Privacy Policy

Privacy Policy

Effective September 25, 2019

11913.02, Privacy Policy

Overview

OVERVIEW

This privacy policy (“Privacy Policy”) applies to any of our products and services as well as any features, widgets, plug-ins, applications, content, uploads and downloads of information and other services (collectively, the “Service”) that are made available by Spencer Health Solutions, Inc. (“SHS”, “we” “our” or “us”) through our website or mobile apps (“Web Site”) or a SHS issued device.

We are a private company, established in the U.S.A., registered at 2501 Aerial Center Pkwy Ste 100, Morrisville, NC 27560, United States with the contact email address privacy@spencerhealthsolutions.com, and for the purposes of the General Data Protection Regulation (“GDPR”) we are the data processor.

The Privacy Policy sets out the basis on which we will collect, retrieve, access, use, disclose, store or dispose any personal information or usage information we collect from you, or that you provide to us, in connection with your use of the Web Site and Service regardless of how you access or use them; provided, SHS and the Service shall act in compliance with applicable law, including, where applicable, the California Consumer Privacy Act, Nevada’s Security and Privacy of Personal Information, and the General Data Protection Regulations (“GDPR”). Please read this Privacy Policy carefully so that you understand your rights in relation to your personal data, and how the Web Site and Service operating with respect to your personal information.

Unless otherwise provided for herein, this Privacy Policy does not apply to data collection activities that occur outside of your use of our Service and does not govern the data practices of third parties that may interact with our Service.
In addition, please review the [ ], which governs your use of the Service. By using our Service, you acknowledge that you have read and understood our Privacy Policy and Terms of Service and accept our collection, use and disclosure of your information and data, and other activities, as described below. If you do not agree to the terms of this Privacy Policy, please do not use this Service.
We are firmly committed to respecting your privacy and recognizing your need for appropriate protection and management of personally identifiable information you share with SHS.

This Privacy Policy explains:

• The types of information we collect and use;
• How we use and share such information;
• The security of your information;
• Your choices regarding our use of your information; and
• Your ability to review and correct your information.

COLLECTION OF PERSONAL INFORMATION

Account Information
Personal information is collected to create and manage your account, to communicate with you, to respond to your inquiries, to communicate with pharmacies and other health care providers (when authorized), and to send you service-related communication. For the purposes of this Privacy Policy, “personally identifiable information” or “personal information” means any information by which you, individually, can be identified , any characteristic that would uniquely identifies you, or that you provide us, directly or indirectly, through your use of our Service or which you authorize third parties to provide through our Service, including our Web Site and devices that connect with our Service or a SHS issued device, including some or all of the following:

  • First Name
  • Last Name
  • Gender
  • E-mail address
  • Home address
  • Work address
  • Telephone number(s)
  • User Name
  • Password
  • Birthdate
  • Social security or other government-generated identification number
  • Credit card information (if applicable)
  • Internet Protocol (IP) address
  • Photographic images
  • Health and medical information

Information collected from or about you
We will collect health information about you and transmit that information to us in order to provide the services. We will also receive and transmit information provided by devices that connect with our Service. Your Pharmacies and health care providers will give us information about you, including the following:

  • Name
  • Address
  • Social Security Number
  • Birthdate
  • Claims payment information
  • Health information including but not limited to diagnosis, treatment, prescriptions, and healthcare services

HOW WE USE YOUR PERSONAL INFORMATION
Generally, In order to perform Services on your behalf, we will process your Personal Information:
to process and track the actions you take into using the Service;

  • to verify your identity;
  • to provide the Service;
  • to provide customer support, including to resolve disputes, and troubleshoot problems;
  • to contact you with regard to your use of the Service and, in our discretion, changes to the Service and/or Service’s policies; and
    to enable you to participate in a variety of the Service’s features.

