scIQ Privacy Policy
...we care about our community...we protect your data
Last updated on March 16, 2020. This Privacy Policy is
effective March 16, 2020.
scIQ takes issues of privacy and the protection not only of
personal health information, but all kinds of information about your private
life very seriously. As discussed below we take great efforts to protect your
information from disclosure, to use your information only to provide services
to you, to improve the service for you, to improve our ability to provide
services to other people in a similar situation, and to assist researchers in
finding better ways to improve health.
WE DO NOT SELL OR RENT YOUR PERSONAL DATA TO THIRD PARTIES.
WE DON’T SHARE YOUR INFORMATION (OTHER THAN FORUM POSTS) TO SOCIAL NETWORKS OR
OTHER PUBLIC OR SEMI-PUBLIC PLACES UNLESS INSTRUCTED BY YOU TO DO SO.
We only disclose your information to you or as you authorize
us to (although we may include certain elements of that information in our
database on an anonymized basis). However, we wish to remind you that the kind
of information scIQ collects is significantly more sensitive than the
information you may be providing to other application providers – and you
should be extra careful before instructing us to share that information with
anyone else. Your health information is very sensitive. We recognize that and
recommend that you take extra care before deciding to ask us to share it with
anyone.
Please read this Privacy Policy carefully. It is a material
part of the contractual agreement between you and Skinalytics, Inc. (“scIQ”,
“we”, “us”, or “our”). Capitalized terms used in this Privacy Policy and not
defined herein shall have the definitions provided in our Terms of Use
Agreement. This Privacy Policy describes the ways we collect, protect, use and
store your personal data. Please read this Privacy Policy carefully, and if you
have any questions, feel free to contact us.
PARTICULARLY IMPORTANT INFORMATION
Who We are: For the purpose of applicable data protection
legislation, the data controller of your personal data is Skinalytics, Inc. of 3995
Mount Albertine Ave, California. We are in the process of identifying and
appointing a Representative in the EU, but in the meantime, our EU
Representative is Michele Temple-Wong, reachable through [email protected] Our
data protection officer is Michele Temple-Wong, reachable through [email protected]
Must Read Sections: We direct your attention in particular
to the sections entitled “International Data Transfer” and “Your Rights”.
CHANGES TO THE PRIVACY POLICY.
We may amend this Privacy Policy from time to time by
posting a revised copy to our website, http://www.mysci.com (“Website”) or
through our applications, including scIQ (collectively the “scIQ Apps”), and we
encourage you to review it frequently. If we make material changes to this
Privacy Policy, we will alert you through a notice on the scIQ Apps, on our
Website, or through an email prior to such change(s) taking effect. The “Last
Updated” legend above indicates when this Privacy Policy was last changed.
PURPOSES OF PROCESSING
We collect information about you in a range of forms,
including personal data. As used in this Privacy Policy, “personal data” is
consistent with the definition in the General Data Protection Regulation 2018
and any successor legislation, as well as the California Consumer Privacy Act,
and includes any information which, either alone or in combination with other information
we hold about you, identifies you as an individual, including, for example,
your name, postal address, email address and telephone number, and in the case
of scIQ, includes “Sensitive Personal Data.”
We will only process your personal data in accordance with
applicable data protection and privacy laws. We need certain personal data in
order to provide you with access to certain parts of the Website and to access
the scIQ Apps and any other of our products or services (collectively, the
“Services”). If you created a profile/registered with us through the Services
or the Website on a mobile device or through any other means, you will have
been asked to tick a box to agree to the use and disclosure of your personal
data as outlined below. This consent provides us with the legal basis we
require under applicable law to process your data. You maintain the right to
withdraw such consent at any time. Furthermore, scIQ’s Services may require you
to share Sensitive Personal Data (defined below) with us, for which we will
seek separate consent. If you do not agree to this Privacy Policy and our Terms
of Use Agreement, do not use any of the scIQ Apps or the Website or any of the
Services.
Note that not all scIQ account types and features are
available in all locations. Some of the examples below may not apply where you
live.
WHAT WE COLLECT
Information You Give Us:
scIQ gives you a number of options regarding what
information you will give us:
·
When you register to create an account with scIQ
and/or scIQ Premium (whether through one of the scIQ Apps or on the Internet);
·
When you participate on a Forum or other
communication mechanism; and
·
When you update a scIQ App or the Website with
information relevant to your demographics or skin information.
When you register with scIQ you will submit a variety of
personal data (such as gender, age, birthdate, name, email address, mobile
phone number, location information) and as you use the scIQ Apps you may submit
a variety of information (such as skin type, skin conditions, skin medical
history, skin sensitivities or allergies, and skin reactions to skin care
products) which may include sensitive personal data about personal health
issues and/or information related to your past, present, or future physical or
mental health condition (“Sensitive Personal Data”). You may also choose to
provide us with access to certain personal data stored by third parties
including social media sites (such as Facebook and Twitter) and health sites,
such as Apple HealthKit and Google Fit. The information we have access to
varies by site and is controlled by your privacy settings on that site and your
authorization. You may (and may be required to) share information about or give
us access to additional third-party websites or services.
If you register to use scIQ features with a healthcare
provider, we will share personal data including Sensitive Personal Data with
your healthcare provider that is using such features.
