Banner

Privacy Policy

On this page: Privacy Notice | Cookie Policy | CCPA | GDPR | Contact Us
——–

Privacy Notice

Last modified: Nov 15, 2022

1. Introduction

This Privacy Notice describes how Concierge MD collects and uses Personal Data about you through the use of our Website, and through email, text, and other electronic communications between you and Concierge MD.

Concierge MD (“Concierge MD” or we” or “us”) respect your privacy and are committed to protecting it through our compliance with this policy.

This Privacy Notice (our “Privacy Notice”) describes the types of information we may collect from you or that you may provide when you visit the website www.conciergemdla.com (the “Website”) and our practices for collecting, using, maintaining, protecting, and disclosing that information.

This policy applies to information we collect:

  • On our Website;
  • In email, text, and other electronic messages between you and our Website; and
  • When you interact with our advertising and applications on third-party websites and services, if those applications or advertising include links to this policy.

It does not apply to information collected by:

  • Us offline or through any other means, including on any other website operated by Concierge MD or any third-party (including our affiliates and subsidiaries);
  • Us or any of our affiliates or subsidiaries related to your or any other individual’s employment or potential employment with us; or
  • Any third party (including our affiliates and subsidiaries), including through any application or content (including advertising) that may link to or be accessible from or on the Website.

Please read this Privacy Notice carefully to understand our policies and practices regarding your information and how we will treat it. If you do not agree with our policies and practices, your choice is not to use our Website. By accessing or using this Website, you agree to this Privacy Notice. This Privacy Notice may change from time to time. Your continued use of this Website after we make changes is deemed to be acceptance of those changes, so please check this Privacy Notice periodically for updates.

2. Children Under the Age of 13

Our Website is not intended for children under the age of 13, and children under the age of 13 are not permitted to use our Website. We will remove any information about a child under the age of 13 if we become aware of it.

Our Website is not intended for children under 13 years of age. No one under age 13 may provide any information to or on the Website. We do not knowingly collect Personal Data from children under 13. If you are under 13, do not use or provide any information on our Website or on or through any of its features/register on the Website, or provide any information about yourself to us, including your name, address, telephone number, email address, or any screen name or user name you may use. If we learn we have collected or received Personal Data from a child under 13 without verification of parental consent, we will delete that information. If you believe we might have any information directly from a child under 13, please contact us at (888)483-7471 or contact us  on our Website.

3. Information We Collect About You and How We Collect It

We collect different types of information about you, including information that may directly identify you, information that is about you but individually does not personally identify you, and information that we combine with our other users. This includes information that we collect directly from you or through automated collection technologies.

General

We collect several types of information from and about users of our Website (“Personal Data”):

  • By which you may be personally identified, such as name, postal address, e-mail address, telephone number, or any other identifier by which you may be contacted online or offline;
  • That is about you but individually does not identify you, such as traffic data, location data, referring/exit pages, date and time of your visit to our Website, error information, clickstream data, and other communication data and the resources that you access and use on the Website; and/or
  • About your internet connection, the equipment you use to access our Website, and usage details.

We collect this information:

  • Directly from you when you provide it to us;
  • Automatically as you navigate through the Website. Information collected automatically may include usage details, IP addresses, information collected through cookies and other tracking technologies; and
  • From third parties such as our business partners and service providers.

Information You Provide to Us

The information we collect on or through our Website are:

  • Information that you provide by filling in forms on our Website. This includes information provided at the time of registering to use our Website, subscribing to our service, or requesting further services. We may also ask you for information when you enter a contest or promotion sponsored by us, and when you report a problem with our Website;
  • Records and copies of your correspondence (including email addresses) if you contact us;
  • Your responses to surveys that we might ask you to complete; and
  • Details of transactions you carry out through our Website and of the fulfillment of your orders. You may be required to provide financial information before placing an order through our Website.

The Personal Data we collect from you is required to enter into a contract with Concierge MD so that we may provide you with our products and services. If you refuse to provide such Personal Data, then in some cases we may not be able to enter into the contract or fulfill our obligations to you.

