Effective September 25, 2019
We are a private company, established in the U.S.A., registered at 2501 Aerial Center Pkwy Ste 100, Morrisville, NC 27560, United States with the contact email address email@example.com, and for the purposes of the General Data Protection Regulation (“GDPR”) we are the data processor.
We are firmly committed to respecting your privacy and recognizing your need for appropriate protection and management of personally identifiable information you share with SHS.
• The types of information we collect and use;
• How we use and share such information;
• The security of your information;
• Your choices regarding our use of your information; and
• Your ability to review and correct your information.
COLLECTION OF PERSONAL INFORMATION
- First Name
- Last Name
- E-mail address
- Home address
- Work address
- Telephone number(s)
- User Name
- Social security or other government-generated identification number
- Credit card information (if applicable)
- Internet Protocol (IP) address
- Photographic images
- Health and medical information
Information collected from or about you
We will collect health information about you and transmit that information to us in order to provide the services. We will also receive and transmit information provided by devices that connect with our Service. Your Pharmacies and health care providers will give us information about you, including the following:
- Social Security Number
- Claims payment information
- Health information including but not limited to diagnosis, treatment, prescriptions, and healthcare services
HOW WE USE YOUR PERSONAL INFORMATION
Generally, In order to perform Services on your behalf, we will process your Personal Information:
to process and track the actions you take into using the Service;
- to verify your identity;
- to provide the Service;
- to provide customer support, including to resolve disputes, and troubleshoot problems;
- to contact you with regard to your use of the Service and, in our discretion, changes to the Service and/or Service’s policies; and
to enable you to participate in a variety of the Service’s features.
As it is in our legitimate interests to be responsive to you and to ensure the proper functioning of our Service and provide you with a user-friendly service, we will use your Personal Information:
- to provide you with information such as to send you electronic correspondence or to provide you with promotional and marketing materials on behalf of us or third parties, including to let you know about new products or services;
- manage risk, or to detect, prevent, and/or remediate fraud or other potentially prohibited or illegal activities;
- manage and protect our information technology infrastructure;
- to help us improve content, functionality, and use of the Service, Web Site, our products, and services and to develop new products and services;
- marketing endeavors;
- to customize your experience on the Service or to serve you specific content or ads that we deem are relevant to you;
- to identify your Service preferences so that you can be informed of new or additional opportunities, products, services, and promotions;
- to improve the overall experience at the Service;
• to comply with our legal and regulatory obligations;
- for internal business purposes; and
Marketing and Communications
If you choose to receive promotional communications – based on your preferences and behavior – we may contact you with promotional communications via email, phone, spencer®, and other digital channels, such as mobile applications. To be able to tailor the communications to your preferences and behavior and provide you with the best-personalized experience, we may analyze and combine your personal information.
De-identified and Combined Information
We may also use the personal information collected about you provided that we, consistent with applicable law, anonymize it by removing all information that identifies you. This de-identified information may be combined with other spencer® users de-identified information for different uses, including, but not limited to research, product development, population analytics, and patient care and outcome panels.
How We Monetize Your Information
This section does not apply to individuals who are considered residents of the European Union or are using the Service from Europe. The Company may sell personally identifiable information or personal information to third-parties or otherwise monetize such information through any other commercial means that do not violate applicable law.
COOKIES AND OTHER SIMILAR TECHNOLOGIES
Any time you visit our Web Site, we collect and store the following:
- Name of the domain and host from which you access the Internet;
- Internet protocol (IP) address of the computer you are using;
- Browser software you use and your operating system;
- Date and time you access our Web Site;
Internet address of the device from which you linked directly to our Web Site;
- the URL you visited before browsing to our Web Site;
- General location information such as city, state, or geographic area; and
- Information about your use of and actions on the Services, such as pages or screens you viewed, how long you spent on a page or screen, navigation paths between pages or screens, information about your activity on a page or screen, access times, and length of access.
Generally, we use first-party and third-party cookies for the following purposes:
- To make our Services function properly;
- To provide a secure browsing experience during your use of our Services;
- To collect information about your use of our Services to help us improve and optimize our Services; and
- To remember your preferences for your convenience.