Also, when you sign up for scIQ Premium, we may collect
personal data such as credit card numbers and/or cell phone numbers, as well as
other information about you necessary to ensure that a transaction is properly
authorized, such as your address, zip code, and cv number (collectively,
“Payment Information”). We also may retain such Payment Information (or our
third party “fulfillment house”, such as Stripe, may retain such information)
to facilitate future transactions. See “Controlling Your Personal Data” below
if you would like us not to use that information to assist you in completing
future transactions.
By agreeing to this Privacy Policy, you are authorizing the
connections between our Services and your records and our using your personal
data as described herein and therein. Upon your affirmative acceptance of the scIQ
HIPAA Authorization Form and the scIQ Fertility Program Patient Services
Agreement, you authorize scIQ to use all such personal data, including data
that may relate to HIV and/or other sexually transmitted diseases, mental and
behavioral health conditions and treatment, substance abuse conditions and
treatment, and other Sensitive Personal Data, throughout the term of your use
of the Services, to store such data as described herein, and to store it using
our HIPAA compliant policies and use it only as described in this Privacy
Policy, as required or permitted by law, even once you are no longer using the Service.
You may revoke such authorization with respect to data we have not yet obtained
by contacting us as described below.
User Generated Content
In addition to information about yourself, it may be
possible for you to submit other content ("Content"), such as photos
and other media, each of which you present through technology available through
the Services, including but not limited to our forum. It is entirely up to you
whether you want to submit this additional information, and whether you would
like to make it available to others – although information you share on the
forum will automatically be shared with others, including users of the Services
and others on the internet. However, scIQ has no responsibility for how people
you allow to view your Content (or the public if you make any information
available to the public or post on the forum) use that material, or to whom
they may forward it. We urge you to be very careful when deciding to disclose
your personal data, or any other information, on the forum. Such personal data
and other information will not be private or confidential once it is published
on the forum.
If you send or disclose any Sensitive Personal Data to us
when you submit user generated content on our forum, you consent to our
processing and use of such Sensitive Personal Data in accordance with this
Policy. If you do not consent to our processing and use of such Sensitive
Personal Data, you must not submit such user generated content to our Website.”
Finally, we may use information that you include in emails
or other communication methods to us to assist us in providing the Service, and
we may publish that information on an anonymous basis. Please note also that by
accepting our Terms of Use Agreement, you have agreed that the text of any
posting on any one of the forums, bulletin boards, or other similar publicly
accessible systems offered by scIQ (including any market place or wish list)
may be used and republished by scIQ in its sole discretion and will be made
available to other people through the internet.
In each case, we will collect and record the information you
have provided.
Information We Automatically Collect:
If you visit the scIQ Website, be advised that Company will
maintain web logs to record data about all visitors and customers who use this
website and interact with the Services and we will store this information. All
web logs are stored securely and are accessible to a very limited number of
employees who are required to adhere to strict guidelines regarding user data security
and privacy.
Furthermore, when you use one of the scIQ Apps, we may
record information regarding the use of that scIQ App, including your cell
phone number, and if such facilities are enabled on your cell phone, your
location and similar information.
Finally, in order to provide the best possible service and
to allow us to make certain internal reports and make recommendations, we
collect aggregate information about the use of the Service, including
information about users accessing this website or using the scIQ Apps, such as
Internet protocol addresses, browser type, browser language, referring / exit
pages and URLs, other browser history, platform type, number of clicks, domain
names, landing pages, pages viewed and the order of those pages, the amount of
time spent on particular pages, and the date and time (“Activity Information”).
We use Google Analytics for aggregated, anonymized website traffic analysis. In
order to track your session usage, Google drops a cookie (_ga) with a
randomly-generated ClientID in your browser. This ID is anonymized and contains
no identifiable information like email, phone number, name, etc. We also send
Google your IP Address. We use GA to track aggregated website behavior, such as
what pages you looked at, for how long, and so on. This information is
important to us for improving the user experience and determining site
effectiveness. If you would like to access what browsing information we have -
or ask us to delete any GA data - please delete your _ga cookies, reach out to
us via email at [email protected], and/or install the Google Analytics Opt-Out
Browser Add-On.
When you visit the Services, we may also store information
based on your usage history. This includes, but is not limited to, details of
your transactions, content you viewed, click stream information, and cookies
that may uniquely identify your browser or your account. We use various
technologies to collect and store information which may include sending one or
more cookies or anonymous identifiers to your device. Please refer to the
section on cookies below.
Information We Collect From Other Sources:
You may choose to provide us with access to certain personal
data stored by third parties. The information we have access to varies by site
and is controlled by your privacy settings on that site and your authorization.
You may (and in order to use certain services may be required to) share
information about or give us access to additional third-party websites or
services. Should you do so, you agree that scIQ may collect, store and use this
information in ways consistent with this Privacy Policy.
Information from Social Networking Sites. Our Services
include interfaces that allow you to connect with social networking sites (each
a “SNS”). If you connect to a SNS through our Services, you authorize us to
access, use and store the information that you agreed the SNS could provide to
us based on your settings on that SNS. We will access, use and store that
information in accordance with this Privacy Policy. You can revoke our access
to the information you provide in this way at any time by amending the
appropriate settings from within your account settings on the applicable SNS.