Information We Collect Through Automatic Data Collection Technologies

As you navigate through and interact with our Website, we may use automatic data collection technologies to collect certain information about your equipment, browsing actions, and patterns:

  • Details of your visits to our Website. We collect traffic data, location data, referring/exit pages, date and time of your visit to our Website, error information, clickstream data and other communication data, and the resources that you access and use on the Website; and
  • Information about your computer and internet connection, i.e. your IP address, operating system, and browser type.

The information we collect automatically includes Personal Data, or we may maintain it or associate it with Personal Data we collect in other ways or receive from third parties. This helps us to improve our Website and to deliver a better and more personalized service by enabling us to:

  • Estimate our audience size and usage patterns;
  • Store information about your preferences, allowing us to customize our Website according to your individual interests;
  • Speed up your searches; and
  • Recognize you when you return to our Website.

The technologies we use for this automatic data collection may include:

  • Cookies (or browser cookies). A cookie is a small file placed on the hard drive of your computer. Our Website may use both session cookies (which expire once you close your browser) and persistent cookies (which stay on your computer until you delete them) to provide you with a more personal and interactive experience on our Website. We only place cookies on your hard drive with your consent. You can set your browser to refuse all or some browser cookies, or to alert you when cookies are being sent. However, if you do not consent to our use of cookies or select this setting, you may be unable to access certain parts of our Website. You can find more information about cookies at http://www.allaboutcookies.org.

Third-Party Use of Cookies and Other Tracking Technologies

Some content or applications on the Website, including advertisements, are served by third parties including advertisers,  service and content providers, and application providers. These third parties may use cookies alone or in conjunction with web beacons or other tracking technologies to collect information about you when you use our Website. The information they collect may be associated with your Personal Data or they may collect information, including Personal Data, about your online activities over time and across different websites and other online services. They may use this information to provide you with interest-based (behavioral) advertising or other targeted content.

We do not control these third parties’ tracking technologies or how they may be used. If you have any questions about an advertisement or other targeted content, you should contact the responsible provider directly. For information about how you can opt out of receiving targeted advertising from many providers, see Choices About How We Use and Disclose Your Information.

4. Special Categories of Information

We may process some Personal Data considered sensitive when necessary to carry out our obligations under the law or to protect our legitimate interests.

Some Personal Data processed by Concierge MD  may be considered sensitive, including personal data that reveals your racial or ethnic origin,  or personal data concerning your health. Concierge MD  processes this information only to the extent necessary to carry out its obligations under the law or to the extent necessary to protect Concierge MD’s legitimate interests.

5. How We Use Your Information

We use your Personal Data for various purposes described below, including to:

· Provide our Website to you;

· Provide you with information you request from us;

· Enforce our rights arising from contracts;

· Notify you about changes; and

· Provide you with notices about your account

We use information that we collect about you or that you provide to us, including any Personal Data:

  • To present our Website and its contents to you;
  • To provide you with information, products, or services that you request from us;
  • To provide you with notices about your account/subscription, including expiration and renewal notices;
  • To carry out our obligations and enforce our rights arising from any contracts entered into between you and us, including for billing and collection;
  • To notify you about changes to our Website or any products or services we offer or provide though them;
  • To administer surveys, sweepstakes, promotions, and other contests;
  • To send newsletters and other similar communications not specifically advertising your own goods and services;
  • In any other way we may describe when you provide information;
  • To fulfill any other purpose for which you provide information; and
  • For any other purpose with your consent.

We may also use your information to contact you about our own and third-parties’ goods and services that may be of interest to you.

6. Disclosure of Your Information

We do not share, sell, or otherwise disclose your Personal Data for purposes other than those outlined in this Privacy Notice. We disclose your Personal Data to a few third parties, including:

· Our subsidiaries and our affiliates;

· Our third-party service providers that we use to support our business;

· To a company we merge, acquire, or that buys us, or in the event of change in structure of our company of any form;

· To comply with our legal obligations;

· To enforce our rights; and

· With your consent.

We do not share, sell, or otherwise disclose your Personal Data for purposes other than those outlined in this Privacy Notice. However, we may disclose aggregated information about our users and information that does not identify any individual, without restriction.

