Opencare Privacy Policy

Last updated May 18, 2021

1. INTRODUCTION

Opencare Inc. (“Opencare”, “we”, “us”) has created this privacy policy (“Privacy Policy”) in order to set out how we collect, use, and disclose information through our website located at www.Opencare.com (the “Website”) as well as to information we collect and use when we provide services on behalf of our dental practice customers (“Practices”). This Privacy Policy applies to all of the products and services (as more particularly described in our Terms of Use) offered by Opencare, as well as the Website, and other websites offered by Opencare or our related, affiliated and/or subsidiary companies (collectively the “Services”), unless another applicable privacy policy is posted on that Service.

The privacy of our customers is of great importance to us. By visiting our Website and/or using the Services in any manner, you acknowledge that you have read the practices and policies outlined in this Privacy Policy and you understand that your information will be collected, used and disclosed in accordance with this Privacy Policy. If you do not agree with our policies and practices, you should not use the Website or the Services.

IF YOU ARE A RESIDENT OF CALIFORNIA OR NEVADA, PLEASE SEE THE SECTIONS “CALIFORNIA CONSUMER NOTICE” OR “NEVADA PRIVACY RIGHTS” FOR SPECIFIC DISCLOSURES WITH RESPECT TO OUR COLLECTION, USE, AND DISCLOSURE OF YOUR INFORMATION AND ADDITIONAL RIGHTS YOU HAVE UNDER APPLICABLE LAW.

2. WHAT DOES THIS PRIVACY POLICY COVER?

This Privacy Policy describes our collection, use and disclosure of information, including information which can be used to identify an individual (“Personal Information”). Personal Information does not include any anonymized information which we may create or derive from information (including Personal Information) you provide to us.

Personal Information may be collected about Practice employees, our prospective customers, visitors to the Website, and end users of the Services. You can choose not to provide us with certain Personal Information, but by doing so, you may not be able to take advantage of many of the features and functionality of our Services.

We may also collect Personal Information about patients of Practices on behalf of the Practice, which we use only as a service provider in order to provide the Practice with our services. This Privacy Policy does not apply to the practices of companies that we do not own or control, including Practices. Practices are responsible for maintaining their own privacy policies governing the collection, use and disclosure of Personal Information and for ensuring that they have obtained the necessary authorizations and consents for any Personal Information made available to us for use in accordance with this Privacy Policy. If you have any questions regarding the privacy practices of a particular Practice, please contact the Practice directly.

PHIPA

In Canada, Opencare is a service provider and may act as a service provider, information manager or electronic service provider under applicable privacy legislation, including Ontario’s Personal Health Information Protection Act (PHIPA) regulations.

HIPAA and PHI

Some of the Personal Information received by Opencare in connection with the Services may be provided by Practices who are health care providers that are subject to health information data protection laws and regulations. In the United States, this includes rules issued under the Health Insurance Portability and Accountability Act of 1996 (HIPAA) and Health Information Technology for Economic and Clinical Health Act of 2009 (HITECH), that govern the use and disclosure of certain individually identifiable health-related Personal Information (“Protected Health Information” or “PHI”) by covered entities and their business associates. When we receive Protected Health Information, we may do so as a “Business Associate” of the health care provider under an agreement that, among other things, generally prohibits us from using or disclosing the Protected Health Information in ways that are not permissible by the health care provider itself, and requires us to implement certain measures to safeguard the confidentiality, integrity, and availability of the Protected Health Information. When we act as a Business Associate, we may be subject to certain laws and regulations, including certain HIPAA rules, that govern our use and disclosure of Protected Health Information and that may be more restrictive than otherwise provided in this Privacy Policy.

3. COLLECTION AND USE OF PERSONAL INFORMATION AND OTHER DATA

Types of information we collect

Generally the categories of Personal Information we may collect include:

  • Identity Data, which includes name or other similar identifiers, such as your social media user handle.
  • Contact Data, which includes home and work address, email address and telephone numbers, including mobile number.
  • Marketing and Communications Data, which includes your preferences in receiving marketing from us, the content of your communications, and the date and time of any communications.
  • Profile Data, which includes your birthdate, zip or postal code.
  • Financial Information, such as billing address, bank account number, credit card number and debit card number, which we collect directly from Practices.
  • Employment information, which includes dental practitioner name and specialty or job application information such as past work history and current job title and place of employment.
  • Health information, which includes information about your dental health, dentist preferences, appointment schedules, insurance, treatment plans and patient communications.
  • Location data, which includes geolocation data.

