PRIVACY POLICY
We’re committed to protecting and respecting your privacy and we are working diligently to ensure our policies and practices meet the high standard for data privacy introduced by the new European Union data protection law known as the General Data Protection Regulation (or GDPR), which goes into effect on May 25, 2018.
This update to our Privacy Policy provides more transparency concerning our collection, use, sharing, use of “cookies,” and safekeeping of information. The revised Privacy Policy also sets out your rights and the choices you have about what is made public on the website.
If you have any questions regarding this policy and our privacy practices feel free to contact us by email or phone as listed on our website.
GLOBAL PRIVACY STATEMENT
As part of our commitment to our customers’ privacy, we want you to be familiar with how we collect, use and disclose data.
This Privacy Policy describes the privacy practices of the Company for data that we collect:
- through websites operated by us from which you are accessing this Privacy Policy;
- through our social media pages that we control from which you are accessing this Privacy Policy (collectively, our “Social Media Pages”);
- through HTML-formatted email messages that we send you that link to this Privacy Policy and through your communications with us;
By using our website and services, you agree to the terms and conditions of this Privacy Policy.
HOW DO WE COLLECT INFORMATION FROM YOU?
We obtain information about you in the following ways:
- Information you give us directly;
- Information you give us indirectly; and
- Information shared with us by third parties (please check any privacy policy provided to you where you give your data to a third party.
WHEN YOU VISIT THIS WEBSITE
We, like many companies, automatically collect the following information:
Technical information, including the type of device visitors are using, the IP address, browser and operating system being used to connect to the internet. This information may be used to improve the services we offer.
Information about website visitors this Website, for example we collect information about pages our visitors visit and how these visitors navigate the Website, i.e. length of visits to certain pages, products and services that website visitors viewed and searched for, referral sources (e.g. how website visitors arrived at our Website).
We collect and use information by using cookies on our Website – more information about cookies can be found under the ‘Use of Cookies’ section below.
SOCIAL NETWORKS
We may collect or obtain your Personal Information from third parties who provide it to us. This may include referral sources; social network sites or services (e.g., Facebook, Twitter, LinkedIn, etc.). If you use a third-party connection or log-in (e.g., Facebook Connect, Twitter, or Google+) to access our services, create a membership or profile on any part of the Services, access our content or forward our content to another person, platform or service, we may also receive your username or email address for those third-party services or other information available about you or collected from you on those services.
Please note that we are not responsible for the information you volunteer about yourself in the discussions in certain public areas of the Services, such as forums, blogs, wikis, chat rooms, private messages, message boards or other publicly accessible interaction, or information that you choose to make public in your member profile or other areas of the Services that allow users to upload or post content. We discourage users from posting such Personal Information in this fashion. You can change your publicly available information at any time via your profile page. To request removal of your Personal Information from these areas, please contact us. In some cases, we may not be able to remove your Personal Information, in which case we will let you know we are unable to do so and why.
WHAT TYPE OF INFORMATION IS COLLECTED FROM YOU?
The personal information we collect, store and use might include:
- your name and contact details (including postal address, email address and telephone number);
- information you share in contact forms about procedures and treatments you are interested in, as well as additional comments you may provide;
- information about your activities on our Website and about the device used to access it, for instance your IP address and geographical location; and
- any other personal information shared with us.
Data protection laws recognize certain categories of personal information as sensitive and therefore requiring greater protection, for example information about your health, ethnicity and religion.
We do not usually collect sensitive data about you unless there is a clear and valid reason for doing so and data protection laws allow us to do so.
Where appropriate, we will clarify why we are collecting this type of information and what it will be used for.
HOW AND WHY IS YOUR INFORMATION USED?
We may use your information for a number of different purposes, which may include:
- providing you with the services, products or information you asked for;
- processing orders that you have submitted;
- carrying out our obligations under any contracts entered into between you and us;
- keeping a record of your relationship with us;
- conducting analysis and market research so we can understand how we can improve our services, products or information;seeking your views or comments on the services we provide;
- notifying you of changes to our services; and sending you communications which you have requested and that may be of interest to you. applications.
