Privacy and Security Policy
Effective as of October 25, 2015
DERMACARE’S COMMITMENT TO YOUR PRIVACY.
Dermacare understands that your health information is very personal, and is dedicated to maintaining the privacy of your personally identifiable information, including your protected health information (collectively, “PII“). PII includes information about you that may be used to identify you (such as your name, date of birth, or address), and that relates to (a) your past, present or future physical or mental health or condition, (b) the provision of health care to you, or (c) your past, present or future payment for the provision of health care. In operating the Website, Dermacare may receive information and create records containing your PII. Dermacare is required by law to maintain the privacy of your PII and to provide you with notice of its legal duties and privacy practices with respect to your PII.
COLLECTION, USE AND DISCLOSURE OF NON-PERSONALLY IDENTIFIABLE INFORMATION.
Dermacare may collect information about your use of the Website that does not contain any PII, or may aggregate or create de-identified information that does not contain any PII by removing information that personally identifies you from other information collected (collectively, “Anonymous Information“). Dermacare reserves the right to use or disclose Anonymous Information without restriction, subject to applicable law.
COLLECTION, USE AND DISCLOSURE OF PERSONALLY IDENTIFIABLE INFORMATION.
Dermacare does not collect your PII without your authorization, though the use of certain features of the Website or Services will require you to provide certain information to us. Any information you provide to us when you visit or use the Website and/or when you register or use your Account is voluntary. This information may include the following PII:
- Contact information, including, without limitation, name, email address, mailing address, and phone number; and
- Health or medical information, including, without limitation, medical records, age, gender, health background, health status, prescribed and over-the-counter medications, medical ID number, driver’s license number, laboratory testing results, and photos).
Subject to the restrictions on the use and disclosure of your PII under applicable law, Dermacare may use and disclose your PII (including to third parties) to:
- Provide for the medical diagnosis and treatment of acne and other skin issues.
- Provide, operate, analyze usage of and improve the Website and Products.
- Verify your identity as the holder of an Account.
- Administer your Account or process payments.
- Communicate with you about the Website and Products, and to deliver any administrative notices or alerts and communications relevant to your use of the Website or Products.
- Tailor the features, performance and support of the Website and Products to you and your preferences.
- Troubleshoot problems with the Website and provide you with customer support.
- Market our services and those of third parties we believe may be of interest to you when you have given us express authorization to do so.
- Investigate, deter, prevent, defend against or take other action regarding violations of Dermacare’s Terms of Service, illegal activities, suspected fraud or situations involving potential threats to the legal rights or physical safety of any person or the security of Dermacare’s network, Website or Products.
- Respond to subpoenas, court orders or legal processes.
- Facilitate the negotiation of any merger, financing, acquisition, bankruptcy, dissolution, transaction or proceeding involving sale, transfer, divestiture or disclosure of all or a portion of our business or assets to another person or entity.
- Protect the personal safety of Dermacare, its customers, or any other person in an emergency.
- Fulfill any other obligation of Dermacare as required by law.
In the event that we are legally compelled to disclose your PII to a third party, we will make every reasonable effort to notify you, unless doing so would violate the applicable law, court order or other legal requirement.
Additionally, when you visit the Website or use your Account, Dermacare may collect technical and navigational information, such as computer browser type, Internet protocol address, pages visited and average time spent on the Website. This information may be used, for example, to alert you to software compatibility issues, or it may be analyzed to improve web design and functionality.
DISCLOSURE OF PERSONALLY IDENTIFIABLE INFORMATION TO THIRD PARTIES.
The Website may contain links to third party sites whose information, privacy and security practices may be different than ours. Before using these third party sites or providing them with your PII, you should carefully review and evaluate the privacy notices for such sites, as Dermacare has no control over information that is submitted to, or collected by, these third parties.
PROTECTION OF PERSONALLY IDENTIFIABLE INFORMATION.
Dermacare employs reasonable physical, electronic and managerial security measures, and follows generally accepted industry standards to safeguard your PII.
Dermacare utilizes firewall barriers, high-grade SSL encryption techniques, and authentication procedures, among others, to maintain the security of your online sessions and to protect Accounts and systems from unauthorized access. Dermacare software and member health records are stored on secure servers and backed up daily. All data is encrypted during storage and transmission.
