BiosGO Privacy Policy

Last updated: July 8, 2024

This Privacy Policy includes important information about your personal data and we encourage you to read it carefully.


This Privacy Policy applies to BiosTech, LLC, an Oklahoma limited liability company (“BiosTech”), and its contracted suppliers and affiliates (“we”, “us” or “our”) that provides BiosGO, a person-centered software product and application tool (hereinafter, “BiosGO” or the “BiosGO Services”). This Privacy Policy does not apply to any other products, software or services that we may provide, unless such as specifically referenced in this Privacy Policy. Any term that is capitalized but not specifically defined in this Privacy Policy shall have the same meaning given to such term in the BiosGO End User Agreement.

What can you find here in our Privacy Policy?

  • You can find information about what data we collect and how we collect it from our customers when using BiosGO.
  • You can find information on what data we collect and how we collect it from End Users when using BiosGO.
  • You can find information about Clients’ rights to make choices about their data.
  • You can find information about our automatic information gathering tools, such as cookies, pixels, web beacons and other tools that collect information from End Users when they visit our BiosGO websites, mobile applications or utilize our BiosGO Services, and how these tools can be managed.
  • You can find information about our privacy and security practices.
  • You can find information about how we share data with third parties, as well as how you can find information about these third parties’ information sharing practices.

1. What Data Do We Collect?

BiosGO is a person-centered software product providing a next-generation experience for users and stakeholders in the human services space. BiosGO strives to enable better outcomes for people who are supported, families and service providers. In order to provide the BiosGO Services, we need to collect and process data.

The data we collect depends on what BiosGO Services you are using and your relationship with us. It also depends upon your role and the type of user account you create. BiosGO supports the following user categories:

  • Agency Users – that is, employees or agents of a human services organization that has entered into a Customer Agreement with BiosTech (each, an “Agency” and collectively, “Agencies”) to allow such Agency to use BiosGO and who are designated by the Agency as an authorized user of BiosGO in their capacity as an employee or agent of such Agency.
  • Client Users – that is, natural persons (each, a “Client” and collectively, “Clients”) who are enrolled to receive support, planning, care or other services from an Agency that provides or coordinates such services to such natural persons.
  • Caregiver Users – that is, natural persons identified and approved by the Client and Agency as being involved in the Client’s support, planning, care or other needs received from an Agency or Support Organization and may include family members, friends or any other individuals who are helping, supporting or directly providing care needs to the Client (each, a “Caregiver” and collectively, “Caregivers”)
  • Support Organization Users – that is, employees or agents of supporting social services and other organizations that have been identified and approved by an Agency as providing support, planning, care or other services to a Client (each, a “Support Organization” and collectively, “Support Organizations”) and who are designated by their related Support Organization as an authorized user of BiosGO in their capacity as an employee or agent of such Support Organization.

Collectively, we refer to Agency Users, Client Users, Caregiver Users and Support Organization Users as “End Users”.

Currently, BiosGO is offered as a product for use solely under the direction and control of Agencies and is not intended as a product directly offered to individual consumers for their personal or household use. For example, BiosGO allows an Agency to invite a Client to set up a BiosGO Account. The Agency may then invite any family member, friend or guardian, that the Client has identified and approved, to set up a BiosGO Account as a Caregiver User for that Client. An Agency may also invite any Support Organization, such as a social services organization, to create a BiosGO Account to support the Client. Both the Agency and Support Organizations may designate their own employees or agents as an Agency User or Support Organization User of BiosGO for the Client. In all circumstances, End Users must be specifically identified, authorized and invited by an Agency to use BiosGO.