We may also collect certain other types of information that may not specifically identify you, but may be unique to your device, such as:

  • Technical Data, which includes information collected via cookies and similar technologies (and identifiers associated with those cookies and technologies), internet protocol (IP) address, cookie data, your mobile or internet service provider, mobile device identifier, browser type, and operating system.
  • Usage Data, which includes information about how you use our Services, your access times, pages viewed, and the routes by which you access or exit our Services.

How we collect and use your information

Opencare collects your information in the following general ways:

  • Opencare collects Personal Information you choose to submit to us through the Services, such as your name, email address and other Account Information.
  • When you access or use the Services, Opencare may automatically receive and record information on our server logs from your browser, including your IP address, cookies, and the pages you request. IP addresses are automatically reported by your browser each time you view a web page. Your IP address is stored by Opencare when you register with Opencare. For more information, see Section 5.
  • If you call us, we keep a record of the date and time of the call.
  • We also collect and use Personal Information as a service provider or data processor on behalf of our Practice clients, including billing information and insurance information that we collect directly from such Practices.

We collect and use your information for the following purposes:

To create your Opencare Account

In order to use certain Services (such as to book an appointment), users may be required to create a valid Opencare account (an “Account”). When you register for the Services, Opencare collects your name, email address, birth date, zip or postal code, and if you are a Practice, your business phone number and business address (“Account Information”).

Generally, Opencare uses the Account Information to authenticate access to the Account and provide access to the Services. In particular, we will use your email address to contact you with dentists located near you. We may also use this information to better understand, improve and personalize the delivery of our Services and related products and services, to conduct our business, to develop analytics and aggregated data that allow us to improve our Services and related products and services, or to correspond with you including to send technical notices, updates, security alerts and support and administrative messages on our own behalf or on behalf of Practices.

We also use information to investigate and prevent fraudulent transactions, unauthorized access to the Services, and other illegal activities.

To match you with a dental practice

If you request to connect with a dental practice, we may collect your postal code and responses to questions about your dental health and dentist preferences in order to match you to Practices that match your criteria.

If you book an appointment with a Practice through the Services, Opencare will have access to information about your use of the Services such as dental appointments made, geo-location data and information exchanged between you and the Practice that is combined with your Account Information. We use this information in order to provide Services, such as suggesting and matching users with local dental practices and appointment scheduling, as well as to confirm appointments have been completed so that we may bill the Practice.

By using the Services to book appointments, you acknowledge and agree that Opencare will be transmitting certain of your personal information electronically, and that we may use such personal information that you provide us, such as your name, phone number, email and demographic information such as age, to send you additional offers and communications related to our services or the services of our third party partners.

To provide services to Practices

Opencare makes its Website and the Services available to Practices for a variety of uses, as described in our Terms of Use. In order to provide the Services to Practices, Opencare collects certain Personal Information such as contact and registration information from the dental practice employee signing up on behalf of the Practice, as further described below:

  • Patient Growth: For Practices who register to appear on our Practice Marketplace, we will collect Personal Information related to the dental practice, including business contact name, email, phone number, address, as well names of practitioners and their specialties. We collect this Personal Information to match Practices with prospective patients.
  • Revenue Cycle Management: When Practices engage Opencare to provide Revenue Cycle Management (RCM) Services, we collect and analyze data related to our Practice customers (including their patients) on their behalf, such as: Providers, Provider Schedules, Operatories, Operatory Events, Operatory Schedules, Appointments, Patient name and contact information, Patient Insurance Plans, Appointment Finances, Appointment Procedure Codes, Insurance Companies, Insurance Claims, Fee Schedules, Treatment Plans, Recall, Patient Communications.

