Privacy Notice for California Residents

This PRIVACY NOTICE FOR CALIFORNIA RESIDENTS supplements the information contained in the Privacy Policy of Hemedicus, Inc. ("Hemedicus" or "we," "us," or "our") and applies solely to our users who are residents of the State of California ("consumers" or "you") in relation to your use of our services, products, websites and other communications (collectively, the "Services").

We adopt this notice to comply with the California Consumer Privacy Act of 2018 ("CCPA") and other California privacy laws. Any terms defined in our Privacy Policy or in the CCPA have the same meaning when used in this notice.

Information we collect.

We have collected the following categories of information from consumers within the last twelve (12) months:

Category Examples Collected
A. Identifiers. A real name, alias, postal address, unique personal identifier, online identifier, Internet Protocol address, email address, account name, Social Security number, driver's license number, passport number, or other similar identifiers. Yes
B. Personal information listed under Cal. Civ. Code § 1798.80(e). A name, signature, Social Security number, physical characteristics or description, address, telephone number, passport number, driver's license or state identification card number, insurance policy number, education, employment, employment history, bank account number, credit card number, debit card number, or any other financial information, medical information, or health insurance information. Some personal information included in this category may overlap with other categories. Yes
C. Protected classification characteristics under California or federal law. Age (40 years or older), race, color, ancestry, national origin, citizenship, religion or creed, marital status, medical condition, physical or mental disability, sex (including gender, gender identity, gender expression, pregnancy or childbirth and related medical conditions), sexual orientation, veteran or military status, genetic information (including familial genetic information). Yes
D. Commercial Information. Records of personal property, products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies. Yes
E. Biometric Information. Genetic, physiological, behavioral, and biological characteristics, or activity patterns used to extract a template or other identifier or identifying information, such as, fingerprints, faceprints, and voiceprints, iris or retina scans, keystroke, gait, or other physical patterns, and sleep, health, or exercise data. No
F. Internet or other similar network activity. Browsing history, search history, information on a consumer's interaction with a website, application, or advertisement. Yes
G. Geolocation data. Physical location or movements. Yes
H. Sensory data. Audio, electronic, visual, thermal, olfactory, or similar information. No
I. Professional or employment-related information. Current or past job history or performance evaluations. Yes
J. Non-public education information. Education records directly related to a student maintained by an educational institution or party acting on its behalf, such as grades, transcripts, class lists, student schedules, student identification codes, student financial information, or student disciplinary records. No
K. Inferences drawn from other personal information. Profile reflecting a person's preferences, characteristics, psychological trends, predispositions, behavior, attitudes, intelligence, abilities, and aptitudes. Yes

Certain information that we collect identifies, relates to, describes, references, is capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer or household ("personal information").

Personal information does not include:

  • Publicly available information from government records.
  • De-identified or aggregated consumer information.
    • Information included in categories D and G is collected and used in a de-identified and/or aggregated manner.
  • Information excluded from the CCPA's scope, like:
    • health or medical information covered by the Health Insurance Portability and Accountability Act of 1996 (HIPAA) and the California Confidentiality of Medical Information Act (CMIA) or clinical trial data; or
    • personal information covered by certain sector-specific privacy laws, including the Fair Credit Reporting Act (FRCA), the Gramm-Leach-Bliley Act (GLBA) or California Financial Information Privacy Act (FIPA), and the Driver's Privacy Protection Act of 1994.

Categories of sources from which information is collected.

As described in our Privacy Policy, we may obtain the categories of personal information listed above from the following categories of sources:

  • Directly from you, such as when you register for meetings through our website.
  • Indirectly from you, such as information we may collect in the course of providing the Services.
  • Directly and indirectly from your activity on our website, as described below under Cookies.
  • From third parties that interact with us in connection with the Services, such as from third party vendors.

Cookies

We use cookies to collect information about your use of the Services. A cookie is a small amount of data, which often includes an anonymous unique identifier that is sent to your browser from a website's computers and stored on your computer's hard drive.

