We at Magnus Health are committed to protecting the information we have about you, our clients. We only use that information to help our clients manage their medical information. We are committed to being transparent about our practices surrounding how we manage and store your information.
- We will only use information to provide services to your school or camp.
- We will not sell your data.
- We have also taken the Student Privacy Pledge, which is a commitment made by companies who are entrusted with student data to treat that data responsibly.
Our customers use Magnus Health in part because of the security measures we use to protect information. Those measures are often substantially stronger than what our customers were previously using internally. You can find out more about our security measures on our Privacy and Security page.
Please contact your school or camp with any questions you may have about how his or her information is protected and used. Our service is just a small part of how they protect and use that data.
We may provide links within our sites and services to the sites or services of third parties. We are not responsible for the collection, use, monitoring, storage or sharing of any personal information by such third parties, and we encourage you to review those third parties’ privacy policies and to ask them questions about their privacy practices as they relate to you.
When Personal Information relates to an individual (or their legal guardian), we refer to this as “Personal Information.” If it relates to a Customer, prospective Customer, vendor, or business partner (or any of their employees), then we refer to it as “Business Information.”
2. Personal Information We Collect
We collect the following Personal Information:
- Name, email and contact information received from visitors to our Public Site who request information regarding our Service on the Contact Us page or who download Veracross resources on our Resource Center, or who send us email or connect with us through social media;
- Personal Information received from Customers in connection with the implementation and provision of the Service. For example, Customers provide basic personal information, manually or through integration with student information systems, in connection with the Service when they are setting up the Service for use.
- Personal information received from parents or guardians when they use the Service on behalf of their students. This includes age, immunization history, allergies, and other information used by Customers in connection with the Service. Note that children under age 18 may not have their own account in the Service. Instead, their accounts are administered by their parent or guardian. We do not contact children under age 18 about our Service and do not ask them for Personal Information.
- Information regarding individuals who maintain accounts with our Service.
3. What we do with Personal Information
The Service helps schools and camps manage health care matters relating to their constituents, including students, their parents, their faculty, staff, and other related persons. We use Personal Information, such as demographic, health, and collected form information to provide the Service to our Customers and to provide support to them, which might include answering their questions and resolving their issues about individuals.
We may also provide Personal Information to emergency personnel and other healthcare professionals as described in our Service, consistent with applicable laws regarding privacy of Personal Information. These professionals may use your Personal Information to perform medical services as authorized, and to communicate with you.
We may also use Personal Information to derive aggregate information about large groups of individuals. That aggregate information might include, for example, the average age at which individuals are vaccinated against various diseases or the percentage of people who have nut allergies, but will not include any Personal Information. We may use this aggregate information for any purpose.
We use Business Information for our business purposes. We may use Business Information about Customers and prospective Customers to provide information about our products and services, other companies’ products and services and educational information. Business Information may be stored in our customer relationship management system and other systems in order to help us run our business.
We may provide Personal Information to companies that assist us in providing Services, such as a hosting provider or a customer service provider. These companies are authorized to use Personal Information only as necessary to provide these services. If any of these providers receive Personal Information, we will ensure that they are bound to restrictions at least as protective of Personal Information as the Student Privacy Pledge, described in section 7, below.
We will not sell any information to any third party except as allowed by section 8, which discusses what happens if our company is acquired.
4. Disclosures for Legal Reasons
In certain situations, we may be required to disclose Personal Information in response to lawful requests by public authorities, including to meet national security or law enforcement requirements. We may also disclose Personal Information in response to subpoenas, court orders, or legal process, or to establish or exercise our legal rights or defend against legal claims.
When we make any disclosure of Personal Information described by this section, we will limit the disclosure to only the minimum amount of information which is necessary, and will attempt to ensure that any information we do disclose is kept protected by, for example, submitting it under seal, obtaining a protective order or by requiring the party to whom it is disclosed to agree to keep the information confidential.
5. When we delete Personal Information
We generally keep Personal Information for the duration required to comply with legal requirements. We will, however, hold it longer if needed to provide the Service to our Customers, if we have a legal obligation to keep it for longer or if we require it to resolve a legal dispute.
We may delete Business Information when we determine that it is no longer useful to us, when required by law, or in accordance with our internal data retention practices and policies.