    In this role, Opencare is a data processor, processing data upon instruction from such Practice in order to provide the RCM Services. This data is shared only with the Practice.

To contact prospective Practices and partners

We collect names, email addresses and other business contact information about individuals who we consider to be prospective customers and business partners (“Prospects”). Opencare uses third-party service providers in order to collect, store and process Personal Information about Prospects. We use these third-party service providers to identify Prospects and locate contact information to contact Prospects about our products and services.

To send marketing communications

With your consent, we use your email address or mobile phone number as well as other information on an optional basis to help us tailor our communications to you. You will receive email or text message communications from us or our partners regarding our or our partners’ products, services and initiatives (including collaborations and partnerships).

If you participate in our referral program to refer a friend or family member to Opencare, we collect your name and email address as well as the name and email address of your friends and family member. We use this information for the purposes of sending the referral link to your friends and family member and tracking your rewards, and do not use your friend or family member’s information for any other purpose without their consent. Please ensure that you only provide information about individuals with whom you have a personal or family relationship, and who would want to receive the communication about Opencare.

To solicit reviews and referrals

If you have an Opencare Account, Opencare may use your contact information to solicit reviews and referrals for our services.

If you post a review about Opencare or a dental practice, we collect your name and the review. Your name and other personal information will not be published with the review; however your review will be publicly available on the Website. Please exercise caution before sharing any personal information, and review our Terms of Use for more about posting reviews.

To improve our products and services

Opencare uses demographic information, such as age, income and financial spend on dentistry services that we collect about our users for our own business purposes, including forecasting demand for our products and services, improving our products and services and creating a personalized experience through targeted offers. Personal Information is not shared with third parties for these purposes.

To offer contests and promotions

If you enter a contest or participate in a promotion or event, we may collect your name, address, email address, phone number, and any additional information or content required for the contest or promotion. We use this information to administer the contest or promotion, including to deliver a prize to you.

To assist you when you contact us

When you contact us with a comment, question or complaint through email, telephone, or message features available on the Services, you may be asked for information that identifies you, such as your name, address and a telephone number, along with additional information we need to help us promptly answer your question or respond to your comment. We may retain this information to assist you in the future and to improve our customer service and service offerings.

To assess your application for employment

If you apply for a job with us, we may collect certain personal information about you (such as information that would be contained in a resume, cover letter, or other employment-related materials). We use this information for the purpose of processing and responding to your application.

Communications About Special Offers

If you sign up through Opencare to receive special offers regarding products and services from our partners, you acknowledge that by voluntarily providing your Personal Information, including telephone number(s), you agree to receive recurring automated calls, text messages, and emails from us and our partners listed here, concerning health-related benefits, products, and services, including the offers that you have inquired about. Message and data rates may apply. See the “Opt-Out Choices” section below to learn about how you can opt out of future communications from Opencare or our partners. You do not have to agree to participate in these offers in order to use Opencare or receive care from your dentist. You understand that the dentist and/or Opencare may receive financial remuneration in exchange for sharing your email address and other Personal Information you authorize with partners if you choose to sign up for an offer. Once you sign up for an offer, you can change your mind at any time, but if the dentist or Opencare has already relied on your authorization to share your email or other Personal Information for a particular offer, any action already taken cannot be undone.

Aggregate or De-identified Data

We may aggregate or de-identify Personal Information, including information that we may receive from Practices, so that it does not personally identify you (“De-identified Data”). We may collect, use and disclose De-identified Data for our business purposes and any purpose permitted by law, subject to our obligations as a Business Associate and the section titled “California Consumer Notice” below. In some instances, we may combine De-identified Data with Personal Information. If we combine any De-identified Data with Personal Information, the combined information will be treated by us as Personal Information.

4. MINORS

Opencare does not knowingly solicit or collect data from children nor knowingly market to anyone under the age of majority in their jurisdiction of residence. If you are under the age of 13, you are explicitly not authorized to use these Services. If you become aware that your child has provided us with Personal Information without your consent, please contact us at info@opencare.com. If we become aware that a child under the age of majority in their jurisdiction of residence has provided us with Personal Information, we will take reasonable steps to remove such information from our systems and terminate the applicable account.

