Call Us 1-650-797-1309

Privacy Policy

Effective date: 6/26/2018

We at Luna know you care about how your personal information is used and shared, and we take your privacy seriously. Please read the following to learn more about our Privacy Policy.

By using or accessing the Services in any manner, you acknowledge that you accept the practices and policies outlined in this Privacy Policy, and you hereby consent that we will collect, use, and share your information in the following ways. Remember that your use of Luna’s Services is at all times subject to the Terms of Use, which incorporates this Privacy Policy. Any terms we use in this Policy without defining them have the definitions given to them in that document.

What does this Privacy Policy cover?

This Privacy Policy covers our treatment of personally identifiable information we collect from you (“Personal Information”) that we gather when you are accessing or using our Services, but not to the practices of companies we don’t own or control, or people that we don’t manage. This Privacy Policy also covers how and when we treat your “protected health information” (“PHI”) (as that term is defined by HIPAA) differently from your other Personal Information. We gather various types of Personal Information from our users, as explained in more detail below, and we use this Personal Information internally in connection with our Services, including to personalize, provide, and improve our services, to allow you to set up a user account and profile, to contact you and allow other users to contact you, to fulfill your requests for certain products and services, and to analyze how you use the Services. In certain cases, we may also share some Personal Information with third parties, but only as described below.

As noted in the Terms of Use, we do not knowingly collect or solicit personal information from anyone under the age of 13 or from individuals residing outside of the United States. If you are under 13 or residing outside the United States, please do not attempt to register for the Services or send any personal information about yourself to us. If we learn that we have collected personal information from a child under age 13 or an individual residing outside the United States, we will delete that information as quickly as possible. If you believe that a child under 13 may have provided us personal information, please contact us at concierge@getluna.com.

Will Luna ever change this Privacy Policy?

We’re constantly trying to improve our Services, so we may need to change this Privacy Policy from time to time as well, but we will alert you to changes by placing a notice on our website(s) and applications, by sending you an email, and/or by some other means. Note that if you’ve opted not to receive legal notice emails from us, those legal notices will still govern your use of the Services, and you are still responsible for reading and understanding them. If you use the Services after any changes to the Privacy Policy have been posted, that means you agree to all of the changes.

What Information does Luna Collect?

Information You Provide to Us:

We receive and store any information you knowingly provide to us. For example, through the registration process and/or through your account settings, we may collect Personal Information such as your name, home address, email address, and phone number. Certain information may be required to register with us or to take advantage of some of our features. We may communicate with you if you’ve provided us the means to do so. For example, if you’ve given us your email address, we may send you promotional email offers on behalf of other businesses, or email you about your use of the Services. If you do not want to receive communications from us, please indicate your preference by unsubscribing from those types of emails or by replying to received text messages that you wish to unsubscribe from such notifications.

Information Collected Automatically:

Whenever you interact with our Services, we automatically receive and record information on our server logs from your browser or device, which may include your IP address, geolocation data, device identification, “cookie” information, the type of browser and/or device you’re using to access our Services, and the page or feature you requested. “Cookies” are identifiers we transfer to your browser or device that allow us to recognize your browser or device and tell us how and when pages and features in our Services are visited and by how many people. You may be able to change the preferences on your browser or device to prevent or limit your device’s acceptance of cookies, but this may prevent you from taking advantage of some of our features.

If you click on a link to a third party website or service, a third party may also transmit cookies to you. Again, this Privacy Policy does not cover the use of cookies by any third parties, and we aren’t responsible for their privacy policies and practices. Be aware that cookies placed by third parties may continue to track your activities online even after you have left our Services, and those third parties may not honor “Do Not Track” requests you have set using your browser or device.

We may use this data to customize content for you that we think you might like, based on your usage patterns. We may also use it to improve the Services – for example, this data can tell us how often users use a particular feature of the Services, and we can use that knowledge to make the Services more helpful to as many users as possible.

What are my rights with respect to my PHI specifically?

Electronic or paper copy of your medical record: You may request an electronic or paper copy of your medical record and other PHI we have about you by contacting us at concierge@getluna.com. We will provide you with a copy or summary of your health information within 15 days of your request or as required by law. We may charge a reasonable, cost-based fee.

Correct your medical record: You may request that we correct PHI about you that you think is incorrect or incomplete by contacting us at concierge@getluna.com. We may say “no” to your request, but we will tell you why in writing within 60 days of your request or as required by law.

Request confidential communications: You may request that we contact you in a specific way (for example, at your home or office phone) or send email/mail to a different address. We will say “yes” to all reasonable requests.

Restrict access to certain PHI: You may request that we not use or share certain PHI for treatment or payment purposes. We are not required to agree to your request, and we may say “no” if it would affect your care. If you pay for the Services out-of-pocket in full, you may request that we not share that information with your health insurer. We will say “yes” unless a law requires us to share that information.

Request a list of when and with whom we’ve shared your PHI: You may request for a list of when, with whom, and why we shared your PHI for six years prior to your request date (an “Accounting”). We will include all the disclosures except we will not disclose information specifically pertaining to treatment, payment, and health care operations, and certain other disclosures (such as any you asked us to make). We will provide one Accounting each year at no cost to you, however if you request an additional Accounting within such year we will charge a reasonable fee.

