process necessary billing information via our payment processor and maintain related transaction records.
To comply with legal, regulatory, and contractual obligations.
We process information to meet recordkeeping, reporting, and audit requirements and to respond to lawful requests.
To save or protect an individual’s vital interests.
We may process information when necessary to prevent harm or address safety concerns.
Note: How we share information with third parties is described in the “When and with whom do we share your personal information” section; we avoid restating that here.
3. What Legal Bases Do We Rely on to Process Your Information?
In Short: We process your personal information only when we believe it is necessary and we have a valid legal reason to do so under applicable law (for example, with your consent, to comply with laws, to provide the Services or perform a contract, to protect rights and safety, or to pursue legitimate business interests).
If you are located in the EU or UK, this section applies to you.
The GDPR and UK GDPR require us to explain the legal bases we rely on to process your personal information. Depending on the context, we rely on one or more of the following:
Consent. We process information with your consent for specific purposes (for example, enabling optional app permissions, sending certain communications, or processing special-category data where consent is required). You can withdraw consent at any time in your account or device settings, or by contacting us.
Performance of a contract. We process information as necessary to provide the Services you request, operate your account, synchronize authorized information needed for your preparation workflow, and provide customer support.
Legitimate interests. We process information for purposes that are necessary to operate and improve the Services and that are not overridden by your rights and interests. Examples include service security, fraud prevention, service analytics and diagnostics, and personalization that you would reasonably expect.
Legal obligations. We process information where required to comply with applicable laws and regulatory requirements, such as recordkeeping, responding to lawful requests, or meeting audit and reporting obligations.
Vital interests. We may process information when necessary to protect an individual’s vital interests, such as addressing urgent safety concerns.
Special-category data (EU/UK). When we process special-category data (for example, health-related information involved in clinical preparation), we rely on one or more of the following GDPR/UK GDPR bases, as applicable to the specific integration: your explicit consent; provision or management of health or social care by or under the responsibility of a professional subject to a duty of confidentiality; vital interests where you are incapable of giving consent; or reasons of substantial public interest under applicable law. Details about what health-related data is processed are described in the “What information do we collect” section; how we share it is described in the “When and with whom do we share your personal information” section.
International transfers. If you access the Services from the EEA/UK/Switzerland, your information may be transferred to countries (including the United States) that may not provide the same level of data protection. We use appropriate safeguards for these transfers, such as European Commission–approved Standard Contractual Clauses and supplementary measures. You can request a copy or summary of the safeguards by contacting us at support@preopapp.com.
If you are located in Canada, this section applies to you.
We process your information with your consent, which may be express or implied depending on the context and applicable law. You may withdraw consent at any time, subject to legal or contractual restrictions and reasonable notice.
In limited circumstances, we may process your information without consent where permitted by law, for example: where collection is clearly in an individual’s interests and consent cannot be obtained in time; for investigations and fraud detection and prevention; for certain business transactions subject to statutory conditions; to comply with subpoenas, warrants, court orders, or other lawful requests; where seeking consent would compromise the availability or accuracy of the information for an investigation; or where otherwise authorized or required by applicable federal or provincial privacy laws.
Note: Additional details about how long we keep information, how we share information, and your choices and rights are provided in the Retention, Sharing, and Your Privacy Rights sections, respectively.
4. When and With Whom Do We Share Your Personal Information?
In Short: We share information only as needed to operate the Services, comply with law, protect rights and safety, or with your direction or consent.
We may share your personal information in the following situations:
With your healthcare provider and their systems (when authorized).
To support clinical preparation, we exchange limited, necessary information with your healthcare provider, their care team, and integrated electronic medical record or patient portal systems (for example, appointment updates, preparation instructions, and your readiness confirmations or screening outcomes).
With service providers that work on our behalf.
We share information with vendors that host and operate the Services; deliver notifications; provide analytics, diagnostics, and crash reporting; process payments (if purchases are available); provide customer support tools; and help us secure and maintain the Services. These providers are contractually required to use your information only as instructed.
With enterprise/institutional customers (if your access is provisioned through them).
If your account is provided by a hospital or similar organization, we may share usage, status, or configuration information with that organization, consistent with our agreement and your settings.
For legal, compliance, and safety.
We may share information to comply with applicable law and lawful requests; to protect the rights, privacy, safety, or property of you, us, or others; to enforce our terms and policies; and to detect, prevent, or address fraud, abuse, or security issues.
Business transfers.
We may share or transfer information in connection with, or during negotiations of, a merger, sale of assets, financing, or acquisition of all or part of our business.
With affiliates.
We may share information with our affiliates (companies under common ownership or control) that support service delivery, subject to this notice.
With your direction or consent.