Information from Health Sites. Our Services include
interfaces that allow you to connect with health sites, such as Google Fit or
Apple Fit. We may add this to information we get from our Services. Please
refer to the section “Information Shared with Other Systems, Such As Healthkit
or Google Fit” below for more information.
HOW WE USE/SHARE YOUR INFORMATION
We may use personal data to verify your identity, verify
your address, or manage risk. We may also use personal data to perform and
improve our Services, contact you, conduct research, and provide anonymous
reporting for medical research. For example, we may use information to provide
customer service and support, process transactions, resolve disputes, collect
payments, prevent illegal activities, customize the Services and
recommendations, reduce risk to all parties involved in our transactions, and
verify the accuracy of information.
WE DO NOT SELL OR RENT YOUR PERSONAL DATA TO THIRD PARTIES.
WE DON’T SHARE YOUR INFORMATION (OTHER THAN FORUM POSTS) TO SOCIAL NETWORKS OR
OTHER PUBLIC OR SEMI-PUBLIC PLACES UNLESS INSTRUCTED BY YOU TO DO SO. However,
we may share your personal information with third parties in an aggregate and
anonymous format combined with the information we collect from other users for
research and/or academic purposes only. We may share your personal information
as necessary for scIQ to provide you Services, and possibly to tell you about
products and services of interest to you (subject, in the case of EU residents,
to your consent to receipt of such communications). to fulfill your service
request; to third-party fulfillment houses, customer support, billing and
credit verification services, and the like; to comply with tax and other
applicable law; as otherwise expressly permitted by this privacy policy or the
scIQ terms of use agreement, or as otherwise authorized by you. You should also
note that glow does not guarantee the security of any of your private
transmissions against unauthorized or unlawful interception or access by third
parties.
We make your profile available to other users according to
the privacy settings you set for yourself as part of your profile. Your user
name will be identified to us and to any recipient of messages you send through
the Services, including on forums. We also use your name, email address and
other information on our system to notify you of new product releases, service
notifications, and to solicit your feedback and input. In the event that we
decide to allow you to submit other information about yourself, the
availability of that information to other users will also be controlled by
privacy settings you may set for yourself.
We share your personal data with employees and affiliates,
as well as certain vendors, partners and third parties as required to offer the
Services. This includes, but is not limited to, processing transactions,
maintaining your account, responding to court orders and legal investigations,
for litigation purposes, complying with audits or other investigations, and
reporting to credit bureaus. We do not profit from your personal information
and do not share your information with advertisers unless it is in an
anonymized and aggregate form with information from other users.
We may combine your personal data with information we
collect from other companies and use it to improve and personalize the
Services, content, and communications with you. We may also do so in order to
improve our prediction methodologies and algorithms.
Anonymous Data
We may combine your personal data with information we
collect from other users in an aggregate and anonymous format and share this
anonymous data with third parties. When we use the term “anonymous data,” we
are referring to data and information that does not permit you to be identified
or identifiable, either alone or when combined with any other information
available to a third party. We may create anonymous data from the personal data
we receive about you and other individuals whose personal data we collect.
Anonymous data might include analytics information and information collected by
us using cookies. We make personal data into anonymous data by excluding
information (such as your name) that makes the data personally identifiable to
you. We do this in order to improve the quality of the information we provide
to you and to other users.
Protected Health Information
We maintain “protected health information” (as defined in
the Health Insurance Portability and Accountability Act, “HIPAA”) in compliance
with applicable health care privacy and security rules and our contractual
obligations with our business partners and customers, including health care
providers and their contractors (who are also subject to HIPAA). In the case
where your healthcare provider uses certain scIQ features and you establish an
account with us to allow such usage, we act as a conduit between (a) health
care providers offering fertility-related services, (b) other persons involved
in the arranging, provision or financing of health care services and (c) end
users such as you, and share your protected health information in connection
with those services only in accordance with applicable law.
Marketing
We may use personal data to deliver products, or service
update notices, and promotional offers based on your communication preferences.
With your consent (either in response to an email request or in certain cases,
pursuant to the preferences you’ve expressed in your profile), we may send you
marketing e-mails about upcoming promotions, and other news, including
information about products and services that may be of interest to you. You may
opt-out of receiving such information at any time: such marketing emails tell
you how to “opt-out.” Please note, even if you opt out of receiving marketing
emails, we may still send you non-marketing emails. Non-marketing emails
include emails about your account with us (if you have one) and our business
dealings with you. We may combine your information (after it has been
anonymized) with information we collect from other companies and use it to
improve and personalize the Services, content and advertising. We may also do
so in order to improve our prediction methodologies and algorithms.
Third Party Content
scIQ may use information derived from your use of the
Services to determine what content we believe may be of interest to you,
including content from the providers of goods and services (who may pay us to
show you such content) that you may be able to purchase through the Services or
otherwise. We do not provide any personal data to third-party content
providers. Note, however, that if a third party content provider asks us to
show content to users with certain characteristics (for example, women ages 18-
24) or a segment of that group (for example, women ages 18-24 who have
indicated they are trying to conceive) and you respond to that content or click
on links embedded in that content, the third-party content provider may
conclude that you have the characteristics of the audience that they are trying
to reach. scIQ does not have access to or control over cookies, web beacons, or
other technologies that third parties who have asked us to show you content may
use, and the privacy practices of these third parties are not covered by this
privacy policy. Please contact these companies directly for information on
their data collection and privacy practices.