HOW LONG IS YOUR INFORMATION KEPT FOR?
We keep your information for no longer than is necessary for the purposes it was collected for. The length of time we retain your personal information for is determined by operational and legal considerations. For example, we are legally required to hold some types of information to fulfil our statutory and regulatory obligations (e.g. health/safety and tax/accounting purposes). We review our retention periods on a regular basis.
WHO HAS ACCESS TO YOUR INFORMATION?
We do not sell or rent your information to third parties.
We do not share your information with third parties for marketing purposes.
However, we may disclose your information to third parties in order to achieve the other purposes set out in this policy. These third parties may include:
Third parties working on our behalf: We may pass your information to our third-party service providers, suppliers, agents, subcontractors and other associated organizations for the purposes of completing tasks and providing services to you on our behalf. However, when we use these third parties, we disclose only the personal information that is necessary to deliver the services and we have a contract in place that requires them to keep your information secure and prevents them from using it for their own direct marketing purposes. Please be reassured that we will not release your information to third parties for them to use for their own direct marketing purposes, unless you have requested us to do so, or we are required to do so by law, for example, by a court order or for the purposes of prevention of fraud or other crime.
We may transfer your personal information to a third party as part of a sale of some or all of our business and assets to any third party or as part of any business restructuring or reorganization, or if we’re under a duty to disclose or share your personal data in order to comply with any legal obligation or to enforce or apply our terms of use or to protect the rights, property or safety of our staff, supporters, customers, users of the Website or others. However, we will take steps with the aim of ensuring that your privacy rights continue to be protected.
LAWFUL PROCESSING
Data protection law requires us to rely on one or more lawful grounds to process your personal information. We consider the following grounds to be relevant:
Specific Consent
Where you have provided specific consent to us using your personal information in a certain way, such as to send you email, text and/or telephone marketing.
Performance of a Contract
Where we are entering into a contract with you or performing our obligations under it like when you contract for the Company’s services or products.
Legal Obligation
Where necessary so that we can comply with a legal or regulatory obligation to which we are subject or to comply with a court order.
Vital interests
Where it is necessary to protect life or health or a safeguarding issue which requires us to share you information with the emergency services.
Legitimate Interests
Where it is reasonably necessary to achieve our or others’ legitimate interests (as long as what the information is used for is fair and does not unduly impact your rights).
When we process your personal information in this way, we consider and balance any potential impact on you (both positive and negative), and your rights under data protection laws. We will not use your personal information where our interests are overridden by the impact on you (for example, where such use would be excessively intrusive and no other legitimate basis exists for using your information).
When we use sensitive personal information, we require an additional legal basis to do so under data protection laws, so we will either do so on the basis of your explicit consent or another route available to us at law (for example, if we need to process it for employment, social security or social protection purposes, your vital interests, or, in some cases, if it is in the public interest for us to do so).
Email/Text/Phone
We will only send you marketing communications by email, text and telephone if you have explicitly provided your prior consent. You may opt out of our marketing communications at any time by clicking the unsubscribe link at the end of our marketing emails.
Your Choices
You have a choice about whether or not you wish to receive information from us. If you do not want to receive direct marketing communications from us, then you can select your choices by ticking the relevant boxes situated on the form used to collect your information.
We’re committed to putting you in control of your data so you’re free to change your marketing preferences (including to tell us that you don’t want to be contacted for marketing purposes) at any time. Feel free to contact us via any of the methods listed on the Website to discuss your preferences.
We will not use your personal information for marketing purposes if you have indicated that you do not wish to be contacted and will retain your details on a suppression list to help ensure that we do not continue to contact you. However, we may still need to contact you for administrative purposes.
OUR PROCESSING PARTNERS AND CONNECTED THIRD PARTIES:
MAIL HANDLING BY GOOGLE AND RACKSPACE
Our mail servers are hosted by Google and Rackspace. Mails that are sent to us are stored on those servers.