Receive a paper copy of this Privacy Policy: You may request a paper copy of this Privacy Policy at any time, even if you have agreed to receive the notice electronically. We will promptly provide you with a paper copy.

Assign an individual medical power of attorney: You may indicate by contacting us at concierge@getluna.com if you would like to assign an individual medical power of attorney or indicate an individual as your legal guardian. If you have so indicated, such individual may exercise your rights and make choices about your PHI. We will make sure the person has this authority and can act for you before we take any action.

Right to Inspect And Copy Your Health Information. You have a right to inspect and copy your own health information upon request. However, we are not required to provide you access to all health information that we maintain. For example, this right does not extend to information compiled in reasonable anticipation on an administrative proceeding. Access may also be denied if disclosure would reasonably endanger you or another person.

Right to Verbally Object. You have the right to verbally object to certain disclosures that are routinely made for treatment, payment or health care operations or for other purposes without an authorization. For example, you will be given the opportunity to object to the sharing of your health information with a person or family member participating in your treatment.

When Authorizations are Required. An authorization is required for most uses and disclosures of psychotherapy notes (where appropriate), uses and disclosures of your health information for marketing purposes, and disclosures that constitute a sale of protected health information. Moreover, other uses and disclosures of your health information not described in this Privacy Policy may be made only with a valid authorization from you. You have a right to revoke a validly executed authorization for the use of or disclosure of your health information. However, such revocation will not have any effect on uses or disclosures prior to the receipt of the revocation.

Right to Opt-Out of Fundraising Communications. We may contact you for fundraising purposes or have someone contact you on our behalf. However, you have the right to opt-out of fundraising communications. You can do so by contacting us at concierge@getluna.com.

Right to be Notified Following a Breach of your Information. If you are affected by a breach of your unsecured protected health information by us or our business associates, you have a right to be notified following such breach.

File a complaint if you feel your rights are violated: You may complain if you feel we have violated your rights by contacting us at concierge@getluna.com. You may also file a complaint with the U.S. Department of Health and Human Services Office for Civil Rights by sending a letter to 200 Independence Avenue, S.W., Washington, D.C. 20201, calling 1-877-696-6775, or visiting https://www.hhs.gov/ocr/privacy/hipaa/complaints/. We will not retaliate against you for filing a complaint.

Will Luna Share Any of the Personal Information it Receives?

We may share your Personal Information with third parties as described in this section:

Information that’s been de-identified: We may de-identify your Personal Information so that you are not identified as an individual, and provide that information to our partners. We may also provide aggregate usage information to our partners (or allow partners to collect that information from you), who may use such information to understand how often and in what ways people use our Services, so that they, too, can provide you with an optimal online experience. However, we never disclose aggregate usage or de-identified information to a partner (or allow a partner to collect such information) in a manner that would identify you as an individual person.

Affiliated Businesses: In certain situations, businesses or third party websites we’re affiliated with may sell or provide products or services to you through or in connection with the Services (either alone or jointly with us). You can recognize when an affiliated business is associated with such a transaction or service, and we will share your Personal Information with that affiliated business only to the extent that it is related to such transaction or service. We have no control over the policies and practices of third party websites or businesses as to privacy or anything else, so if you choose to take part in any transaction or service relating to an affiliated website or business, please review all such business’ or websites’ policies.

Agents: We employ other companies and people to perform tasks on our behalf and need to share your information with them to provide products or services to you; for example, we may use a payment processing company to receive and process your credit card transactions for us. Unless we tell you differently, our agents do not have any right to use the Personal Information we share with them beyond what is necessary to assist us.

User Profiles and Submissions: Certain user profile information, including your name, location, and any video or image content that such user has uploaded to the Services, may be displayed to other users (such as your Luna Physical Therapist and/or the Luna Concierge) to facilitate user interaction within the Services or address your request for our services. Please remember that any content you upload to your public user profile, along with any Personal Information or content that you voluntarily disclose online in a manner other users can view (on discussion boards, in messages and chat areas, etc.) becomes publicly available, and can be collected and used by anyone. Your user name may also be displayed to other users if and when you send messages or comments or upload images or videos through the Services and other users can contact you through messages and comments.

Business Transfers: We may choose to buy or sell assets, and may share and/or transfer customer information in connection with the evaluation of and entry into such transactions. Also, if we (or our assets) are acquired, or if we go out of business, enter bankruptcy, or go through some other change of control, Personal Information could be one of the assets transferred to or acquired by a third party.

Third Party Services: We may use third party services, such as Google Analytics, to grow our business, to improve and develop our Services, to monitor and analyze use of our Services, to aid our technical administration, and to increase the functionality and user-friendliness of our Services. These services may collect and retain some information about you, such as the IP address assigned to you on the date you use the Services, but not your name or other personally identifying information. We do not combine the information generated through the use of these services with your Personal Information. Although these services may plant a persistent cookie on your web browser to identify you as a unique user the next time you use the Services, the cookie cannot be used by anyone but Google. The Google Analytics services’ ability to use and share information about your use of the Services is restricted by the Google Analytics Terms of Use and the Google Privacy Policy. You may find additional information about Google Analytics at http://www.google.com/policies/privacy/partners/. Finally, you can opt out of Google Analytics by visiting https://tools.google.com/dlpage/gaoptout/.