Legitimate Interests.
As it is in our legitimate interests to be responsive to you and to ensure the proper functioning of our Service and provide you with a user-friendly service, we will use your Personal Information:

  • to provide you with information such as to send you electronic correspondence or to provide you with promotional and marketing materials on behalf of us or third parties, including to let you know about new products or services;
  • manage risk, or to detect, prevent, and/or remediate fraud or other potentially prohibited or illegal activities;
  • manage and protect our information technology infrastructure;
  • to help us improve content, functionality, and use of the Service, Web Site, our products, and services and to develop new products and services;
  • marketing endeavors;
  • to customize your experience on the Service or to serve you specific content or ads that we deem are relevant to you;
  • to identify your Service preferences so that you can be informed of new or additional opportunities, products, services, and promotions;
  • to improve the overall experience at the Service;
    • to comply with our legal and regulatory obligations;
  • for internal business purposes; and
  • for purposes disclosed at the time you provide your information or as otherwise set forth in this Privacy Policy.

Marketing and Communications
If you choose to receive promotional communications – based on your preferences and behavior – we may contact you with promotional communications via email, phone, spencer®, and other digital channels, such as mobile applications. To be able to tailor the communications to your preferences and behavior and provide you with the best-personalized experience, we may analyze and combine your personal information.

De-identified and Combined Information
We may also use the personal information collected about you provided that we, consistent with applicable law, anonymize it by removing all information that identifies you. This de-identified information may be combined with other spencer® users de-identified information for different uses, including, but not limited to research, product development, population analytics, and patient care and outcome panels.

How We Monetize Your Information
This section does not apply to individuals who are considered residents of the European Union or are using the Service from Europe. The Company may sell personally identifiable information or personal information to third-parties or otherwise monetize such information through any other commercial means that do not violate applicable law.

COOKIES AND OTHER SIMILAR TECHNOLOGIES
We use cookies and similar tracking technologies to collect information about your use of our Service and to improve the quality of your experience. Cookies are small files, typically comprised of letters and numbers, sent by a third-party website and saved on your hard disk. They store information that such a third-party website may need to personalize your experience and gather applicable website statistical information.

Any time you visit our Web Site, we collect and store the following:

  • Name of the domain and host from which you access the Internet;
  • Internet protocol (IP) address of the computer you are using;
  • Browser software you use and your operating system;
  • Date and time you access our Web Site;
    Internet address of the device from which you linked directly to our Web Site;
  • the URL you visited before browsing to our Web Site;
  • General location information such as city, state, or geographic area; and
  • Information about your use of and actions on the Services, such as pages or screens you viewed, how long you spent on a page or screen, navigation paths between pages or screens, information about your activity on a page or screen, access times, and length of access.

We use this information to measure the number of visitors to areas of our Web Site and to help us make our Web Site more useful and interesting to our users. We use this information to identify what interests you, to track your usage of our Web Site and to improve your experience. We may also make use of cookies that ensure that our Web Site functions properly. We use information from cookies as a whole to analyze for trends and statistics and then discard it; we do not track individuals, only instances of entry onto our Web Site.

How We Use Cookies.

Generally, we use first-party and third-party cookies for the following purposes:

  • To make our Services function properly;
  • To provide a secure browsing experience during your use of our Services;
  • To collect information about your use of our Services to help us improve and optimize our Services; and
  • To remember your preferences for your convenience.

Types of Cookies on Our Services. We use the following types of cookies on our Services:

