Privacy Policy

IVIM HEALTH PRIVACY POLICY 

Effective Date: July 2, 2024 

This Ivím Health Privacy Policy (“this Policy”) describes how we collect, use, and disclose your Personal Information. Under this Policy, “we”, “us”, “our”, and “Ivím Health” mean, collectively, Ivím Services LLC and its affiliates, Ivím Health LLC, and Ivím Professional Corporation. “Personal Information” means information that is linked or reasonably linkable to you.  

This Policy applies to all Personal Information processed by us in connection with or as part of your use or interaction with our websites, apps, and us, if we do not have an established patient relationship with you. To establish a patient relationship with us, you must successfully register as and remain a Member. 

If we have an established patient relationship with you, those portions of our websites, apps, and interactions with us that require a username and password or other authentication process to access are not covered by this Policy, but instead are covered by a separate Ivím Provider Group HIPAA Notice of Privacy Practices (“the HIPAA Notice”). The HIPAA Notice, and not this Policy, also covers the collection and use of your Protected Health Information (“PHI”) as defined under the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”). If you successfully register as a Member, you will be asked to acknowledge the HIPAA Notice at the appropriate time prior to providing any PHI.  

We reserve the right to revise this Policy at any time. We will make the revised version of this Policy available on our website. The date this Policy was last revised is identified under the title above. By continuing to use and interact with our websites, apps, and us after revisions to this Policy are made available on our website, you accept the revised Policy unless we are required by law to obtain your acceptance some other way. 

If you disagree with any part of this Policy, or any future revisions to it, please discontinue your use and interaction with our websites, apps, and us. 

If you have questions about this Policy or our privacy practices, please contact privacy@ivimhealth.com. 