Affiliates
We may decide to share information about your transactions
and experiences using the scIQ Service (but not about your creditworthiness) to
our affiliates for their everyday business purposes.
Corporate Restructuring
In the event that all or a part of our business or assets
are sold or transferred or we merge with another company your personal data may
be transferred to the buyer/surviving party, but this privacy policy will
continue to control that person’s use of your personal information.
Other Disclosures
We will share your information with any party when required
by law or by a government request to do so or to combat fraud or criminal
activity.
You understand and agree that we may access, preserve, and
disclose any information we may have about you (including personal data and
protected health information) and the contents of your account if required to
do so by law or in a good faith belief that such access, preservation or
disclosure is reasonably necessary to avoid liability, to comply with legal process
(for example, we may disclose your information as necessary to comply with an
authorized civil, criminal or regulatory investigation), such as a search
warrant, subpoena, statute, or court order, or to protect our rights and
property, or that of our affiliates or the public. scIQ is not required to
question or contest the validity of any search warrant, subpoena or other
similar governmental request that it receives. We reserve the right to release
personal data or other information about users who we believe are engaged in
illegal activities or are otherwise in violation of our Terms of Use Agreement,
this Privacy Policy or the scIQ Fertility Program Patient Services Agreement,
even without a subpoena, warrant or court order, if we believe, in our sole
discretion, that such disclosure is necessary or appropriate to operate the scIQ
Apps, our Website or to protect our rights or property, or that of our
affiliates, or our officers, directors, employees, agents, third-party content
providers, suppliers, sponsors, or licensors. We also reserve the right to
report to law enforcement agencies any activities we reasonably believe in our
sole discretion to be unlawful. If we are legally compelled to disclose
information about you to a third party, we will attempt to notify you by
sending an email to the email address in our records unless doing so would
violate the law or unless you have not provided your email address to us.
We also use anonymous data and certain technical information
about your computer and/or smartphone and your access of the Services
(including your Internet protocol address) in order to operate, maintain and
manage the Services. scIQ may disclose that kind of information to its partners
in order to provide the Services, resolve service problems and correct errors
in the Services, to communicate with you about the Services, and to enhance
your experience on the Services. However, we do not give our partners an
independent right to share this information. Due to our contractual obligations
with these third parties and the need to share information to deliver and
support the Services, however, we cannot provide you with the opportunity to
opt-out of sharing such information (whether personal data or other
information) with these third parties. scIQ, certain of its partners, and each
of their contractors and employees may view the content that you upload to the
Services in order to provide the Services and otherwise perform the tasks set
forth in this Privacy Policy.
CONTROLLING YOUR PERSONAL DATA
Be advised that if you send messages or post material on or
forums or elsewhere containing personal data, that data may be collected and
used by others. The Services provide a number of tools that you can use to
control the availability of your profile and other personal data, but forum
posts will be available to the general public. You can edit your profile and
other data at any time through each of the scIQ Apps and/or the Website.
You can terminate your account at any time, which will
remove your profile and other personal data from view. scIQ, however, may (but
is not obligated to) keep information about you that is on its system following
your termination, and your forum posts will continue to be available online.
You may request complete deletion of your personal data (other than forum
posts) by writing [email protected] Subject to the provisions of the scIQ Terms
of Service, if any, we will delete your data within 60 days of our receipt of
that request. Contact scIQ at [email protected] to terminate your account or for
any other questions about your personal data and/or forum posts. Unless you
request the deletion of your personal information and subject to applicable
law, scIQ maintain copies of your content indefinitely, even after you
terminate your account.
INFORMATION SHARED WITH OTHER SYSTEMS, SUCH AS HEALTHKIT OR
GOOGLE FIT
You may instruct us to share certain of your personal data
(including Sensitive Personal Data) with systems such as Apple’s Healthkit or
Google Fit, and to access personal data from those systems which we will use to
improve the services we provide to you and, we hope, make our information more
accurate for you as an individual. Before you tell us to share your information
with another system, however, you should review the applicable privacy policy
of that system, since any information you have instructed us to share will
become subject to those policies (Apple’s policy can be found at
https://www.apple.com/privacy/privacy-policy/) and Google’s Privacy Policy can
be found at http://www.google.com/intl/en_us/policies/privacy/).
In addition, in the event that you use one of those
services, you should be careful about allowing other applications, services or
people to access your information through that service. While much information
collected by those services is innocuous, people who see scIQ data may be able
to determine a variety of personal data, such as that you have skin issues or
histories of skin cancer or other skin conditions.
scIQ does not use or disclose to third parties personal data
or other information gained through the use of the HealthKit framework or
Google Fit for advertising, other use-based data mining purposes or similar
services, other than for purposes of improving health or for purposes of health
or medical research.
We do not disclose any of your personal data, to any third
party without your express permission (other than as provided herein or in
anonymized and aggregated format), and in the case of information gained
through HealthKit or Google Fit such sharing will only be for purposes of
enabling the third party to provide health and/or fitness services or for
medical research.
We do not sell any of your personal data, including personal
data gained through HealthKit or Google Fit, to advertising platforms, data
brokers or information resellers.
We do not use any of the personal data obtained through
HealthKit or Google Fit for any purpose other than providing health and/or
fitness services in connection with the scIQ Apps.