The types of data we may collect and process are described below and are collectively referred to as “Data”:

  • Navigation Data. When you use BiosGO through our website or mobile application, such as logging into and using your BiosGO Account, we may automatically receive and record information from your browser, including your IP address, geolocation, browser type, referrer page, domain name, access time, entry page, exit page, operating system type, and search engine keywords used. In certain circumstances, Navigation Data may also be Personal Data/Information (defined below).
  • Business Data. We may collect and process the following business information from Agencies and Support Organizations, including their respective employees and agents who are End Users of BiosGO: their business entity’s name, business address, contact information, stakeholder information such as employee names, titles, and email addresses, communication information, interactions, usage and diagnostic information such as software or device reports and information, error messages, audit trails, authentication and similar usage information, operational information, transaction information, payment information, authorized End User information, and other related information about the business and its employees and agents.
  • Client Data. When an Agency contracts with us to provide the BiosGO Services, we may process Client-level information that the Agency provides to us, either directly or indirectly, in connection with use of BiosGO. With regard to Client Data, you should note specifically the following:
    • We do not determine or control the type or amount of information which an Agency may collect and provide to BiosGO. If you are a Client of an Agency, your Agency generally collects this information from you directly or creates or obtains it because of their direct relationship with you. Your Agency’s Privacy Notices, including its HIPAA Notice of Privacy Practices, explain to you what information they collect, maintain, use and disclose about you.
    • Client Data may include medical, sensitive and other information about you or a family member if you are a Client and is usually considered “protected health information” (i.e., PHI) subject to state and federal laws, including HIPAA (see Section 3, FEDERAL AND STATE DATA PROTECTION LAWS). Because Agencies and their authorized End Users solely determine whether, what type and how much information to include when they use BiosGO, we usually have no way of knowing whether any specific information which we process is considered Personal Data/Personal Information, PHI or contains sensitive information.
    • You may also have the capability to upload and manage additional information directly in your BiosGO Account. Any Client Data you provide in connection with your use of BiosGO will be connected to an Agency and its Customer Agreement. In the event your BiosGO Account is terminated, any and all Client Data may be deleted if the Agency terminates its contract with us.
  • Personal Data/Information. We may collect and process personal information about you directly in order to create and manage your BiosGO Account, such as your: name, phone number, email address, mailing address, website URL, employer or company, communication information, interactions, and usage and diagnostic information such as software or device reports, error messages, audit trails and similar usage information. With regard to Personal Data/Information, you should note specifically the following:
    • If such information is collected from you in BiosGO in the context of your role and capacity as an employee or agent of an Agency or Support Organization, this information is treated as Business Data (i.e., “business to business” (B2B) data) or Client Data (i.e., PHI under HIPAA) and is NOT, for purposes of this Privacy Policy and our privacy practices, considered your “personal data” or “personal information”.
    • If such information is collected from you in BiosGO in your role as a Caregiver of a Client, such information is generally treated as Client Data (i.e., PHI under HIPAA) and NOT, for purposes of this Privacy Notice and our privacy practices, considered your “personal data” or “personal information”. HOWEVER, IF YOU ARE A CAREGIVER USER OF BIOSGO, YOU SHOULD NOT POST OR PROVIDE ANY INFORMATION TO BIOSGO ABOUT YOURSELF THAT MIGHT BE CONSIDERED “SENSITIVE HEALTH INFORMATION” UNDER APPLICABLE STATE LAWS. Examples of sensitive health information may include information about you relating to: HIV/AIDS, sexually transmitted diseases, substance use disorders, mental health treatment, genetic information, reproductive health information, among other categories defined by the laws of the state in which you reside. WE HAVE NO RESPONSIBILITY FOR PROCESSING, USING OR SHARING ANY SENSITIVE HEALTH INFORMATION THAT YOU INADVERTENTLY OR VOLUNTARILY POST OR PROVIDE IN BIOSGO ABOUT YOURSELF.
    • If you are the Client, any such information that is collected from you in BiosGO is considered Client Data (i.e., PHI under HIPAA) and is NOT, for purposes of this Privacy Policy and our privacy practices, considered your “personal data” or “personal information” subject to state data protection laws.
    • Any Personal Data/Information provided in connection with your use of BiosGO will be connected to an Agency and its Customer Agreement, and therefore, in the event your BiosGO Account is terminated, your Personal Data/Information may be deleted if the Agency terminates its contract with us.
  • Communications Data. When you use BiosGO which permits communications or messages to be transmitted between Agencies and their authorized End Users, or to third parties, we may collect, process and transmit such information as you make available in the communications. You, Agencies and other End Users solely determine the content and purpose of any such communications, including whether or not to transmit Business Data, Personal Data/Information or Client Data, including sensitive information, and/or PHI.

