Privacy Policy

Effective date: August 9, 2024

This Privacy Notice is provided by Lirio, Inc. (“Lirio,” “our,” or “we”) for visitors to our website made available at www.lirio.com, including the features available through the site (collectively, the “Services”). Lirio values and respects the privacy of its customers and visitors. The purpose of this Privacy Policy is to provide you with information about Lirio’s policies regarding the collection, processing, use, storage, and disclosure of information when you use our Services. This Privacy Policy also describes the choices you can make about our use of your information. 

Please note that this Privacy Policy only applies to the website www.lirio.com and the services and features we make available through our website to individuals, such as blog articles, e-newsletter subscription, and our contact form.  This Privacy Policy does not apply to information or data that we may receive from, or collect on behalf of, clients in connection with a client engagement, and our processing, use, storage and disclosure of such information is subject to other policies. If you are a customer or patient of one of our clients, you should review the privacy policy and terms of use of that client. This policy also does not apply to information collected from legal entities or businesses (e.g., our clients) or employees or contractors acting on behalf of such entities. If you have any questions about our use of such information or wish to communicate with our senior security official or senior privacy official, please do not hesitate to contact us by email at privacy@lirio.co. 

We may update or modify this Privacy Policy at any time by posting the amended version including the effective date of the updated version. We will handle your information in compliance with this Privacy Policy as it was at the time that we collected such information. By using the Services, you agree to the terms of our Terms of Use and this Privacy Policy and the collection and use of information in accordance with this Policy. If you do not agree to be bound by this Privacy Policy or any subsequent modifications, you should not access or use our Services or disclose any personal information through our Services. Unless otherwise defined in this Privacy Policy, the terms used in this Privacy Policy have the same meanings as in our Terms of Use.

This Privacy Policy contains the following information, which you can access by scrolling down: 

  1. How to contact us. 
  2. Personal Information we collect about you. 
  3. How we may use your information. 
  4. Sharing your information. 
  5. How we safeguard your personal information. 
  6. How long we store your personal information. 
  7. Your rights and choices regarding your personal information. 
  8. Special notice to non-U.S. users regarding data transfers. 
  9. Sensitive Information. 
  10. Policies on children’s information. 
  11. Links to other sites. 
  12. Governing law and jurisdiction. 

1.    HOW TO CONTACT US

You can update your preferences and information by updating your contact information through our Services or contacting us at the e-mail address or phone number below. Additionally, if you have any questions or concerns about our use of your Personal Information (defined below) or wish to communicate with our senior security official and senior privacy official, please do not hesitate to contact us through any of the methods below. 

Phone: 1-865-243-8000 

Email: privacy@lirio.co

2.    PERSONAL INFORMATION

While using our Services, we may ask you to provide us with certain information that identifies, relates to, describes, can reasonably be associated with, or can reasonably be linked to you or your household, either on its own or combined with other information that we have or can readily obtain (“Personal Information”). 

We collect Personal Information from you both when you provide it voluntarily and also automatically when you use our Services.  We may also collect Personal Information from other sources, as described below. 

We collect Personal Information from you and any devices (including mobile devices) you use when you use our Services, provide us information on a web form, or when you otherwise correspond with us.  Please remember that any information that is disclosed in public comments, forums or other areas enabling other users to submit comments (“Forums”) becomes public information, is not maintained or treated as confidential, and you should exercise caution when deciding to disclose your Personal Information. 

As described below under Collection of Cookies and Device Data, we may also collect Personal Information from your device via cookies or other tracking technologies.  For example, the Services use tracking tools like cookies, pixels, and web beacons to collect usage and browser information.  For more information about the trackers that we use, please see the Collection of Cookies and Device Data section of this Privacy Notice. Additionally, if you enable location data on your device, this data may be collected based on the location settings on your device. 

In the circumstances where we need your consent to collect your Personal Information, we will ask for such consent. 