OTHERS’ INFORMATION
You may decide to provide us with another person's email
address so that person may be invited to join scIQ or so that we may facilitate
your communication with other people through the Services. You may also provide
us with another person's contact information for purposes of delivering
information through the scIQ Apps. We use this information to contact and, if
necessary, remind that person that he or she has been invited to join scIQ or
receive content through one of the scIQ Apps. All invitees are provided with
the option not to receive further invitations from scIQ. We may disclose such
information if required to do so in order to comply with legal process, as
described above.
AUTOMATED DECISION MAKING AND PROFILING
We do not generally use your personal data for the purposes
of automated decision-making. However, we may do so in order to fulfill
obligations imposed by law, in which case we will inform you of any such
processing and provide you with an opportunity to object.
COOKIES
The Service may automatically collect usage, analytics,
viewing, logs, metrics and other device and technical data when you access our
Service as an end user. For example, when you access our websites or log into
the scIQ Service, our servers will automatically record certain information
about your device and browser, and we may collect usage, clickstream, event
data, crash data, and other technical data. We, our advertising partners and
our service providers may also use technologies such as cookies, beacons, tags,
Local Storage Objects (LSOs) and scripts to collect this information. Please
consult our "Cookie Policy" for further information.
THIRD PARTY SITES
The Services may contain links to other web sites, and
content in the scIQ Apps may be hosted by other web sites. These other sites
maintain their own policies regarding cookies and the collection and use of
personal data. It is up to you to review those policies yourself.
INTERNATIONAL DATA TRANSFER
Your information, including personal data that we collect
from you, may be transferred to, stored at and processed by us outside the
country in which you reside, including, but not limited to the United States,
where data protection and privacy regulations may not offer the same level of
protection as in other parts of the world. By using the scIQ Apps or Services
you agree to this transfer, storing or processing. We will take all steps
reasonably necessary to ensure that your data is treated securely and in
accordance with this Policy.
SECURITY
We use reasonable organizational, technical and
administrative measures to protect personal data within our organization. If
you have any questions regarding which measures and techniques we use, feel
free to contact us. Unfortunately, no transmission or storage system can be
guaranteed to be completely secure, and transmission of information via the
Internet is not completely secure. If you have reason to believe that your
interaction with us is no longer secure (for example, if you feel that the
security of any account you might have with us has been compromised, please
immediately notify us of the problem by contacting us using the details set
forth in the section titled “Additional Questions” below.
In addition, we urge you to take precautionary measures in
maintaining the integrity of your data. Please be responsible in making sure no
one can see or has access to your personal accounts and log-in username and
password information. If you use a public computer, such as one at a library or
a university, or a shared device, always remember to log out of the scIQ Apps
or Services.
If you use the scIQ Apps or Services through your employer’s
computer network a mobile device owned by your employer or through an internet
café, library or other potentially non-secure internet connection, such use is
at your own risk. It is your responsibility to check beforehand with each such
company’s privacy and security policy with respect to Internet and mobile
device use.
We cannot guarantee the identity of any other person with
whom you may interact in the course of using the scIQ Apps or Services, or the
authenticity of any information that others may provide.
Company is not responsible for your handling, sharing,
re-sharing and/or distribution of your personal health information. Moreover,
if you forward personal health information electronically to another person on
or off any scIQ Apps or the Services, we are not responsible for any harm or
other consequences from third party use or re-sharing of your information.
RETENTION
We will only retain your personal data as long reasonably
required for you to use the scIQ Apps and/or to provide you with the Services
unless a longer retention period is required or permitted by law (for example
for regulatory purposes). You may request that we delete data you have provided
by sending an email to [email protected] Subject to the provisions of the scIQ Terms
of Service, we will delete your data within 60 days of our receipt of that
request.
CHILDREN
We do not knowingly allow individual Users who are
identified as located in the European Economic Area and under the age of 16 or
who are identified as located outside the European Economic Area and under the
age of 13 to create accounts that allow access to our secure site or that use scIQ
Apps, without them obtaining the prior consent of a parent or guardian.
YOUR RIGHTS
Opt-out. You may contact us anytime to opt-out of: (i)
direct marketing communications; (ii) automated decision-making and/or
profiling; (iii) our collection of Sensitive Personal Data; (iv) any new
processing of your personal data that we may carry out beyond the original
purpose; or (v) the transfer of your personal data from a server or business
located in the European Economic Area to a server or business outside the
European Economic Area. Please note that your use of some of the scIQ Apps or
Services may be ineffective upon opt-out.
Access. You may access the information we hold about you at
any time via your profile/account or by contacting us directly.
Amend. You can also contact us to update or correct any
inaccuracies in your personal data.
Move. Your personal data is portable – i.e. you to have the
flexibility to move your data to other service providers as you wish.
Erase and forget. In certain situations, for example when
the information we hold about you is no longer relevant or is incorrect, you
can request that we erase your data.
If you wish to exercise any of these rights, please contact
us using the details set forth in the section titled “Additional Questions”
below. In your request, please make clear: (i) what personal data is concerned;
and (ii) which of the above rights you would like to enforce. For your
protection, we may only implement requests with respect to the personal data
associated with the particular email address that you use to send us your
request, and we may need to verify your identity before implementing your
request. We will try to comply with your request as soon as reasonably
practicable and in any event, within one month of your request. Please note
that we may need to retain certain information for recordkeeping purposes
and/or to complete any transactions that you began prior to requesting such
change or deletion.