2. How We Use and Disclose the Data We Collect?

We need to process Data in order to provide the BiosGO Services, including collecting, hosting, maintaining and transmitting Data from Agencies and making such Data available for End Users to access and view through authorized BiosGO Accounts, as well as support exchange of such Data with any third parties designated by Agencies. By using the BiosGO Services, you consent to these Data uses and disclosures. For any of these uses and disclosures, we may utilize a combination of our employees, agents, subcontractors, software tools or machine-learning/artificial intelligence in order to provide the BiosGO Services. Here is how we use and disclose the Data we collect:

  • We may process, use and disclose (share) Data in order to provide the BiosGO Services to Agencies and their End Users, including yourself. For example, our BiosGO Services help to connect Agencies, Clients, Caregivers and Supporting Organizations and to share Data that is needed to support Clients.
  • We may process, use and disclose Data in order to aggregate, analyze, audit, correct, develop, enhance, host, improve, maintain, conduct performance improvement, conduct service personalization, conduct product research, conduct security and compliance activities, troubleshoot, and upgrade the BiosGO Services. For example, we may analyze End User performance and usage data and activities to identify solutions and recommendations for Agencies or to determine how we can improve the BiosGO Services.
  • We may process, use and disclose Data in order to create, maintain and host BiosGO Accounts, provide customer support, conduct marketing activities, process payments, enforce Customer Agreements or Terms of Use, or to suspend or terminate a BiosGO Account as described in the applicable Terms of Use and appliable Customer Agreements.
  • We may process, use and disclose Data for our management and administration, including compliance purposes, business development, as well as to create anonymized or limited data sets, de-identify and/or analyze Data. We may use and disclose Data which has been de-identified in accordance with applicable laws for any business purposes permitted by law, however, we will never use identifiable Client Data, Personal Data/ Information or PHI for any purpose not permitted by this Privacy Policy or applicable law as more specifically described in Section 3 below.
  • We may process, use and disclose Data if required by applicable law, such as court order or other legal process.
  • We may disclose Data between the Agency, the Client, the Client’s Caregivers and Supporting Organizations. For example, if a Client creates a BiosGO Account through the Agency that it receives services from, and the Agency invites an authorized Caregiver User and an authorized Supporting Organization User to support the Client in BiosGO, these End Users will be able to share Data, communicate with each other and collaborate using BiosGO together with the Agency. We do not share Data between unconnected Clients, Agencies or End Users.
  • We may disclose Data to our suppliers and service providers that we have contracted with to provide us with services and help us provide the BiosGO Services to Agencies and End Users, as described more specifically in Section 6, and our suppliers and service providers may disclose Data back to us for these purposes.
  • We may otherwise process, use and disclose Data pursuant to your specific direction and consent or authorization provided.

3. Federal and State Protection Laws

Certain Data is subject to additional protections under applicable federal, state or local data protection laws (“Data Protection Laws”). This includes applicable state and federal laws including the federal Health Insurance Portability and Accountability Act of 1996, as amended by the Health Information Technology for Economic and Clinical Health Act (collectively, “HIPAA”) which governs the use and disclosure of “protected health information” (PHI), as defined by HIPAA.

To the extent Agencies are “covered entities,” and disclose PHI in connection with BiosGO, we will comply with applicable HIPAA obligations which govern “business associates” as such terms are defined by HIPAA when we use and disclose PHI created, received, maintained, or transmitted by or on behalf of such Agencies. We will also comply with the terms of the business associate agreement we enter into with applicable Agencies.