5. WEBSITE INFORMATION

In general, you can visit our Website without telling us who you are or creating an account. However, like many internet and mobile services, we may automatically gather certain information about our Services traffic and store it in log files. This information includes mobile device identifiers, browser type, IP address, mobile or internet service provider, referring/exit pages, operating system, date/time stamp, and clickstream data. We use this information to analyze trends, to administer the Services, to understand users’ movements around the Services. We may link this automatically collected data to Personal Information. Device identifiers may be tied to Personal Information to troubleshoot access issues. Some of the ways in which we automatically collect such information are further described below:

Log Files

Opencare may automatically gather certain information about our Service’s traffic and store it in log files. This information includes mobile device identifiers, browser type, IP address, mobile or internet service provider, referring/exit pages, operating system, date/time stamp, and clickstream data. We use this information to analyze trends, to administer the Services, to track users’ movements around the Services, and to gather demographic information about our user base.

We also store in our log files information identifying users who have accessed data that we store about patients, and any changes they make to such data. We use this information to comply with legal obligations relating to such data and to keep a record of such changes. We may also use it to improve our Services, where such use is permitted by law.

Cookies and other tracking technologies

Opencare requires authentication and authorization in order to process Account access. As such, we use cookies throughout the Services to authenticate users. You may turn off cookies in your browser though, in doing so, some or all of our Service features may not work.

A cookie is a small amount of data, which may include a unique identifier. Cookies are sent to your browser from a website and stored on your device. We assign a different cookie to each device that accesses our Website. Data that may be collected through cookies may include, without limitation, the address of the websites you visited before and after you visited the Website, the type of browser and device you are using, your Internet Protocol (IP) address, what pages in the Website you visit and what links you clicked on, the region where your device is located, and geo-IP data.

We use cookies to recognize devices and provide a personalized experience on our Website, and to authenticate your device in order to provide you access to your Account and facilitate your use of our Services. Accordingly, Opencare uses session cookies containing encrypted information to allow the system to uniquely identify you while you are logged in. This information allows Opencare to process your online transactions and requests. Session cookies help us make sure you are who you say you are after you’ve logged in and are required in order to use the Services.

We also allow other companies that are presenting advertisements on some of our pages to set and access their cookies on your computer. Please note that ad networks’ use of cookies or web beacons, and that of any other third-party that has a link available on any Site, is subject to their own privacy policies and not this privacy policy. Advertisers or other companies do not have access to our cookies.

Clickstream

As you use the Internet, a trail of electronic information is left at each website you visit. This information, which is sometimes referred to as "clickstream data," can be collected and stored by a website's server. Clickstream data can tell us the type of computer and browsing software you use and the address of the website from which you linked to the Website. We may collect and use clickstream data as a form of aggregate information to anonymously determine how much time visitors spend on each page of our Website, how visitors navigate throughout the Website and how we may tailor our web pages to better meet the needs of visitors. This information will be used to improve our Website and our Services.

Interest-Based Advertising

We work with third-parties such as ad networks and other advertising companies that use their own tracking technologies (including cookies and pixel tags) on our Website in order to provide you with tailored advertisements across the Internet. These companies may collect information about your activity on our Website and third-party websites (such as web pages you visit and your interaction with our advertising and other communications) and use this information to make predictions about your preferences, develop personalized content and deliver ads that are more relevant to you on third party websites. For example, the third-party technologies may collect and share personal information with third party insurers who want to advertise a particular dental insurance product to users. This information may also be used to evaluate the effectiveness of our online advertising campaigns.