Protection of Luna and Others: We reserve the right to access, read, preserve, and disclose any information that we believe is necessary to comply with law or court order; enforce or apply our Terms of Use and other agreements; or protect the rights, property, or safety of Luna, our employees, our users, or others.

Will Luna Share Any of the PHI it Receives?

We will never (i) rent or sell your PHI; (ii) share your PHI for marketing purposes; or (iii) use or share your PHI other than as described below unless you have given us explicit permission in writing to do so. We may share your PHI with third parties as described in this section:

Family members, guardians, specified individuals: We may share your PHI with your family member, guardian or other individual, only as specifically requested by you or in those circumstances where such individuals are involved in your care or treatment and you have had the opportunity to verbally agree or object and have been notified in advance of such use or disclosure.

Business Associates. With an acknowledgment or proper authorization or as otherwise permitted under HIPAA, we are permitted to disclose your health information to business associates and to allow business associates to receive your health information of our behalf. A business associate is defined under HIPAA as an individual or entity under contract with us to perform or assist us in a function or activity which requires the use of your health information. Examples of business associates include, but are not limited to, consultants, accountants, and third-party billing companies.

Physical Therapists: We may share your PHI with your Luna Physical Therapist in order to provide you the Services, manage your treatment and improve your care.

Other professionals: If you have communicated to us that you are receiving treatment from a physician we may share your PHI with that physician.

Insurance Company: We may share your PHI with your insurance company to receive payment for the Services.

Emergency: In the event of an emergency or a serious or imminent threat to your health or safety (e.g., you are unconscious), we may share your PHI if we believe it is in your best interest.

Public good and/or Research Purposes: We may share your PHI if we believe it is for the benefit of public health, such as (i) preventing disease; (ii) helping with product recalls; (iii) reporting adverse reactions to medications; (iv) reporting suspected abuse, neglect or domestic violence; (v) preventing or reducing a serious threat to anyone’s health or safety, or for health research purposes. We will only share your PHI in accordance with the law. To find out more, please go to: https://www.hhs.gov/ocr/privacy/hipaa/understanding/consumers/index.html

Compliance with law: We reserve the right to access, read, preserve, and disclose any PHI that we believe is necessary to comply with law or court order, including requests from the Department of Health and Human Services to ensure our compliance with federal privacy law.

Address workers’ compensation, law enforcement, mandated reporting and other government requests: We may share PHI about you: (i) for workers’ compensation claims; (i) for law enforcement purposes or with a law enforcement official; (iii) with health oversight agencies for activities authorized by law; (iv) for special government functions such as military, national security, and presidential protective services; (v) for any applicable mandated reporting purposes such as child abuse, sexual assault, intimate partner violence or other mandated reporting.

Treatment Payment and Healthcare Operations. We are permitted to use and disclose your health information in the provision and coordination of your healthcare, in determining coverage, billing, claims management, medical data processing and reimbursement, and as part of Luna’s routine healthcare operations such as utilization reviews, auditing, certification, licensing or credentialing activities.

Authorization. We can use and disclose your health information for purposes other than treatment, payment or healthcare operations with your written authorization. For example, with your authorization we can provide your name and medical condition to companies who might be able to provide you useful items or services. You may revoke your authorization; however, such revocation will not have any effect on uses or disclosures of your health information prior to our receipt of the revocation.

Is Personal Information about me secure?

Your account is protected by a password for your privacy and security. You must prevent unauthorized access to your account and Personal Information by selecting and protecting your password appropriately and limiting access to your computer or device and browser by signing off after you have finished accessing your account.

We endeavor to protect the privacy of your account and other Personal Information we hold in our records, but unfortunately, we cannot guarantee complete security. Unauthorized entry or use, hardware or software failure, and other factors, may compromise the security of user information at any time. We are required by law to maintain the privacy and security of your PHI. If a breach occurs that may have compromised the privacy or security of your PHI, we will promptly inform you by a notice on the website(s) and applications, and follow any applicable laws.

What Personal Information can I access?

Through your account settings or by contacting us, you may access, and, in some cases, edit or delete the following information you’ve provided to us: Name, password, home address, email address, insurance details, and other related user profile information.

The information you can view, update, and delete may change as the Services change. If you have any questions about viewing or updating information we have on file about you, please contact us at concierge@getluna.com.

What choices do I have?

You can always opt not to disclose information to us, but keep in mind some information may be needed to register with us or to take advantage of some of our features.

You may be able to add and/or update information as explained above. When you update information, however, we may maintain a copy of the unrevised information in our records. Some information will remain in our records after you suspend use of your account as required by law. We may use any aggregated data derived from or incorporating your Personal Information after you add and/or update it, but not in a manner that would identify you personally.

What if I have questions about this policy?

If you have any questions or concerns regarding our privacy policies, please send us a detailed message to concierge@getluna.com, and we will try to resolve your questions or concerns.