Lisa Williams Co. (“we,” “us” or “our”) takes privacy seriously and is committed to protecting your privacy through our compliance with this policy.
Please read this policy carefully to understand our practices regarding your information and how we will treat it. We may change or add to this policy, so we encourage you to review it periodically.
Last Update: May 10th, 2020
This policy applies only to us, our affiliates, and the information we collect on Lisa Williams Co., mobile applications and our service. This policy does not apply to the practices of companies unaffiliated with us or to people that we do not employ or manage, including your health care practitioner. When you use the sites or their contents, certain third parties may use automatic information collection technologies to collect information about you or your device. These third parties may include analytics companies, your mobile service provider, and others. We do not control these third parties’ tracking technologies or how they may be used. If you have any questions about an advertisement or other targeted content, you should contact the responsible provider directly.
We may provide links to third-party websites and services that are outside our control and are not covered by this policy. If you have any questions, review the privacy policies on the websites that you visit.
This policy covers how we treat information that we collect and receive, including information related to your use of the sites.
Personal information is information about you that is personally identifiable, like your name, address, email address, phone number, and login information (account name or number, password), and that is not otherwise publicly available. We collect personal information from you when you register for a Lisa Williams Co. account, when you access the sites, when you download and use our mobile applications, when you enter promotions or sweepstakes, and when you contact us including recordings of customer support calls with notice to the caller. We may combine information about you that we have with information we obtain from third parties, including from your health care practitioner. This helps us to improve the sites and to deliver better, more personalized services to you. The information we collect is not part of any designated record set.
We may automatically receive and record information from you when you interact with the sites, including details of your visits, traffic data, site features and pages viewed, search queries, your IP address, software and hardware attributes, unique device identifiers, browser type, mobile network information, site crashes and other system activity and logs.
If you choose to provide to us with a third party’s personal information, or if you access the sites on behalf of another person, you represent that you have the third party’s permission to do so. Third parties may unsubscribe from any continued communication as a result of us being provided such information by following links in emails or by contacting firstname.lastname@example.org.
For patients using the sites, you must have an account associated with your health care practitioner’s account. Your use of the sites is also subject to your practitioner’s privacy policies. You understand that by using the sites, you are providing information to your practitioner who may collect, store, process, maintain, upload, sync, transmit, share, disclose and use your information. Please contact your practitioner if you have any questions about their policies or terms.
Use of Information
Confidentiality And Security Of Personal Information
We protect your personal information using technical, physical, and administrative security measures to reduce the risk of misuse or unauthorized access or disclosure of your information. We limit access to personal information about you to employees who we believe reasonably need to come into contact with that information to provide products or services to you or in order to do their jobs, including those that test and support our systems. While we employ security technologies and procedures to assist safeguarding your personal information, no system or network can be guaranteed to be 100% secure and we do not guarantee its security.
The safety and security of your personal information also depends on you. Where we have given you (or where you have chosen) a password for access to certain parts of the sites, you are responsible for keeping this password confidential. You are solely responsible for all uses of your password, even if such uses were not authorized by you. If you become aware of any unauthorized use of your password, you are responsible for contacting us immediately to request deactivation of your password.
Practitioner-patient communications may be provided to you through the sites. You may be notified of these communications through another communication channel that you have designated (email, push, text) so that you can conveniently access it. For example, we may send you an email to notify you that a recommendation from your health care practitioner has been added and is available to you through the sites. We will not send health information by electronic channels unless you have opted-in to including health information in communications.
Information Sharing & Disclosure
We do not sell personal information, and we do not share personal information about you with non-affiliated companies except to operate the sites and provide the services you’ve requested, when we have your permission, or under the following circumstances:
– We provide information to your health care practitioner for the purposes of fulfilling your transactions and your use of the sites.
– We provide information to service providers to support the sites and our services, such as cloud storage and order shipping, and these service providers are obligated to protect such information in a manner consistent with this policy and not use it for any purposes other than those for which they are performing for us.
– We respond to subpoenas, court orders, or legal process (such as law enforcement requests), or to establish or exercise our legal rights or defend against legal claims.
We may also share aggregated or de-identified information that cannot reasonably be used to identify you.
You may choose to connect your Lisa Williams Co. account to accounts on another service, and that service may send us information about your account on that service. By connecting accounts, you are enabling us and the other service provider to exchange information about you and data in your account in order to provide the requested services. Visit the other service provider to revoke this permission.
Cookies & Similar Technologies
We may set and access cookies on your computer. We may also set and access device identifiers which could include IP address, user information (browser version, operating system type and version), and device provided identifiers. Once you log into the sites, we may recognize your device to provide you with a personalized experience, independent of your device settings. Other companies’ use of their cookies and device identifiers is subject to their own privacy policies, not this one. Advertisers or other companies do not have access to our cookies. We may also use pixel tags/web beacons to access our cookies inside and outside the sites and in connection with our services.
We use Google Analytics and other analytics services to collect information about use of the sites to help us analyze use of the sites and how to optimize the sites based on that data. Analytics service providers may also set cookies, which transmit data to the analytics service provider.
Marketing emails you receive from us include unsubscribe instructions (usually found at the bottom of the email) that you may use to opt out of receiving future marketing-related emails. Similarly, you may opt out of receiving certain text messages, telephone calls, and mailings. We will still communicate with you for transactional or informational purposes as necessary.