6. Technical Information
We gather certain information about the use of our Service and Public Site automatically. This information includes internet addresses, browser types, internet service providers (ISP), referring/exit pages, operating systems, date/time information, and click-stream data. Mobile devices may record information such as how often our app is used, the events that occur within the app, aggregated usage, performance data, and where the app was downloaded from.
We and our partners, analytics provider, and online customer support provider use this information to analyze trends, to administer the Service and the Public Site, to track users’ movements around the Service and the Public Site and to gather overall demographic information about our user base. We do not link this automatically collected data to other Personal Information.
7. Student Privacy Pledge
9. Access and Changes to Your Data
You may determine if we have any of your Personal Information and access, correct, or request deletion of your Personal Information by contacting us through our help desk . Before providing you with any information or allowing you to make changes, we will need evidence of your identity. In addition, much of the Personal Information we have can be updated through the Service. We will respond to your request within a reasonable timeframe.
Note that we do not have a direct relationship with individuals. Individuals may also contact their school or camp to determine how to access or correct Personal Information, including Information that is imported into the Service from a Information System.
10. Data Security
We maintain a comprehensive security program designed to protect Personal Information in our possession, which includes organizational, physical and technical safeguards. Certain of these measures are described on our Privacy and Security page.
We display personal testimonials of satisfied customers on our website in addition to other endorsements. With your consent, we may post your testimonial along with your name. If you wish to update or delete your testimonial, you can contact us at firstname.lastname@example.org.
12. Social Media Share Buttons and Widgets.
13. Email Preferences / Unsubscribe
If you no longer wish to receive email from us on a going-forward basis, you may opt-out of receiving these emails by clicking “Unsubscribe” at the bottom of any email you receive from us.
14. Advertising Choices and Control
Magnus does not participate in behavioral advertising through its subscription Service and on related web sites (such as the Magnus web site used by Customers to enter information), and will not display ads on its Service. If our third-party partner(s) are providing advertising on our Public Site and you wish to not have this information used for the purpose of serving you interest-based ads, you may opt-out by clicking here [https://optout.aboutads.info/] if you are based in the US, or here [https://www.youronlinechoices.eu/] if located in the European Union. Magnus cannot control all advertising you see while browsing our Public Site as this can be dependent on your individual browser and/or computer settings.
15. EU-U.S. Privacy Shield and Swiss-U.S. Privacy Shield
Veracross, LLC and its subsidiary, Magnus Health, LLC, participate in and have certified their compliance with the EU-U.S. Privacy Shield Framework and the Swiss-U.S. Privacy Shield Framework. We are committed to subjecting all personal data received from European Union (EU) member countries and Switzerland, respectively, in reliance on each Privacy Shield Framework, to the Framework’s applicable Principles. To learn more about the Privacy Shield Frameworks, and to view our certification, visit the U.S. Department of Commerce’s Privacy Shield List. [https://www.privacyshield.gov/list/]
Magnus Health, LLC is responsible for the processing of personal data it receives, under each Privacy Shield Framework, and subsequently transfers to a third party acting as an agent on its behalf. Magnus Health, LLC complies with the Privacy Shield Principles for all onward transfers of personal data from the EU and Switzerland, including the onward transfer liability provisions.
With respect to personal data received or transferred pursuant to the Privacy Shield Frameworks, Veracross is subject to the regulatory enforcement powers of the U.S. Federal Trade Commission. In certain situations, we may be required to disclose personal data in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.
If you have an unresolved privacy or data use concern that we have not addressed satisfactorily, please contact our U.S.-based third party dispute resolution provider (free of charge) at https://feedback-form.truste.com/watchdog/request.
Under certain conditions, more fully described on the Privacy Shield website [https://www.privacyshield.gov/article?id=How-to-Submit-a-Complaint], you may be entitled to invoke binding arbitration when other dispute resolution procedures have been exhausted.
16. Questions about Data Privacy
Magnus Health, LLC
401 Edgewater Place
Wakefield, MA 01880
Or contact us through our Privacy Team.
If you have an unresolved privacy or data use concern that we have not addressed satisfactorily, please contact our U.S.-based third-party dispute resolution provider (free of charge) at https://feedback-form.truste.com/watchdog/request.
Effective Date: May 24, 2022