COMPLAINTS
We are committed to resolve any complaints about our
collection or use of your personal data. If you would like to make a complaint
regarding this Privacy Policy or our practices in relation to your personal
data, please contact us at: [email protected] We will reply to your complaint
as soon as we can and in any event, within 45 days. We hope to resolve any
complaint brought to our attention. However if you feel that your complaint has
not been adequately resolved, you reserve the right to contact your local data
protection supervisory authority.
ADDITIONAL QUESTIONS
Again, feel free to contact us by sending an email to [email protected],
any time, if you have further questions about scIQ or this Privacy Policy.
Please contact [email protected] if you would like to receive
a copy of this document showing changes from previous versions.
scIQ PRIVACY NOTICE FOR CALIFORNIA RESIDENTS
Effective Date: March 16, 2020
Last Reviewed on: March 16, 2020
This Privacy Notice for California Residents supplements the
information contained in our privacy policy above and applies solely to all
visitors, users, and others who reside in the State of California (“consumers”
or “you”). We adopt this notice to comply with the California Consumer Privacy
Act of 2018 (CCPA) and any terms defined in the CCPA have the same meaning when
used in this notice.
INFORMATION WE COLLECT
Our Website and Applications (the “Platform”) collects
information that identifies, relates to, describes, references, is capable of
being associated with, or could reasonably be linked, directly or indirectly,
with a particular consumer or device (”personal information”). In particular,
our Platform has collected the following categories of personal information
from its consumers within the last twelve (12) months:
Category A: Identifiers
Examples: A real name, Internet Protocol address, email
address, account name, iOS IDFAs, Android Ads IDs or other similar identifiers.
Collected: YES
Category B: Personal information categories listed in the
California Customer Records statute (Cal. Civ. Code § 1798.80(e)).
Examples: A name, signature, Social Security number,
physical characteristics or description, address, telephone number, passport
number, driver’s license or state identification card number, insurance policy
number, education, employment, employment history, bank account number, credit
card number, debit card number, or any other financial information, medical
information, or health insurance information. Some personal information
included in this category may overlap with other categories.
Collected: YES.
Category C: Protected classification characteristics under
California or federal law.
Examples: Age (40 years or older), race, color, ancestry,
national origin, citizenship, religion or creed, marital status, medical
condition, physical or mental disability, sex (including gender, gender
identity, gender expression, pregnancy or childbirth and related medical
conditions), sexual orientation, veteran or military status, genetic
information (including familial genetic information).
Collected: YES
Category D: Commercial Information.
Examples: Records of personal property, products or services
purchased, obtained, or considered, or other purchasing or consuming histories
or tendencies.
Collected: YES
Category E: Biometric information.
Examples: Genetic, physiological, behavioral, and biological
characteristics, or activity patterns used to extract a template or other
identifier or identifying information, such as, fingerprints, faceprints, and
voiceprints, iris or retina scans, keystroke, gait, or other physical patterns,
and sleep, health, or exercise data.
Collected: YES
Category F: Internet or other similar network activity.
Examples: Browsing history, search history, information on a
consumer’s interaction with a website, application, or advertisement.
Collected: YES
Category G: Geolocation data.
Examples: Physical location or movements.
Collected: YES (if selected and enabled by user)
Category H: Sensory data.
Examples: Audio, electronic, visual, thermal, olfactory, or
similar information.
Collected: NO
Category I: Professional or employment-related information.
Examples: Current or past job history or performance
evaluations.
Collected: NO
Category J: Non-public education information (per the Family
Educational Rights and Privacy Act (20 U.S.C. Section 1232g, 34 C.F.R. Part
99)).
Examples: Education records directly related to a student
maintained by an educational institution or party acting on its behalf, such as
grades, transcripts, class lists, student schedules, student identification
codes, student financial information, or student disciplinary records.
Collected: NO
Category K: Inferences drawn from other personal
information.
Examples: Profile reflecting a person’s preferences,
characteristics, psychological trends, predispositions, behavior, attitudes,
intelligence, abilities, and aptitudes.
Collected: YES
Personal information does not include:
·
Publicly available information from government
records.
·
De-identified or aggregated consumer
information.
·
Information excluded from the CCPA’s scope,
like:
o
health or medical information covered by the
Health Insurance Portability and Accountability Act of 1996 (HIPAA) and the
California Confidentiality of Medical Information Act (CMIA) or clinical trial
data;
o
personal information covered by certain
sector-specific privacy laws, including the Fair Credit Reporting Act (FRCA),
the Gramm-Leach-Bliley Act (GLBA) or California Financial Information Privacy
Act (FIPA), and the Driver’s Privacy Protection Act of 1994.
scIQ obtains the categories of personal information listed
above from the following categories of sources:
Directly from you. For example, from forms you complete on
our website. If you send messages or post material on or forums or elsewhere
containing personal data, that data may be collected and used by others.
Indirectly from you. For example, from observing your
actions on our website or interactions with our advertisers.
From apps you associate with our Platform. For example, if
you instruct us to share certain of your personal data (including Sensitive
Personal Data) with systems such as Apple’s Healthkit or Google Fit, and to
access personal data from those systems which we will use to improve the
services we provide to you and, we hope, make our information more accurate for
you as an individual.
