CareingtonDentalSavings.com, Inc. and its subsidiaries and corporate affiliates (collectively, “CareingtonDentalSavings.com,” “our,” “us,” or “we”) operate websites, provide products and services through mobile and other applications, and develop software. We refer to these as “site(s),” “service(s),” or “our sites and services.”
1. Personal Information We Collect
Personal information is information that can be used to identify, locate, or contact an individual, and includes other information that may be associated with personal information. When you interact with our sites and services, depending on the site or service, we may ask for the following personal information directly from you:
In each of the above instances, you will know what personal information we collect through our sites and services because you voluntarily and directly provide it.
2. How We Use Personal Information:
We may use information collected from you in one or more of the following ways:
In addition to the uses described above, we may use personal information that we collect for other purposes that are disclosed to you at the time we collect the information, or with your consent.
3. Sharing Personal Information
We may share personal information about you with third parties in the following circumstances:
4. Other Information We Automatically Collect and Cookies
We, or our third party service providers, may also collect and store certain technical information when you use our sites and services. For example, our servers receive and automatically collect information about your computer and browser, including, for instance, your IP address, browser type, domain name from which you accessed the site or service, device size, and other software or hardware information. If you access our sites and services from a mobile or other device, we may collect a unique device identifier assigned to that device (UDID), type of device, general GPS location, or other transactional information for that device in order to serve content to it and to improve your experience in using the sites or services.
In addition, we, or our third party service providers, may collect other non-personal information about you and how you use our sites, including but not limited to, the date and time you visit the sites, the areas or pages of the sites that you visit, the amount of time you spend viewing the sites, the number of times you return to the sites, visits to sites outside our network, preferred language, and other click-stream data. We and our third party service providers may use non-personal information for any purpose, including, to make the sites and services more useful for users. Non-personal information may be shared with partners who referred you to our site(s), who may use the data for their business purposes, including to optimize for other users who they refer to our site(s). Non-personal information may also be shared with partners who help us deliver ads to you on websites not controlled by us, for instance, when we put a pixel on a conversion page on our site and a marketing partner uses that to optimize what traffic they send to us, or using another example, when we create a re-targeting list through DFP Small Business by Google or placing a partners’ pixel on our sites, and then delivering targeted ads across the Internet.
Do Not Track
We do not currently actively respond to “Do Not Track” browser signals or mechanisms that indicate a request to disable online tracking of individual users who use our sites and services.
In general, we use these technologies to remember you when you return to our sites, to understand and analyze trends, to monitor usage and administer the sites, to learn about user behavior on the sites and gather demographic information about our user base as a whole, to customize content or offers on our sites and through our services, and to conduct research to improve our sites, content, and services.
5. User Generated Content, Online Communities and Forums, Profiles, Surveys, Reviews and Ratings
6. Accessing and Updating Personal Information
We encourage you to keep your personal information updated and accurate. We provide you reasonable access to your personal information and the ability to review, correct, or delete it. You have several choices; for instance:
Protecting your privacy and security is important and we also take reasonable steps to verify your identity before granting access to your data.
We may reject requests that are unreasonably repetitive, require disproportionate technical effort (for example, developing a new system or fundamentally changing an existing practice), risk the privacy of others, or would be extremely impractical (for instance, requests concerning information residing on backup tapes).
7. Email and Other Communications
Our sites and services may allow us or other parties to communicate with you or other users through our in-product instant messaging services, service-branded emails, SMS and other electronic communication channels.
Automatic Messages. If your healthcare provider has signed up for our text messaging services, you may automatically receive appointment reminder messages and other health care messages, as defined by the Health Insurance Portability and Accountability Act of 1996, which are exempt from the Telephone Consumer Protection Act and sent at the request of your healthcare provider. Your healthcare provider has represented and warranted to us that they have received your consent to the use of an automatic dialing system to the deliver appointment reminder messages and other informational health-related messages to the phone number you provided. The number of appointment reminders and other healthcare messages sent to you will depend on the number of messages sent from your healthcare provider. Please see more information about the Health Insurance Portability and Accountability Act of 1996 below. If you have questions about the health care messages sent on behalf of your healthcare provider, you should contact your healthcare provider directly.
Rates. Standard message and data rates may apply to any messages sent by us or you. Please contact your wireless provider with any questions regarding text messaging or data rates and plans.
Security. You acknowledge and agree that the text messages are provided via wireless systems which use radios (and other means) to transmit communications over complex networks. We do not guarantee that your use of the text messaging service will be private or secure, and we are not liable to you for any lack of privacy or security you may experience. You are fully responsible for taking precautions and providing security measures best suited for your situation and intended use of the text messaging service(s).
Help. You can reply “HELP” to any text message from us if you need assistance with the text messaging services.