  • Strictly Necessary Cookies: These cookies are essential because they enable you to move around and use our Services. For example, strictly necessary cookies allow you to access secure areas on our Services. Without these cookies, some services cannot be provided. These cookies do not gather information about you for marketing purposes. This category of cookies is essential for our Services to work and they cannot be disabled.
  • Functional Cookies. We use functional cookies to remember your choices so we can tailor our Services to provide you with enhanced features and personalized content. For example, these cookies can be used to remember your name or preferences on our Services. We do not use functional cookies to target you with online marketing. While these cookies can be disabled, this may result in less functionality during your use of our Services.
  • Performance or Analytic Cookies. These cookies collect anonymous information about how you use our Services. For example, the cookies will collect information about the pages you view or click on while using our Services or if you get an error message from certain pages. We use the information collected by such cookies to improve and optimize our Services. We do not use these cookies to target you with online marketing. You can disable these cookies.
  • Advertising or Marketing Cookies. These cookies allow us to deliver relevant marketing and advertisements to you. They collect information about your interactions with our marketing activities (e.g., on a website or via emails) to determine what your interests and preferences are, and how effective such advertising or marketing campaigns are.

How to Manage Cookies. Depending on whether you would like to manage a first-party or third-party cookie, you will need to take the following steps:

  • First-Party Cookies: You can enable, disable, or delete cookies through the browser you are using to access our Services. To do this, follow the instructions provided by your browser (usually located within the “Help”, “Tools” or “Edit” settings). Please note, if you set your browser to disable cookies, you may not be able to access secure areas of our Services, and/or parts of the Services may not work properly for you. You can find more information about how to change your browser cookie settings at http://www.allaboutcookies.org.
  • Third-Party Cookies: You can disable cookies from third parties by using your browser settings or, if available, directly opting-out of cookie collection with the third-party cookie service provider via their website.

AVOIDING COOKIE DOWNLOADS
Some consumers may not know that cookies are being placed on their computers when they use our Web Site. If you want to know when this happens or to prevent it from happening, you can set your browser to advise you when our Web Site attempts to place a cookie on your computer.

SHARING OF PERSONAL INFORMATION
With your Pharmacy and/or other Healthcare Provider
In order to provide the services, we may transmit personal information to your pharmacy, distributors, caregivers, health care providers, and any other third-parties that you have authorized. If you decide to switch pharmacies or healthcare providers, we will no longer disclose personal data, including your health information, to your prior pharmacy or provider. You may also opt out or otherwise restrict the disclosure of your personal data, including your health information to your caregivers at any time by providing written notice as directed below.
With Partners and Third Parties
We may combine the information collected from you and share them with other affiliated parties.
We may also share your personal information with our partners and with third-party independent contractors:
IT Providers: These providers deliver the necessary hardware, software, networking, storage, transactional services and/or related technology required to run the App or the services provided.
Cloud Providers: These providers deliver data storage services. We contract with a third party to maintain and host spencer®. Therefore, any information you submit, including personal information, will be placed and stored on a computer server maintained by this third-party host.
The third parties that we partner with have agreed to implement technology and security features and strict policy guidelines to safeguard the privacy of your personal information from unauthorized access or improper use.
We require these service providers to provide a comparable level of protection of your personal information as we provide, to only process your personal information for the specific purposes mentioned above, and to have access to the minimum amount of data they need to deliver a specific service.
If we allow a third party to transfer your personal information outside of your geographic region, we will take steps to protect your privacy rights through the use of contractual arrangements or other means, which will provide a comparable level of protection while the information is being processed by our third parties.
We may also disclose your personal information for compliance and fraud prevention; to protect, investigate and deter against fraudulent, harmful, unauthorized, unethical, or illegal activity; to comply with a court order, subpoena, search warrant, or other legal process; to comply with legal, regulatory, or administrative requirements of any governmental authorities; to protect and defend SHS, its subsidiaries and affiliates, and their officers, managers, directors, employees, attorneys, agents, contractors, and partners, in connection with any legal action, claim, or dispute; to enforce the Terms and Conditions of Use of spencer®; to prevent imminent physical harm; in the event that we find that your actions on Spencer® violate any laws, our Terms and Conditions of Use, or any of our usage guidelines for specific products or services; and any other use as permitted or required by applicable law.

COMMENT: WHICH TERMS AND CONDITIONS
We reserve the right to transfer your personal information to a third party in the event of a transfer of all or substantially all of the Company’s assets, provided that the third party agrees to adhere to the terms of this Privacy Policy.