We may disclose Personal Data that we collect or you provide as described in this Privacy Notice:

  • To our subsidiaries and affiliates;
  • To contractors, service providers, and other third parties we use to support our business. These entities provide IT and infrastructure support services, payment processing services, and marketing software.  Our payment processors’ privacy policies may be found at http://stripe.com/us/privacy;
  • To a potential or actual buyer or other successor in the event of a planned or actual merger, divestiture, restructuring, reorganization, dissolution, or other sale or transfer of some or all of Concierge MD’s assets, whether as a going concern or as part of bankruptcy, liquidation, or similar proceeding, in which Personal Data held by Concierge MD about our Website’s users is among the assets transferred;
  • To fulfill the purpose for which you provide it;
  • For any other purpose disclosed by us when you provide the information; and
  • With your consent.

We may also disclose your Personal Data:

  • To comply with any court order, law, or legal process, including to respond to any government or regulatory request;
  • To enforce or apply our terms of use and service and other agreements, including for billing and collection purposes; and
  • If we believe disclosure is necessary or appropriate to protect the rights, property, or safety of Concierge MD, our customers, or others. This includes exchanging information with other companies and organizations for the purposes of fraud protection and credit risk reduction.

 

7. Your Rights Regarding Your Information and Accessing and Correcting Your Information

You may have certain rights under applicable data protection laws, including the right to access and update your Personal Data, restrict how it is used, and the right to have us erase certain Personal Data about you. You also have the right to complain to a supervisory authority about our processing of your Personal Data.

Applicable data protection laws may provide you with certain rights with regards to our processing of your Personal Data.

  • Access and Update. You can review and change your Personal Data by logging into the Website and visiting your “Account” page. You may also notify us through the Contact Information below or through our Website’s Contact Us form of any changes or errors in any Personal Data we have about you to ensure that it is complete, accurate, and as current as possible. We may also not be able to accommodate your request if we believe it would violate any law or legal requirement or cause the information to be incorrect.
  • You have the right to restrict our processing of your Personal Data under certain circumstances. In particular, you can request we restrict our use of it if you contest its accuracy, if the processing of your Personal Data is determined to be unlawful, or if we no longer need your Personal Data for processing but we have retained it as permitted by law.
  • Right to be Forgotten. You have the right to request that we delete all of your Personal Data. We cannot delete your Personal Data except by also deleting your user account, and we will only delete your account when you have requested that we do so. We may not accommodate a request to erase information if we believe the deletion would violate any law or legal requirement or cause the information to be incorrect. In all other cases, we will retain your Personal Data as set forth in this policy. In addition, we cannot completely delete your Personal Data as some data may rest in previous backups. These will be retained for the periods set forth in our disaster recovery policies.
  • You have the right to lodge a complaint with the applicable supervisory authority in the country you live in, the country you work in, or the country where you believe your rights under applicable data protection laws have been violated. However, before doing so, we request that you contact us directly in order to give us an opportunity to work directly with you to resolve any concerns about your privacy.
  • How You May Exercise Your Rights. You may exercise any of the above rights by contacting us through any of the methods listed under Contact Information below and through our Website’s Contact Us form. If you contact us to exercise any of the foregoing rights, we may ask you for additional information to verify your identity. We reserve the right to limit or deny your request if you have failed to provide sufficient information to verify your identity or to satisfy our legal and business requirements. Please note that if you make unfounded, repetitive, or excessive requests (as determined by reasonable discretion) to access your Personal Data, you may be charged a fee subject to a maximum set by applicable law.

 

8. Jurisdiction-Specific Privacy Rights

The law in certain jurisdictions may provide their residents with additional rights regarding our use of your Personal Information.

The law in some jurisdictions may provide you with additional rights regarding our use of Personal Data. To learn more about any additional rights that may be applicable to you as a resident of one of these jurisdictions, please see the privacy addendum for your state that is attached to this Privacy Notice.

For Individuals Located within the European Economic Area

If you are located in the European Economic Area, you have the additional rights described in our GDPR Website Privacy Addendum.