Given the nature of the BiosGO Services and circumstances under which we process the Data, we cannot independently determine in most circumstances what Data may include PHI or other information which is subject to Data Protection Laws. Likewise, we cannot independently determine in most what circumstance Data may include “sensitive information” that may also be subject to additional protections under Data Protection Laws.

Therefore, Agencies and their End Users are solely responsible for obtaining any and all consents for the processing activities described in this Privacy Policy prior to disclosing any Data subject to Data Protection Laws in connection with the BiosGO Services. Failure to do so may result in suspension or termination of the applicable account. By uploading or sharing Data or materials in connection with BiosGO, you represent that you are the owner of such Data or materials, or that you have the right and authority to post or share such Data or materials, and that such uploading or sharing is compliant with all Data Protection Laws.

In the event an Agency HIPAA business associate agreement conflicts with anything set forth in this Privacy Policy, the terms of such Agency HIPAA business associate agreement will control with respect to use and disclosure of PHI.

4. Choices and Rights

Data which is PHI remains subject to HIPAA at all times. This means you may exercise any rights which HIPAA may afford to such PHI. In many cases, you will need to exercise these rights through the applicable Agency or its End Users. For example, if you are a Client of an Agency and you wish to amend Client Data within your BiosGO Account that contains PHI and which originated from an Agency, such as medical information, you will need to contact the Agency directly for such amendments. You may otherwise have the capability to exercise the following options with respect to your BiosGO Account and Data:

• Access or update certain Personal Data/Information or Business Data available directly in your BiosGO Account, such as your name, address, contact information;

• Add, Edit, or delete Personal Data/Information or Client Data that you uploaded directly in your BiosGO Account. We may, however, need to retain copies of any such Personal Data/Information or Client Data which you may choose to modify or delete from your BiosGO Account related to the purposes for which it was processed under this Privacy Policy, such as for our internal business, compliance, and legal purposes, or as part of our routine backup and disaster recovery processes;

5. Cookies and Automated Technologies

A cookie is information saved by your web browser. When you visit a website, the site may place a cookie on your web browser so it can recognize your device in the future. If you return to that site later, it can read that cookie to remember you from your last visit and keep track of you over time.

We may use cookies, pixel tags, web beacons and similar technologies to gather information, some of which may be Personal Data/Information, for the following purposes: for operation of the BiosGO Services, including your BiosGO Account and our website or mobile application, to store and manage your preferences and settings, to gather usage and performance data, for sign-in functionality, product analyze and performance improvement, and other operation of the BiosGO Services. Certain services and functionalities may not work if you disable cookie functions on your browser.

For a list of the third parties that set cookies on our websites or mobile application, including service providers acting on our behalf, please visit our third-party cookie inventory. On our BiosGO website and mobile application, a list of third parties is available here. The third parties on these sites may not be included in the list on our third-party cookie inventory.

You have a variety of tools to control the data collected by cookies, pixel tags, web beacons, and similar technologies. For example, you can use controls in your internet browser to limit how the websites you visit are able to use cookies and to withdraw your consent by clearing or blocking cookies. However, certain BiosGO Services will not work if you disable cookies and similar technologies. Therefore, use of any BiosGO Service which requires cookies and similar technology to perform as intended is your acceptance of these cookies and similar technologies.

We may also automatically collect other information from you using automated technology when you interact with us via our websites, via email or your BiosGO Account, including Network Data and Business Data such as computer and device information, audit trails, authentication and credential information, usage information, and similar information.

6. Suppliers, Service Providers and Third-party Data Sharing

We may contract with independent software and application developers, suppliers, service providers and other contractors in order to facilitate our provision of the BiosGO Services (“Suppliers and Service Providers”). By using BiosGO, you authorize us to exchange Data with them as necessary to provide the BiosGO Services or at your direction. For example, we host BiosGO through Microsoft Azure and we may utilize backup and disaster recovery vendors. If we would share any PHI with such Suppliers and Service Providers, we will obtain a sub-contractor business associate agreement (BAA) with such Suppliers and Service Providers when required.

