US MED Notice of Privacy Practices

Effective Date: 1/1/23

  1. INTRODUCTION

This Privacy Policy (“Privacy Policy”) describes the data protection practices of North Coast Medical Supply, LLC, dba Advanced Diabetes Supply (“ADS”), US MED®, LLC, United States Medical Supply, LLC, and their respective affiliates (collectively, “ADS”, “we”, “us”, or “our”) the website located at https://northcoastmed.com, https://advanceddiabetessupply.com, https://usmed.comhttps://usmeddirect.com, https://usmed-rx.com/, and any other ADS websites (collectively, the “Websites,” and collectively with any affiliated mobile application (the “Sites”), and the content contained on those Sites (“Content”), and includes when you visit any ADS website that links to this Privacy Policy (https://northcoastmed.com/privacy-policy/ or https://www.usmed.com/privacy-policy). We refer to the Websites, Sites, Content and other services provided by ADS together in this Privacy Policy as the “Services.” This Privacy Policy is incorporated into our Terms of Use. All capitalized terms used in this Privacy Policy but not defined herein have the meanings assigned to them in the Terms of Use.

PLEASE READ THIS PRIVACY POLICY CAREFULLY TO UNDERSTAND HOW WE HANDLE YOUR INFORMATION. BY ACCESSING OR USING THE WEBSITE, YOU AGREE TO THIS PRIVACY POLICY. IF YOU DO NOT AGREE TO THIS PRIVACY POLICY, PLEASE DO NOT USE OUR SERVICES.

  1. THE INFORMATION WE COLLECT AND THE SOURCES OF SUCH INFORMATION

We obtain information about you through the means discussed below when you use our Services. Please note that we need certain types of information so that we can provide the Services to you. If you do not provide us with such information, or ask us to delete it, you may no longer be able to access or use part or all of our Services.

  1. INFORMATION YOU PROVIDE TO US

We collect a variety of information that you provide directly to us. For example, we collect information from you through:

  • Account and product registration and administration of your account
  • Processing your orders and requests for products necessary to treat the Diabetes disease state, including therapies for its associated comorbidities (“Products”)
  • Questions, communications, or feedback you submit to us via forms or email
  • Your participation in research and surveys
  • Requests for customer support and technical assistance

The specific types of information we collect will depend upon the Services you use, how you use them, and the information you choose to provide. The types of data we collect directly from you includes:

  • Name, address, telephone number, date of birth, customer or member ID, and email address
  • Information about your medical conditions, prescriptions, pharmacy, and other related health information
  • Log-in credentials, if you create an account
  • Billing information, such as shipping address, credit or debit card number, verification number, expiration date, and identity verification information, collected by our payment processors on our behalf
  • Insurance information for billing and claims reimbursement purposes
  • Information about purchases or other transactions with us, including information you provide through reviews
  • Information about your customer service and maintenance interactions with us
  • Demographic information such as your gender and age
  • Any other information you choose to directly provide to us in connection with your use of the Services and Products.
  • We may collect information about you from third parties, including physicians, health care providers, and human capital management software providers. This information may include information related to your medical conditions, prescriptions, and other related health and insurance information and information you provide in order to apply for employment opportunities with us.
  1. INFORMATION WE COLLECT THROUGH AUTOMATED MEANS

We collect certain information about your use of the Services and the devices you use to access the Services, as described in this Section. As discussed further below, we and our service providers (which are third party companies that work on our behalf), may use a variety of technologies, including cookies and similar tools, to assist in collecting this information. We also may use these technologies to collect information about your online activities over time and across third-party websites or other online services (behavioral tracking). For information on your choices for opting out of behavioral tracking on the Services and how we respond to web browser signals and other mechanisms that enable consumers to exercise choice about behavioral tracking, see ONLINE ANALYTICS AND CHOICES ABOUT HOW WE USE AND DISCLOSE YOUR INFORMATION.

Our Services. When you use our Services, we collect and analyze information such as your IP address, browser types, browser language, operating system, the state or country from which you accessed the Services, software and hardware attributes (including device IDs) referring and exit pages and URLs, platform type, the number of clicks, files you download, domain names, landing pages, pages viewed and the order of those pages, the amount of time spent on particular pages, the terms you use in searches on our sites, the date and time you used the Services, error logs, and other similar information.

Location Information. When you use the Services, we and our service providers may automatically collect general location information (e.g., IP address, city/state and or postal code associated with an IP address) from your computer or mobile device. This information allows us to enable access to content that varies based on a user’s general location (e.g., to provide you with accurate sales tax information and to deliver content customized to your location).  We will use your location information to provide customized services, content, promotional offers and other information that may be of interest to you. Our Use of Cookies and Similar Online Tools. To collect the information discussed in this Section, we and our service providers use web server logs (files where website activity is stored), cookies (small text files placed on your computer or mobile device when you visit a site, that enables us to recognize your computer/device, store your preferences and settings, understand the parts of the Website you have visited and used, enhance your user experience by delivering and measuring the effectiveness of content and advertising tailored to your interests, perform searches and analytics, and assist with security and administrative functions), tags, SDKs (a set of tools and/or code that we embed in our Services and software to allow third parties to collect information about how users interact with our Services), tracking pixels (tiny electronic tags with a unique identifier embedded in websites, online ads and/or email that are designed to collect usage information like ad impressions or clicks and email open rates, measure popularity of the Services, and access user cookies), and other similar tracking technologies. We use these technologies to offer you a more tailored experience.

Some content or applications, including advertisements, on the Services are served by third parties, including advertisers, ad networks and servers, content providers, and application providers. These third parties may use cookies alone or in conjunction with web beacons or other tracking technologies to collect information about you when you use our Services. The information they collect may be associated with your personal information or they may collect information, including personal information, about your online activities over time and across different websites and devices and other online services. They may use this information to provide you with interest-based (behavioral) advertising or other targeted content.