Your California Privacy Rights

If you are a resident of California, you have the additional rights described in the California Privacy Addendum.

9. Do Not Track Signals

We may use automated data collection technologies to track you across websites. We currently do not honor do-not-track signals that may be sent by some browsers.

We also may use automated data collection technologies to collect information about your online activities over time and across third-party websites or other online services (behavioral tracking). Some web browsers permit you to broadcast a signal to websites and online services indicating a preference that they “do not track” your online activities. At this time, we do not honor such signals and we do not modify what information we collect or how we use that information based upon whether such a signal is broadcast or received by us.

10. Data Security

Information transmitted over the Internet is not completely secure, but we do our best to protect your Personal Data. You can help protect your Personal Data and other information by keeping your password to our Website confidential.

We have implemented measures designed to secure your Personal Data from accidental loss and from unauthorized access, use, alteration, and disclosure.

The safety and security of your information also depends on you. Where we have given you (or where you have chosen) a password for access to certain parts of our Website, you are responsible for keeping this password confidential. We ask you not to share your password with anyone.

Unfortunately, the transmission of information via the internet is not completely secure. Although we do our best to protect your Personal Data, we cannot guarantee the security of your Personal Data transmitted to our Website. Any transmission of Personal Data is at your own risk. We are not responsible for the circumvention of any privacy settings or security measures deployed on the Website.

11. Data Retention Periods

We retain your Personal Data for as long as you keep your account open. In some instances, we may keep it after you close your account. For example, we may keep it:

· On our backup and disaster recovery systems;

· For as long as necessary to protect our legal interests; and

· And to comply with other legal requirements.

Concierge MD will retain your Personal Data for the entire time that you keep your account open. After you close your account, we retain your Personal Data indefinitely unless you request that we remove it. However, we will retain your Personal Health Information for 7 years or until you request that we remove it, whichever is longer.

12. Changes to Our Privacy Notice

We will post any changes to our Privacy Notice on our Website. If we make material changes to our Privacy Notice, we may notify you of such changes through your contact information and invite you to review (and accept, if necessary) the changes.

We may change this Privacy Notice at any time. It is our policy to post any changes we make to our Privacy Notice on this page. If we make material changes to how we treat our users’ Personal Data, we will notify you through a notice on the Website’s home page. The date this Privacy Notice was last revised is identified at the top of the page. You are responsible for ensuring we have an up-to-date active and deliverable email address for you, and for periodically visiting our Website and this Privacy Notice to check for any changes.

13. Contact Information

You may contact our Data Protection Officer through the contact information below. If you wish to contact us, you may contact us through the contact information below or through the Contact Us form on our Website.

If you have any questions, concerns, complaints, or suggestions regarding our Privacy Notice, have any requests related to your Personal Data pursuant to applicable laws, or otherwise need to contact us, you may Contact Us at the contact information below or through the Contact Us page on our Website.

Privacy Notice Addendum for California Residents (CCPA)

Effective Date: July 28, 2021

Last Reviewed on: July 28, 2021

This Privacy Notice Addendum for California Residents (the “California Privacy Addendum”) supplements the information contained in Concierge MD’s Privacy Notice and describes our collection and use of Personal Information. This California Privacy Addendum applies solely to all visitors, users, and others who reside in the State of California (“consumers” or “you”). We adopt this notice to comply with the California Consumer Privacy Act of 2018 (“CCPA”), and any terms defined in the CCPA have the same meaning when used in this notice.

Note that this California Privacy Addendum does not apply to employment-related personal information collected from our California-based employees, job applicants, contractors, or similar individuals. Please contact your local human resources department if you are a California employee and would like additional information about how we process your Personal Information.

Where noted, this California Privacy Addendum also does not apply to personal information reflecting a written or verbal business-to-business communication (“B2B Personal Information”). Unless otherwise noted, this exemption will expire on January 1, 2023.