Opting Out of Requested Communications
Requested communications include, for instance, email newsletters or software updates that may be expressly requested by you or which you consented to receive. After you request such communications, you may “opt out” of receiving them by using one of the following methods:
Opting Out of Transactional or Relationship Communications
Communications that are sent by or on behalf of a user are indicated as being “From” that user. Communications that are sent by us are indicated as being from us or one of our account or support specialists assigned to assist you. Either type of communication may be “real time” communications or communications triggered automatically upon the occurrence of certain events or dates, such as appointment reminders. Email communications received from users and our administrative announcements are often transactional or relationship messages, such as appointment requests, reminders and cancellations. You may not be able to opt out of receiving certain messages although our services may provide a means to modify the frequency of receiving them.
Opting Out of General or Promotional Communications
General communications provide information about products, services, and/or support and may include special offers, new product information, or invitations to participate in market research. You may opt out of receiving these general communications by using one of the following methods:
8. Protecting Personal and Protected Health Information
The security of our sites and services and the information they store, process and transmit is a top priority. To prevent unauthorized access, maintain data accuracy, and ensure the appropriate use of the information we collect, we deploy a wide range of technical, physical and administrative safeguards, including: Transport Layer Security (TLS), firewalls, system alerts, and other information system security technologies; housing health data in secure facilities that restrict physical and network access; and regular evaluation and enhancement of our information technology systems, facilities, and information collection, storage, and processing practices. We seek to use reasonable and appropriate administrative, physical, technical, and data security procedures and controls to safeguard your personal and protected health information against unauthorized access, disclosure, loss, misuse, and alteration. Under applicable law, we are required to apply reasonable and appropriate measures to safeguard the confidentiality, integrity, and availability of individually identifiable health information (as such term is defined by HIPAA) residing on and processed by our sites and services.
We use third-party service providers to manage credit card and payment processing. These service providers are not permitted to store, retain, or use billing information except for the sole purpose of credit card and payment processing on our behalf. When you enter payment information to be processed by our third party service providers, we encrypt the transmission of that information using transport layer security (TLS) technology and do not store it on our systems.
It is important to remember, however, that no system can guarantee 100% security at all times. Accordingly, we cannot guarantee the security of information stored on or transmitted to or from our services. We cannot assume responsibility or liability for unauthorized access to our servers and systems. When disclosing any personal or protected health information, you should remain mindful of the fact that it is potentially accessible to the public and, consequently, can be collected and used by others without your consent. Accordingly, you should consider carefully if you want to submit sensitive information that you would not want disclosed to the public and should recognize that your use of the Internet and our sites and services is solely at your risk. You are ultimately responsible for maintaining the secrecy for all your personal information, including your protected health information. Except as provided in a Business Associate Agreement between us and a healthcare provider network, we have no responsibility or liability to anyone for the security of your personal or protected health information transmitted via the Internet.
Steps You Can Take
9. Linked Websites and Services
We may also provide social media features on our sites and services that enable you to share personal information with your social network(s) and to interact with our sites and services. Depending on the features, your use of these features may result in the collection or sharing of personal information about you. We encourage you to review the privacy policies and settings on the social media site(s) with which you interact.
Our sites and services may include collection, transmission, and storage of protected health information you submit for healthcare providers or that healthcare providers submit to us and is subject to special rules under the Health Insurance Portability and Accountability Act of 1996 or “HIPAA”. Our use and disclosure of your protected health information or a healthcare providers data that you or the healthcare provider submits with certain sites and services, is governed by HIPAA.
Use and Disclosure of Your Protected Health Information
When you use certain services (for example, appointment request) all protected health information that you submit is used and disclosed by us as a Business Associate (as defined by HIPAA) according to the terms of a Business Associate Agreement between us and that healthcare provider. This means that we may only use and disclose your protected health information on behalf of, or to provide services to, the healthcare provider according to the Business Associate Agreement. There are three exceptions to this use and disclosure rule. We may use and disclose your protected health information (i) for our internal management and administration; (ii) to carry out our legal responsibilities; and (iii) to perform certain data aggregation services for the healthcare provider and other healthcare providers; provided that, any disclosures for our internal management and administration or to carry out our legal responsibilities are either required by law or made after we obtain reasonable assurances from the person to whom the protected health information is disclosed that it will be held confidentially and used or further disclosed only as required by law or for the purpose for which it was disclosed to that person.
Some of the services for a particular healthcare provider may be provided by our subcontractors. The subcontractor must comply with the same terms and conditions for the protected health information that apply to us as a Business Associate of the healthcare provider.
How to Access, Change, or Remove Your Protected Health Information
To comply with HIPAA, your healthcare provider must provide you with rights in certain circumstances with respect to your protected health information. Very generally described, these rights are a right to restrict the uses and disclosures of, a right of access to, a right to amend, and a right to receive an accounting of, the disclosures of your protected health information. These limited rights will be described in detail in the healthcare provider’s notice of privacy practices. If you wish to restrict the uses and disclosures of your protected health information, amend, or receive an accounting of the disclosures of your protected health information, then you must do so through your healthcare provider.