Analytics

We may use a third party such as Google Analytics to help us gather and analyze information about the areas visited on the Website (such as the pages most read, time spent, search terms and other engagement data) in order to evaluate and improve the user experience and the Website. These third parties may use cookies and other tracking technologies. For more information about Google Analytics or to prevent the storage and processing of this data (including your IP address) by Google, you can download and install the browser plug-in available at the following link: https://tools.google.com/dlpage/gaoptout?hl=en. You can also obtain additional information on Google Analytics’ data privacy and security at the following links:

We also use FullStory which uses cookies and other tracking technologies to conduct website analytics to help us track and understand how visitors use our Website. The information collected includes usage data such as cursor movements, clicks, scrolling, information entered into forms on our Website and other ways that you interacted with the Website. We use this information to upgrade and enhance the functionality of our Website and troubleshoot any issues you may have with the Website when you contact customer services. For more information on FullStory’s data privacy practices and how to opt out of FullStory’s collection and use of this data, please visit the following links:

Third Party Links and Social Networking Services

Our Website may contain links to other websites that Opencare does not own or operate, including Practicewebsites. We provide links to third party websites as a convenience to the user. These links are not intended as an endorsement of or referral to the linked websites. The linked websites have separate and independent privacy policies, notices and terms of use. We do not have any control over such websites, and therefore we have no responsibility or liability for the manner in which the organizations that operate such linked websites may collect, use or disclose, secure and otherwise treat personal information. We encourage you to read the terms of use and privacy policy of every website you visit.

The Website or Services may integrate with social networking services. We do not control such services and are not liable for the manner in which they operate. While we may provide you with the ability to use such services in connection with our Website or Services, we are doing so merely as an accommodation and, like you, are relying upon those third party services to operate properly and fairly.

You should be aware that Personal Information which you voluntarily include and transmit online in a publicly accessible blog, social network or otherwise online may be viewed and used by others. We are unable to control such uses of your Personal Information, and by using such services you assume the risk that the information provided by you may be viewed and used by third parties.

6. STORAGE LOCATION AND TRANSFER OF INFORMATION

Opencare processes and stores data collected by Opencare, including Personal Information, on cloud servers located in the United States and Canada. Opencare also transfers data to the third-party service providers described in Sections 3 and 5 who may not be based in the region you are located in but we take steps reasonably necessary to ensure that the data is subject to appropriate safeguards, such as where applicable, relying on contractual commitments from our service providers.

Personal Information may be accessible to law enforcement and governmental agencies in Canada, the United States and other jurisdictions in which your Personal Information is stored (if applicable) under lawful access regimes or court order.

7. DISCLOSURE OF INFORMATION

Dental Practices

If you request a booking with a particular Practice, we will share your name, email address, contact information, preferred appointment times and all answers provided to questions during the booking process with that practice in order to facilitate your appointment with that dentist.

Service Providers

We may from time to time employ third parties to perform tasks on our behalf and we may need to share Account Information and other Personal Information with them to provide certain services. We do not authorize such third parties to use the Personal Information we share with them beyond what is necessary for them to provide the tasks and services on our behalf. The third parties we currently engage include third party companies and individuals employed by us to facilitate our services, including the provision of maintenance services, hosting services, database management, Web analytics, payment processing, email and content marketing services, advertising services, sales productivity services, and general improvement of the Services.

Marketing

We may also share aggregated, non-identifiable data to conduct our business, improve the delivery of our Services, to develop analytics, and to enable us and our partners to improve and promote our products and services.

If you are located in the United States, we may sell your information to third parties in lead generation marketing initiatives. For example, we may provide contact information to third party insurers who want to advertise a particular dental insurance product to users. If you use Opencare services but don’t schedule an appointment through Opencare, we may, from time to time, sell your Personal Information to third party partners who wish to communicate with you about dental health related products and services. If you do schedule an appointment through Opencare, that information is considered Protected Health Information, and we will not sell that to third parties. In addition to the restrictions in Section 14 “California Consumer Notice”, Opencare does not knowingly sell the personal information of minors under eighteen (18) years of age without affirmative authorization.

Referrals

If you are referred from an existing user, the user will be notified that you booked an appointment through Opencare. This allows us to keep track of referral and administer our referral rewards programs. For more information about our Refer a Friend program, please review the program terms at https://www.opencare.com/terms/referrals.

Business Transfers

If our business (or substantially all of our assets) are merged with or acquired by a third party, or if we go out of business, enter bankruptcy, or go through some other prospective, partial or complete change of control, Personal Information may be made available or otherwise transferred to the prospective or new controlling entity, in accordance with applicable law.