1. Categories and Sources of Personal Information We Collect. We obtain the following categories of your Personal Information from the following sources. We require certain types of your Personal Information so that we can provide goods or services to you. For example, to successfully register as a Member, you must provide your full name, date of birth, gender, street address, telephone or cellphone number, and email address. If you do not provide us with this Personal Information or ask us to delete it, you may no longer be able to access or use some or all of our goods or services.  
   1. Information You Provide to Us. We collect Personal Information that you provide directly to us though the following sources: Member registration attempts through successful completion; questions, communications, or feedback you submit to us; requests for customer and technical support; ordering and paying for goods and services; and participation in research, surveys, contests, and promotional activities. 
      1. The specific types of Personal Information we collect includes: identifiers, such as name, street address, telephone or cellphone number, and email address; demographic information, such as your age and gender; general geolocation information, such as city, state, and ZIP code; billing information, such as credit card or debit card number, verification number, and expiration date; user-generated content you provide to us, such as photos and videos, or that you post in our online communities; and information about others, such as the contact information of a family member or a friend you authorize to access your information or act as an emergency contact. 
      2. The specific types of Sensitive Information we collect includes: log-in credentials, if you successfully complete Member registration; and any other Sensitive Personal Information you choose to directly provide to us. “Sensitive Information” is Personal Information that includes (1) data revealing (a) racial or ethnic origin; (b) religious beliefs; (c) data that we use to identify your physical or mental health status, including data related to gender-affirming treatment and reproductive or sexual health care; (d) sex life; (e) sexual orientation; (f) status as transgender or nonbinary; (g) national origin; or (h) citizenship or immigration status; (2) genetic data or biometric data; (3) Personal Information of a person we know or have reason to know is a child; or (4) precise geolocation data
   1. Information We Collect Through Automated Means. We collect information about your use of our websites, apps, and the devices you use to access them. Some of this information is Personal Information and may be considered Sensitive Information.  
      1. Our Use of Cookies and Similar Online Technologies. We use multiple technologies and third-party service providers to collect the information below. The technologies we use include cookies, software development kits (SDKs), tracking pixels (also known as web beacons or clear GIFs), and web server logs. We use these technologies to offer you a more tailored experience on our websites and our apps. As we adopt additional technologies, we may also gather information through other methods.
      2. Your Use of Our Websites. When you use our websites, we collect information such as your domain name and IP address; the city, state, and ZIP code associated with your IP address; operating system and platform; browser type and language; the state and country from which you access our websites; the date and time you access our websites; the pages that referred you to our websites; the number of clicks you use to navigate our websites; the files you download on our websites; our webpages you view, the order in which you view them, and the time you spend viewing them; the search terms you use on our websites; error logs; and other similar information. 
      3. Your Use of Our Apps. When you use our apps, we collect information about the device used to access the apps, including the operating system, version, and advertising identifiers; domain name and IP address; browser type; Internet service provider; the date and time you use the apps; your use of the apps, including the time you spend using features of the apps and whether you update the apps; and other similar information. 
   1. Information We Collect From Social Media and Other Content Platforms 
      1. When you interact with us on social media platforms, we may collect your Personal Information including your name, email address, and any comments or content you post. We also collect your Personal Information if you sign up for one of our promotions or submit information to us through social media platforms. 
      2. When you access our websites, apps, goods, or services through a third-party connection or log-in, you may allow us to have access to and store certain information from those third parties depending on the personal settings of your computer or device. Similarly, if you choose to connect our apps to third-party platforms or tools, or with other apps on your device, those third parties and tools may allow us to have access to and store additional information as it relates to your use of our websites, apps, goods, or services. If you do not wish to have this information disclosed, do not use these connections to access our websites, apps, goods, or services.  
      3. Your Use of Our Apps. When you use our apps, we collect information about the device used to access the apps, including the operating system, version, and advertising identifiers; domain name and IP address; browser type; Internet service provider; the date and time you use the apps; your use of the apps, including the time you spend using features of the apps and whether you update the apps; and other similar information. 
   1. Information We Receive From Other Sources. We also may receive information about you from advertising partners, analytics providers, and search engine providers.
2. Purposes for How We Use Your Information. In connection with providing you access to our websites, apps, goods, and services, we may use your information for the following purposes. 
   1. Enable Your Use and Access to the Websites, Apps, Goods, and Services. We process your Member registration attempts through successful completion; communicate with you about the websites, apps, goods, and services; respond to your questions, communications, and feedback; fulfill your requests for customer and technical support; process your orders and payments for goods and services; administer your account; and verify your identity. 
   2. Evaluate and Improve Your Use and Access to the Websites, Apps, Goods, and Services. We conduct internal analyses to understand and improve the effectiveness of our websites, apps, goods, and services; better define our actual and potential Members; decide to discontinue, or add new, features, goods, or services; ensure that content from us is presented in the most effective manner for you and for your computer or device; and facilitate your participation in research and surveys. 
   3. Advertising and Marketing. We communicate with you by email, phone, text, and social media about our goods and services, and the goods and services of our third-party partners, and surveys, contests, and promotions. 
   4. Legal Purposes. We use or disclose your information when necessary for us to comply in good faith with any legal requirements or process, or to establish, exercise, or defend our legal rights, such as protecting against malicious, fraudulent, or illegal activity. 
   5. Aggregate or Deidentified Data. We may aggregate or deidentify any information collected about you through our websites, apps, goods, and services such that the information can no longer be linked to you. We may use that aggregated or deidentified information for any purposes, including for research and marketing purposes, and may also disclose that data to our third-party partners. 
3. How We Disclose Your Information. We may provide access to or disclose your information in the following ways. 