Information We Will Collect

We collect information that identifies, relates to, describes, references, is capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer or device (“personal information”). In particular, we collect, and over the prior twelve (12) months have collected, the following categories of personal information from our consumers:

Category Applicable Pieces of Personal Information Collected
A. Identifiers. A real name, postal address, online identifier, Internet Protocol address, email address, account name, or other similar identifiers.
B. Personal information categories listed in the California Customer Records statute (Cal. Civ. Code § 1798.80(e)). A name, signature, address, telephone number, or any financial information, medical information, or health insurance information.

Some personal information included in this category may overlap with other categories.

C. Protected classification characteristics under California or federal law. Age (40 years or older), race, color, or medical condition.
D. Commercial information. Records of products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies.
E. Internet or other similar network activity. Information on a consumer’s interaction with a website, application, or advertisement.
F. Geolocation data. Physical location or movements.

 

Personal information does not include:

  • Publicly available information from government records.
  • Deidentified or aggregated consumer information.
  • Information excluded from the CCPA’s scope, such as:
    • Health or medical information covered by the Health Insurance Portability and Accountability Act of 1996 (HIPAA) and the California Confidentiality of Medical Information Act (CMIA) or clinical trial data;
    • Personal information covered by certain sector-specific privacy laws, including the Fair Credit Reporting Act (FCRA), the Gramm-Leach-Bliley Act (GLBA) or California Financial Information Privacy Act (FIPA), and the Driver’s Privacy Protection Act of 1994.

Use of Personal Information

We may use or disclose the personal information we collect and, over the prior twelve (12) months, have used, or disclosed the personal information we have collected, for one or more of the following business or commercial purposes:

  • To fulfill the purpose for which you provided the information. For example, if you share your name and contact information to request a price quote or ask a question about our products or services, we will use that personal information to respond to your inquiry. If you provide your personal information to purchase a product or service, we will use that information to process your payment and facilitate delivery. We may also save your information to facilitate new product orders or process returns.
  • To provide, support, personalize, and develop our Website, products, and services.
  • To create, maintain, customize, and secure your account with us.
  • To process your requests, purchases, transactions, and payments and prevent transactional fraud.
  • To provide you with support and to respond to your inquiries, including to investigate and address your concerns and monitor and improve our responses.
  • To personalize your Website experience and to deliver content and product and service offerings relevant to your interests, including targeted offers and ads through our Website, third-party sites, and via email or text message (with your consent, where required by law).
  • Debugging to identify and repair errors that impair existing intended functionality.
  • To administer surveys, sweepstakes, promotions, and other contests, and to send newsletters and other similar communications not specifically advertising our own goods and services.
  • To respond to law enforcement requests and, as required by applicable law, court order or governmental regulations.
  • As described to you when collecting your personal information or as otherwise set forth in the CCPA.
  • To evaluate or conduct a merger, divestiture, restructuring, reorganization, dissolution, or other sale or transfer of some or all of Concierge MD’s assets, whether as a going concern or as part of bankruptcy, liquidation, or similar proceeding, in which personal information held by Concierge MD about our Website users is among the assets transferred.

Concierge MD will not collect additional categories of personal information or use the personal information we collected for materially different, unrelated, or incompatible purposes without providing you notice.

Sources of Personal Information

Concierge MD obtains the categories of personal information listed above from the following categories of sources:

  • Directly from you. For example, from forms you complete or products and services you purchase.
  • Indirectly from you. For example, from observing your actions on our Website.

Sharing Personal Information

Concierge MD may disclose your personal information to a third party for a business purpose. When we disclose personal information for a business purpose, we enter a contract that describes the purpose and requires the recipient to both keep that personal information confidential and not use it for any purpose except performing the contract.

Disclosures of Personal Information for a Business Purpose

In the preceding twelve (12) months, Concierge MD has disclosed the following categories of personal information for a business purpose to the listed categories of third parties:

  • Identifiers:

Categories of Third Parties: Service Providers, Business partners, Affiliates and subsidiary organizations of Concierge MD, and Internet cookie information recipients, such as analytics and behavioral advertising services,

  • California Customer Records personal information categories:

Categories of Third Parties: Service Providers, Business partners, Affiliates and subsidiary organizations of Concierge MD, and Internet cookie information recipients, such as analytics and behavioral advertising services

  • Protected classification characteristics under California or federal law:

Categories of Third Parties: Service Providers, Business partners, Affiliates and subsidiary organizations of Concierge MD, and Internet cookie information recipients, such as analytics and behavioral advertising services.