USE OF PERSONAL INFORMATION
We may use, or disclose the personal information we collect
for one or more of the following business purposes:
·
To fulfill or meet the reason you provided the
information. For example, if you share your name and contact information to
request a price quote or ask a question about our products or services, we will
use that personal information to respond to your inquiry. If you provide your
personal information to purchase a product or service, we will use that
information to process your payment and facilitate delivery. We may also save
your information to facilitate new product orders or process returns.
·
To provide customer service and support,
personalize, and develop and improve our Website, products, and services.
·
To create, maintain, customize, and secure your
account with us.
·
To process transactions, resolve disputes,
collect payments, prevent illegal activities, customize the Services and
recommendations, reduce risk to all parties involved in our transactions,
verify the accuracy of information and to respond to your inquiries, including
to investigate and address your concerns and monitor and improve our responses.
·
To respond to law enforcement requests and as
required by applicable law, court order, or governmental regulations.
·
To help maintain the safety, security, and
integrity of our Website, products and services, databases and other technology
assets, and business.
As described to you when collecting your personal information
or as otherwise set forth in the CCPA.
We will not collect additional categories of personal
information or use the personal information we collected for materially
different, unrelated, or incompatible purposes without providing you notice.
SHARING PERSONAL INFORMATION
We may disclose your personal information to a third party
for a business purpose or sell your personal information, subject to your right
to opt-out of those sales (see Personal Information Sales Opt-Out and Opt-In
Rights). When we disclose personal information for a business purpose, we enter
a contract that describes the purpose and requires the recipient to both keep
that personal information confidential and not use it for any purpose except
performing the contract. The CCPA prohibits third parties who purchase the
personal information we hold from reselling it unless you have received
explicit notice and an opportunity to opt-out of further sales.
We share your personal information with the following
categories of third parties: We do not share your personal information with
third parties, but you should be aware that when you are entering credit card
and similar information, you are actually using a service provided by Stripe
and the information you provide is not given to us, but is subject to their
privacy policy, available at https://stripe.com/privacy.
DISCLOSURES OF PERSONAL INFORMATION FOR A BUSINESS PURPOSE
scIQ may share the following categories of your personal
information for a business purpose (as we have done for the preceding 12
months) to provide you with a variety of the scIQ Platform’s features and
services:
·
Personal identifiers, such as your name, address,
email address, date of birth, government identification number (such as social
security number), driver’s license information, vehicle information, and car
insurance information.
·
Personal information such as your age, gender,
and pregnancy status whether you are trying to conceive (TTC), not trying to
conceive (non-TTC) or pregnant.
·
Financial information, such as bank routing
numbers, tax information, and any other payment information you provide us.
·
Commercial information, such as your transaction
history.
·
Internet or other electronic network activity
information, such as your IP address, type of browser, version of operating
system, carrier and/or manufacturer, device identifiers, and mobile advertising
identifiers.
·
Location data. We may use certain information
like your IP address or other Device Information or Log Information to estimate
your location (e.g., your city or state). We may also request to use
location-enabled services on your device (which typically provide GPS or Wi-Fi
access point details) to enhance our Services. We will only use these
location-enabled services on your device with your consent, though.
In Connection with Sale or Merger: We may share your
personal information while negotiating or in relation to a change of corporate
control such as a restructuring, merger, or sale of our assets.
Upon your further direction: With your permission or upon
your direction, we may disclose your personal information to interact with a
third party or for other purposes.
SALES OF PERSONAL INFORMATION
The definition of “sale” in California law is somewhat
ambiguous. In the preceding twelve (12) months, Company has not sold your
personal information as we understand that term and does not anticipate doing
so in the future. However, you should review the discussion above to see how
certain aspects of your personal information are used, some of which may be
treated as a “sale” under California law.
YOUR RIGHTS AND CHOICES
The CCPA provides consumers (California residents) with
specific rights regarding their personal information. This section describes
your CCPA rights and explains how to exercise those rights.
ACCESS TO SPECIFIC INFORMATION AND DATA PORTABILITY RIGHTS
You have the right to request that we disclose certain
information to you about our collection and use of your personal information
over the past 12 months. Once we receive and confirm your verifiable consumer
request, we will disclose to you:
·
The categories of personal information we
collected about you.
·
The categories of sources for the personal
information we collected about you.
·
Our business or commercial purpose for
collecting or selling that personal information.
·
The categories of third parties with whom we
share that personal information.
·
The specific pieces of personal information we
collected about you (also called a data portability request).
If we sold or disclosed your personal information for a
business purpose, two separate lists disclosing:
·
sales, identifying the personal information
categories that each category of recipient purchased; and
·
disclosures for a business purpose, identifying
the personal information categories that each category of recipient obtained.
DELETION REQUEST RIGHTS
You have the right to request that we delete any of your
personal information that we collected from you and retained, subject to
certain exceptions. Once we receive and confirm your verifiable consumer
request, we will delete (and direct our service providers to delete) your
personal information from our records, unless an exception applies.
We may deny your deletion request if retaining the
information is necessary for us or our service provider(s) to:
·
Complete the transaction for which we collected
the personal information, provide a good or service that you requested, take
actions reasonably anticipated within the context of our ongoing business
relationship with you, or otherwise perform our contract with you.
·
Detect security incidents, protect against
malicious, deceptive, fraudulent, or illegal activity, or prosecute those
responsible for such activities.