We do not control these third parties’ tracking technologies or how they may be used. If you have any questions about an advertisement or other targeted content, you should contact the responsible provider directly. For information about how you can opt out of receiving targeted advertising from many providers, see ONLINE ANALYTICS AND CHOICES ABOUT HOW WE USE AND DISCLOSE YOUR INFORMATION.

 

Please note that you can change your settings to notify you when a cookie is being set or updated, or to block cookies altogether. Please consult the “Help” section of your browser for more information (e.g., Internet Explorer; Google Chrome; Mozilla Firefox; or Apple Safari). Please note that by blocking, disabling, or managing any or all cookies, you may not have access to certain features or offerings of the Services.

  1. PURPOSES FOR HOW WE USE YOUR INFORMATION

In connection with providing you with the Services, we may use your information to:

  • Carry out, improve, and manage the Services and, as applicable, facilitate the provision of health care services to you by physicians or other health care providers and ensure that the physicians or health care providers have the services and support necessary for health care operations.
  • Engage in internal research to understand the effectiveness of our Services, improve our Services, and better understand our user base. If we publish or provide the results of this research to others, such research will be presented in a de-identified and aggregate form such that individual users cannot be identified.
  • Communicate with you about the Services, your use of the Services, or your inquiries related to the Services and send you communications on behalf of physicians or other health care providers utilizing the Services to meet your needs.
  • Communicate with you by email, postal mail, or phone about surveys, promotions, special events or our Products and Services and those of our subsidiaries, affiliates, and parent companies and any of their related businesses and those of our third-party partners.
  • Provide you with technical support and customer service.
  • Verify your identity and administer your account, including processing your payments and fulfilling your orders.
  • Ensure that content from our Services is presented in the most effective manner for you and for your computer or device, allow you to participate in interactive features of our Services (when you choose to do so), and as part of our efforts to keep our Services safe and secure.
  • Measure or understand the effectiveness of advertising and content we serve to you and others, and to deliver and customize relevant advertising and content to you.
  • Help us better understand your interests and needs, such as by engaging in analysis and research regarding use of the Services.
  • Comply in good faith with any procedures, laws, and regulations which apply to us where it is necessary for our legitimate interests or the legitimate interests of others.
  • Establish, exercise, or defend our legal rights where it is necessary for our legitimate interests or the legitimate interests of others.
  • To carry out our obligations and enforce our rights arising from any contracts entered into between you and us.
  • In any other way we may describe when you provide the information.
  • For any other purpose with your consent.

Combined Information. For the purposes discussed in this Privacy Policy, we may combine the information that we collect through the Services with information that we receive from other sources, both online and offline, and use and share such combined information in accordance with this Privacy Policy.

Aggregate/De-Identified Data. We may aggregate and/or de-identify any information collected through the Services so that such information can no longer be linked to you or your device (“Aggregate/De-Identified Information”). We may use Aggregate/De-Identified Information for any purpose, including for research and marketing purposes, and may also share such data with any third parties, including advertisers, promotional partners, and sponsors.

  1. NOTICE OF PRIVACY PRACTICES

THIS SECTION DESCRIBES HOW MEDICAL INFORMATION ABOUT YOU MAY BE USED AND DISCLOSED AND HOW YOU CAN GET ACCESS TO THIS INFORMATION. PLEASE REVIEW IT CAREFULLY.

ADS’s Protection of Protected Health Information (“PHI”). Under the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”), ADS is required by law to maintain the privacy of health information that identifies you and to provide you with notice of our legal duties and privacy practices regarding PHI. ADS is committed to the protection of your PHI and will make reasonable efforts to ensure the confidentiality of your PHI, as required by statute and regulation. We take this commitment seriously and will work with you to comply with your right to receive certain information under HIPAA.

ADS’s Use and Disclosure of PHI. As permitted under HIPAA, the following categories explain the types of uses and disclosures of PHI that ADS may make. Please contact our Privacy Officer ([email protected]), using the contact information provided at the end of this notice, for specific information regarding your state.

For treatment – ADS may use or disclose PHI for treatment purposes, including disclosure to health care professionals who provide you with health care services.

For payment – ADS may use or disclose PHI to bill and collect payment for Products. For example, ADS may provide PHI to your health plan to receive payment for the health care services provided to you.

For health care operations – ADS may use or disclose PHI for health care operations purposes. These uses and disclosures are necessary, for example, to evaluate the quality of our Products, accreditation functions and for ADS’s operation and management purposes.  ADS may also disclose PHI to other health care providers or health plans that are involved in your care for their health care operations. For example, ADS may provide PHI to manage disease, or to coordinate health care or health benefits.

Health-related benefits and services – ADS may use and disclose PHI to tell you about health-related benefits and services that may be of interest to you. For example, ADS may contact you about a new member service center in your area or about new Products available at ADS based on services ordered by your physician.

Individuals involved in your care or payment for your care – ADS may disclose PHI to a person who is involved in your care or helps pay for your care, such as a family member or friend. We also may notify your family about your location or general condition or disclose such information to an entity assisting in a disaster relief effort. As allowed by federal and state law, we may disclose the PHI of minors to their parents or legal guardians.

Business associates – ADS may disclose PHI to its business associates to perform certain business functions or provide certain business services to ADS. For example, we may use another company to perform billing services on our behalf. All of our business associates are required to maintain the privacy and confidentiality of your PHI. In addition, at the request of your health care providers or health plan, ADS may disclose PHI to their business associates for purposes of performing certain business functions or health care services on their behalf. For example, we may disclose PHI to a business associate of Medicare for purposes of medical necessity review and audit.

Disclosure for judicial and administrative proceedings – Under certain circumstances, ADS may disclose your PHI in the course of a judicial or administrative proceeding, including in response to a court or administrative order, subpoena, discovery request, or other lawful process.