Upon termination of our Business Associate Agreement with a particular healthcare provider, we generally must return or destroy all protected health information received on behalf of or created for that particular healthcare provider and then maintained in any form by us or a subcontractor. If you engaged in our sites and services with that healthcare provider, any protected health information that you submitted with our sites and services or otherwise maintained by us or a subcontractor in connection with our sites and services will be returned to the healthcare provider or destroyed by us or such subcontractor. This means that until the Business Associate Agreement is terminated with that healthcare provider, we or a subcontractor can use and disclose your protected health information as described in the “Use and Disclosure of Your Protected Health Information” section above.
11. Children’s and Minor’s Privacy
Our sites and services are intended for general audiences and are not targeted to children under 13. We do not knowingly collect personal information from children under the age of 13 or utilize plug-ins or ad networks that collect personal information through child-directed third party websites or online services. If you are under 13, please do not disclose or provide any information. If we learn that we have collected personal information from a child under 13, we will take steps to promptly delete the information. Should this policy change, we would comply with the Children’s Online Privacy Protection Act, which requires us to notify and obtain consent from a parent or guardian before we collect, use, and disclose the personal information of children who are under 13 years of age.
Unless our sites and services contain the “Privacy Rights for California Minors in the Digital World” supplemental terms, our sites and services do not collect age from users under 18. If you reside in California and are a minor (you are under 18 years of age) and you are using a site or service that collects your age as a registration requirement and you submit content, please follow the instructions on the supplemental terms to request removal of public content. If such supplemental terms are not available, you can request the removal of content or information you have posted by emailing [email protected] with “California Minor Content Removal Request” in the subject line and in the body of your message. Please specify in your request the site(s) or service(s) to which your request relates, including any URLs where the content or information is posted, and the specific content or information you posted for which you are requesting removal. Please note that this removal does not ensure complete or comprehensive removal of the content or information posted on our sites and services if the content you posted has been shared or reposted. We are only obligated to remove content that you post, where you posted it. There are certain circumstances in which we do not have to remove your content, including if any other state or federal law requires us to maintain the information, we anonymize the content by removing identifying characteristics, the content was stored, republished or reposted by a third party, you do not follow the instructions in this Section or we paid you or you were otherwise compensated for the content you posted. Without limiting the generality of the foregoing, our services may allow users above the age of 18 (such as healthcare providers, parents and guardians) to submit personal information about others, including minors. Such users assume full responsibility over their submission, use and transmission of such information.
12. International Users
We are headquartered in the United States. Our sites and services are hosted and administrated in the United States or hosted with cloud service providers who are headquartered in the United States and are intended for users in the United States. If you are located outside the United States, be aware that information you provide to us or that we obtain as a result of your use of our sites and services may be processed in, transferred to, and stored in the United States and will be subject to U.S. law. U.S. privacy and data protection laws may not be equivalent to the laws of your country of residence. By using our sites and services or providing us with your information, you consent to the collection, transfer, storage, and processing of information to and in the United States.
13. California Privacy Rights
We do not share personal information with third parties for their direct marketing purposes unless you affirmatively agree to such disclosure, typically by “opting in” to receive information from a third party that is participating in a sweepstakes or other promotion on one of our sites, for example. If you ask us to share your personal information with a third party for its marketing purposes, we will only share information in connection with that specific promotion since we do not share information with any third party (other than our service providers) on an ongoing basis. To prevent disclosure of your personal information for use in direct marketing by a third party, do not “opt in” to such use when you provide personal information on one of our sites.
Users residing in certain jurisdictions, like California, have a right to access personal information held by us about them and their right of access can be exercised in accordance with applicable law. California law requires certain businesses to respond to requests from California residents asking about the business’s practices related to disclosing personal information to third parties for the third parties’ direct marketing purposes. Alternately, such businesses may have in place a policy not to disclose personal information of customers to third parties for the third parties’ direct marketing purposes if the resident has exercised an option to opt-out of such information-sharing. We have such a policy in place.
California residents may request further information about our approach to this law by writing to us. When writing to us, you must put the statement “Your California Privacy Rights” in the body or subject line of your request, and include (i) the name of the site about which you are contacting us, (ii) any unique site identifier associated with you (like member number or forum handle), (iii) your name, and (iv) your contact information. Please submit requests by emailing us at [email protected] and allow 30 days for a response. We will not accept requests via the telephone, mail, or by facsimile, and we are not responsible for notices that are not labeled or sent properly, or that do not have complete information.
14. Contacting Us
Last Updated: October 30, 2017.