The Site uses its own cookies for a number of purposes, including to:

Access your information when you sign in so we can provide you with customized content or remember the last page you visited at the Site

Keep track of preferences you specify while you are using the Site

Provide general internal and customer analytics

Conduct research to improve the Site’s content, products, and services

Assist in identifying possible fraudulent activities

Use of personal information.

The personal data included in each of categories A, B, C, D, F, G, I and K described above may be used for the following business purposes:

  • Provision of the Services. We may use your personal information to provide you with the Services.
  • Internal Business Purposes. Your personal data may also be used for our internal business purposes such as improving our Services.
  • Communications and Research. Your personal data may be used to contact you and to conduct research.
  • Personalize the Services. We may use your personal information to customize the content you see.
  • Verification Purposes. We may use your information in conjunction with information from third parties to recognize you as a registered member when you visit our website and to verify your identity and/or professional credentials. We may require you to provide proof of your identity, including that you are a healthcare professional, and if you are unable to do so to our reasonable satisfaction, we reserve the right to deny you access to the Services.
  • Account Management. We may use your information to administer your account, respond to your inquiries, fulfill your requests and send you administrative communications about the Services.
  • Investigations. We may use your information to detect, investigate and defend against fraudulent or unlawful activity, violations of our Terms of Use and to otherwise establish, exercise and defend our legal rights.

Sharing your personal information

Personal information disclosed for a business purpose

  • Service Providers. We work with third party service providers to help us provide the Services and to otherwise assist us in the operation of our website, including in the areas of email management and deployment, analytics, marketing, market research, identity and professional credential validation, customer service, payment fulfillment, event logistics, website maintenance and data storage and security. We may provide these service providers with personal information about users of our Services so that they can fulfill their responsibilities to us, and we require that they agree to limit their use of this personal information to the fulfillment of these responsibilities.
  • Continuing Medical Education ("CME")/Continuing Education ("CE"). We are required periodically to submit aggregated data about CME/CE participants and the CME/CE activities, as well as personally identifiable information, to accredited CME/CE providers who certify CME/CE meetings posted on Hemedicus.com, as required by the Accreditation Council for Continuing Medical Education and other accrediting bodies. These reports may include personally identifiable information about you and credits issued to you, for the purpose of maintaining records that you can request from the accredited provider for up to six (6) years.
  • Consent. We may disclose your personal information to a third party in a manner not addressed by this Notice subject to your consent at such time.
  • Aggregated Information. We may provide aggregated information about users of our Services to provide anonymous reporting for internal and external clients.
  • Legal Requirements. We may release personal information when we believe release (i) is required to comply with valid legal requirements such as a law, regulation, search warrant, subpoena or court order and to meet national security or law enforcement requirements; or (ii) is reasonable in response to a physical threat to you or others, to protect property or defend or assert legal rights of us or others.

In the preceding twelve (12) months, we may have disclosed the personal information included in categories A, B, C, F, I and K described above for each business purposes described above depending on your use of the Services described herein.

Personal information "sold" to third parties

We do not offer an opt-out from the sale of personal information because Hemedicus does not engage in the sale of personal information as contemplated by the CCPA.

Your rights

The CCPA provides California consumers with specific rights regarding their personal information. This section describes your CCPA rights and explains how to exercise those rights.

Access to specific information and data portability rights

You have the right to request that we disclose certain information to you about our collection and use of your personal information over the past 12 months. Once we receive and confirm your verifiable consumer request, we will disclose to you:

  • the categories of personal information we collected about you.
  • the categories of sources for the personal information we collected about you.
  • our business or commercial purpose for collecting that personal information.
  • the categories of third parties with whom we share that personal information.
  • the specific pieces of personal information we collected about you (also called a data portability request).
  • if we disclosed your personal information for a business purpose, two separate lists containing disclosures for a business purpose, identifying the personal information categories that each category of recipient obtained.

You may only make a verifiable consumer request for access or data portability twice within a 12-month period.

Deletion request rights

You have the right to request that we delete any of your personal information that we collected from you and retained, subject to certain exceptions. Once we receive and confirm your verifiable consumer request, we will delete (and direct our service providers to delete) your personal information from our records, unless an exception applies.

