360 Medical Consulting
Privacy Policy

Last updated July 17, 2025

360 Medical Consulting ("360" or "We") respects your privacy and is committed to protecting it through our compliance with this Privacy Policy (the “policy”). This policy describes our information collection and use practices in connection with your visitation or use of our website located at https://360medconsulting.com/  ("Website"), our mobile application (“App”), and any of the products or services that we provide therein (collectively, the “Services”).

This policy applies to our collection and processing, through the Services, of your protected health information, as such term is defined and regulated under the HIPAA Privacy Rule (45 CFR Part 160 and Subparts A and E of Part 164, “HIPAA”) (such information, “PHI”), in addition to other types of personal information.  We may receive, collect or otherwise process your PHI on behalf of “Covered Entities” as a “Business Associate,” as such terms are respectively defined and regulated under HIPAA. We have agreements (“Business Associate Agreements” or “BAAs”) with the Covered Entities we work with which require us to comply with specific requirements related to PHI.

We may also partner with third-party service providers that directly collect or process your PHI to schedule appointments, communicate with health care providers, and for other purposes. We are not responsible for the collection or use of your PHI by such third parties. Please visit https://www.athenahealth.com/privacy-rights to view the privacy policy and terms and conditions applicable to services provided by our partner, Athenahealth.

By visiting or using the Services, you agree to the terms of this Privacy Policy and the accompanying Terms of Use. If you do not agree with our policies and practices, your choice is not to use our Services. This policy may change from time to time (see Changes to Our Privacy Policy). Your continued use of the Services after we make changes is deemed to be acceptance of those changes, so please check the policy periodically for updates.

1. WHAT INFORMATION DO WE COLLECT?

In the course of operating the Services or otherwise interacting with you, we will collect (and/or receive) the following types of information, which may include information by which you may be personally identified, such as name, postal address, email address, telephone number, or any other identifier by which you may be contacted online or offline ("personal information"). You authorize us to collect and/or receive such information.

• Information You Provide to Us. Personal information you may provide to us through the Services includes:

• PHI. You may provide us with PHI when you fill out intake forms that we provide to you, and which enable us to provide you with the health-related Services you request. For example, when you use our Services to schedule medical appointments, we may use an intake form to collect PHI on behalf of the medical provider you select, which we securely send to our EMR provider Athenahealth.
• Contact Information. When you contact us using the “Contact Us” feature of the Website, App, or otherwise email or contact us in any manner, you may be asked to provide, or we may automatically receive from you, certain information, such as your name, email address, phone number, and information regarding your inquiry or request (collectively, the “Contact Information”). The Contact Information is used to provide the requested service or information and to contact you for purposes of direct marketing of our current and future products and services.
• Account Information. In order to access and use our Services, you will have to register as a registered user and create an account by providing information including your name, date of birth, sex assigned at birth, and email.
• Commercial Information. When you sign up for our Services or request information about the Services, we collect information related to the products or services you purchased or requested information about for the purpose of providing you the Services requested, responding to your communications, or to provide you with direct marketing. Your right to opt out of direct marketing is described in “Your Choices”.

• Information We Automatically Collect.

• Internet Activity Information. When you access or use the Website and/or purchase Products, we use browser cookies, pixels, web beacons, and similar technologies (collectively, “Tracking Technologies”) to automatically collect or receive certain standard technical information and other data (such as traffic data, usage data (including but not limited to, profiles viewed, matches made, features used, frequency and duration of the Website usage, and interactions with content on the Website, location data, device information (including but not limited to, type of device, mobile device platform, operating system, browser type, screen resolution, IP address and other technical information), logs and other communications data) sent to us by your computer, mobile device, tablet, or any other device over time on our Website or App, and your online activity across third party websites, apps, and devices. We may also evaluate your computer, mobile phone, or other access device to identify any malicious software or activity that may affect the availability of our Services.

• Information We Collect from Third Parties.

• Third Party Analytics Providers.

• Inferences and Internet Activity Information. We may use one or more third–party analytics services to evaluate your use of the Website, compile reports on activity (based on their collection of IP addresses, Internet service provider, browser type, operating system and language, referring and exit pages and URLs, data and time, amount of time spent on particular pages, what sections of the Website you visit, number of links clicked while on the Website, search terms and other similar usage data), and analyze performance metrics. These third parties use cookies and other technologies to help analyze and provide us the data. By accessing and using any of the Website, you consent to the processing of data about you by these analytics providers in the manner and for the purposes set out in this Privacy Policy. Please be advised that if you opt out of any service, you may not be able to use the full functionality of the Website.

• Third Party Advertising Providers.