Google LLC
1600 Amphitheatre Parkway
Mountain View, CA 94043
Privacy Policy
Rackspace
1 Fanatical Pl City of Windcrest
San Antonio, TX 78218
Privacy Center
PAYPAL PAYMENT
You may choose PayPal as a payment processor in our shop. With your purchase, we automatically transmit the data of the data subject to Paypal. By selecting this payment option, you agree to the transfer of personal data required for payment processing. The personal data transferred to PayPal is first name, last name, address, email address, IP address and other data necessary for payment processing.
Paypal Corporate Headquarters
2211 North First Street
San Jose, California 95131
Privacy Policy
STRIPE PAYMENT
You may choose credit card payments in our online shop. We may use Stripe as a payment processor. We automatically transmit the data of the data subject to Stripe. By selecting this payment option, you agree to the transfer of personal data required for payment processing. The personal data transferred to stripe is first name, last name, address, email address, IP address and other data necessary for payment processing.
Stripe
185 Berry Street, Suite 550
San Francisco, CA 94107
Privacy Policy
WEB HOSTING
This website and its database may be stored on virtual server machines by WPEngine, Inc.
WP Engine
504 Lavaca Street,
Suite 1000 Austin, TX 78701
Privacy Policy
MARKETING & ANALYTICS
Google Analytics
We use Google Analytics service to measure traffic and user behavior on our website. Our Google Analytics code is configured to anonymize user IP addresses. So your personal IP address is not collected by Google.
If you’d like to opt out of tracking by Google Analytics, visit the Google Analytics opt-out page.
Hotjar
We may be using a service called Hotjar to analyze the performance and conversion on this site.
You can learn more about Hotjar and the data it stores in their privacy policy.
You can learn more about the cookies Hotjar stores from their cookie information or opt out of the Hotjar cookies on this page.
Popup Maker
We may be using a plugin called Popup Maker. Popup Maker anonymously tracks popup views and conversions. Subscriber information is retained in the local database indefinitely for analytic tracking purposes and for future export. You can learn more about PopupMaker and the data it stores in their privacy policy.
Data will be exported or removed upon user request via the existing Exporter or Eraser. If syncing data to a 3rd party service (for example Mailchimp), data is retained there until unsubscribed or deleted.
Popup Maker does not send any user data outside of your site by default. If you have extended our subscription forms to send data to a 3rd party service such as Mailchimp, user info may be passed to these external services. These services may be located abroad.
iContact
We may be using a service called iContact to send you marketing communications by email, text and telephone. You can learn more about iContact and the data it stores in their privacy policy.
MailChimp
We may be using a service called MailChimp to send you marketing communications by email, text and telephone. You can learn more about MailChimp and the data it stores in their privacy policy.
MyMedLeads
We may be using a service called MyMedLeads to automate the lead-to-patient tracking and conversion process. You can learn more about MyMedLeads and the data it stores in their privacy policy.
YOUR RIGHTS UNDER THE GENERAL DATA PROTECTION REGULATION (GDPR)
Under the GDPR, you have certain rights over the personal information that we hold about you.
Here is a summary of the rights that we think apply:
Right of access
You have a right to request access to the personal data that we hold about you. You also have the right to request a copy of the information we hold about you, and we will provide you with this unless legal exceptions apply.
If you want to access your information, please send a description of the information you want to see and proof of your identity by post to the address provided below.
Right to have your inaccurate personal information corrected
You have the right to have inaccurate or incomplete information we hold about you corrected. The accuracy of your information is important to us so we’re working on ways to make it easier for you to review and correct the information that we hold about you. In the meantime, if you change the email address, or if you believe any of the other information we hold is inaccurate or out of date, please contact us.
Right to restrict use
You have a right to ask us to restrict the processing of some or all of your personal information if there is a disagreement about its accuracy or we’re not lawfully allowed to use it.
Right of erasure
You may ask us to delete some or all of your personal information and in certain cases, and subject to certain exceptions; we will do so as far as we are required to. In many cases, we will anonymize that information, rather than delete it.