Law enforcement – ADS may disclose PHI for law enforcement purposes or in response to a court order, warrant, subpoena or summons, or similar process authorized by law. We may also disclose PHI when the information is needed: 1) for identification or location of a suspect, fugitive, material witness or missing person, 2) about a victim of a crime, 3) about an individual who has died, 4) in relation to criminal conduct on ADS premises, or 5) in emergency circumstances to report a crime, the location of the crime or victims, or the identity, description, or location of the person who committed the crime.

As required by law – ADS must disclose your PHI if required to do so by federal, state, or local law.

Public Health – ADS may disclose PHI for public health activities. These activities generally include: 1) disclosures to a public health authority to report, prevent or control disease, injury, or disability; 2) disclosures to report births and deaths, or to report child abuse or neglect; 3) disclosures to a person subject to the jurisdiction of the Food and Drug Administration (“FDA”) for purposes related to the quality, safety or effectiveness of an FDA-regulated product or activity, including reporting reactions to medications or problems with products or notifying people of recalls of products they may be using; 4) disclosures to notify a person who may have been exposed to a disease or may be at risk for contracting or spreading a disease or condition; and 5) disclosures to an employer about an employee to conduct medical surveillance in certain limited circumstances concerning work-place illness or injury.

Disclosure about victims of abuse, neglect, or domestic violence – ADS may disclose PHI about an individual to a government authority, including social services, if we reasonably believe that an individual is a victim of abuse, neglect, or domestic violence.

Health oversight activities – ADS may disclose PHI to a health care oversight agency for activities authorized by law such as audits, civil, administrative, or criminal investigations and proceedings/actions, inspections, licensure/disciplinary actions, or other activities necessary for appropriate oversight of the health care system, government benefit programs, and compliance with regulatory requirements and civil rights laws.

Coroners, medical examiners, and funeral directors – ADS may disclose PHI to a coroner, medical examiner, or funeral director for the purpose of identifying a deceased person, determining cause of death, or for performing some other duty authorized by law.

Personal Representative – ADS may disclose PHI to your personal representative, as established under applicable law, or to an administrator, executor, or other authorized individual associated with your estate.

Serious threat to health or safety – ADS may disclose PHI if necessary, to prevent or lessen a serious and/or imminent threat to health or safety to a person or the public or for law enforcement authorities to identify or apprehend an individual.

Government functions – In certain situations, ADS may disclose the PHI of military personnel and veterans, including Armed Forces personnel, as required by military command authorities. Additionally, we may disclose PHI to authorized officials for national security purposes, such as protecting the President of the United States, conducting intelligence, counter-intelligence, other national security activities, and when requested by foreign military authorities. Disclosures will be made only in compliance with U.S. Law.

Workers’ compensation – As authorized by applicable laws, ADS may use or disclose PHI to comply with workers’ compensation or other similar programs established to provide work-related injury or illness benefits.

De-identified Information and Limited Data Sets – ADS may use and disclose health information that has been “de-identified” by removing certain identifiers making it unlikely that you could be identified. ADS also may disclose limited health information, contained in a “limited data set”. The limited data set does not contain any information that can directly identify you. For example, a limited data set may include your city, county and zip code, but not your name or street address.

Other Uses and Disclosures of PHI. For purposes not described above, including uses and disclosures of PHI for marketing purposes and disclosures that would constitute a sale of PHI, ADS will ask for member authorization before using or disclosing PHI. If you signed an authorization form, you may revoke it, in writing, at any time, except to the extent that action has been taken in reliance on the authorization.

Information Breach Notification. ADS is required to provide member notification if it discovers a breach of unsecured PHI unless there is a demonstration, based on a risk assessment, that there is a low probability that the PHI has been compromised. You will be notified without unreasonable delay and no later than 60 days after discovery of the breach. Such notification will include information about what happened and what can be done to mitigate any harm.

Member Rights Regarding PHI. Subject to certain exceptions, HIPAA establishes the following member rights with respect to PHI:

Right to Receive a Copy of the ADS Notice of Privacy Practices – You have a right to receive a copy of the ADS Notice of Privacy Practices at any time by contacting us at [email protected], calling us at 1-866-422-4866 and asking for the HIPAA Privacy Officer, or by sending a written request to: HIPAA Privacy Officer, North Coast Medical Supply, LLC, dba Advanced Diabetes Supply, 2544 Campbell Place, Suite 150, Carlsbad, CA 92009. This Notice will also be posted on the ADS internet sites at www.northcoastmed.com and www.usmed.com.

Right to Request Limits on Uses and Disclosures of your PHI – You have the right to request that we limit: 1) how we use and disclose your PHI for treatment, payment, and health care operations activities; or 2) our disclosure of PHI to individuals involved in your care or payment for your care. ADS will consider your request, but is not required to agree to it unless the requested restriction involves a disclosure that is not required by law to a health plan for payment or health care operations purposes and not for treatment, and you have paid for the service in full out of pocket. If we agree to a restriction on other types of disclosures, we will state the agreed restrictions in writing and will abide by them, except in emergency situations when the disclosure is for purposes of treatment.

Right to Request Confidential Communications – You have the right to request that ADS communicate with you about your PHI at an alternative address or by an alternative means. ADS will accommodate reasonable requests.

Right to See and Receive Copies of Your PHI – You and your personal representative have the right to access any PHI about your use of our Products. Within 30 days after our receipt of your request, you will receive a copy of the requested PHI from ADS unless an exception applies. Exceptions include a determination by a licensed health care professional that the access requested is reasonably likely to endanger the life or safety of you or another person, and our inability to provide access to the PHI within 30 days, in which case we may extend the response time for an additional 30 days if we provide you with a written statement of the reasons for the delay and the date by which access will be provided. You have the right to access and receive your PHI in an electronic format if it is readily producible in such a format. You also have the right to direct ADS to transmit a copy to another person you designate, provided such request is in writing, signed by you, and clearly identifies the designated person and where to send the copy of your PHI. To request a copy of your PHI, contact the Privacy Officer at [email protected], calling us at 1-866-422-4866 and asking for the HIPAA Privacy Officer.