  • Commercial information:

Categories of Third Parties: Service Providers, Business partners, Affiliates and subsidiary organizations of Concierge MD, and Internet cookie information recipients, such as analytics and behavioral advertising services.

  • Internet or other similar network activity:

Categories of Third Parties: Service Providers, Business partners, Affiliates and subsidiary organizations of Concierge MD, and Internet cookie information recipients, such as analytics and behavioral advertising services.

Sales of Personal Information

As noted in our general Privacy Policy, we do not sell your personal information as the term “sell” is commonly understood to require an exchange for money. However, the California State Attorney General may issue guidance on whether the use of advertising and analytics cookies on our Website may be considered a “sale” of Personal Information as the term “sale” is broadly defined in the CCPA to include both monetary and other valuable consideration. Until such guidance has been issued, we continue to consider it a “sale” in order to be as transparent as possible with users of our Website and will comply with the restrictions of the “sale” of this information to the extent technologically feasible. This “sale” would be limited to our use of third-party advertising and analytics cookies and their use in providing you behavioral advertising and their use in understanding how people use and interact with our Website.

In the preceding twelve (12) months, Concierge MD has not “sold” your Personal Information for either monetary or other valuable consideration.

Your Rights and Choices

The CCPA provides consumers (California residents) with specific rights regarding their personal information. This section describes your CCPA rights and explains how to exercise those rights. You may exercise these rights yourself or through your authorized agent.

Access to Specific Information and Data Portability Rights

You have the right to request that Concierge MD disclose certain information to you about our collection and use of your personal information over the past 12 months (a “Right to Know” request). You also have the right to request that we provide you with a copy of the specific pieces of personal information that we have collected or created about you. If you make a request for the specific pieces of personal information electronically, we will provide you with a copy of your personal information in a portable and, to the extent technically feasible, readily reusable format that allows you to transmit the personal information to another third-party. You must specifically describe if you are making a Right to Know request or a request for specific pieces of personal information. If you would like the information about our collection and use over the past twelve (12) months and a copy of the specific pieces of Personal Data, you must make both requests clear in your email. If it is not reasonably clear from your request, we will only process your request as a Right to Know request.

Once we receive your request and verify your identity (see Exercising Access, Data Portability, and Deletion Rights), we will disclose to you:

For Right to Know requests:

  • The categories of personal information we collected about you.
  • The categories of sources for the personal information we collected about you.
  • Our business or commercial purpose for collecting or selling that personal information.
  • The categories of third parties with whom we share that personal information.
  • If we sold or disclosed your personal information for a business purpose, two separate lists disclosing:
    • Sales, identifying the personal information categories that each category of recipient purchased; and
    • Disclosures for a business purpose, identifying the personal information categories that each category of recipient obtained.

For requests for specific pieces of personal information:

  • The specific pieces of personal information we collected about you (also called a data portability request). We will not disclose your health insurance or medical identification number or your account password or security question or answers. We will also not provide this information if the disclosure would create a substantial, articulable, and unreasonable risk to your personal information, your account with Concierge MD, or the security of our systems or networks.

We do not provide these access and data portability rights for B2B personal information.

Deletion Request Rights

You have the right to request that Concierge MD delete any of your personal information that we collected from you and retained, subject to certain exceptions. Once we receive and confirm your verifiable consumer request (see Exercising Access, Data Portability, and Deletion Rights), we will delete (and direct our service providers to delete) your personal information from our records, unless an exception applies.