Right for your personal information to be portable
If we are processing your personal information (1) based on your consent, or in order to enter into or carry out a contract with you, and (2) the processing is being done by automated means, you may ask us to provide it to you or another service provider in a machine-readable format.
Right to object
You have the right to object to processing where we are using your personal information (1) based on legitimate interests, (2) for direct marketing or (3) for statistical/research purposes.
If you want to exercise any of the above rights, please contact us by using the email or phone number listed on this website. We may be required to ask for further information and/or evidence of identity. We will endeavor to respond fully to all requests within one month of receipt of your request, however if we are unable to do so we will contact you with reasons for the delay.
Please note that exceptions apply to a number of these rights, and not all rights will be applicable in all circumstances. For more details we recommend you consult the guidance published by the UK’s Information Commissioner’s Office, https://ico.org.uk/
KEEPING YOUR INFORMATION SAFE
When you give us personal information, we take steps to ensure that appropriate technical and organizational controls are in place to protect it.
Any sensitive information is encrypted and protected with SSL. When you are on a secure page, a lock icon will appear in your browser window.
Information you provide to us by email is transmitted normally over the Internet, and this can never be guaranteed to be 100% secure. As a result, while we strive to protect your personal information, we cannot guarantee the security of any information you transmit to us, and you do so at your own risk. Once we receive your information, we make our best effort to ensure its security on our systems.
USE OF “COOKIES”
Like many other websites, this Website uses cookies. “Cookies” are small pieces of information sent by an organization to your computer and stored on your hard drive to allow that website to recognize you when you visit. For example, we use cookies to store your country preference. This helps us to deliver a better, more personalized service when you browse our Website and improve our services.
It is possible to switch off cookies by setting your browser preferences. Turning cookies off may result in a loss of functionality when using our Website.
LINKS TO OTHER WEBSITES
Our Website may contain links to other websites run by other organizations. This policy applies only to our Website‚ so we encourage you to read the privacy statements on the other websites you visit. We cannot be responsible for the privacy policies and practices of other websites even if you access them using links from our Website.
In addition, if you linked to our Website from a third-party site, we cannot be responsible for the privacy policies and practices of the owners and operators of that third party site and recommend that you check the privacy policy of that third party site.
16 OR UNDER
We are concerned to protect the privacy of children aged 16 or under. If you are aged 16 or under‚ please get your parent/guardian’s permission beforehand whenever you provide us with personal information.
NOTICE OF ADDITIONAL PRIVACY RIGHTS FOR CALIFORNIA RESIDENTS:
Visitors, users and consumers of our website are entitled to certain protections and disclosures concerning their Personal Information. In addition, while our company is not in the business of selling personal information of visitors to this website, the California Consumer Protection Act of 2018 (“CCPA”) requires companies that collect, store and sell Personal Information of California residents to provide them with: a) information identifying all third-party companies to which a company may have disclosed, within the past year, their Personal Information that such companies could utilize for direct marketing purposes; and b) a description of the categories of Personal Information disclosed.
Please note: The CCPA portion of our Privacy Policy is only applicable to California Residents and supplements the information contained in the Company’s Privacy Policy and it applies solely to visitors, users, and others who reside in the State of California.
COMPLAINTS
Complaints about this Privacy Policy or how this practice handles our patients’ health and other private information should be directed to our practice by submitting a contact form on our website or calling our office.
If our California-based patients are not satisfied with the manner in which this office handles a complaint, they may submit a formal complaint to:
Region IX
Office for Civil RightsU.S.
Department of Health & Human Services
90 7th Street, Suite 4-100
San Francisco, CA 94103
(800) 368-1019; (800) 537-7697 (TDD)
(202) 619-3818 (fax)
OCRMail@hhs.gov
CHANGES TO THIS POLICY
Any changes we may make to this policy in the future will be posted on this Website so please check this page occasionally to ensure that you’re happy with any changes. If we make any significant changes we’ll make this clear on this Website.
REVIEW OF THIS POLICY
We keep this policy under regular review. This policy was last updated in December 2019.