Privacy Policy
Last Updated: January 2025
Aesto Health values your privacy and is committed to protecting the personal information of our users, customers, and partners. This Privacy Policy outlines how we collect, use, store, and share your information when you engage with our services, including visiting our website, using our applications, or interacting with us in business transactions.
If you have any questions or concerns regarding this policy, please contact us at privacy@aestohealth.com.
1. Information We Collect
Aesto Health’s DataCapture platform processes and stores Protected Health Information (PHI) and other sensitive data on behalf of its customers in compliance with the Health Insurance Portability and Accountability Act (HIPAA), the HITECH Act, and applicable state privacy laws. As a Business Associate, Aesto Health does not collect data directly from individuals (data subjects); instead, it receives personal information from covered entities.
On Aesto Health’s website, cookies are used to collect analytical data for marketing purposes, helping to improve user experience and outreach effectiveness. Within the DataCapture platform, cookies are utilized strictly for security and functionality purposes, including tracking user sessions and managing single sign-on (SSO) authentication workflows.
Aesto Health may collect the following types of personal and non-personal information:
Personal Information You Provide:
- Name
- Email Address
- Job Title
- Billing Address
- Phone Number
Automatically Collected Data
Through the use of Google Analytics, Zoho Page Sense, Open Send, and Wistia, we collect:
- Website Interaction Data: Page visits, time spent on pages, clicks, scroll behavior, and navigation paths.
- Device and Browser Information: IP addresses, browser types, operating systems, and device models.
- Geolocation Data: General location based on IP address.
- Engagement Metrics: Video view tracking and interaction behaviors for streamed content via Wistia.
- Email and Marketing Analytics: Open rates, link clicks, and user behavior for emails sent via Open Send.
This data is used to analyze website performance, improve user experience, and optimize our content and services.
Non-Personal Data Collection:
Aesto Health uses cookies and similar technologies to collect non-personal information such as:
- IP Address and browser type
- Website usage statistics and behavioral data
- Aggregated analytics for service improvement
For more details on managing cookies, please refer to your browser settings.
2. How We Use Your Information
We process your information for the following purposes:
- Providing and improving our services
- Conducting business transactions, marketing, and customer support
- Ensuring security and fraud prevention
- Complying with legal obligations
We do not process sensitive personal information such as Social Security Numbers, biometric data, or financial account details.
3. How We Share Your Information
Aesto Health does not sell, trade, or provide your personal information to unauthorized third parties. However, we may share information in the following cases:
- Business Transfers: If involved in a merger, acquisition, or asset sale
- Legal Obligations: When required by law or law enforcement authorities
- Third-Party Service Providers: For analytics, advertising, or customer relationship management
Any third-party providers engaged by Aesto Health are required to adhere to strict confidentiality and security measures.
4. How We Protect Your Information
We employ industry-standard technical and organizational measures to safeguard your personal information, including:
- Secure data encryption
- Access controls and authentication measures
- Regular security audits and compliance reviews
While we take every precaution, no data transmission over the internet is completely secure. Users should take precautions to protect their own information when using our services.
5. Data Retention
We retain your personal information only for as long as necessary, up to 12 months, for the purposes stated in this policy, unless a longer retention period is required by law. When information is no longer needed, it is securely deleted or anonymized.
6. Your Privacy Rights
Aesto Health respects your rights regarding the collection, use, and disclosure of your personal information. Depending on your location and applicable laws, you may have the following rights:
Right to Access: You may request details about the personal information we have collected, how it is used, and with whom it is shared.
- Right to Correction: You may request that inaccurate or outdated information be updated or corrected.
- Right to Deletion: Under certain conditions, you may request the deletion of your personal data.
- Right to Withdraw Consent: If our processing of your information is based on consent, you have the right to withdraw that consent at any time.
- Right to Object to Processing: You may object to certain types of processing, including direct marketing or automated decision-making.
- Right to Restrict Processing: In some cases, you may request that we limit the use of your personal data.
- Right to Data Portability: If applicable, you may request a copy of your data in a structured, commonly used, and machine-readable format.
Your Choices and Consequences of Non-Consent
You have the choice to provide or withhold personal information; however, refusing to provide certain personal data or withdrawing consent may impact your ability to use specific services.
- Collection, Use, and Disclosure Choices: You will be informed of the purposes for which your data is collected and used. If you choose not to provide certain information, it may limit our ability to offer you full access to our services.
- Consequences of Withholding Consent: If you deny or withdraw consent for certain processing activities, you may experience:
- Limited access to certain features or services.
- Inability to receive personalized content, updates, or marketing communications.
- Possible termination of a service that requires essential personal information.
If you wish to exercise any of these rights or need further clarification, please contact privacy@aestohealth.com.
7. Information for California Residents
Under California law, residents have additional rights regarding their personal data, including requesting details about data collected and shared. Aesto Health does not sell personal data. For requests, please contact privacy@aestohealth.com.
8. Do-Not-Track (DNT) Signals
At this time, Aesto Health does not respond to DNT signals in browsers, as no industry standard has been adopted for such technology.
9. Third-Party Links and Websites
Our website may contain links to external websites that are not operated by Aesto Health. This policy does not cover third-party sites, and we encourage users to review their privacy policies before providing any personal data.
10. Policy Updates
We may update this Privacy Policy periodically. Any changes will be posted on our website with a revised effective date. Continued use of our services constitutes acceptance of the updated policy.
11. Contact Us
If you have questions about this policy, how your data is handled, or need to exercise your privacy rights, you may contact our Data Protection Officer at:
Email: privacy@aestohealth.com
Phone: (866) 558-8098
Mailing Address:
Aesto Health
1800 International Park Dr, Suite 110
Birmingham, AL 35243, United States
12. Complaints & Dispute Resolution
If you believe Aesto Health has mishandled your personal information or violated this privacy policy, you have the right to submit a formal complaint.
Filing a Complaint:
- Submit your complaint in writing via email at privacy@aestohealth.com or via mail to the address above.
- Include a detailed description of your concern, including relevant dates and any supporting documentation.
Aesto Health is committed to addressing privacy concerns promptly and transparently to maintain trust and compliance with applicable data protection laws.