We may deny your deletion request if retaining the information is necessary for us or our service providers to:

  • complete the transaction for which we collected the personal information, provide a good or service that you requested, take actions reasonably anticipated within the context of our ongoing business relationship with you, or otherwise perform our contract with you.
  • detect security incidents, protect against malicious, deceptive, fraudulent, or illegal activity, or prosecute those responsible for such activities.
  • debug products to identify and repair errors that impair existing intended functionality.
  • exercise free speech, ensure the right of another consumer to exercise their free speech rights, or exercise another right provided for by law.
  • comply with the California Electronic Communications Privacy Act (Cal. Penal Code § 1546 seq.).
  • engage in public or peer-reviewed scientific, historical, or statistical research in the public interest that adheres to all other applicable ethics and privacy laws, when the information's deletion may likely render impossible or seriously impair the research's achievement, if you previously provided informed consent.
  • enable solely internal uses that are reasonably aligned with consumer expectations based on your relationship with us.
  • comply with a legal obligation.
  • make other internal and lawful uses of that information that are compatible with the context in which you provided it.

Exercising access, data portability, and deletion rights

To exercise the access, data portability and deletion rights described above, please submit a request to us by either:

  • Calling us at (866) 967-1410.
  • Clicking here.

By calling the toll-free number or using the above form, you will be asked to provide certain identifying information, such as name, email, residency and date of birth, which we will only use to process or verify your request. You will be asked to validate your request by clicking a validation link in an email that will be sent to the email address provided.

You may also be asked to provide further verifying documentation, such as proof of residency and identity.

The verifiable consumer request must:

  • Provide sufficient information that allows us to reasonably verify you are the person about whom we collected personal information or an authorized representative.
  • Describe your request with sufficient detail that allows us to properly understand, evaluate, and respond to it.

Only you or a person registered with the California Secretary of State that you authorize to act on your behalf, may make a verifiable consumer request related to your personal information. You may also make a verifiable consumer request on behalf of your minor child. If you are making a request through an authorized agent acting on your behalf, such authorized agent must provide proof of written authorization to do so, and you must verify your identity directly with us, unless such authorized agent provides proof of a power of attorney pursuant to Probate Code sections 4000 to 4465.

We cannot respond to your request or provide you with personal information if we cannot verify your identity or authority to make the request and confirm the personal information relates to you. Making a verifiable consumer request does not require you to create an account with us. We will only use personal information provided in a verifiable consumer request to verify the requestor's identity or authority to make the request.

Response Timing and Format

We endeavor to respond to a verifiable consumer request within 45 days of its receipt. If we require more time (up to 90 days), we will inform you of the reason and extension period in writing. Any disclosures we provide will cover a period of no less than 12 months preceding the receipt of a verifiable consumer request. The response we provide will also explain the reasons we cannot comply with a request, if applicable. For data portability requests, we will select a format to provide your personal information that is readily useable and should allow you to transmit the information from one entity to another entity without hindrance.

We do not charge a fee to process or respond to your verifiable consumer request unless it is excessive, repetitive, or manifestly unfounded. If we determine that the request warrants a fee, we will tell you why we made that decision and provide you with a cost estimate before completing your request.

Non-Discrimination

We will not discriminate against you for exercising any of your CCPA rights. Unless permitted by the CCPA, we will not:

  • Deny you goods or services.
  • Charge you different prices or rates for goods or services, including through granting discounts or other benefits, or imposing penalties.
  • Provide you a different level or quality of goods or services.
  • Suggest that you may receive a different price or rate for goods or services or a different level or quality of goods or services.

We may provide a different level of Services if the difference is reasonably related to value provided by your data.

Changes to this privacy notice

We reserve the right to change or modify this privacy notice and any of our Services at any time and any changes will be effective upon being posted unless we advise otherwise. By continuing to use the Services after changes are made to this privacy notice, you agree to such changes. We encourage you to periodically review this privacy notice for the latest information on our privacy practices.

Contact information

Please send us an email by using the Contact Us link at the bottom of every page of our website if you have any questions about this Notice. We will respond to your request within a reasonable timeframe.

Effective Date: January 1, 2020