Types of Cookies on Our Services. We use the following types of cookies on our Services:
- Strictly Necessary Cookies: These cookies are essential because they enable you to move around and use our Services. For example, strictly necessary cookies allow you to access secure areas on our Services. Without these cookies, some services cannot be provided. These cookies do not gather information about you for marketing purposes. This category of cookies is essential for our Services to work and they cannot be disabled.
- Functional Cookies. We use functional cookies to remember your choices so we can tailor our Services to provide you with enhanced features and personalized content. For example, these cookies can be used to remember your name or preferences on our Services. We do not use functional cookies to target you with online marketing. While these cookies can be disabled, this may result in less functionality during your use of our Services.
- Performance or Analytic Cookies. These cookies collect anonymous information about how you use our Services. For example, the cookies will collect information about the pages you view or click on while using our Services or if you get an error message from certain pages. We use the information collected by such cookies to improve and optimize our Services. We do not use these cookies to target you with online marketing. You can disable these cookies.
- Advertising or Marketing Cookies. These cookies allow us to deliver relevant marketing and advertisements to you. They collect information about your interactions with our marketing activities (e.g., on a website or via emails) to determine what your interests and preferences are, and how effective such advertising or marketing campaigns are.
How to Manage Cookies. Depending on whether you would like to manage a first-party or third-party cookie, you will need to take the following steps:
- First-Party Cookies: You can enable, disable, or delete cookies through the browser you are using to access our Services. To do this, follow the instructions provided by your browser (usually located within the “Help”, “Tools” or “Edit” settings). Please note, if you set your browser to disable cookies, you may not be able to access secure areas of our Services, and/or parts of the Services may not work properly for you. You can find more information about how to change your browser cookie settings at http://www.allaboutcookies.org.
- Third-Party Cookies: You can disable cookies from third parties by using your browser settings or, if available, directly opting-out of cookie collection with the third-party cookie service provider via their website.
AVOIDING COOKIE DOWNLOADS
Some consumers may not know that cookies are being placed on their computers when they use our Web Site. If you want to know when this happens or to prevent it from happening, you can set your browser to advise you when our Web Site attempts to place a cookie on your computer.
SHARING OF PERSONAL INFORMATION
With your Pharmacy and/or other Healthcare Provider
In order to provide the services, we may transmit personal information to your pharmacy, distributors, caregivers, health care providers, and any other third-parties that you have authorized. If you decide to switch pharmacies or healthcare providers, we will no longer disclose personal data, including your health information, to your prior pharmacy or provider. You may also opt out or otherwise restrict the disclosure of your personal data, including your health information to your caregivers at any time by providing written notice as directed below.
With Partners and Third Parties
We may combine the information collected from you and share them with other affiliated parties.
We may also share your personal information with our partners and with third-party independent contractors:
IT Providers: These providers deliver the necessary hardware, software, networking, storage, transactional services and/or related technology required to run the App or the services provided.
Cloud Providers: These providers deliver data storage services. We contract with a third party to maintain and host spencer®. Therefore, any information you submit, including personal information, will be placed and stored on a computer server maintained by this third-party host.
The third parties that we partner with have agreed to implement technology and security features and strict policy guidelines to safeguard the privacy of your personal information from unauthorized access or improper use.
We require these service providers to provide a comparable level of protection of your personal information as we provide, to only process your personal information for the specific purposes mentioned above, and to have access to the minimum amount of data they need to deliver a specific service.
If we allow a third party to transfer your personal information outside of your geographic region, we will take steps to protect your privacy rights through the use of contractual arrangements or other means, which will provide a comparable level of protection while the information is being processed by our third parties.