Right to Receive an Accounting of Disclosures – You have a right to receive a list of certain instances in which ADS disclosed your PHI. This list will not include certain disclosures of PHI, such as (but not limited to) those made based on your written authorization or those made prior to the date on which ADS was required to comply. If you request an accounting of disclosures of PHI that were made for purposes other than treatment, payment, or health care operations, the list will include disclosures made in the past four years, unless you request a shorter period of disclosures. If you request an accounting of disclosures of PHI that were made for purposes of treatment, payment, or health care operations, the list will include only those disclosures made in the past three years for which an accounting is required by law, unless you request a shorter period of disclosures.

Right to Correct or Update your PHI – If you believe that your PHI contains a mistake, you may request, in writing, that ADS correct the information. If your request is denied, we will provide an explanation of the reasoning for our denial.

How to Exercise Your Rights. To exercise any of your rights described in this notice, you must send a written request to: HIPAA Privacy Officer, North Coast Medical Supply, LLC, dba Advanced Diabetes Supply, 2544 Campbell Place, Suite 150, Carlsbad, CA 92009. Members may update insurance and/or billing information through our website or by contacting the Member Billing Department using the phone number indicated on the billing invoice.

How to Contact Us or File a Complaint. If you have questions or comments regarding the ADS Notice of Privacy Practices, or have a complaint about our use or disclosure of your PHI or our privacy practices, please contact: [email protected], call us at 1-866-422-4866 and ask for the HIPAA Privacy Officer, or send a written request to: HIPAA Privacy Officer, North Coast Medical Supply, LLC, dba Advanced Diabetes Supply, 2544 Campbell Place, Suite 150, Carlsbad, CA 92009. You also may file a complaint with the Secretary of the U.S. Department of Health and Human Services. ADS will not take retaliatory action against you for filing a complaint about our privacy practices.

Changes to the ADS Notice of Privacy Practices. ADS reserves the right to make changes to this notice and to our privacy policies from time to time. Changes adopted will apply to any PHI we maintain about you. ADS is required to abide by the terms of our notice currently in effect. When changes are made, we will promptly update this notice and post the information on the ADS website(s) at www.northcoastmed.com and www.usmed.com. Please review this site periodically to ensure that you are aware of any such updates.

  1. ONLINE ANALYTICS AND CHOICES ABOUT HOW WE USE AND DISCLOSE YOUR INFORMATION

Online Analytics and Tracking Technologies. We may use third-party web analytics services (such as those of Google Analytics (including Google Signals, Google User-ID, and other Google Analytics features) and MixPanel on our Services to collect and analyze usage information through cookies and similar tools; engage in auditing, research, or reporting; assist with fraud prevention; try to locate the same unique users across multiple browsers or devices to better tailor services and features; and provide certain features to you. If you have a Google account with personalized advertising enabled, through Google Signals, Google will also be able to gather for us analytics and engagement information from across the various devices you use to access the Services. To prevent Google from using your information for analytics (including cross-device tracking for personalization purposes), you may install the Google Analytics Opt-out Browser Add-on by clicking here. To opt out of Google Signals, please open your “Settings” app, locate and tap “Google,” select “Ads,” and turn ON “Opt out of Ads Personalization.” You may also be able to disable cross-device tracking through your Android or Apple device-based settings. For information about how Google Analytics collects and processes data, please visit: https://policies.google.com/technologies/partner-sites.

Additionally, third parties, including Google, may place and read cookies on your browser, or use web beacons to collect information in connection with ad serving on or through the Services. Our partners will collect personal information for personalization of ads and use cookies for personalized and non-personalized advertising and measurement. Ad serving may be based on users’ visits to our Services or other websites on the Internet, and your activity may be tracked over time and across websites. For information about how Google collects, shares, and uses data, please visit: https://policies.google.com/technologies/partner-sites. You may opt out of personalized ads from Google by visiting the Google Ads Settings web page at: http://www.google.com/ads/preferences/. For more information, please visit Google’s privacy policy at: https://policies.google.com/privacy?hl=en&fg=1.

We use the Facebook Pixel to analyze user activity on our Services for remarketing and behavioral targeting. The Facebook Pixel is triggered when you perform certain activities on the Services, and aids us in displaying Facebook ads to Facebooks users who have visited our Services, or Facebook users who share certain characteristics with visitors to our Services. Facebook and other third parties may use cookies, web beacons, and other storage technologies to collect information from the Services and from other Internet websites, and use that information for the purposes of targeting ads and providing measurement services. Facebook may track your activity over time and across websites. For more information about the data Facebook collects, please visit Facebook’s privacy policy at: https://www.facebook.com/privacy/policy/. For specific information about Facebook Pixel, please visit: https://www.facebook.com/business/help/742478679120153?id=1205376682832142. For more information about ad targeting and exercising your choice to opt out of the collection and use of information for ad targeting, please visit: https://www.facebook.com/help/568137493302217, or http://optout.aboutads.info/?c=2&lang=EN.

Microsoft collects or receives personal information from our users or us to provide Microsoft Advertising (including through individual end user tracking and data sharing with third parties for advertising and marketing purposes). For more information, please visit the Microsoft Privacy Statement: https://privacy.microsoft.com/en-us/privacystatement.

 

Promotional Offers from ADS. If you do not wish to have your information used by ADS to promote our own or third parties’ products or services, you can opt out by sending us an email stating your request to [email protected]. If we have sent you a promotional email, you may send us a return email asking to be omitted from future email distributions, or click “unsubscribe” in the relevant communication. Please note that, even if you unsubscribe from certain email correspondences, we may still need to email you with information relating to important transactional or administrative information.