INTERACTIONS AND LINKS TO THIRD-PARTY SITES
Our Web Site and use of the Service may include functionality that allows certain kinds of interactions, direct and indirect, between the Service and third-party websites. Your use of these other linked sites is subject to their respective terms of use and privacy policies. In addition, these third-parties retain any information used or provided in any such communications or other activities and these third-parties practices are not subject to our Privacy Policy. Our Company has no control or have access to your communications through these linked sites and no responsibility or liability whatsoever for the content or privacy practices of these linked sites. You should review the applicable third-party privacy policies before using such third-party tools on our Service.

INTERNATIONAL USERS AND VISITORS
We have data centers in three main regions — United States, Canada, and the European Union. Data obtained in connection with your use of the Service may be stored in any region. We rely on your Internet Protocol (IP) address to determine which data center will store your information. Notwithstanding the foregoing, given we manage our business in the United States and thus there are instances where the Service and Web Site is operated and/or managed on servers located and operated within the United States. by visiting and using our Service or Web Site, residents and citizens of countries and jurisdictions (outside/other than the United States) should understand and be aware that there are instances where the information we collect, including personal information, will be transferred to, and processed, stored and used in the United States. Accordingly, you consent to the transfer, processing, and sharing of information about yourself to us or a third party we use in the United States. You understand that the privacy laws of the United States may not be as comprehensive as those in your country or jurisdiction, and you agree and explicitly consent to the transfer of your personal information to SHS. Where the GDPR applies and our processors of your personal information are located outside the European Economic Area, such transfer will only be to a recipient country that ensures an adequate level of data protection and, subject to the foregoing, you explicitly consent to such transfer.

ADDITIONAL RIGHTS PROVIDED TO EU INDIVIDUALS

  • Access and Portability: You have the right to ask us to access the information we hold about you, including Personal Data, and be provided with certain information about how we use your such information and who we share it with. Where you have provided your Personal Data to us with your consent, you have the right to ask us for a copy of this data in a structured, machine-readable format and to ask us to share (port) this data to another data controller.
  • Right to deletion: In certain circumstances, you have the right to ask us to delete the Personal Information we hold about you:
    ◦ where you believe that it is no longer necessary for us to hold your data including Personal Information;
    ◦ where we are processing your personal information on the basis of legitimate interests and you object to such processing and we cannot demonstrate an overriding legitimate ground for the processing;
    ◦ where you have provided your personal information to us with your consent and you wish to withdraw your consent and there is no other ground under which we can process your Personal Data; or
    ◦ where you believe the personal information, we hold about you is being unlawfully processed by us.
  • Restriction: In certain circumstances, you have the right to ask us to restrict (stop any active) processing of your personal information:
    ◦ where you believe the personal information, we hold about you is inaccurate and while we verify accuracy;
    ◦ where we want to erase your personal information as the processing is unlawful, but you want us to continue to store it;
    ◦ where we no longer need your personal information for the purposes of our processing, but you require us to retain the data for the establishment, exercise or defense of legal claims; or
    ◦ where you have objected to us processing your personal information based on our legitimate interests and we are considering your objection.
    In addition, you can object to our processing of your personal information based on our legitimate interests and we will no longer process your personal information unless we can demonstrate an overriding legitimate ground.

To exercise any of these rights above, please contact our data protection officer us at privacy@spencerhealthsolutions.com with “EU Data Protection” as the subject line or by writing to us at 2501 Aerial Center Pkwy Ste 100, Morrisville, NC 27560. You must include your full name, email address, and postal address in your request.
Please note that these rights are limited, for example, where fulfilling your request would adversely affect other individuals where there are overriding public interest reasons or where we are required by law to retain your Personal Data.
You can withdraw your consent at any time by contacting us at privacy@spencerhealthsolutions.com.