We share information when you ask us to, such as inviting another guardian, enabling messaging to your care team, or connecting a third-party service.
Aggregated or de-identified information.
We may share aggregated or de-identified data that does not identify you.
Healthcare integrations.
HIPAA status: PreOpApp™ itself is not a “covered entity” under HIPAA (we are not a hospital, health plan, or healthcare clearinghouse). When we provide integrated clinical features to a healthcare provider under a Business Associate Agreement (BAA), we act as that provider’s business associate and comply with the HIPAA Privacy, Security, and Breach Notification Rules for protected health information (PHI). For direct to-consumer use where HIPAA may not formally apply, we still implement comparable technical and organizational safeguards and do not use health-related information for advertising or unrelated purposes.
Notably, we do not sell your personal information, we do not run third-party advertising or “offer walls,” and we do not share your patient-portal passwords. If location or mapping features are used, only the minimal data necessary to fulfill that request is shared with the mapping provider, and only when you engage those features.
5. Do We Use Cookies and Other Tracking Technologies?
In Short: Yes. We use cookies on our websites and software development kits (SDKs) in our mobile app to keep the Services secure and reliable, remember your preferences, and measure performance. We do not use third-party advertising technologies.
Websites (cookies and similar tech). We use:
Strictly necessary cookies to enable core functions (for example, sign-in, security, load balancing).
Functional cookies to remember settings (for example, language).
Analytics/performance cookies to understand usage and improve the Services.
Mobile app (SDKs). We use:
Security and diagnostics SDKs for crash reports, debugging, and fraud/abuse prevention.
Analytics SDKs to measure feature usage and performance in aggregate.
We do not use advertising SDKs, and we do not share mobile analytics data for third-party advertising.
Your choices:
Browser: You can block or delete cookies in your browser. Some features may not work without required cookies.
Consent banner (where shown): You can set or change cookie preferences at any time.
Mobile app: You can disable analytics in the app settings (if available) or limit app tracking in your device settings.
Do Not Track/Global Privacy Control: For web, where technically feasible, we honor recognized browser signals for opt-out preferences.
US state law notice. We do not “sell” or “share” personal information for cross- context behavioral advertising. If this changes, we will update this notice and provide a clear opt-out mechanism.
For details about retention and the categories of data we collect, see “What information do we collect.” How we disclose information is described in “When and with whom do we share your personal information.”
6. How Long Do We Keep Your Information?
In Short: We keep your information only as long as needed for the purposes described in this notice, unless a longer period is required by law or contract.
We retain personal information only for as long as necessary to: (a) provide the Services and support your account; (b) fulfill legal, regulatory, tax, or accounting obligations; (c) resolve disputes; and (d) enforce our agreements. We do not keep personal information longer than necessary.
If your access is provided through a healthcare organization, that organization may control certain records (for example, clinical preparation data that forms part of the medical record). In those cases, we follow the organization’s retention requirements and our contract with them.
When we no longer have an ongoing need to process personal information, we will delete or de-identify it. If immediate deletion is not possible (for example, data in backup archives), we will securely store it and isolate it from further processing until deletion is possible, following our backup lifecycle.
Typical retention periods:
Account/profile data: kept while your account is active and for 2 years after closure.
Communications/support tickets: 2 years.
Diagnostics and raw logs: 90 days (then aggregated/de-identified).
Clinical preparation data synchronized with a provider: retained per provider policy and contract.
Clinical preparation data held by us (if applicable): 7 years.
Transaction/billing records (if purchases are available): 7 years (tax/accounting).
Encrypted backups: lifecycle up to 35 days.
Aggregated/de-identified analytics: retained without a set limit (no re- identification).
We may retain de-identified or aggregated data that does not identify you for legitimate business purposes.
7. How Do We Keep Your Information Safe?
In Short: We protect personal information using a combination of organizational and technical safeguards designed to keep the Services secure and reliable.
We implement appropriate security measures to protect personal information we process, including:
Encryption in transit and at rest for personal information handled by the Services
Access controls based on least privilege, with role-based permissions and multi- factor authentication for administrative access
Network and application security controls, including firewalls, rate limiting, and automated threat detection
Secure development practices, code review, and dependency management
Logging and audit trails for key system and data-access events
Vulnerability management and regular security testing
Business continuity and encrypted backups with defined retention and restoration procedures
Vendor due diligence and contractual safeguards for service providers that handle personal information on our behalf
For integrated clinical features, we use secure token-based connections with healthcare systems and do not store patient-portal passwords.
Despite our safeguards, no method of electronic transmission or storage is completely secure. We cannot guarantee that unauthorized third parties will never be able to defeat our security. If a security incident that affects your information occurs, we will investigate and notify you and/or applicable parties as required by law and our agreements.