 

Targeted Advertising. We do not control third parties’ collection or use of your information to serve interest-based advertising. However, these third parties may provide you with ways to choose not to have your information collected or used in this way. You can opt out of receiving targeted ads (including ads served using non-cookie technologies) from members of the NAI on the NAI's website, available at: https://optout.networkadvertising.org/?c=1. You can also visit the Digital Advertising Alliance’s website, available at https://youradchoices.com/, to use its Consumer Choice Tools.

 

Notice Concerning Do Not Track. Do Not Track (“DNT”) is a privacy preference that users can set in certain web browsers. We are committed to providing you with meaningful choices about the information collected on our website for third party purposes, and that is why we provide the variety of opt-out mechanisms listed above. However, we do not currently recognize or respond to browser-initiated DNT signals.

  1. HOW WE SHARE AND DISCLOSE YOUR INFORMATION

We may share your information in the following ways:

Affiliates and Subsidiaries. We may share information we collect within any ADS member or group (i.e., our subsidiaries and affiliates, including our ultimate holding company and its subsidiaries) to deliver Products and services to you, ensure a consistent level of service across our Products and services, and enhance our Products, services, and your customer experience.

Contractors, Service Providers, and Other Third Parties We Use to Support Our Business. We provide access to or share your information with select third parties who use the information to perform services on our behalf. They provide a variety of services to us, including billing, sales, marketing, advertising, analytics (note that we use Hotjar in order to better understand our users’ needs and to optimize the Services and experience. Hotjar is a technology service that helps us better understand our users’ experience (e.g., how much time they spend on which pages, which links they choose to click, what users do and don’t like, etc.) and this enables us to build and maintain our Services with user feedback. Hotjar uses cookies and other technologies to collect data on our users’ behavior and their devices. This includes a device's IP address, device screen size, device type (unique device identifiers), browser information, geographic location, and the preferred language used to display our Services), research, customer service, shipping and fulfillment, data storage, IT and security, fraud prevention, payment processing, auditing and legal services, web mapping services (our Services may include Google Maps features and content. Google Maps may collect users’ IP address, latitude and longitude coordinates, and search terms. For more information, please visit Google’s privacy policy, available at: https://policies.google.com/privacy), video sharing platforms (including YouTube- for more information about YouTube’s collection of information, see Google’s privacy policy at: http://www.google.com/policies/privacy), and social networks (including links to our Facebook, LinkedIn, Instagram, Pinterest, and Twitter pages). These entities may also include health care organizations, and other third parties we use to support our business or in connection with the administration and support of our Services.

Protection of ADS and Others. By using our Services, you acknowledge and agree that we may access, retain and disclose the information we collect and maintain about you if required to do so by law or in a good faith belief that such access, retention or disclosure is reasonably necessary to: (a) comply with legal process (e.g. a subpoena or court order); (b) enforce our Terms of Use, this Privacy Policy, or other contracts with you, including investigation of potential violations thereof; (c) respond to claims that any content violates the rights of third parties; (d) respond to your requests for customer service; and/or (e) protect the rights, property or personal safety of ADS, its agents and affiliates, its users and/or the public. This includes exchanging information with other companies and organizations for fraud protection, and spam/malware prevention, and similar purposes.

Business Transfers. As we continue to develop our business, we may buy, merge, or partner with other companies. In such transactions, (including in contemplation of such transactions) user information may be among the transferred assets. If a portion or all of our assets are sold or transferred to a third party, customer information (including your email address) would likely be one of the transferred business assets. If such transfer is subject to additional mandatory restrictions under applicable laws, we will comply with such restrictions.

Consent. We may also disclose your information in other ways you direct us to and when we have your consent.

Aggregate/De-Identified Information. We reserve the right to create Aggregate/De-Identified Data from the information we collect through our Services and our sharing of such Aggregate/De-Identified Data is in our discretion.

  1. THIRD-PARTY SERVICES AND NOTICE ABOUT HEALTH INFORMATION

This Privacy Policy does not address, and we are not responsible for, the privacy, information, or other practices, including data privacy and security process and standards of any third parties, including physicians and other health care providers using our Services, the manufacturer of your mobile device and other IT hardware and software, and any other third-party mobile application, website, or service to which our Services may contain a link. These third parties may at times gather information from or about you. We have no control over the privacy practices of these third parties. The collection, use, and disclosure of your information will be subject to the privacy policies of the third-party websites or services, and not this Privacy Policy. We urge you to read the privacy and security policies of these third parties.

  1. HOW WE PROTECT YOUR INFORMATION

ADS takes a variety of technical and organizational security measures to protect your information against accidental or unlawful destruction or accidental loss, alteration, unauthorized disclosure or access. However, no method of transmission over the Internet, and no means of electronic or physical storage, is absolutely secure. As such, you acknowledge and accept that we cannot guarantee the security of your information transmitted to, through, or on our Services or via the Internet and that any such transmission is at your own risk. Further, we are not responsible for circumvention of any privacy settings or security measures of our Services. You should not expect that your information or voice or data transmissions will always remain private, and we do not guarantee the performance or adequacy of our privacy settings or security measures. In the event that an unauthorized third party compromises our security measures, to the greatest extent afforded by law, we will not be responsible for any damages, directly or indirectly, caused by an unauthorized third party’s ability to view, use or disseminate your information. Where we have given you (or where you have chosen) a password that enables you to access our Services, you are responsible for keeping this password confidential. We ask you not to share your password with anyone. The information you share in public areas may be viewed by any user of our Services.

  1. Children’s Information

If you are below the age of majority in your place of residence, you may only download, install, access or use our Services under the supervision of a parent or legal guardian who agrees to be bound by this Privacy Policy and our Terms of Use. If you are a parent or legal guardian of a minor child, you may, in compliance with this Privacy Policy and our Terms of Use, download, install, access or use our Services on behalf of such minor child. Any information that you provide us while using our Services on behalf of such minor child will be treated as provided in this Privacy Policy, and our Terms of Use. We do not knowingly collect personally identifiable information from children under 13. If we learn that we have inadvertently gathered personal information from a child under 13, we will take reasonable measures to promptly remove that information from our records.