We may also disclose your personal information for compliance and fraud prevention; to protect, investigate and deter against fraudulent, harmful, unauthorized, unethical, or illegal activity; to comply with a court order, subpoena, search warrant, or other legal process; to comply with legal, regulatory, or administrative requirements of any governmental authorities; to protect and defend SHS, its subsidiaries and affiliates, and their officers, managers, directors, employees, attorneys, agents, contractors, and partners, in connection with any legal action, claim, or dispute; to enforce the Terms and Conditions of Use of spencer®; to prevent imminent physical harm; in the event that we find that your actions on Spencer® violate any laws, our Terms and Conditions of Use, or any of our usage guidelines for specific products or services; and any other use as permitted or required by applicable law.
COMMENT: WHICH TERMS AND CONDITIONS
INTERACTIONS AND LINKS TO THIRD-PARTY SITES
INTERNATIONAL USERS AND VISITORS
We have data centers in three main regions — United States, Canada, and the European Union. Data obtained in connection with your use of the Service may be stored in any region. We rely on your Internet Protocol (IP) address to determine which data center will store your information. Notwithstanding the foregoing, given we manage our business in the United States and thus there are instances where the Service and Web Site is operated and/or managed on servers located and operated within the United States. by visiting and using our Service or Web Site, residents and citizens of countries and jurisdictions (outside/other than the United States) should understand and be aware that there are instances where the information we collect, including personal information, will be transferred to, and processed, stored and used in the United States. Accordingly, you consent to the transfer, processing, and sharing of information about yourself to us or a third party we use in the United States. You understand that the privacy laws of the United States may not be as comprehensive as those in your country or jurisdiction, and you agree and explicitly consent to the transfer of your personal information to SHS. Where the GDPR applies and our processors of your personal information are located outside the European Economic Area, such transfer will only be to a recipient country that ensures an adequate level of data protection and, subject to the foregoing, you explicitly consent to such transfer.
ADDITIONAL RIGHTS PROVIDED TO EU INDIVIDUALS
- Access and Portability: You have the right to ask us to access the information we hold about you, including Personal Data, and be provided with certain information about how we use your such information and who we share it with. Where you have provided your Personal Data to us with your consent, you have the right to ask us for a copy of this data in a structured, machine-readable format and to ask us to share (port) this data to another data controller.
- Right to deletion: In certain circumstances, you have the right to ask us to delete the Personal Information we hold about you:
◦ where you believe that it is no longer necessary for us to hold your data including Personal Information;
◦ where we are processing your personal information on the basis of legitimate interests and you object to such processing and we cannot demonstrate an overriding legitimate ground for the processing;
◦ where you have provided your personal information to us with your consent and you wish to withdraw your consent and there is no other ground under which we can process your Personal Data; or
◦ where you believe the personal information, we hold about you is being unlawfully processed by us.
- Restriction: In certain circumstances, you have the right to ask us to restrict (stop any active) processing of your personal information:
◦ where you believe the personal information, we hold about you is inaccurate and while we verify accuracy;
◦ where we want to erase your personal information as the processing is unlawful, but you want us to continue to store it;
◦ where we no longer need your personal information for the purposes of our processing, but you require us to retain the data for the establishment, exercise or defense of legal claims; or
◦ where you have objected to us processing your personal information based on our legitimate interests and we are considering your objection.
In addition, you can object to our processing of your personal information based on our legitimate interests and we will no longer process your personal information unless we can demonstrate an overriding legitimate ground.
To exercise any of these rights above, please contact our data protection officer us at firstname.lastname@example.org with “EU Data Protection” as the subject line or by writing to us at 2501 Aerial Center Pkwy Ste 100, Morrisville, NC 27560. You must include your full name, email address, and postal address in your request.
Please note that these rights are limited, for example, where fulfilling your request would adversely affect other individuals where there are overriding public interest reasons or where we are required by law to retain your Personal Data.
You can withdraw your consent at any time by contacting us at email@example.com.
In the event that you wish to make a complaint about how we process your personal information, please contact us in the first instance at firstname.lastname@example.org and we will endeavor to deal with your request as soon as possible. This is without prejudice to your right to raise a complaint with a relevant supervisory authority.
We will retain your information for as long as we are required in order to provide the Service to you, as required to fulfill our legal obligations (e.g. under applicable law), commitments we made to and on behalf of you or any of our customers in order to provide the Service to you, and as required to defend legal claims. After you have terminated your use of our Service, we may store your information in an aggregated and de-identified format.