With Your Consent

If we need to use or disclose any Personal Information in a way not identified in this Privacy Policy, we will notify you and/or obtain consent as required under applicable privacy laws.

Legal Compliance

We, and our affiliates and Service Providers may disclose your Personal Information to third parties without your consent in response to a warrant or other legally valid inquiry or order, for the purposes of investigating a breach of an agreement or contravention of law or detecting, suppressing or preventing fraud, or as otherwise may be required or permitted by applicable Canadian, U.S. or other law or legal process. Your personal information may also be disclosed where necessary for the establishment, exercise or defense of legal claims and to investigate or prevent actual or suspected loss or harm to persons or property.

We may also disclose Personal Information if we believe it is necessary to investigate potential violations of our Terms of Use, or to enforce those Terms of Use.

8. RETENTION

We will keep your Personal Information for as long as it remains necessary for the identified purpose or as required by law, which may extend beyond the termination of our relationship with you. We may retain certain data as necessary to prevent fraud or future abuse, or for legitimate business purposes, such as analysis of aggregated, non-personally-identifiable data, account recovery, or to meet our legal or regulatory obligations.

9. ACCESS, CORRECTION AND ACCURACY

You have the right to access, correct and update inaccuracies in the Personal Information we hold about you. Upon receipt of your written request, we will provide you with access to or a copy of your Personal Information, although in certain limited circumstances where permitted under law, we may not be able to make all relevant personal information available to you, such as where that information also pertains to another user. In such circumstances we will provide reasons for the denial to you upon request. We will endeavor to deal with all requests for access and modifications in a timely manner.

We will make every reasonable effort to keep your Personal Information accurate and up to date, and we will provide you with mechanisms to update, correct, delete or add to your Personal Information as appropriate. As appropriate, this amended Personal Information will be transmitted to those parties to which we are permitted to disclose your information. Having accurate Personal Information about you enables us to give you the best possible service.

If we receive a request from an individual to access or update personal information we have collected on behalf of a particular Practice in the course of providing the Services, we will direct that individual to the relevant Practice. We will assist our Practice clients wherever possible in responding to individual access requests. If you are a California resident, you may have additional rights over your Personal Information as described in the “California Consumer Notice” section below.

10. OPT-OUT CHOICES

To “opt-out” of any consents previously given to us or having your Personal Information disclosed to third parties, send an e-mail to privacy@opencare.com. Please note that we may continue to use and retain your Personal Information as necessary in order to provide Services to you.

Communications

If you do not wish to receive promotional communications from us or our partners, you can unsubscribe from such promotional e-mails at any time by clicking on the unsubscribe link in any of our e-mail communications or you can reply STOP to any of our text messages. You may also unsubscribe from future promotional communications from our partners by following their unsubscribe and opt out instructions.

You can also opt-out of receiving marketing communications from us by changing your user settings or contacting us at privacy@opencare.com. Please note that you may continue to receive transactional or account-related communications from us, such as technical notices, security alerts and support and administrative messages.

Cookies

If you prefer, you can turn off cookies in your web browser by changing your browser’s security settings. Please note, however, some features of our Products and Services may not function properly if your browser’s cookies are disabled. You may be able to set your browser to notify you when you are sent a cookie. This gives you the choice to decide whether or not to accept it.

Interest based advertising

For more information about interest-based advertising and to understand your options, including how you can opt-out of receiving behavioural ads from third-party advertising companies participating in the Digital Advertising Alliance of Canada, please visit the Digital Advertising Alliance of Canada website at http://youradchoices.ca/choices.

You can opt out of targeted advertising from third parties by using the links below:

Additionally, you can opt out of some of these services by visiting the U.S. Digital Advertising Alliance’s opt-out portal at: http://optout.aboutads.info/.

Please note that even if you opt-out of interest-based advertising by a third party, these tracking technologies may still collect data for other purposes including analytics and you will still see ads from us, but the ads will not be targeted based on behavioural information about you and may therefore be less relevant to you and your interests.

To successfully opt out, you must have cookies enabled in your web browser (see your browser’s instructions for information on cookies and how to enable them). Your opt-out only applies to the web browser you use so you must opt-out of each web browser on each computer you use. Once you opt out, if you delete your browser’s saved cookies, you will need to opt-out again.