COMPLAINTS
In the event that you wish to make a complaint about how we process your personal information, please contact us in the first instance at privacy@spencerhealthsolutions.com and we will endeavor to deal with your request as soon as possible. This is without prejudice to your right to raise a complaint with a relevant supervisory authority.

DATA RETENTION

We will retain your information for as long as we are required in order to provide the Service to you, as required to fulfill our legal obligations (e.g. under applicable law), commitments we made to and on behalf of you or any of our customers in order to provide the Service to you, and as required to defend legal claims. After you have terminated your use of our Service, we may store your information in an aggregated and de-identified format.

SECURITY
We, and our third-party providers, employ organizational, technical and physical safeguards designed to protect against the loss, misuse, and unauthorized access, disclosure, alteration or destruction. However, no Internet, email or other electronic transmission is ever fully secure or error free, so you should take special care in deciding what information you send to us in this way.

ACTIONS YOU CAN TAKE CORRECTING YOUR INFORMATION
If you believe that any of your personal information is incorrect or has changed since your registration for the spencer®, please log in to your personal account to make corrections or send a written letter at the postal address below, and, in your communication please include any relevant confirmation or reference number. We do not recommend you send an e-mail message to explain the correction or change because e-mail is considered a nonencrypted (and therefore nonsecure) form of communication, and it can be accessed and viewed by others without your knowledge and permission. For that reason, to protect your privacy, please do not use e-mail to communicate personal information.

QUESTIONS, COMPLAINTS OR WITHDRAWAL OF CONSENT
You may contact us at any time if you have questions, complaints, concerns or suggestion. You may also easily withdraw consent (for example opt-out of our marketing services, by using the “unsubscribe” button below each email we send you or by contacting us as provided below.
You may, at any time, object to the continued processing of your personal information by contacting us as provided below.

YOUR CALIFORNIA PRIVACY RIGHTS (CALIFORNIA RESIDENTS ONLY)
Under California Civil Code Section 1798.83, California residents are entitled to request and obtain from us once a year, free of charge, information about the personal information (if any) we disclosed to third parties for direct marketing purposes in the preceding calendar year. If applicable, this information would include a list of the categories of personal information that was shared and the names and addresses of all third parties with which we shared information in the immediately preceding calendar year. If you are a California resident and would like to make such a request, please contact us at 2501 Aerial Center Pkwy Ste 100, Morrisville, NC 27560 or the phone number available on our Web Site. We are not responsible for notices that are not labeled or sent properly, or do not have complete information.

YOUR NEVADA PRIVACY RIGHTS (Nevada Residents Only) – “Do Not Sell My Personal Information”.
We may elect to share information about you with third parties for those third-parties direct marketing purposes. Nevada Revised Statutes §§ 603A.300-.360 permits Nevada residents who have supplied personal information (as defined in the law) to us to, under certain circumstances, request and opt-out of the sale of your personal information to third-parties for their direct marketing purposes. If this law applies to you, and you wish to make such a request, please provide sufficient information for us to determine if this applies to you, attest to the fact that you are a Nevada resident, and provide a current Nevada address for our response. To make such a request, please send an email to privacy@spencerhealthsolutions.com with “Nevada Privacy Rights” as the subject line or by writing to us at 2501 Aerial Center Pkwy Ste 100, Morrisville, NC 27560. You must include your full name, email address, and postal address in your request.

A SPECIAL NOTICE ABOUT CHILDREN
While SHS, our Site, and our Service are not generally targeted at children under the age of 13, it is our policy to comply with the law when it requires parent or guardian permission before collecting, using, or disclosing the personal information of children. We recommend that children under the age of 13 not use our Web Site without parental or guardian supervision and children should not submit any personal information to us. We will not knowingly collect any personal information from any person under the age of 13. By accessing our Web Site, you acknowledge that you are 18 years or older (or the age of majority in your jurisdiction) or, if not, that you are at least 13 years old and your parents or guardians have read and agreed to the terms of this Privacy Policy. If a parent or guardian becomes aware that his or her child who is under the age of 13 has provided us with his or her personal data, please contact us at privacy@spencerhealthsolutions.com. If we become aware that a child under the age of 13 has provided us with personal data, we will delete such data from our files.