  1. Operations of Our Services in the United States

Our Services are operated in the United States. Your information may be processed by us in the country where it was collected as well as other countries (including the United States) where laws regarding processing of your information may be less stringent than the laws in your country. By using our Services or providing us with your information, you consent to this transfer and processing.

  1. YOUR NEVADA RIGHTS POLICY

Under Nevada law, certain Nevada consumers may opt out of the sale of “personally identifiable information” for monetary consideration (as such terms are defined under Nevada law) to a person for that person to license or sell such information to additional persons. We do not engage in such activity; however, if you are a Nevada resident who has purchased services from us, you may submit a request to opt out of any potential future sales under Nevada law by emailing [email protected]. Please note we will take reasonable steps to verify your identity and the authenticity of the request. Once verified, we will maintain your request in the event our practices change.

  1. Your California Rights Policy

Individuals who are residents of California and have provided information to us may request certain information regarding our disclosure of Your Information to third parties for direct marketing purposes. Such requests must be submitted to us in writing at [email protected]. California privacy rights requests must include the reference “Request for California Privacy Information” on the subject line and in the body of the message and must include the email address or mailing address, as applicable, for us to send our response. This request may be made no more than once per calendar year. We reserve the right not to respond to requests submitted other than to the address specified above.

To learn more about California residents' privacy rights, see information below section 18.

  1. RETENTION OF YOUR INFORMATION

We retain your information for as long as needed: (i) to conduct business with you; (ii) as needed for the purposes outlined in this Privacy Policy; and (iii) as necessary to comply with our legal obligations, resolve disputes, and enforce any agreements.

  1. ACCESSING AND CORRECTING YOUR INFORMATION

You may send us an email at [email protected] to request access to, correct, or delete any personal information that you have provided to us or you may change your information by logging into your account and editing your profile. We cannot delete your personal information except by also deleting your account. We may not accommodate a request to change information if we believe the change would violate any law or legal requirement or cause the information to be incorrect.

  1. REVISIONS TO OUR PRIVACY POLICY

We reserve the right to change this Privacy Policy at any time to reflect changes in the law, our data collection and use practices, the features of our Services, or advances in technology. We will make the revised Privacy Policy accessible through our Services, so you should review it periodically. The date this Privacy Policy was last revised is identified at the top of the document. You are responsible for periodically monitoring and reviewing any updates to the Privacy Policy. If we make a material change to the Privacy Policy, we will provide you with appropriate notice in accordance with legal requirements. Your continued use of our Services after such amendments (and notice, where applicable) will be deemed your acknowledgment of these changes to this Privacy Policy.

  1. CONTACTING US

If you have any questions about this Privacy Policy or ADS’s privacy practices, please contact us at:

North Coast Medical Supply, LLC, dba Advanced Diabetes Supply
2544 Campbell Place

Suite 150

Carlsbad, CA 92009
1-866-422-4866
[email protected]

 

CCPA Privacy Policy

Last Updated:                January 1, 2023

California Residents

The following disclosures are made pursuant to the California Consumer Privacy Act of 2018 as amended by the California Privacy Rights Act of 2020 (“CCPA”). These disclosures supplement any privacy notices we previously or contemporaneously provided to you, including any California-specific privacy notice provided to you if you are an employee of ADS.

Right to Know

California residents have the right to be informed of the categories and specific pieces of personal information collected about them, including sensitive personal information, collected,  used, and disclosed, the categories of sources from which that information is collected, whether that information is sold or shared, the categories of third parties to whom that information has been disclosed, the business or commercial purposes for collecting and using each category of personal information, and the intended retention period for each category of personal information.

The below chart reflects the categories of personal information we have collected from California residents during the past twelve months, the categories of sources from which the information was collected, the business or commercial purpose for which the information was collected, the categories of third parties to whom we disclosed that information, and our anticipated retention period for each category of information.

 

Personal Information Category set forth in Cal. Civ. Code § 1798.140 Source(s) of Personal Information Collection Business or Commercial Purpose(s) for Collection/Use Third Parties, Service Providers, and Contractors Receiving Personal Information Category Retention Period
Personal identifiers, including real name, alias, postal address, unique personal identifier, online identifier, Internet Protocol address, email address, account name, social security number, driver’s license or passport number, or other similar identifiers. Directly from you; indirectly from you as you navigate or use our Services; advertising networks; internet service providers; data analytics providers; social networks; devices you use to access our Services; physicians; health care providers; single sign-on providers.

 

For job applicants: recruiters; background check providers; human capital management software providers.

 

 

Provide you with our Services; communicate with you; protect and secure our environment; verify, maintain, improve, upgrade, or enhance a product or service; identify and repair errors; market to you; satisfy our legal obligations.

 

For job applicants: Asses your application; satisfy legal obligations.

Physicians; health care providers; advertising networks; affiliates; data analytics providers; social networks; technology service providers; payment processors; individuals involved in your care or payment for your care; web mapping platforms; video sharing platforms; government authorities; health care oversight agencies; personal representatives; marketing providers; insurance providers; customer service providers; shipping and fulfilment providers; subsidiaries; health care organizations; background check providers and human capital management software providers (for job applicants). The length of your business relationship with us plus any legally required additional retention period for this category of personal information following conclusion of your business relationship with us or 7 years post-relationship, whichever is longer.
California Customer Records personal information (Cal. Civ. Code § 1798.80(e)), including name, signature, social security number, physical characteristics or description, address, telephone number, passport number, driver’s license or state identification card number, insurance policy number, education, employment, employment history, bank account number, credit card number, debit card number, or any other financial information, medical information, or health insurance information. Directly from you; physicians; health care providers.