At this time, this Service does not support Do-Not-Track signals. However, you can follow the instructions above to opt-out of interest-based advertising.

11. SECURITY

Opencare has implemented commercially reasonable technical and organizational measures designed to secure your user data, including any personal information or PHI, from accidental loss and from unauthorized access, use, alteration or disclosure. However, we cannot guarantee that unauthorized third parties will never be able to defeat those measures or use user data for improper purposes and we do not provide an absolute guarantee concerning the security of your information. If you have reason to believe that your interaction with us is no longer secure (for example, if you feel that the security of any account you might have with us has been compromised), please immediately notify us of the problem by contacting us in accordance with the “Contact Us” section below.

12. CALIFORNIA CONSUMER NOTICE

We collect information (some of which may also constitute Personal Information) that identifies, relates to, describes, references, or is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer or household. The California Consumer Privacy Act of 2018 (“CCPA”) refers to such information as “personal information.” If you are a California consumer, as defined by CCPA, the CCPA provides you with specific rights regarding your personal information. This section describes the rights that California consumers have and explains how to exercise those rights. For the purposes of this section, personal information does not include (i) information that is lawfully made available from federal, state or local government records, (ii) de-identified or aggregated data or (iii) information excluded from the scope of the CCPA.

We also may collect or process personal information, such as the health data, on behalf of our Practice clients to provide them with our Services. In such cases, we are collecting or processing such information as “service providers” under CCPA, at our customers’ direction, and the customer’s privacy policy, not this Privacy Policy, will apply to the collection and use of such information. Please consult the applicable Practice’s privacy policy for information on your rights over personal information collected in relation to their use of our Services.

Personal Information We Share

In the past twelve (12) months, we have disclosed the following categories of personal information for a business purpose to third parties as described in the section “Disclosure of Personal Information” above:

  • Personal identifiers.
  • Internet or other similar network activity.
  • Location data.
  • Sensory data.
  • Certain Protected Health Information.

Personal Information We Sell

In the past twelve (12) months, we have made disclosures of certain personal information to third parties that may be considered a “sale” (as that term is defined in the CCPA) as described in the section “Disclosure of Personal Information” above, including the following:

  • Personal identifiers.
  • Internet or other similar network activity.
  • Location data.
  • Sensory data.

Rights to Your Information

  • Right to Know

    As a California consumer, you have the right to request that we disclose certain information to you about our collection, use, disclosure or sale of your personal information over the past 12 months (“right to access”). Once we receive and confirm your verifiable consumer request (see “Exercising Access and Deletion Rights”), and subject to certain limitations that we describe below, we will disclose such information. You have the right to request any or all of the following:

    • The categories of personal information we collected about you.
    • The categories of sources from which the personal information is collected.
    • Our business or commercial purpose for collecting or selling that personal information.
    • The categories of third parties with whom we share that personal information.
    • The specific pieces of personal information we collected about you (also called a data portability request).
  • Deletion Request Rights

    You have the right to request that we delete any of your personal information that we collected from you and retained, subject to certain exceptions. Once we receive and confirm your verifiable consumer request (see “Exercising Access, Data Portability, and Deletion Rights”), we will delete (and direct our service providers to delete) your personal information from our records, unless an exception applies. However, we may retain personal information that has been de-identified or aggregated. Furthermore, we may deny your deletion request if retaining the information is necessary for us or our service provider(s) in order to perform certain actions set forth under CCPA, such as detecting security incidents and protecting against fraudulent or illegal activity.

  • Exercising Access and Deletion Rights

    To exercise the access and deletion rights described above, please submit a request to us by contacting us at privacy@opencare.com or by visiting our help center at opencare.zendesk.com.

    Only you, or a person or business entity registered with the California Secretary of State that you authorize to act on your behalf (an “authorized agent”), may make the requests set forth above.

    The request should include your contact information and describe your request with sufficient detail that allows us to properly understand, evaluate, and respond to it. In addition, you should provide sufficient information that allows us to reasonably verify that you are the person about whom we collected the personal information or an authorized representative of that person.