·
Debug products to identify and repair errors
that impair existing intended functionality.
·
Exercise free speech, ensure the right of
another consumer to exercise their free speech rights, or exercise another
right provided for by law.
·
Comply with the California Electronic
Communications Privacy Act (Cal. Penal Code § 1546 et. seq.).
·
Engage in public or peer-reviewed scientific,
historical, or statistical research in the public interest that adheres to all
other applicable ethics and privacy laws, when the information’s deletion may
likely render impossible or seriously impair the research’s achievement, if you
previously provided informed consent.
·
Enable solely internal uses that are reasonably
aligned with consumer expectations based on your relationship with us.
·
Comply with a legal obligation.
·
Make other internal and lawful uses of that
information that are compatible with the context in which you provided it.
EXERCISING ACCESS, DATA PORTABILITY, AND DELETION RIGHTS
To exercise the access, data portability, and deletion
rights described above, please submit a verifiable consumer request to us by
sending us a message on our website or calling us at 1 (513) 813-1382. Only
you, or a person registered with the California Secretary of State that you
authorize to act on your behalf, may make a verifiable consumer request related
to your personal information. You may also make a verifiable consumer request
on behalf of your minor child.
You may only make a verifiable consumer request for access or
data portability twice within a 12-month period. The verifiable consumer
request must:
·
Provide sufficient information that allows us to
reasonably verify you are the person about whom we collected personal
information or an authorized representative.
·
Describe your request with sufficient detail
that allows us to properly understand, evaluate, and respond to it.
We cannot respond to your request or provide you with
personal information if we cannot verify your identity or authority to make the
request and confirm the personal information relates to you. We will only use
personal information provided in a verifiable consumer request to verify the
requestor’s identity or authority to make the request.
RESPONSE TIMING AND FORMAT
We endeavor to respond to a verifiable consumer request
within forty-five (45) days of its receipt. If we require more time (up to an
additional 45 days), we will inform you of the reason and extension period in
writing. We will deliver our written response by mail or electronically, at
your option. Any disclosures we provide will only cover the 12-month period
preceding the verifiable consumer request’s receipt. The response we provide
will also explain the reasons we cannot comply with a request, if applicable.
For data portability requests, we will select a format to provide your personal
information that is readily useable and should allow you to transmit the
information from one entity to another entity without hindrance, specifically
by electronic mail communication.
We do not charge a fee to process or respond to your
verifiable consumer request unless it is excessive, repetitive, or manifestly
unfounded. If we determine that the request warrants a fee, we will tell you
why we made that decision and provide you with a cost estimate before
completing your request.
PERSONAL INFORMATION SALES OPT-OUT AND OPT-IN RIGHTS
If you are 16 years of age or older, you have the right to
direct us to not sell your personal information at any time (the “right to
opt-out”). We do not sell the personal information of consumers we actually
know are less than 16 years of age, unless we receive affirmative authorization
(the “right to opt-in”) from either the consumer who is between 13 and 16 years
of age, or the parent or guardian of a consumer less than 13 years of age.
Consumers who opt-in to personal information sales may opt-out of future sales
at any time. To exercise the right to opt-out, you (or your authorized
representative) may submit a request to us by the following means: visiting our
webpage and sending us a message, sending us an email at [email protected] , or
sending a letter to our address listed in this Privacy Policy.
Once you make an opt-out request, we will wait at least
twelve (12) months before asking you to reauthorize personal information sales.
However, you may change your mind and opt back in to personal information sales
at any time by visiting our website and sending us a message. We will only use
personal information provided in an opt-out request to review and comply with the
request.
NON-DISCRIMINATION
We will not discriminate against you for exercising any of
your CCPA rights. Unless permitted by the CCPA, we will not:
·
Deny you goods or services.
·
Charge you different prices or rates for goods
or services, including through granting discounts or other benefits, or
imposing penalties.
·
Provide you a different level or quality of
goods or services.
·
Suggest that you may receive a different price
or rate for goods or services or a different level or quality of goods or services.
However, we may offer you certain financial incentives
permitted by the CCPA that can result in different prices, rates, or quality
levels. Any CCPA-permitted financial incentive we offer will reasonably relate
to your personal information’s value and contain written terms that describe
the program’s material aspects. Participation in a financial incentive program
requires your prior opt in consent, which you may revoke at any time.
California’s “Shine the Light” law (Civil Code Section §
1798.83) permits users of our Website that are California residents to request
certain information regarding our disclosure of personal information to third
parties for their direct marketing purposes. To make such a request, please
send us an electronic message through our website, email us at [email protected],
or write us at our address listed in this Privacy Policy.
CHANGES TO OUR PRIVACY NOTICE
We reserve the right to amend this privacy notice at our
discretion and at any time. When we make changes to this privacy notice, we
will post the updated notice on the Website and update the notice’s effective
date. Your continued use of our Website following the posting of changes
constitutes your acceptance of such changes.
HOW YOU CAN CONTACT US
If you have any questions or comments about this notice, the
ways in which we collect and uses your information described below [and in the
Privacy Policy], your choices and rights regarding such use, or wish to
exercise your rights under California law, please do not hesitate to contact us
as follows
·
Via our website: please send us an electronic
message through our website
·
Write us at our address listed above.
·
Email us at [email protected]