CONTACTING SPENCER HEALTH SOLUTIONS
If you have questions or wish to send us comments about this Privacy Policy please do so at privacy@spencerhealthsolutions.com or by writing us at 2501 Aerial Center Pkwy Ste 100, Morrisville, NC 27560.

REVISIONS TO THIS POLICY
This Privacy Policy is effective as of the date shown at the top of this page. The Company reserves the right to modify the terms of this Privacy Policy at any time and in its sole discretion. When we make a change, we will update the date mentioned above and post the Privacy Policy on or through the Services including, in certain instances, by sending a change notice through your device. We may, and if required by law will also provide notification of changes in another way that we believe is reasonably likely to reach you, such as via e-mail (if you have an account where we have your contact information) or another manner through the Service. Any modifications to this Privacy Policy will be effective upon our posting the new terms and/or upon implementation of the new changes on the Service (or as otherwise indicated at the time of posting). We, therefore, encourage you to review this Privacy Policy from time to time. In all cases, your continued use of the Service after any changes or revisions to this Privacy Policy shall indicate your agreement with the terms of such revised Privacy Policy. If you do not agree to the revised policy, you should alter your preferences, or consider stop using our Service, Web Site, or any SPENCER HEALTH SOLUTIONS issued device. YOUR USE OR CONTINUED USE OF THE OUR SERVICES, WEB SITE, ANY SHS ISSUED DEVICE FOLLOWING OUR POSTING OF A CHANGE NOTICE WILL CONSTITUTE BINDING ACCEPTANCE OF THIS POLICY AND ALL APPLICABLE CHANGES.

11913.02, Privacy Policy

Revisions to This Policy

The Company reserves the right to modify the terms of this Privacy Policy at any time and in its sole discretion by posting a change notice on this page. We therefore encourage you to review this Privacy Policy from time to time. YOUR USE OR CONTINUED USE OF THE WEB SITE FOLLOWING OUR POSTING OF A CHANGE NOTICE WILL CONSTITUTE BINDING ACCEPTANCE OF THIS POLICY AND ALL APPLICABLE CHANGES.

A Special Notice About Children

Children under the age of 13 are not eligible to use the Web site and must not submit any personal information to us. No personal information is knowingly collected from any person under the age of 13. Children between the ages of 13 and 18 may only use the Web site in conjunction with and under the supervision of their parents or guardians. By accessing the Web site, you acknowledge that you are 18 years or older or, if not, that you are at least 13 years old and your parents or guardians have read and agreed to the terms of this Privacy Policy.

General Anonymity

Individual users who visit the Web site will remain anonymous unless they voluntarily tell us who they are. However, we may track the Internet domain address from which people visit the Web site and analyze these data for trends and statistics.

Collection of Personal Information

Sometimes (e.g., when you purchase or order a product or subscribe to a service) we ask you to provide personal information about yourself, such as
• Name
• E-mail address
• Postal address
• Telephone number
• Password
• Credit card information

We also maintain a record of your online purchases and we may ask you for personal information when you ask us for or download information.

Whether or not you choose to provide the information we request is entirely up to you. But if you choose not to provide the information we request, you may be unable to purchase products or access certain services, offers, and content on the Web site.

Use of Personal Information

Your personal information enables us to
• Fulfill your purchases
• Provide information you have requested
• Provide the status of your assets and transactions
• Provide information about future products and services that may suit your particular interests
• Help identify you if you lose your password
• Help you find information on the Web site
• Analyze trends
• Track your activities
• Infer your interests
• Otherwise gather information about individual users of our products, services, and market segments

Sharing of Personal Information