    For more information about verification, see “Response Timing and Format” immediately below.

  • Response Timing and Format

    We will respond to consumer requests in a reasonably timely manner. If we require extra time to respond, we will inform you of the reason and extension period in writing. In order to protect the security of your personal information, we will not honor a request if we cannot verify your identity or authority to make the request and confirm the personal information relates to you. The method used to verify your identity will depend on the type, sensitivity and value of the information, including the risk of harm to you posed by any authorized access or deletion. Generally speaking, verification will be performed by matching the identifying information provided by you to the personal information that we already have.

    Any disclosures we provide will only cover the 12-month period preceding our receipt of your request (and will not be made more than twice in a 12-month period). If we cannot comply with a request, or cannot fully comply with a request, the response we provide will also explain the reasons we cannot comply.

  • Personal Information Sales Opt-Out and Opt-In Rights

    You have the right to direct us to not sell your personal information at any time (the "right to opt-out"). We do not sell the personal information of consumers we actually know are less than 16 years of age, unless we receive affirmative authorization (the "right to opt-in") from either the consumer who is at least 13 and less than 16 years of age, or the parent or guardian of a consumer less than 13 years of age.

    To exercise the right to opt-out, you (or your authorized representative) may submit a request to us by visiting the following Internet Web page: Do Not Sell My Personal Information.

    Alternatively, you may submit an opt-out request by emailing privacy@opencare.com or visiting opencare.zendesk.com.

Non-Discrimination

We will not discriminate against you for exercising any of your CCPA rights, including, but not limited to, by:

  • Denying you goods or services.
  • Charging you different prices or rates for goods or services, including through granting discounts or other benefits, or imposing penalties.
  • Providing you a different level or quality of goods or services.
  • Suggesting that you may receive a different price or rate for goods or services or a different level or quality of goods or services.

Financial Incentives

We may offer you financial incentives, including discounts, coupons, gift cards or other rewards, for sharing personal information through our referral program and other programs that we may provide from time to time. Your participation in these programs is completely optional and subject to the terms provided to you at the time you sign up. You can opt-out of such program at any time by contacting us at privacy@opencare.com.

California “Shine the Light”

Under California Civil Code Section 1798.83 (“Shine the Light”), California residents have the right to request in writing from businesses with whom they have an established business relationship, (a) a list of the categories of personal information, as defined under Shine the Light, such as name, email address and mailing address and the type of services provided to the customer that a business has disclosed to third parties (including affiliates that are separate legal entities) during the immediately preceding calendar year for the third parties’ direct marketing purposes and (b) the names and addresses of all such third parties. To request the above information, please contact us by email at privacy@opencare.com. If you do not want your personal information shared with any third party who may use such information for direct marketing purposes, then you may opt out of such disclosures by sending an email to us at privacy@opencare.com.

12. NEVADA PRIVACY RIGHTS

If you are a Nevada resident, you have the right to request that we do not sell your covered information (as those terms are defined in N.R.S. 603A) that we have collected, or may collect, from you. We do not sell your covered information, however, if you would like to make such a request you may do so by contacting us at privacy@opencare.com or visiting us at opencare.zendesk.com.

13. TERMS OF USE

Please also visit our applicable Terms of Use, which establish the use, disclaimers, and limitations of liability governing the use of our Services.

14. CHANGES TO THIS PRIVACY POLICY

We may amend this Privacy Policy from time to time. If we decide to change our Privacy Policy, we will post those changes on this page and update the Privacy Policy modification date at the top of this page. Such changes shall be effective on the date the revised Privacy Policy is posted, provided that such changes will only be applied prospectively. Use of Personal Information we collect is subject to the Privacy Policy in effect at the time such information is collected, used or disclosed. If we make material changes or changes in the way we use Personal Information, we will notify you by posting an announcement on our Website or Website or sending you an email prior to the change becoming effective.

15. CONTACT US

If you have questions regarding our Privacy Policy or the manner in which we or our service providers treat your personal information, or to request access to our collection of your personal information, please contact us at: info@opencare.com.

If you have any questions regarding the privacy practices of a particular Practice, please contact the Practice directly.