Last Revision: June 23, 2020
As used in this Policy, the terms “using” and “processing” information include using cookies on a computer, subjecting the information to statistical or other analysis, and using or handling information in any way, including, but not limited to, collecting, storing, evaluating, modifying, deleting, using, combining, disclosing, and transferring information within our organization or among affiliates within the United States or internationally.
2. WHAT INFORMATION DO WE COLLECT?
We collect two types of information (“Information“):
• “Personal Information” is information associated with or that can be used to identify a specific individual, such as name, email address, postal address, zip code or telephone number. Our definition of Personal Information does not include information that has been aggregated or modified so that it can no longer be used, whether alone or in combination with other information, to identify a specific individual.
• “General Information” is information about an individual’s online activity that, alone, cannot be used to identify him or her, such as browser type, operating system, domain name and the dates/times of Site access, Apos App access, website or Apos App usage, traffic patterns, Site performance, Apos App performance, and related statistics based on our tracking of your visits to the Site or Apos App.
Personal Information and General Information may be linked together. Different types of General Information also may be linked together and, once linked, used to identify a unique individual.
3. HOW DO WE COLLECT INFORMATION?
A visitor can access and browse our entire Site and download the Apos App at any time without providing any Personal Information that expressly identified you. We do not collect information that would personally identify you unless you choose to provide it. However, in order to make full use of the Apos Services as made available via the Site and/or the Apos App, you may be required to provide Personal Information. The Information collected and how we process it depends on how you use and access the Site, and use and download the Apos App.
a. Personal Information That You Provide to Us: You may provide us with your Personal Information when you contact us for help or information either by a contact form or by using our chat, sign up for newsletters, or otherwise voluntarily supply your Personal Information to us. The Personal Information you will provide to us through the contact form will transfer into our CRM system. Both our CRM system and the chat comply with The Health Insurance Portability and Accountability Act of 1996 (HIPAA). We do not sell your Personal Information.
4. HOW DO WE USE TRACKING TECHNOLOGY, RESPOND TO DO NOT TRACK, AND USE TARGETED ADVERTISING?
a. Cookies. A “cookie” is a small text file placed in your web browser directory to store information about your use if the Site or Apos App. A cookie may be either permanent or temporary. A temporary (or session) cookie is deleted when you close your web browser or turn off your computer or device. A permanent (or persistent) cookie is stored until deleted. Cookies help to improve your experience on the Site and Apos App by, for example, enabling the Site and Apos App to recognize you when you return to the Site or Apos App. Cookies placed in your web browser directory by us are called “first-party cookies.” Cookies placed in your web browser directory by third parties are called “third-party cookies.” A third-party cookie may recognize your computer and/or device both when it visits the Site or Apos App and also when it visits other websites serviced by the same third party providing the cookie. To find out more about cookies, visit www.allaboutcookies.org.
b. Do Not Track. Some web browsers incorporate a “Do Not Track” feature that signals the websites that you visit that you do not want to have your online activity tracked. The Help, Preferences, or Tools settings (or similar menu option) on most major web browsers will explain how to enable or disable the Do Not Track signal. How browsers communicate the Do Not Track signal is not yet uniform. For this reason, many websites and applications, including the Site, are not set up to interpret Do Not Track signals.
c. Targeted Advertising. Cookies and other Tracking Technology assist us in understanding who is interested in our products and services and how to make our advertisements relevant. The practice of identifying and serving advertisements that we believe match a user’s interests is often referred to as “online behavioral advertising” or “targeted advertising.” We use third-party vendors, including Google and DoubleClick, to display targeted advertising on websites across the Internet.
d. Opting Out. If you want to “opt out” of receiving targeted advertising, please visit Network Advertising Initiative opt-out page or www.aboutads.info/choices and follow the instructions. Once you opt out, an “opt-out” cookie will be placed on your computer indicating that you do not want to receive targeted advertisements. If you delete cookies on your computer or device, you may need to opt out again. Please note that when you “opt-out” of receiving targeted advertisements, you still may see advertisements from us but the advertisements you see will not be based on your particular interests. In addition, please note that certain third parties that we do not control may use Tracking Technology on the Site and Apos App. When you “opt-out” of receiving targeted advertisements through one of the links above, we still may use Tracking Technology to collect information about your use of the Site and Apos App, including for analytics and fraud prevention.