We may deny your deletion request if retaining the information is necessary for us or our service provider(s) to:

  1. Complete the transaction for which we collected the personal information, provide a good or service that you requested, take actions reasonably anticipated within the context of our ongoing business relationship with you, or otherwise perform our contract with you.
  2. Detect security incidents, protect against malicious, deceptive, fraudulent, or illegal activity, or prosecute those responsible for such activities.
  3. Debug products to identify and repair errors that impair existing intended functionality.
  4. Exercise free speech, ensure the right of another consumer to exercise their free speech rights, or exercise another right provided for by law.
  5. Comply with the California Electronic Communications Privacy Act (Cal. Penal Code § 1546 seq.).
  6. Engage in public or peer-reviewed scientific, historical, or statistical research in the public interest that adheres to all other applicable ethics and privacy laws when the information’s deletion may likely render impossible or seriously impair the research’s achievement, if you previously provided informed consent.
  7. Enable solely internal uses that are reasonably aligned with consumer expectations based on your relationship with us.
  8. Comply with a legal obligation.
  9. Make other internal and lawful uses of that information that are compatible with the context in which you provided it.

We do not provide these deletion rights for B2B personal information.

Exercising Access, Data Portability, and Deletion Rights

To exercise the right to know, data portability, and deletion rights described above, please submit a verifiable consumer request to us by either:

If you (or your authorized agent) submit a request to delete your information online, we will use a two-step process in order to confirm that you want your personal information deleted. This process may include verifying your request through your email address on record, calling you on your phone number on record (which may include an automated dialer), sending you a text message and requesting that you text us a confirmation, and/or sending you a confirmation through US mail.

If you fail to make your submission in accordance with the ways described above, we may either treat your request as if it had been submitted with our methods described above or provide you with information on how to submit the request or remedy any deficiencies with your request.

Only you, or your agent that you authorize to act on your behalf, may make a verifiable consumer request related to your personal information. You may also make a verifiable consumer request on behalf of your minor child.]To designate an authorized agent, see Authorized Agents below. We may request additional information so we may confirm a request to delete your personal information.

You may only make a verifiable consumer request for access or data portability twice within a 12-month period. The verifiable consumer request must:

  • Provide sufficient information that allows us to reasonably verify you are the person about whom we collected personal information or an authorized representative. This may include:
    • Verifying your request through your email address on record, calling you on your phone number on record (which may include an automated dialer), sending you a text message and requesting that you text us a confirmation, and/or sending you a confirmation through US mail.
  • Describe your request with sufficient detail that allows us to properly understand, evaluate, and respond to it.

We cannot respond to your request or provide you with personal information if we cannot verify your identity or authority to make the request and confirm that the personal information relates to you.

Making a verifiable consumer request does not require you to create an account with us. However, we do consider requests made through your password protected account sufficiently verified when the request relates to personal information associated with that specific account.

We will only use personal information provided in a verifiable consumer request to confirm the requestor’s identity or authority to make the request.

For instructions on exercising sale opt-out rights, see Personal Information Sales Opt-Out and Opt-In Rights.

Authorized Agents

You may authorize your agent to exercise your rights under the CCPA on your behalf by registering your agent with the California Secretary of State. You may also provide your authorized agent with power of attorney to exercise your rights. If you authorize an agent, we may require that your agent provide proof that they have been authorized to exercise your rights on your behalf. We may request that your authorized agent submit proof of identity. We may deny a request from your agent to exercise your rights on your behalf if they fail to submit adequate proof of identity or adequate proof that they have the authority to exercise your rights.

Response Timing and Format

We will respond to a verifiable consumer request within ten (10) days of its receipt. We will generally process these requests within forty-five (45) days of its receipt. If we require more time (up to 45 days), we will inform you of the reason and extension period in writing.

If you have an account with us, we will deliver our written response to that account. If you do not have an account with us, we will deliver our written response by mail or electronically, at your option.

Any we provide disclosures related to a Right to Know request will only cover the 12-month period preceding the verifiable consumer request’s receipt. The response we provide will also explain the reasons we cannot comply with a request, if applicable. For data portability requests, we will select a format to provide your personal information that is readily usable and should allow you to transmit the information from one entity to another entity without hindrance.

We do not charge a fee to process or respond to your verifiable consumer request unless it is excessive, repetitive, or manifestly unfounded. If we determine that the request warrants a fee, we will tell you why we made that decision and provide you with a cost estimate before completing your request.

