Last updated June 20, 2018
2. What is Personal Information?
“Personal Information” is information that, either alone or in combination with other information, identifies you. When we combine other information (i.e., information that does not, on its own, identify you) with your Personal Information, we treat the combined information as Personal Information.
3. What is Non-Personal Information?
“Non-Personal Information” is any information that does not personally identify you. Non-Personal Information can include certain Personal Information that has been de-identified; that is, information about you that has been rendered anonymous. We obtain Non-Personal Information about you from information that you provide us, either separately or together with your Personal Information. We also automatically collect certain Non-Personal Information from you when you access our Portal. This information can include, among other things: your IP address or other unique identifiers that are automatically assigned to your computer, mobile or other device used to access the Portal; the type of browser you are using (e.g., Internet Explorer, Firefox, Safari, etc.); the third party Portal from which your visit originated; the operating system you are using (e.g., Vista, Windows XP, Mac OS, etc.); the domain name of your Internet service provider (e.g., America Online, NetZero, etc.); the search terms you use on our Portal; activity on our Portal, including the specific areas within our Portal that you visit; and the time of day and duration of your visits.
4. Information Collection and Use
Our Portal has the ability to collect Personal and Non-Personal Information about you. We collect this information: (i) directly from you when you provide it to us; and/or (ii) automatically as you navigate through the Portal.
a) Personal Information
While using our Portal or other services, we may ask you to provide us with certain Personal Information that can be used to contact or identify you. Personal Information may include, but is not limited to, your email address, name, and phone number. We collect and use this information for (i) improving and providing you with our products, services, or Portal, or servicing your purchase orders; (ii) identifying and communicating with you to (A) respond to your requests/inquiries, (B) provide you with updates about the Portal, (C) provide you with newsletters, or (D) provide you with marketing or promotional materials and other information that may be of interest to you; or for (iii) communicating with you to provide notice of an information security breach or incident.
Additionally, if you purchase a product or service from the Portal, our credit card processing vendor will request and collect certain Personal Information from you on our order form. You must provide contact information (such as name, email, and physical address) and financial information (such as credit card number and expiration date). Secure Sockets Layer (“SSL”) encryption is utilized to transmit sensitive information, such as your financial information. The financial information provided will be kept by our credit card processing vendor only. Company will not have access to it. This information is collected by our credit card processing vendor solely for the purpose of processing your payment to Company.
b) Non-Personal Information
i) Log Data
We may collect and use information that your browser sends whenever you visit the Portal (“Log Data”) to help diagnose problems with Company’s server, to administer the Portal, and to help understand our visitors’ needs related to Company’s Portal design. This Log Data may include information such as your computer’s Internet Protocol (“IP”) address, browser type, browser version, the pages of our Portal that you visit, the time and date of your visit, the time spent on those pages, and other statistics.
In addition, some of our third party service providers (further described in Section 5, below) may collect and use this type of information to increase our Portal’s functionality and improve visitor traffic to the Portal. These third-party service providers may also use this Log Data for their own purposes by relating information about your use of our Portal with any of your Personal Information that they may have. These third-party service providers have their own privacy policies addressing how they use Log Data.
iii) Do Not Track Disclosure
Company’s Portal currently does not support Do Not Track (“DNT”). DNT is a preference you can set in your web browser to inform Portals that you do not want to be tracked. You can enable or disable DNT by visiting the Preferences or Settings page of your web browser. To learn more about how DNT works, please visit http://allaboutdnt.com/.
5. Service Providers
Company may employ third-party companies and individuals to provide us with services, including but not limited to, facilitating the provision of our services or the Portal, providing services to you on our behalf, to perform service-related services for us, and/or to assist us in analyzing how our Portal and related services are used.
These third parties have access to your Personal Information only to perform specific tasks on our behalf and are obligated not to disclose or use your information for any other purpose.
6. Compliance With Law
Company will disclose your Personal Information where required to do so by law or subpoena or if Company believes that such action is necessary to comply with the law and the reasonable requests of law enforcement or to protect the security or integrity of our services.
The security of your Personal Information is important to Company, and we strive to implement and maintain reasonable, commercially acceptable security procedures and practices appropriate to the nature of the information Company stores, to protect it from unauthorized access, destruction, use, modification, or disclosure. However, please be aware that no method of transmission over the internet, or method of electronic storage is 100% secure, and we are unable to guarantee the absolute security of the Personal Information we have collected from you.
8. Links To Third-Party Websites and Web Portals
Company’s services may contain links to third-party websites that are not operated by us. If you click on a third-party link, you will be directed to that third party’s site. Company strongly advises you to review the privacypolicy of every website you visit. Company has no control and assumes no responsibility for the content, privacy policies or practices of any third-party websites or services.
9. Children's Privacy
Only persons age 18 or older have permission to use Company’s services or access Company’s Portal. Company’s Portal and services do not address anyone under the age of 18 (“Children”) or target Children with advertisements or marketing regarding Company’s products or services. We do not knowingly collect Personal Information from Children. If you are a parent or guardian and you learn that your Children have provided Company with Personal Information, please contact us. If Company becomes aware that we have collected personal information from a child under age 13 without verification of parental consent, Company will take steps to remove that information from our servers.
This section describes how we process “Protected Health Information” or “PHI”, which is a type of Personal Information. Specifically, PHI is individually identifiable information that we obtain from you or others that relates to your past, present or future physical or mental health, or the health care you have received or continue to receive.
If we receive or create information which constitutes PHI on behalf of your health care provider (a “Covered Entity”) in our role as a “Business Associate,” we will protect this information and treat it confidentially in accordance with the Health Insurance Portability and Accountability Act of 1996 and its implementing regulations (“HIPAA”) and the Business Associate Agreement (“BAA”) we have in place with the Covered Entity.
We may use and disclose the PHI that we create or receive on behalf of a Covered Entity in accordance with HIPAA, and pursuant to the contract we have in place with the Covered Entity. For example, we may use the PHI to communicate with health care providers or their related entities for their treatment activities relating to you.
We may also de-identify the PHI in accordance with HIPAA and our BAAs. Once we do so, we can no longer associate the information with your identity, as specific identifiers will be removed, such as your name, e-mail address, and any unique identifiers.
13. Contact Us