 

For job applicants: recruiters; human capital management software providers; background check providers.

 

 

Provide you with our Services; communicate with you; protect and secure our environment; verify, maintain, improve, upgrade, or enhance a product or service; identify and repair errors; market to you; satisfy our legal obligations.

 

For job applicants: Process your application; satisfy legal obligations.

Physicians; health care providers; affiliates; technology service providers; payment processors; individuals involved in your care or payment for your care; government authorities; health care oversight agencies; personal representatives; insurance providers; customer service providers; shipping and fulfilment providers; subsidiaries; health care organizations; background check providers and human capital management software providers (for job applicants). The length of your business relationship with us plus any legally required additional retention period for this category of personal information following conclusion of your business relationship with us or 7 years post-relationship, whichever is longer.
Characteristics of protected classifications under California or federal law. Directly from you; indirectly from you as you navigate or use our Services; advertising networks; data analytics providers; social networks; devices you use to access our Services; physicians; health care providers.

 

For job applicants: recruiters; background check providers; human capital management software providers.

 

 

Provide you with our Services; communicate with you; protect and secure our environment; verify, maintain, improve, upgrade, or enhance a product or service; identify and repair errors; market to you; satisfy our legal obligations.

 

For job applicants: Process your application; satisfy legal obligations.

Physicians; health care providers; advertising networks; affiliates; data analytics providers; social networks; technology service providers; individuals involved in your care or payment for your care; video sharing platforms; government authorities; health care oversight agencies; personal representatives; marketing providers; insurance providers; customer service providers; subsidiaries; health care organizations; background check providers and human capital management software providers (for job applicants). The length of your business relationship with us plus any legally required additional retention period for this category of personal information following conclusion of your business relationship with us or 7 years post-relationship, whichever is longer.
Commercial information, including records of personal property, products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies. Directly from you; indirectly from you as you navigate or use our Services; advertising networks; internet service providers; data analytics providers; social networks; devices you use to access our Services; physicians; health care providers.

 

 

 

Maintain transaction records; provide you with our products or services; provide you with advertising or marketing services; satisfy our legal obligations. Physicians; health care providers; advertising networks; affiliates; data analytics providers; social networks; technology service providers; payment processors; individuals involved in your care or payment for your care; video sharing platforms; government authorities; health care oversight agencies; personal representatives; marketing providers; insurance providers; customer service providers; shipping and fulfilment providers; subsidiaries; health care organizations. The length of your business relationship with us plus any legally required additional retention period for this category of personal information following conclusion of your business relationship with us or 7 years post-relationship, whichever is longer.
Biometric information. We do not collect. Not applicable. Not applicable. Not applicable.
Internet and other electronic network activity information, including, but not limited to, browsing history, search history, and information about individual interactions with an Internet website, application, or advertisement. Directly from you; indirectly from you as you navigate or use our Services; advertising networks; internet service providers; data analytics providers; social networks; devices you use to access our Services.

 

Detect security incidents; protect against malicious, deceptive, fraudulent, or illegal activity; verify, maintain, improve, upgrade, or enhance a service or device that is owned or controlled by us; identify and repair errors; provide you with advertising or marketing services; perform analytics. Advertising networks; affiliates; data analytics providers; social networks; technology service providers; payment processors; web mapping platforms; video sharing platforms; marketing providers; insurance providers; customer service providers; subsidiaries; background check providers and human capital management software providers (for job applicants). Barring any legally required additional retention period, up to one year.
Geolocation data Directly from you; indirectly from you as you navigate or use our Services; advertising networks; internet service providers; data analytics providers; social networks; devices you use to access our Services.

 

Protect and secure our environment; verify, maintain, improve, upgrade, or enhance a product or service; identify and repair errors; provide you with advertising or marketing services; perform analytics. Advertising networks; affiliates; data analytics providers; social networks; technology service providers; web mapping platforms; video sharing platforms; marketing providers; subsidiaries. Barring any legally required additional retention period, up to one year.
Sensory data including audio, electronic, visual, thermal, olfactory, or similar information. We do not collect. Not applicable. Not applicable. Not applicable.
Professional or employment-related information. For job applicants: directly from you; recruiters; background check providers; human capital management software providers.

 

For job applicants: Process your application. Technology service providers; background check providers and human capital management software providers (for job applicants). Barring any legally required additional retention period, up to 7 years for non-hired applicants.
Non-public education information as defined in the Family Educational Rights and Privacy Act (20 U.S.C. § 1232g; 34 C.F.R. Part 99) For job applicants: directly from you; recruiters; background check providers; human capital management software providers.

 

For job applicants: Process your application. Technology service providers; background check providers and human capital management software providers (for job applicants). Barring any legally required additional retention period, up to 7 years for non-hired applicants.
Inferences drawn from any of the information identified above to create a profile about you reflecting your preferences, characteristics, psychological trends, predispositions, behavior, attitudes, intelligence, abilities, and aptitudes. Directly from you; indirectly from you as you navigate or use our Services; advertising networks; internet service providers; data analytics providers; social networks; devices you use to access our Services.

 

 

Provide you with advertising or marketing services; perform analytics; maintain, improve, upgrade, or enhance a product or service. Advertising networks; affiliates; data analytics providers; social networks; technology service providers; video sharing platforms; marketing providers; subsidiaries.

 

 

Sensitive Personal Information Category as set forth in Cal. Civ. Code § 1798.140 Sources from which Information was Collected Purposes for Collection; Use Third Parties, Service Providers, and Contractors Receiving Personal Information Retention Period
Social security number, driver’s license number, state identification card, or passport number. For job applicants: recruiters; background check providers. For job applicants: Process your application; satisfy legal obligations. Technology service providers; background check providers and human capital management software providers; (for job applicants). Barring any legally required additional retention period, up to 7 years for non-hired applicants.
Account access credentials (user names, account numbers, or card numbers combined with required access code, security code or password to access an account). Directly from you; single sign-on providers.