We, and our third-party providers, employ organizational, technical and physical safeguards designed to protect against the loss, misuse, and unauthorized access, disclosure, alteration or destruction. However, no Internet, email or other electronic transmission is ever fully secure or error free, so you should take special care in deciding what information you send to us in this way.
ACTIONS YOU CAN TAKE CORRECTING YOUR INFORMATION
If you believe that any of your personal information is incorrect or has changed since your registration for the spencer®, please log in to your personal account to make corrections or send a written letter at the postal address below, and, in your communication please include any relevant confirmation or reference number. We do not recommend you send an e-mail message to explain the correction or change because e-mail is considered a nonencrypted (and therefore nonsecure) form of communication, and it can be accessed and viewed by others without your knowledge and permission. For that reason, to protect your privacy, please do not use e-mail to communicate personal information.
QUESTIONS, COMPLAINTS OR WITHDRAWAL OF CONSENT
You may contact us at any time if you have questions, complaints, concerns or suggestion. You may also easily withdraw consent (for example opt-out of our marketing services, by using the “unsubscribe” button below each email we send you or by contacting us as provided below.
You may, at any time, object to the continued processing of your personal information by contacting us as provided below.
YOUR CALIFORNIA PRIVACY RIGHTS (CALIFORNIA RESIDENTS ONLY)
Under California Civil Code Section 1798.83, California residents are entitled to request and obtain from us once a year, free of charge, information about the personal information (if any) we disclosed to third parties for direct marketing purposes in the preceding calendar year. If applicable, this information would include a list of the categories of personal information that was shared and the names and addresses of all third parties with which we shared information in the immediately preceding calendar year. If you are a California resident and would like to make such a request, please contact us at 2501 Aerial Center Pkwy Ste 100, Morrisville, NC 27560 or the phone number available on our Web Site. We are not responsible for notices that are not labeled or sent properly, or do not have complete information.
YOUR NEVADA PRIVACY RIGHTS (Nevada Residents Only) – “Do Not Sell My Personal Information”.
We may elect to share information about you with third parties for those third-parties direct marketing purposes. Nevada Revised Statutes §§ 603A.300-.360 permits Nevada residents who have supplied personal information (as defined in the law) to us to, under certain circumstances, request and opt-out of the sale of your personal information to third-parties for their direct marketing purposes. If this law applies to you, and you wish to make such a request, please provide sufficient information for us to determine if this applies to you, attest to the fact that you are a Nevada resident, and provide a current Nevada address for our response. To make such a request, please send an email to email@example.com with “Nevada Privacy Rights” as the subject line or by writing to us at 2501 Aerial Center Pkwy Ste 100, Morrisville, NC 27560. You must include your full name, email address, and postal address in your request.
A SPECIAL NOTICE ABOUT CHILDREN
CONTACTING SPENCER HEALTH SOLUTIONS
REVISIONS TO THIS POLICY
Revisions to This Policy
A Special Notice About Children
Individual users who visit the Web site will remain anonymous unless they voluntarily tell us who they are. However, we may track the Internet domain address from which people visit the Web site and analyze these data for trends and statistics.
Collection of Personal Information
Sometimes (e.g., when you purchase or order a product or subscribe to a service) we ask you to provide personal information about yourself, such as
• E-mail address
• Postal address
• Telephone number
• Credit card information
We also maintain a record of your online purchases and we may ask you for personal information when you ask us for or download information.
Whether or not you choose to provide the information we request is entirely up to you. But if you choose not to provide the information we request, you may be unable to purchase products or access certain services, offers, and content on the Web site.
Use of Personal Information
Your personal information enables us to
• Fulfill your purchases
• Provide information you have requested
• Provide the status of your assets and transactions
• Provide information about future products and services that may suit your particular interests
• Help identify you if you lose your password
• Help you find information on the Web site
• Analyze trends
• Track your activities
• Infer your interests
• Otherwise gather information about individual users of our products, services, and market segments