We may also provide integration tools with third parties in connection with the BiosGO Services. From time to time, these third parties may independently collect Data from you, and you are responsible for reviewing their privacy notices and contacting them with any questions about how they may share Data which you may make available to them through such integrations. These third parties independently may provide services to you or an Agency which may integrate with and enhance your use of BiosGO. For example, we may, from time to time, offer communication functionality which allows you to integrate and utilize third party social media messaging platforms, such as WhatsApp, to communicate Data between applicable Agencies, End Users, and other third parties. We do not control the contents or manner of any such communications, nor can we control how the third party uses and shares Data that you make available. You are responsible for reviewing any such third-party social media messaging platforms privacy notices and contacting them with any questions about how they may share Data which you may make available in connection with such platforms.

We may also integrate with Google Analytics and similar entities to provide geolocation data when you navigate our website or account, or with Microsoft Office 365, Windows and other functionalities. You may be able to utilize any tools such third party makes available to exercise your choice over what Data and functionality is utilized by such third party. However, certain BiosGO Services may not work if you disable these third-party tools. Therefore, use of any BiosGO Service which requires a third-party tool to perform as intended is your acceptance of such BiosGO Service and third party tool.

Unless we have a written contract with such third party, we do not have any control over these other parties, and therefore we are not responsible for and disclaim any liability for the privacy and security of any Data that you provide in connection with such third parties. You, applicable Agencies, Support Organizations and End Users are solely responsible for all Data or materials which you post or share with these third parties in connection with BiosGO.

7. Children

Clients who are children under the age of eighteen (18) may not create BiosGO Accounts independently. Authorization or consent from a parent, court-appointed guardian or other legal representative (hereinafter, referred to as “Legal Guardian”) is required for a minor Client under the age of 18 to establish a BiosGO Account and use BiosGO. Once authorization or consent from a Legal Guardian is obtained by an Agency or its End Users to use BiosGO and/or establish an account for the minor Client, we may process such Data as described in this Privacy Policy. For example, this means that Legal Guardian may upload Personal Data/Information of a minor Client into a BiosGO Account that the Legal Guardian maintains on behalf of the child or communicate with an Agency or End Users through BiosGO in the same manner that an adult could upload their own Personal Data/Information or communicate with an Agency or End Users through BiosGO once the parent or personal representative authorizes or consents to such.

8. Contact Us

If you have any questions or concerns about this Privacy Policy, you may contact us at BiosGo@bioscorp.com. We will respond to any inquiries promptly. You may also reach out to your designated BiosGO representative with any questions and they will coordinate our receipt of your question or concern.

9. Changes to This Privacy Notice

Please review this Privacy Policy carefully before using BiosGO. BY USING BIOSGO, YOU ACCEPT THIS PRIVACY NOTICE AND CONSENT TO THE COLLECTION, PROCESSING AND USE OF ALL DATA AS DESCRIBED IN THIS PRIVACY POLICY. We may change this Privacy Policy at any time in our sole discretion from time to time by posting the revised Privacy Policy on this page and the changes will be effective the next time you use BiosGO. Your continued use of BiosGO constitutes acceptance of such changes.

THIS PRIVACY NOTICE DOES NOT APPLY TO ANY INDEPENDENT DATA COLLECTION, PROCESSING, USE, OR DISCLOSURE DIRECTLY BY A THIRD PARTY, AGENCY, OR END USER. THIS PRIVACY NOTICE ONLY APPLIES TO OUR OWN DATA PRACTICES. YOU ARE SOLELY RESPONSIBLE FOR REVIEWING ANY APPLICABLE AGENCY OR END USER NOTICES OF PRIVACY PRACTICES.