Your steps matter too: keep your device and account credentials secure, use strong passwords, enable device-level security (such as a passcode or biometric lock), and review your app permissions regularly.
We host the Services on HIPAA-eligible U.S. cloud infrastructure. Personal information is encrypted in transit and at rest, and stored and backed up in the United States. Our hosting and security vendors are under contracts requiring confidentiality, security, and no secondary use.
8. Do We Collect Information From Minors?
In Short: Teens ages 13–17 may create their own accounts. Children under 13 may use the Services only through a parent or legal guardian’s account and may not create their own accounts. Parents or legal guardians may request deletion of a teen’s account or child-related information at any time.
We provide the Services for use by parents or legal guardians to help prepare a child for care, and for use by teens ages 13–17 as appropriate for their age. When a teen creates an account, we collect only the information necessary to operate the teen experience and provide the related clinical preparation and educational features. Teens may delete their own accounts at any time, and parents or legal guardians may request access to or deletion of a teen’s account by contacting us at support@preopapp.com, subject to applicable law and any requirements of a healthcare organization involved in the teen’s care.
Children under 13. We do not permit children under 13 to create their own accounts. A child under 13 may use the Services only through a parent or legal guardian’s account. We do not knowingly collect personal information directly from children under 13. Any information related to a child under 13 is provided by a parent or legal guardian through their own account. Parents can review, update, or delete a child’s information by contacting us at support@preopapp.com
If we learn that an account was created by someone under 13, we will deactivate the account and delete the associated personal information from our records.
Teens ages 13–17. Teens ages 13–17 may create and use their own accounts. In certain healthcare integrated features, involvement of a parent or legal guardian may be required by provider policy or applicable law. Teens may delete their accounts at any time by contacting us at support@preopapp.com. Parents or legal guardians may also request deletion of a teen’s account or related personal information.
We do not sell or share minors’ personal information and do not use minors’ information for targeted advertising.
9. What Are Your Privacy Rights?
In Short: Depending on your place of residence, you may have rights that allow you greater access to and control over your personal information. You may review, change, or terminate your account at any time, subject to applicable law.
EU/UK/Switzerland/Canada
If you are located in the EEA, UK, Switzerland, or Canada, you may have some or all of the following rights under applicable law: access, correction (rectification), deletion (erasure), restriction of processing, portability, and objection to certain processing (including direct marketing). You also have the right not to be subject to a decision based solely on automated processing where it produces legal or similarly significant effects. You can exercise these rights by contacting us using the details in the “How can you contact us about this notice?” section. If you believe we are processing your personal information unlawfully, you may lodge a complaint with your local supervisory authority. You may withdraw consent at any time where we rely on consent; this will not affect processing carried out before withdrawal.
United States (state-specific rights)
Depending on your state of residence, you may have the right to request: access to and deletion or correction of your personal information; to receive a portable copy of certain information; to opt out of the sale or sharing of personal information, targeted advertising, or certain profiling; and to limit the use and disclosure of sensitive personal information where applicable. We do not sell or share personal information for cross-context behavioral advertising and do not use personal information for automated decision-making that produces legal or similarly significant effects. If you submit a rights request and disagree with our response, you may request an appeal using the contact details below.
Exercising your rights
You can make a request by contacting us at privacy@preopapp.com. To help protect privacy, we may need to verify your identity (and your authority, if you are an authorized agent) before fulfilling a request. Where we deny a request, we will explain the reason, subject to legal restrictions.
Account information
To review or change information in your account or to terminate your account, log in to your account settings. Upon your request to terminate your account, we will deactivate or delete your account and remove information from our active systems. We may retain limited information as permitted by law for security, fraud prevention, troubleshooting, legal compliance, or recordkeeping, consistent with our retention section.
Cookies and similar technologies
Most browsers accept cookies by default. You can remove or reject cookies in your browser settings; some features may not function properly without required cookies. For choices in the mobile app (for example, analytics), see your device or in-app settings. For details about our use of cookies/SDKs, see the “Do we use cookies and other tracking technologies?” section.
Health and provider-controlled records
If certain information forms part of a medical record or is otherwise controlled by your healthcare provider, your ability to access or correct that information may be governed by your provider’s policies and applicable health privacy laws. In those cases, please direct your request to your provider. We will assist them as required by our agreements.
10. Controls for Do-Not-Track Features
Most web browsers and some mobile operating systems and applications include a Do-Not-Track (DNT) setting you can activate to signal that you prefer not to be tracked online. Because no common industry standard for recognizing DNT signals has been finalized, we do not currently respond to DNT signals.