• Inferences and Internet Activity Information. We may collect information about you through third parties that we have selected and approved for ad distribution and ad optimization (defined as the tailoring, targeting (i.e., behavioral, contextual, and retargeting), analyzing, managing, reporting, and optimizing of ads). These third parties may use cookies, pixel tags (also called web beacons or clear gifs), and/or other technologies to collect other information for such purposes. Pixel tags enable us and these third-party advertising companies to recognize a browser’s cookie when a browser visits the site on which the pixel tag is located in order to learn which advertisement brings a user to a given site. In addition, we may receive information from advertisers and/or their service providers such as advertising identifiers, IP addresses, and post-conversion data. See “Your Choices” for more information on how to opt-out of such third-party tracking.

2. HOW DO WE USE OR SHARE YOUR INFORMATION?

We may use and share your PHI as set forth below:

• To the extent required or permitted by the applicable Business Associate Agreement, we may use or disclose PHI to Covered Entities or other Business Associates bound by a BAA, for the purpose of fulfilling our service obligations to Covered Entities. For example, we may use an intake form to collect PHI on behalf of the medical provider you select in connection with the Services, which we securely send to our EMR provider Athenahealth to facilitate the provision of such Services.
• We may use PHI as needed for our internal management, administration, and legal obligations to the extent such use is permitted by the applicable BAA and not prohibited by law.
• If we need to disclose PHI to a subcontractor or agent, we will ensure that the subcontractor or agent agrees abides by the same restrictions and conditions that apply to us under the BAA with respect to PHI, including the implementation of reasonable and appropriate safeguards.
• We may have to disclose PHI if required to do so by law, or when reporting violations of law to the appropriate federal and state authorities.
• If permitted under the applicable BAA, we may aggregate PHI and use the resulting analytics (which can no longer be used to identify patients) for our business purposes.

We may use and share other types of your personal information as set forth below:

• To provide the Services;
• To solicit your feedback, inform you about our products and services and those of our third-party marketing partners;
• To monitor, support, analyze, and improve the Services
• To communicate with you regarding the Services;
• To fulfill your requests for information regarding new or improved products and services;
• To engage in research, project planning, troubleshooting problems, and detecting and protecting against error, fraud, or other criminal activity;
• To protect the safety and security of our Website, App, and customers;
• To third-party contractors and service providers that provide services to us in the operation of our business and assistance with the Services, such as technical support for the Website and providing services such as IT and cloud hosting, payment processing, order fulfillment, shipping, customer relationship management, email marketing, analytics services, fraud detection and preventions, administrative services and among others;
• To create and disclose aggregated, anonymous, user statistics and other information to (i) affiliates, agents, business partners, and other third parties; (ii) describe the Services to current and prospective business partners; and (iii) other third parties for lawful purposes;
• To share some or all of your information with our parent company, subsidiaries, affiliates, or other companies under common control with us;  
• To fulfill our legal and regulatory requirements;
• To comply with applicable law, such as to comply with a subpoena, or similar legal process, and when we believe in good faith that disclosure is necessary to protect our rights, protect your safety or the safety of others, investigate fraud, or respond to a government request;
• To assess or complete a corporate sale, merger, reorganization, sale of assets, dissolution, investment, or similar corporate event where we expect that your personal information will be part of the transferred assets;
• To audit our internal processes for compliance with legal and contractual requirements or our internal policies;
• To prevent, identify, investigate, and deter fraudulent, harmful, unauthorized, unethical, or illegal activity, including cyberattacks and identity theft; and
• Otherwise, with your consent.

We will take reasonable measures (e.g., by contract) to require that any party receiving any of your personal information from us, including for purposes of providing the Website and/or Products, undertakes to: (i) retain and use such information only for the purposes set out in this Privacy Policy; (ii) not disclose your personal information except with your consent, as permitted by applicable law, or as permitted by this Privacy Policy; and (iii) generally protect the privacy of your personal information.

3. DO WE USE COOKIES AND OTHER TRACKING TECHNOLOGIES?

As mentioned above under “Information we Automatically Collect” and “Information We Collect from Third Parties,” may use cookies and similar tracking technologies (like web beacons and pixels) to gather information when you interact with our Services. Some online tracking technologies help us maintain the security of our Services, prevent crashes, fix bugs, save your preferences, and assist with basic site functions.

We also permit third parties and service providers to use online tracking technologies on our Services for analytics and advertising, including to help manage and
display advertisements or to tailor advertisements to your interests. Third parties and service providers use their technology to provide advertising about products and services tailored to your interests which may appear either on our Services or on other websites.