 

Provide you with our Services; communicate with you; protect and secure our environment; verify, maintain, improve, upgrade, or enhance a product or service; identify and repair errors; satisfy our legal obligations.

 

Affiliates; technology service providers; payment processors; individuals involved in your care or payment for your care; personal representatives; customer service providers; subsidiaries. The length of your business relationship with us plus any legally required additional retention period for this category of personal information following conclusion of your business relationship with us or 7  years post-relationship, whichever is longer.
Precise geolocation (location within a geographical area of a circle with a radius of 1850 feet or less). We do not collect. Not applicable. Not applicable. Not applicable.
Racial or ethnic origin We do not collect. Not applicable. Not applicable. Not applicable.
Religious or philosophical beliefs We do not collect. Not applicable. Not applicable. Not applicable.
Union membership We do not collect. Not applicable. Not applicable. Not applicable.
Genetic Data We do not collect. We do not collect. Not applicable. Not applicable.
Mail, email, or text messages where the content is not directed to us. We do not collect. Not applicable. Not applicable. Not applicable.
Unique identifying biometric information We do not collect. We do not collect. Not applicable. Not applicable.
Personal information collected and analyzed concerning health. Directly from you; physicians; health care providers. Provide you with our Services; communicate with you; protect and secure our environment; verify, maintain, improve, upgrade, or enhance a product or service; identify and repair errors; satisfy our legal obligations. Physicians; health care providers; affiliates; technology service providers; individuals involved in your care or payment for your care; government authorities; health care oversight agencies; personal representatives; insurance providers; customer service providers; shipping and fulfilment providers; subsidiaries; health care organizations. The length of your business relationship with us plus any legally required additional retention period for this category of personal information following conclusion of your business relationship with us or 7 years post-relationship, whichever is longer.
Personal information collected and analyzed concerning sex life, or sexual orientation. We do not collect. We do not collect. Not applicable. Not applicable.

 

Right to Limit Use and Disclosure of Sensitive Personal Information

We do not collect or process sensitive personal information for the purpose of inferring characteristics about consumers. We also do not disclose sensitive personal information for purposes other than those specified in section 7027(m) of the CCPA regulations promulgated by the California Privacy Protection Agency. Therefore, we do not offer consumers the option to limit the use of their sensitive personal information.

Right to Opt Out of Sharing for Cross-Context Behavioral Advertising

In the past twelve months we have used data about your activities on our online properties to serve you ads on online properties owned or controlled by third parties. In the past twelve months, we have provided the following categories of information to advertising networks, affiliates, data analytics providers, marketing providers, social media networks, subsidiaries, video sharing platforms, and web mapping platforms for this purpose:

  • Personal identifiers, such as unique personal identifier, online identifier, internet protocol address, device information and identifiers, and unique advertising identifiers and cookies; Internet and other electronic network activity information; geolocation information; characteristics of protected classifications under California or federal law; commercial data; and inference data.

If you would like to opt out of this sharing, you may exercise your right by modifying your cookie settings, or, you may do so in a frictionless manner by activating Global Privacy Control (“GPC”) opt out preference signal to opt out of disclosures of your personal information through the browser you are using. To learn more about the GPC, click here.

Right to Opt Out of Sale

While we do not sell personal information in exchange for monetary consideration, we do share personal information for other benefits that could be deemed a “sale,” as defined by the CCPA. The CCPA broadly defines “sale” in a way that may include actives such as the delivery of targeted advertising on websites or allowing third parties to receive certain information, such as cookies, IP address, and/or browsing behavior. In the past twelve months, we have provided the following categories of information to advertising networks, affiliates, data analytics providers, marketing providers, social media networks, subsidiaries, video sharing platforms, and web mapping platforms in ways that could be considered a “sale” under California law:

  • Personal identifiers, such as unique personal identifier, online identifier, internet protocol address, device information and identifiers, and unique advertising identifiers and cookies; Internet and other electronic network activity information; geolocation information; characteristics of protected classifications under California or federal law; commercial data; and inference data.

We disclosed these categories of information to these third parties in order to market and advertise our products and services; perform analytics; and to maintain, improve, upgrade, or enhance our products or services.

We have no actual knowledge of selling the personal information or the sensitive personal information or minors under 16 years of age.

California residents have the right to opt out of the “sale” of their personal or sensitive personal information.

If you would like to opt out of such disclosures, you may exercise your right by modifying your cookie settings, or, you may do so in a frictionless manner by activating Global Privacy Control (“GPC”) opt out preference signal to opt out of disclosures of your personal information through the browser you are using. To learn more about the GPC, click here.

Right to Delete Personal Information

You have the right to request the deletion of your personal information, subject to certain exceptions.

Right to Correct Inaccurate Personal Information

You have the right to request the correction of any inaccurate personal information that we maintain about you.

Right to Access

You have the right to request the categories and specific pieces of personal information we have collected about you.

Right of Non-Retaliation and Non-Discrimination

You have the right to exercise the privacy rights conferred to you under the CCPA without receiving retaliatory or discriminatory treatment. Company does not retaliate or discriminate against your for exercising the privacy rights conferred to you under the CCPA.

Exercising Your Rights

To exercise your rights, you may contact us via phone at 1-866-422-4866 or via email at [email protected]. Requesters will need to provide us with personal information in order to verify their identity and residency, including name, email, and state of residence. We will compare the information you provide with our internal records. The personal information that we use to verify identity and residency will not be used for any other purpose.

You may authorize an agent to submit a request on your behalf if you provide the authorized agent with written permission signed by you. ADS may require you to verify your identity directly with us and confirm that you provided the authorized agent with permission to submit a request on your behalf.

Contact Information

If you have questions or concerns about our privacy practices, contact us at: [email protected].