In addition, we also collect Personal Information about you from third parties in connection with our Services, including from the following sources: 

  • Our clients when we provide services for them (which is subject to other policies)
  • Service providers (including hosting providers)
  • Data analytics service providers
INFORMATION WE COLLECT ABOUT YOU

We may collect the following categories of Personal Information from you, depending on your interactions with our Services and the choices you make. Most of the Personal Information we collect, process or maintain is collected from, or otherwise on behalf of, our clients including health care providers and health benefit plans. That information is subject to our agreements with our clients. This Privacy Policy does not address Personal Information received on behalf of our clients. In order to find out how that Personal Information is handled, you must visit the notice of privacy policy of the relevant client (e.g., your healthcare provider or plan). We may collect the following additional types of information by your use of the Services: 

  • Identifiers.  Your name, email address, postal address, unique personal identifier, Internet Protocol (IP) address, and device identifier. 
  • Internet or other electronic network activity information.
    For example:
    Browse history. Data about the webpages you visit.
    Search history. Data about the search terms you enter.
    Device, connectivity, and configuration data.  Data about your device and nearby networks, including regional and language settings. 
  • Geolocation data. Data about your device’s location, which is inferred from your IP address and your postal address. 
  • Demographic data. Data about you such as your age, country, preferred language and other data reflecting your consumer’s preferences, characteristics, psychological trends, preferences, predispositions, behavior, attitudes, intelligence, abilities, and aptitudes. 
  • Usage Information. This can be Personal Information and non-Personal Information that is collected about you when you are using our Services, and this may include:
    Information about your interactions with our Services, which includes the date and time of any information you enter into our Services and your interactions with other users of our Services and what content or features you access.
    User content you post to our Services and your interactions with our customer service team and other users.
    Technical data, which may include URL information, cookie data, web beacons and other tracking technology information, your IP address, the types of devices you are using to access or connect to our Services, unique device IDs, device attributes, network connection type (e.g., WiFi, 3G, LTE, Bluetooth) and provider, network and device performance, browser type, language, and operating system. Further details about the technical data that is processed by us can be found in the Collection of Cookies and Device Data section below.

    Collection of Cookies and Device Data     

Our Services use cookies, unique identifiers and similar technologies to collect information over time and across different websites when you use or visit our Services. We or our third-party partners use common tracking tools to collect information about the pages you view, our Services functions that you access, and the buttons and icons you click. 

Cookies. Cookies are small data files that are downloaded onto your computer or mobile device when you use our Services, which are unique to your device or account.  Cookies make it easier for you to use our Services by saving your preferences so that we can use these to improve your next and subsequent visits to our Services. Cookies help us learn which areas of our Services are useful and which areas need improvement. 

Cookies may be either persistent or temporary (also called session) cookies. A persistent cookie retains user preferences for a particular website, app or service, allowing those preferences to be used in future sessions and remains valid until its set expiry date (unless deleted by the user before the expiry date). A temporary cookie, on the other hand, will expire at the end of the user session, when the web browser is closed. 

You can choose whether to accept cookies by changing the settings on your browser or device.  For more information regarding your choices with respect to cookies and other tracking technologies, please see “Your Rights and Choices Regarding Your Information” below. Please note, however, that if you choose to disable this function, your experience with our Services may be impaired and some features may not work as they were intended. When we use cookies or other similar technologies, we may set the cookies ourselves or ask third parties to do so to help us. 

Pixels, Web Beacons. We or third party partners may use invisible pixels or beacons on our Services to count how many users access or use certain pages, features or content. This information is collected and reported in the aggregate. We may use this information to improve our current Services offerings, develop new products or services, and target information to you that may be helpful and useful to you based upon your use of our Services. 

3.    HOW WE MAY USE YOUR INFORMATION

We will use your information for the purposes of: 

  • providing, maintaining, personalizing, monitoring and improving our Services;
  • monitoring the usage of our Services;
  • analysis and assessment of trends and interests;
  • location-based services;
  • detection, prevention, and addressing technical issues;
  • maintaining the safety, security, and integrity of our Services and technology assets;
  • organizational and business planning as well as standard operations such as legal and accounting; and
  • other purposes consistent with reasonable expectations given the nature of the Services. 