Browser-based opt-out signals. Where required by applicable law, we will recognize certain legally mandated browser signals (for example, Global Privacy Control) as opt-out preferences for applicable activities. We do not “sell” or “share” personal information for cross-context behavioral advertising, but if that were to change, we would honor such signals as required.
To control cookies and analytics, see the “Do we use cookies and other tracking technologies?” section and your browser or device settings.
11. Do United States Residents Have Specific Privacy Rights?
In Short: If you are a resident of California, Colorado, Connecticut, Delaware, Florida, Indiana, Iowa, Kentucky, Montana, New Hampshire, New Jersey, Oregon, Tennessee, Texas, Utah, or Virginia, you may have rights to access, correct, delete, obtain a copy of, or appeal decisions about your personal information, subject to applicable law.
Personal information we collect
We collect the categories described in “What information do we collect?” including, where applicable, limited sensitive information necessary for clinical preparation features with appropriate authorization or consent. We do not collect or use sensitive information for the purpose of inferring characteristics about you.
How we use and disclose personal information
See “How do we process your information?” and “When and with whom do we share your personal information?” We disclose personal information to service providers and contractors under written agreements requiring them to use the information only to provide services to us.
We do not sell or share personal information of consumers we know are under 16.
Sale/sharing and targeted advertising
We do not sell personal information or share it for cross-context behavioral advertising, and we do not use personal information for targeted advertising or for automated decision-making that produces legal or similarly significant effects. If this changes in the future, we will update this notice and provide a clear right to opt out (including honoring recognized browser signals where required).
Your rights (state laws may vary)
Subject to exceptions, you may have the right to:
Know whether we process your personal information and to access it
Self-service options
You can review or update certain account information in your account settings.
Correct inaccuracies in your personal information
Request deletion of your personal information
Obtain a portable copy of certain personal information
Opt out of sale, sharing, targeted advertising, or certain profiling (not currently applicable as described above)
Limit use and disclosure of sensitive personal information where applicable
Receive a list of categories (and, in some states, specific third parties) to whom we disclosed personal information, where required
Be free from discrimination for exercising your rights
How to exercise your rights
Submit a request at privacy@preopapp.com. If you are an authorized agent submitting a request on behalf of a consumer, include proof of authorization. We will verify requests by reasonably matching information you provide with information we maintain. If we cannot verify your identity (or authority), we may request additional information as permitted by law.
Appeals
If we decline to act on your request, you may appeal by emailing privacy@preopapp.com. We will provide a written response explaining our decision and how to contact your state attorney general if you remain dissatisfied, where applicable.
California “Shine the Light”
We do not share personal information with third parties for their own direct marketing purposes. If you still wish to submit a “Shine the Light” request, contact us at privacy@preopapp.com.
Retention
We retain personal information as described in “How long do we keep your information?” If your account is provisioned through a healthcare organization, certain records may be retained according to that organization’s requirements and our agreement with them.
12. Do We Make Updates to This Notice?
In Short: Yes. We update this notice as needed to stay compliant and reflect changes to the Services.
We may modify this privacy notice from time to time. The “Revised” date at the top will show the latest version. If we make material changes, we will provide appropriate notice (for example, in-app notices, email, or a banner on our website) and, where required by law, seek your consent. We encourage you to review this notice periodically to stay informed about how we protect your information.
If changes alter how we process personal information in a way that requires consent (for example, new purposes or new categories of data), we will ask for consent before applying those changes to you.
13. How Can You Contact Us About This Notice?
If you have questions or comments about this notice, you may email us at privacy@preopapp.com.
14. How Can You Review, Update, or Delete the Data We Collect From You?
In Short: Depending on your place of residence, you may request access to, correction of, or deletion of your personal information, and you may withdraw consent where applicable.
How to submit a request
Email us at support@preopapp.com with your request or use our data request form if provided in the app or on our website.
Specify the type of request (access, correction, deletion, portability, withdrawal of consent, or appeal).
Verification and authorized agents
We will verify your identity (and, if applicable, your authority as an authorized agent) before fulfilling a request.
If we cannot verify your request, we may ask for additional information as permitted by law.
Timing and response
We will respond within the timeframe required by applicable law and will explain any denial or limitation we are legally required to apply.
You may appeal our decision by emailing privacy@preopapp.com; we will provide a written response and how to contact your state authority where applicable.
Limits and exceptions
Certain information may be retained as permitted or required by law (for example, security, fraud prevention, or record keeping).
If your account is provisioned through a healthcare organization or if certain information forms part of a medical record controlled by your provider, please direct access or correction requests for that data to your provider; we will assist them as required by our agreement.
Self-service options
- You can review or update certain account information in your account settings.
- To close your account, use the account settings or contact us at
support@preopapp.com.