Dermacare strictly limits access to your PII. Dermacare’s employees and agents are trained in our confidentiality and privacy policies, and only those employees and authorized agents of Dermacare who need such information to provide you with the Products have access to your PII, and only under strictly controlled conditions. Dermacare and its employees and agents will use PII only as necessary to provide the Products through the Website.
Please be aware that no method of data transmission over the Internet or method of electronic storage can be guaranteed to be perfectly secure. As a result, while Dermacare takes extensive measures to protect your PII, it cannot ensure or guarantee the security of any information you transmit to Dermacare or through the Website. DERMACARE DOES NOT COVENANT, REPRESENT, OR WARRANT THAT THE TRANSMISSION OF YOUR PII ONLINE WILL BE SECURE, AND YOU DO SO AT YOUR OWN RISK.
Your cooperation is imperative in safeguarding your PII. Choose your Account password carefully, as anyone with access to your Account password will be able to assume your online identity and view your medical information, change your PII, and communicate with your Dermacare health care providers. It is your responsibility to prevent disclosure of your password to others, and to change your password if you feel that its security has been compromised. You may change your password from your Account profile page after logging into your Account. Additionally, you will periodically receive correspondence from Dermacare at the email address you register with your Account. While these emails will never contain your photos or payment information, they will sometimes include information relating to the details of your acne or skin aging treatment (as applicable). Accordingly, it is critical that you safeguard your designated email address and restrict access thereto. The registration of an email address with your Account indicates your consent for Dermacare to transmit your PII to such address.
OPTING OUT OF FUTURE COMMUNICATIONS
You can stop receiving marketing emails from Dermacare by clicking the unsubscribe link included at the bottom of a Dermacare marketing email. You cannot opt out of certain emails we need to send you relating to normal business operations (for example, notifying you of a message from your medical provider). To opt out of all emails from Dermacare, you may email SUPPORT@DERMACARE.COM and cancel your Dermacare membership.
ACCESSING, CORRECTING, UPDATING, AND DELETING YOUR PERSONALLY IDENTIFIABLE INFORMATION.
You may access and update certain information, or deactivate your Account from your Account profile page after logging into your Account. Additionally, you may at any time make a request to access, correct or update the PII that Dermacare has collected about you by contacting us at SUPPORT@DERMACARE.COM, including requests to:
- View your medical records that have been provided to Dermacare.
- Inspect and copy your PII.
- Amend your PII if you believe your file is incomplete, incorrect or obsolete.
- Receive an accounting of all disclosures Dermacare has made of your PII.
Dermacare will make reasonable efforts to respond promptly to all such requests. Dermacare may impose a fee for the costs associated with your request, including the costs of labor, materials and/or shipping. In certain circumstances, Dermacare may deny your request. In the event of a denial, we will inform you of the reason for such denial and you will have the opportunity to request a review of the denial and submit a statement of disagreement for inclusion in your records. Dermacare will not verify, modify or otherwise alter any of your PII without your request or consent, provided that Dermacare may correct any errors or modify any immaterial information at any time.
You may at any time make a request for Dermacare to delete your PII. Dermacare will promptly comply with all such requests, but only to the extent such requests are not in conflict with any requirements to retain such information pursuant to applicable law or otherwise. When we delete your PII, it will be deleted from the active database, but may remain in our archives; we may also retain and continue to use your Anonymous Information. Further, to the extent your PII has been disclosed to third parties; Dermacare may not be able to access such PII or cause the deletion or modification of such PII by the relevant third parties.
As you browse Dermacare, advertising cookies will be placed on your computer so that we can understand what you are interested in. Our display advertising partner, AdRoll, then enables us to present you with retargeting advertising on other sites based on your previous interaction with Dermacare. The techniques our partners employ do not collect personal information such as your name, email address, postal address or telephone number. You can visit THIS PAGE to opt out of AdRoll and their partners’ targeted advertising.
PERSONS UNDER THE AGE OF 18.
Persons under thirteen (13) years of age are not eligible to use the features, services and other aspects of the Website or the Products. Further, Dermacare does not knowingly collect PII from anyone between the ages of thirteen (13) and eighteen (18) unless Dermacare has authorization from the parent or legal guardian of such individual. A parent or guardian of a person under the age of eighteen (18) may review and request deletion of such individual’s PII as well as prohibit our use thereof. If you are a parent or guardian of an individual under the age of eighteen (18) and believe your child has disclosed PII to Dermacare without your consent or authorization, please contact us at SUPPORT@DERMACARE.COM.