Where our mobile applications allow for the delivery of push notifications, you can opt out of receiving these notifications. By downloading and using our mobile applications, you may receive promotional messages, offers, news, and information about us or our service providers within the application itself; these “in app” messages are part of our application’s functionality and cannot be turned off. In order to opt-out of receiving in app communications, you must uninstall the application. We may need to send you certain transactional and informational communications relating to the our services, such as service announcements, administrative messages, privacy and security communications, and other communications that are considered part of our services, without offering you the opportunity to opt out of receiving them.
The sites are designed for users from and controlled and operated by us from the U.S. Your personal information will be transferred and maintained in our records in the U.S. The data protection and related laws and regulations of the U.S. may not be as comprehensive as those in the country from which you are accessing the sites. If you do not consent to this transfer, do not use the sites.
The sites are not intended for children under 18 years of age, and we do not knowingly collect personal information from children under 18. If you are under 18, do not use or provide any information on the sites. If we learn that we have collected personal information from a child under 18, we will delete any such information. If you believe we might have collected any information from or about a child under 18, please contact us.
Our retention periods for personal information are based on business needs and legal requirements. We retain personal information as necessary, for the processing purposes for which the information was collected and any other permissible, related purpose.
Editing Account Information And Preferences
You can review and change your personal information at any time by logging in to the sites and visiting your account settings page. You can also modify information you have provided to us through the services you use, such as Auto-Refill shipping. You can request that we delete certain personal information or, at our option, make it non-identifiable, and we will make reasonable efforts to accommodate that request unless we have a legitimate reason to refuse to do so. Even if we delete your information, your health care practitioner may still have copies of your information.
If you need additional assistance or help with accessing or correcting your personal information, you can contact our support team at email@example.com and request changes to your information. We make good faith efforts to fulfill reasonable requests to access, correct, or delete personal information, and we will provide you with an explanation if we are unable to fulfill your request.
Changes to This Policy
We may update this policy at any time. We will notify you about significant changes in the way we treat personal information by sending a notice to the primary email address specified in your Lisa Williams Co. account and/or by placing a notice on the sites.
This notice for California Residents supplements the information contained above for the benefit of patient-users who are residents of California.
We do not sell any of your information. We collect information as described above, specifically information that is provided by you, automatically collected from you by the sites, or otherwise provided to us by your health care practitioner, which may be considered “personal information.” However, “personal information” does not include information covered by the Health Insurance Portability and Accountability Act of 1996 and related regulations (“HIPAA”) or the California Confidentiality of Medical Information Act (“CMIA”).
Over the last year, we have collected information that may fall into the following categories: identifiers; personal information categories listed in the California Customer Records statute (Cal. Civ. Code § 1798.80(e)); commercial information; internet or other similar network activity; geolocation data.
As described above in Information Sharing & Disclosure, we provide information to our service providers in order to operate and improve the sites, provide requested services, and complete transactions. Our service providers are prohibited from using the information we provide for any other purposes. In the preceding year, we have disclosed to our service providers information that may fall into the following categories: identifiers; personal information categories listed in the California Customer Records statute (Cal. Civ. Code § 1798.80(e)); commercial information; internet or other similar network activity; geolocation data.
You may have the right to request certain information about our collection and use of your information over the 12-month period preceding your request. Once we receive, confirm and verify your request, we will disclose to you:
– The categories of personal information we collected about you.
– The categories of sources for the personal information we collected about you.
– Our business purpose for collecting that personal information.
– The categories of third parties with whom we share that personal information.
– The specific pieces of personal information we collected about you (also called a data portability request).
If we disclosed your personal information for a business purpose, the disclosures for a business purpose, identifying the personal information categories that each category of recipient obtained.
You may have the right to request that we delete any of your personal information that we collected from you. Once we receive, confirm and verify your request, we will delete your personal information from our records. We will deny deletion requests if retaining the information is necessary for us or our service providers to complete the transactions for which we collected the information, comply with applicable laws or if otherwise excepted from deletion.
To exercise the access or deletion rights described above, please submit a request to us by emailing us at firstname.lastname@example.org Only you, or someone legally authorized to act on your behalf, may make a request related to your personal information. You may only make a request twice within a 12-month period. The request must provide sufficient information that allows us to reasonably verify you are the person about whom we collected personal information or an authorized representative, which may include your name, email, address, and phone number as previously provided by you to us. We cannot respond to your request or provide you with information if we cannot verify your identity or authority to make the request and confirm the personal information relates to you.
We endeavor to respond to your request within forty-five (45) days of its receipt. If we require more time (up to 90 days), we will inform you of the reason and extension period in writing. The response we provide will explain the reasons we cannot comply with a request, if applicable. For data portability requests, we will select a format to provide your personal information. We will not charge a fee to process or respond to your request unless it is excessive, repetitive or unfounded; if we determine that your request warrants a fee, we will tell you why we made that decision and provide you with a cost estimate before completing your request.
Additionally, California’s “Shine the Light” law (Civil Code Section § 1798.83) permits users of the sites that are California residents to request certain information regarding our disclosure of personal information to third parties for their direct marketing purposes. We do not disclose patient-user personal information to third parties for direct marketing purposes.