4. HOW WE PROTECT YOUR INFORMATION

We take commercially reasonable steps to protect your information from loss, misuse, and unauthorized access, disclosure, alteration, or destruction. Please understand, however, that no security system is impenetrable. We cannot guarantee the security of our databases or the databases of the third parties with which we may share such information, nor can we guarantee that the information you supply will not be intercepted while being transmitted over the Internet. In particular, e-mail sent to us may not be secure, and you should therefore take special care in deciding what information you send to us via e-mail.

5. EXTERNAL WEBSITES

The Services may contain hyperlinks to third-party websites or apps (“External Websites”). We have no control over the privacy practices or the content of any External Websites to which we provide hyperlinks. As such, we are not responsible for the content or the privacy policies of those External Websites. You should check the applicable third-party privacy policy and terms of use when visiting any External Websites.

6. YOUR CHOICES

• Update Information. If the personal information we have for you changes, you may correct, update, or delete it by contacting us as set forth in “Contact Us” . We will use commercially reasonable efforts to process all such requests in a timely manner. You should be aware, however, that it is not always possible to completely remove or modify information in our databases. Additionally, we will retain and use your information (or copies thereof) as necessary to comply with our legal and/or regulatory obligations, resolve disputes, and enforce our agreements.
• Marketing Communications. You may manage your receipt of marketing and non-transactional communications by clicking on the “unsubscribe” link located on the bottom of any of our marketing emails. Please note that you cannot opt out of receiving transactional e-mails.
• Cookie Management. Most browsers let you remove or reject cookies. To do this, follow the instructions in your browser settings. Many browsers accept cookies by default until you change your settings. Please note that if you set your browser to disable cookies or other Tracking Technologies, the Websites and the Services may not work properly. For more information about cookies, including how to see what cookies have been set on your browser and how to manage and delete them, visit www.allaboutcookies.org.
• Third-Party Tracking Technologies. You may choose to opt-out of this type of tracking and sharing of information at any time by selecting the specific partners you wish to exclude from this website http://www.aboutads.info/choices.  You can also limit this type of tracking through the Do Not Track functionality in your web browser and a “Limit Ad Tracking” setting on iOS devices or a setting to “Opt out of Interest-Based Ads” on Android.
• You will need to apply these opt-out settings on each device from which you wish to opt-out. We cannot offer any assurances as to whether the companies we work with participate in the opt-out programs described above.

7. DO NOT TRACK

As discussed above, third parties such as analytics providers may collect information about your online activities over time and across different websites when you access or use the Website or Services. Currently, various browsers offer a “Do Not Track” option, but there is no standard for commercial websites. At this time, we do not monitor, recognize, or honor any opt-out or do not track mechanisms, including general web browser “Do Not Track” settings and/or signals

8. IMPORTANT NOTICE TO ALL NON-U.S. RESIDENTS

Our Services and servers are located in the United States. If you are located outside of the United States, please be aware that your information, including your personal information, may be transferred to, processed, maintained, and used on computers, servers, and systems located outside of your state, province, country, or other governmental jurisdiction where the privacy laws may not be as protective as those in your country of origin. If you are located outside the United States and choose to use the Services, you consent to any transfer and processing of your personal information in accordance with this Privacy Policy, and you do so at your own risk.

9. CALIFORNIA PRIVACY RIGHTS

California’s “Shine the Light” law (Civil Code Section § 1798.83) permits users of our Services that are California residents to request certain information regarding our disclosure of personal information to third parties for their direct marketing purposes. If you would like more information, please contact us by the methods provided below at “Contact Us.”

10. ABOUT CHILDREN

We do not knowingly collect or receive personal information from children under the age of 18 through the Website or Services. If you are under the age of 18, please do not provide any personal information through the Website or Services. We encourage parents and legal guardians to monitor their children’s Internet usage and to help enforce this policy by instructing their children to never provide any personal information on the Website, Services, or any other web site without their permission. If you have reason to believe that a child under the age of 18 has provided personal information to us through the Website or Services, please contact us at the methods provided at “Contact Us” and we will endeavor to delete that information from our databases.

11. CHANGES TO THIS PRIVACY POLICY

This policy is effective as of the date stated at the top of the policy. We may change this policy from time to time and will post any changes on the Services as soon as they go into effect. By visiting, accessing, or using the Services after we make any such changes to this policy, you are deemed to have accepted such changes. Please refer back to this policy on a regular basis.

12. CONTACT US

If you have any questions about this Privacy Policy or to report a privacy issue, please contact us in one of the following ways:

Email: nm@360medconsulting.com

Or write to us at:

360 Medical Consulting, LLC

133 E 58th St, New York, NY 10022, 15th Floor