   1. To Our Companies. We provide access to or disclose information about you to any of our parent, subsidiaries, and affiliates for any of the purposes described in Section 2 above. 
   2. To Third-Party Service Providers. We provide access to or disclose information about you to third-party service providers who provide goods or services on our behalf to enable us to carry out any of the purposes described in Section 2 above. 
   3. To Advertising and Marketing Partners. We provide access to or disclose information about you to our advertising and marketing partners for them to carry out on our behalf the purpose described in Section 2, paragraph (c) above. 
4. Your Rights and Choices. If you reside in a state that has passed a comprehensive data privacy law, you have the following rights concerning your Personal Information. California residents are provided their specific notice in Section 6 below. 
   1. Confirm Processing. You may confirm whether we are processing your Personal Information, unless providing that confirmation would require us to reveal a trade secret; 
   2. Delete. You may ask to delete Personal Information provided by, or obtained about, you, unless we are required by law to keep it; 
   3. Obtain a Copy. You may obtain a copy of your Personal Information processed by us, in a portable and, to the extent technically feasible, readily usable format that allows you to transmit the data to another party without hindrance, where the processing is carried out by automated means, provided we are not required to reveal any trade secret; and 
   4. Opt-Out of Certain Uses. To opt-out of the processing of all of your Personal Information for purposes of targeted advertising, the sale of your Personal Information, or profiling in furtherance of solely automated decisions that produce legal or similarly significant effects concerning you. 
   5. How to Exercise These Rights. To exercise these rights, please contact support@ivimhealth.com. For us to comply with these requests, we will need to verify your identity to the degree of certainty required by law. We will verify your request by asking you to send it from the email address associated with your account or requiring you to provide information necessary to verify your account. 
5. Data Retention. We retain Personal Information for as long as necessary to provide the goods and services and fulfill the transactions you have requested; comply with our legal obligations; resolve disputes; enforce our agreements; and for other legitimate and lawful business purposes. Because these needs can vary for different data types in the context of different goods or services, actual retention periods can vary significantly based on criteria such as user expectations or consent; the sensitivity of the information; the availability of automated controls that enable users to delete data; and our legal or contractual obligations. 
6. Notice to California Residents. If you are a California resident and the processing of personal information about you is subject to the California Consumer Privacy Act (“CCPA”), you have certain rights with respect to that information. 
   1. Notice at Collection. At or before the time of collection, you have a right to receive notice of our privacy practices, including the categories of Personal Information and Sensitive Information to be collected; the purposes for which the information is collected or used; whether the information is sold or shared; and how long the information is retained. You can find those details in this Policy by reviewing Sections 1, 2, 3, and 5 above. 
   2. Right to Know. You have a right to request that we disclose to you the Personal Information we have collected about you. You also have a right to request additional information about our collection, use, disclosure, or sale of the Personal Information. You can find those details in this Policy by reviewing Sections 1, 2, 3, and 5 above. If you have further questions, please contact privacy@ivimhealth.com. 
   3. Rights to Request Correction or Deletion. You also have rights to request that we correct inaccurate Personal Information and that we delete Personal Information under certain circumstances, subject to a number of exceptions. To make a request to correct or delete, please contact support@ivimhealth.com. 
   4. Right to Opt-Out / “Do Not Sell or Share My Personal Information”. You have a right to opt-out from future “sales” or “sharing” of Personal Information as those terms are defined by the CCPA. 
      1. The CCPA defines “sell,” “share,” and “Personal Information” very broadly, and some of our data sharing described in this Policy may be considered a “sale” or “sharing” under those definitions. For example, we let advertising and analytics providers collect identifiers (IP addresses, cookie IDs, and mobile IDs); activity data (browsing, clicks, app usage, non-product identifying transaction data); device data; and geolocation data through our websites and apps when you use our services, but do not “sell” or “share” any other types of Personal Information. If you do not wish for us or our partners to “sell” or “share” Personal Information relating to your visits to our sites for advertising purposes, you can make your request by contacting support@ivimhealth.com. If you opt-out using these choices, we will not share or make available such Personal Information in ways that are considered a “sale” or “sharing” under the CCPA. However, we will continue to make available to our third-party service providers and advertising and marketing partners some Personal Information to help us perform advertising and marketing-related functions. And, using these choices will not opt you out of the use of previously “sold” or “shared” Personal Information or stop all interest-based advertising. 
   5. Right to Limit Use and Disclosure of Sensitive Information. You have a right to limit our use of Sensitive Information for any purposes other than to provide the goods or services you request or as otherwise permitted by law. To opt-out from these additional purposes, please contact support@ivimhealth.com. 
   6. Right to Designate an Authorized Agent. You may designate, in writing or through a power of attorney, an authorized agent to make requests on your behalf to exercise your rights under the CCPA. Before accepting a request from an agent, we will require the agent to provide proof you have authorized it to act on your behalf, and we may need you to verify your identity directly with us. To designate an authorized agent, please contact support@ivimhealth.com. 
   7. Right of Non-Discrimination. You have a right not to be discriminated against for exercising these rights set out in the CCPA. If you feel you have, please contact privacy@ivimhealth.com. 
   8. We May Need to Verify Your Identity for You to Exercise These Rights. For us to comply with these requests, we will need to verify your identity to the degree of certainty required by law. We will verify your request by asking you to send it from the email address associated with your account or requiring you to provide information necessary to verify your account. 
   9. Shine the Light Law. Under California Civil Code section 1798.83, also known as the “Shine the Light” law, California residents who have provided Personal Information to a business with which the individual has established a business relationship for personal, family, or household purposes may request information about whether the business has disclosed Personal Information to any third parties for the third parties’ direct marketing purposes. 
      1. We do not disclose Personal Information to any third parties for their direct marketing purposes as defined by this law. You may request further information about our compliance with this law by emailing privacy@ivimhealth.com. Please note that we are required to respond to one request per year and may not be required to respond to requests made by means other than through your designated email address.