If we need to use your Personal Information for an unrelated purpose or if we change the basis on which we are processing your data, we will notify you and we will explain the legal basis which allows us to do so or ask for your consent. 

We also may create anonymized and aggregated information that is derived from your Personal Information or usage of our Services, e.g., by stripping out all identifiers from your Personal Information and combining it with similar information from other users. We anonymize and aggregate information for various purposes that include data analysis, improving our Services and advertising, and developing new features and functionality within our Services. 

 

4.    SHARING YOUR INFORMATION

We share non-Personal Information with third parties at our discretion. We do not sell your Personal Information, though we may share it with our marketing partners or use it to help identify products or services that may be of interest to you. In connection with our Services, we may share your Personal Information with certain third parties who we engage to help us run our business and perform the services or for marketing purposes, including under the following circumstances: 

  • Software and other service providers we use to manage and process your information or who otherwise need to access Personal Information in order to provide services to us. 
  • Affiliates, subsidiaries, and clients. 
  • Analytics and site management companies, such as Google Analytics, a service provided by Google, Inc., to gather information about how you and other users engage with our Services and other websites and permit marketing across websites. For more information about Google Analytics, please visit www.google.com/policies/privacy/partners. 
  • Other third parties with whom you expressly request us to share your Personal Information. 

Additionally, we will share your Personal Information with third parties where required by law, where it is necessary in connection with our Services or products, or where we have another legitimate interest in doing so (e.g., to protect the Services, our clients, other third parties or the public). 

Most of the third parties with whom we share your Personal Information are located and store your information in the United States, although some may be located or store your information outside of the United States. 

If we are subject to a merger or acquisition with/by another company, we may share information with them in connection with the transaction. 

5. HOW WE SAFEGUARD YOUR INFORMATION

The security of your data is important to us. No method of transmission over the Internet or method of electronic storage is 100% secure. While we strive to use commercially acceptable means to protect your Personal Information, we cannot guarantee its absolute security. Any transmission of Personal Information is at your own risk. 

 

6.    HOW LONG WE STORE YOUR INFORMATION

We will retain your Personal Information only for as long as is necessary for the legitimate business purposes set out in this Privacy Policy. We will retain and use your Personal Information to the extent necessary to comply with our legal, accounting, or reporting obligations (for example, if we are required to retain your data to comply with applicable laws), resolve disputes and enforce our legal agreements and policies. Additionally, we may continue to store your Personal Information contained in our standard back-ups. 

We also will retain Usage Information for internal analysis purposes. Usage Information is generally retained for a shorter period of time, except when Usage Information is used to strengthen the security or to improve the functionality of our Services or products, or we are legally obligated to retain Usage Information for longer periods. 

 

7.    YOUR RIGHTS AND CHOICES REGARDING YOUR INFORMATION

Marketing Preferences. You can opt out from receiving future marketing communications from us at any time by using the unsubscribe function in the email you receive from us, or contacting us as set forth under “How to contact us” above. Please allow sufficient time for your preferences to be processed. Even if you opt out of receiving marketing messages, we may still contact you for transactional purposes like confirming or following up on a service request, or asking you to review a service you have used. If you later opt back into getting marketing communications from us, we will remove your information from our opt-out databases. 

As noted above in the “Collection of Cookies and Device Data” section above, you can choose whether to accept cookies by changing the settings on your browser or device. However, if you choose to disable cookies, your experience with our Services may be impaired and some features may not work as they were intended. 

Additionally, Do Not Track is a preference you can set in your web browser to inform websites that you do not want to be tracked. You can enable or disable Do Not Track by visiting the preferences or settings page of your web browser. However, these features are not yet uniform, so we do not currently respond to such features or signals. Therefore, if you select or turn on a “do not track” feature in your web browser, we and our third-party providers may continue collecting information about your online activities as described in this Privacy Policy. Global Privacy Control (“GPC”) is an add-on or browser preference that signals that you wish to opt out of the sale of Personal Information or use of Personal Information for targeted advertising. As Lirio is not subject to laws regarding the opting-out of uses of Personal Information, we do not currently honor GPC signals. 