5. HOW DO WE PROCESS INFORMATION?
a. How We Use Information. We use Information that we collect about you or that you provide to us to operate, maintain and enhance the Site and Apos App, including:
• To present the Site and Apos App and their content to you;
• To send you information about Apos’ products and services, special offers, events, or articles that we think will interest you;
• To generate statistical information about the advertisements we serve and the ways in which users interact with them;
• To develop profiles (using Tracking Technology) of users who interact with the advertisements we serve;
• To carry out our obligations and protect our rights arising from any contracts entered into between you and us, and for billing and collection;
• To protect the safety and security of users of the Site and Apos App;
• To contact you following your request;
• To fulfil any other purpose for which you provide Information to us or to which you consent; and
• In any other way we may describe at the time you provide Information.
b. How We Disclose Information. We may disclose Personal Information to:
• with your consent, a clinic that is relevant to you;
• third-party service and technology providers that assist us with our business operations, such as vendors that serve targeted advertising about us on other websites;
• enforce our agreements with the Site’s and Apos App’s users or other third parties;
• protect rights of the Site’s and Apos App’s users;
• comply with applicable laws and regulations;
• law enforcement or governmental agencies to respond to a subpoena, search warrant or other lawful request for Information received by us, whether or not a response is required by applicable law;
• to comply with a law, rule or regulation that we believe applies to our operation of the Site or Apos App; and
• to an acquirer of all or substantially all of Apos’ assets.
6. DATA RETENTION
We will retain the Information to provide to our Site or the Apos App for as long as needed to provide you with the Apos Services. We will also retain and use the Information you provide via the Site or Apos App as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements. If you delete the Apos App, any Personal Information will be moved out of our active databases, but will still be retained in our systems pursuant to our clinical data warehouse, data backup, and data retention policies.
7. THIRD-PARTY WEBSITES
8. CHILDREN UNDER AGE 13
The Site is designed and intended for adults. In accordance with the Children’s Online Privacy Protection Act (COPPA), we do not knowingly collect, store or use Personal Information about children under the age of 13. Please contact us at firstname.lastname@example.org if you have reason to believe that a child under the age of 13 has provided us with Personal Information.
9. FOR CALIFORNIA RESIDENTS
California law permits residents of California to opt out of Apos’ disclosure of Personal Information to third parties for their direct marketing purposes. You may choose to opt out of the sharing of your Personal Information with third parties for direct marketing purposes at any time by submitting a request in writing to AposTherapy, 300 Park Avenue, 12th Floor, New York, NY 10022 or by sending an email to email@example.com. Note that this opt-out does not prohibit disclosures made for non-marketing purposes. California law also permits residents of California to request and obtain from Apos once per year, free of charge, a list of third parties (if any) to which Apos has disclosed Personal Information for such third parties’ direct marketing purposes in the prior calendar year, as well as the type of Personal Information disclosed to those parties. If you are a California resident and would like to request this information, please submit your request in an email to: firstname.lastname@example.org or by writing to AposTherapy, 300 Park Avenue, 12th Floor, New York, NY 10022. Requests via telephone or facsimile will not be accepted. The email subject line or mailing envelope and the content of your request must include the phrase “California Privacy Rights,” and include your name, email address (if you would like to receive a response via email) or mailing address (if you would like to receive a response via postal mail).
10. PATIENT PRIVACY
We follow generally accepted industry standards, including HIPAA and use technical and organizational measures to protect against unauthorized access to or unauthorized alteration, disclosure or destruction of Personal Information. However, no method of transmission over the Internet, or method of electronic storage, is 100% secure. Therefore, while we strive to use commercially acceptable means to protect personal data, we cannot guarantee its absolute security:
• We limit access to Personal Information about you to employees, contractors, and agents who we believe reasonably need to meet that Personal Information. Those individuals are bound by confidentiality obligations and may be subject to discipline, including termination and criminal prosecution, if they fail to meet these obligations.
• We have physical, electronic, and procedural security measures and safeguards to reasonably protect Personal Information. Our servers and databases are protected by industry standard security technology, such as industry standard firewalls and password protection.
• We train our employees about the importance of confidentiality and maintaining the privacy and security of Personal Information. We commit to taking appropriate disciplinary measures to enforce our employees’ privacy responsibilities.
• Although we cannot guarantee against any loss, misuse, unauthorized disclosure, alteration or destruction of data, we try to prevent such unfortunate occurrences.
12. IDENTITY THEFT
Identity theft is of great concern to Apos. Safeguarding Information to help protect you from identity theft is a top priority. We do not and will not, at any time, request your credit card information, your login information, or national identification numbers in a non-secure or unsolicited email or telephone communication. For more information about identity theft, visit the Federal Trade Commission’s website at www.ftc.gov.
13. SECURITY BREACH
The Site, Apos App, and Apos Services rely on the Internet and mobile networks, which are not always secure. We use commercially reasonable efforts to maintain the confidentiality, availability, and integrity of any Information we collect, but we cannot assure that the use of the Site, Apos App, or Apos Services are secure or that your Personal Information or other data that we may have will be secure. In the even that we become aware of a security incident, we will notify you to the extent required under applicable law.
14. INTERNATIONAL TRANSFER
15. RIGHT TO NON-DISCRIMINATION