The Services are intended solely for individuals residing within the U.S.  If you are visiting from outside of the U.S., please note that you are transferring information about you, including Personal Information, to a country and jurisdiction that may not have the same data protection laws as your country of residence. Because of the nature of our services, you may not have the same rights regarding your Personal Information that you would have interacting with a company in your jurisdiction. By providing us with Personal Information, you consent to the transfer of information about you, including your Personal Information, to the U.S. and the use and disclosure of information about you, including your Personal Information, as described in this Privacy Policy. 

Because of the nature of our Services, Lirio is not subject to certain state statutes within the U.S., though it is required to comply with HIPAA as a “business associate” and its agreements with entities that are covered by HIPAA. For more information about your rights under HIPAA, please visit the Notice of Privacy Practices for your healthcare provider, health plan or other entity that is covered by HIPAA. 

8.    SPECIAL NOTICE TO NON-U.S. USERS REGARDING TRANSFER OF DATA

Your information, including Personal Information, may be transferred to – and maintained on – computers located outside of your state, province, country or other governmental jurisdiction where the data protection laws may differ from those of your jurisdiction.  

If you are located in a country outside the U.S. and submit Personal Information to us, you consent to the general use and disclosure of such information as provided in this Privacy Policy and to the transfer and/or storage of that information to the U.S. and other countries outside your home country.  

9.     SENSITIVE PERSONAL INFORMATION

Lirio provides health-related services to various clients and is subject to the requirements of our agreements with those clients regarding the privacy and security of protected health information. For purposes of the use of the Services, including this website, we ask that you not send us, and you not disclose, any sensitive personal information as this term is defined under applicable data protection and privacy laws (for example, social security numbers, information related to racial or ethnic origin, political opinions, religion or other beliefs, health, biometrics or genetic characteristics, criminal background or trade union membership) on or through the Services or otherwise to us other than as part of our services to our clients. 

If you send or disclose any sensitive personal information to us, you consent to our processing and use of such sensitive personal data in accordance with this Privacy Policy. If you do not consent to our processing and use of such sensitive personal information, you must not submit such content to our Services.  

10.      POLICY ON CHILDREN’S INFORMATION

Our Services are not created for anyone under the age of 13 (“Children” or “Child”). By using the Services, you represent that you are at least 13 years old.  If you do not meet this age requirement, then you must not access or use our Services. 

We do not knowingly collect personally identifiable information from anyone under the age of 14, and we do not target the Services to children under the age of 13. If you are a parent or guardian and you are aware that your Child has provided us with Personal Information, please contact us though one of the methods listed under “How to Contact Us”, above. If we become aware that we have collected Personal Information from Children without verification of parental consent, we take reasonable steps to remove that information from our servers. 

For more information about the Children’s Online Privacy Protection Act (“COPPA”), which applies to websites that direct their services to children under the age of thirteen (13), please visit the Federal Trade Commission’s website. 

 

11.      LINKS TO OTHER SITES

Our Services contain links to third-party websites. If you click on one of those links, you will be taken to websites we do not control. This Privacy Policy does not apply to the information practices of those third-party websites. You should read the privacy policies of third-party websites carefully. We are not responsible for the content, privacy policies, actions or security of third-party websites. 

 

12.  GOVERNING LAW AND JURISDICTION

This Privacy Policy shall be construed and governed under the laws of the United States and State of Tennessee (without regard to rules governing conflicts of laws provisions). You agree that venue for all actions, arising out of or relating in any way to your use of our Services, shall be in federal or state court of competent jurisdiction located in Nashville, Tennessee, within one (1) year after the claim arises. Each party waives any objections based on forum non conveniens and waives any objection to venue of any action instituted hereunder to the extent that an action is brought in the courts identified above. Each party consents to personal jurisdiction in the courts identified above. 

37909558.4