Opt-Out and Opt-In Rights Regarding the “Sale” of Your Personal Information

If you are 16 years of age or older, you have the right to direct us to not sell your personal information at any time (the “right to opt-out”). We do not sell the personal information of consumers we actually know are less than 16 years of age from either the consumer who is between 13 and 16 years of age, or the parent or guardian of a consumer less than 13 years of age.

To exercise the right to opt-out, you (or your authorized representative) may adjust your cookie preferences by setting your browser to refuse all or some browser cookies, or to alert you when cookies are being sent. However, if you do not consent to our use of cookies or select this setting, you may be unable to access certain parts of our Website or other websites. You can find more information about cookies at http://www.allaboutcookies.org.

Non-Discrimination

We will not discriminate against you for exercising any of your CCPA rights. Unless permitted by the CCPA, we will not:

  • Deny you goods or services;
  • Charge you different prices or rates for goods or services, including through granting discounts or other benefits, or imposing penalties;
  • Provide you a different level or quality of goods or services; or
  • Suggest that you may receive a different price or rate for goods or services or a different level or quality of goods or services.

However, we may offer you certain financial incentives permitted by the CCPA that can result in different prices, rates, or quality levels. Any CCPA-permitted financial incentive we offer will reasonably relate to your personal information’s value and contain written terms that describe the program’s material aspects. Participation in a financial incentive program requires your prior opt in consent, which you may revoke at any time.

Changes to This California Privacy Addendum

Concierge MD reserves the right to amend this California Privacy Addendum at our discretion and at any time. When we make changes to this California Privacy Addendum, we will post the updated addendum on the Website and update the addendum’s effective date. Your continued use of our Website following the posting of changes constitutes your acceptance of such changes.

Contact Information

If you have any questions or comments about this California Privacy Addendum, the ways in which Concierge MD collects and uses your information described above and in the Privacy Notice, your choices and rights regarding such use, or wish to exercise your rights under California law, please do not hesitate to Contact Us.

GDPR Website Privacy Addendum

1. Introduction

This GDPR Website Privacy Addendum supplements the information in the Concierge MD Website Privacy Notice and applies to Personal Data about individuals located in the European Economic Area.

This GDPR Website Privacy Addendum (the “GDPR Website Privacy Addendum”) supplements the information contained in the Concierge MD Website Privacy Notice and applies solely to all users of our Website who are located in the European Economic Area. We adopt this GDPR Website Privacy Addendum to comply with the General Data Protection Regulation (2016/679) and any implementing acts of the foregoing by any of the member states of the European Economic Area, the United Kingdom, or Switzerland (“GDPR”) and any terms defined in the GDPR or our Privacy Notice have the same meaning when used in this GDPR Website Privacy Addendum. This GDPR Website Privacy Addendum takes precedence over anything contradictory in our Privacy Notice.

2. Data Controller, Data Protection Officer, and Representative

Concierge MD is the data controller of the Personal Data you provide on the Website. Concierge MD is not required to appoint a Data Protection Officer or a representative in the European Union.

Concierge MD is the data controller of your Personal Data. At this time, Concierge MD is not required to appoint a Data Protection Officer or a representative in the European Union and has elected not to do so.

3. Lawful Basis for Processing Your Personal Data

We have a lawful basis for our processing of your Personal Data, including processing for our legitimate interests (when balanced against your rights and freedoms), to fulfill our obligations to you under a contract with you, as required by law, and with your consent.

If you are in the European Union, the processing of your Personal Data is lawful only if it is permitted under the applicable data protection laws. We have a lawful basis for each of our processing activities (except when an exception applies as described below):

  • By using our Website, you consent to our collection, use, and sharing of your Personal Data as described in this Privacy Notice. If you do not consent to this Privacy Notice, please do not use the Website.
  • Legitimate Interests. We will process your Personal Data as necessary for our legitimate interests. Our legitimate interests are balanced against your interests, rights, and freedoms, and we do not process your Personal Data if your interests or rights and freedoms outweigh our legitimate interests. Our legitimate interests are to facilitate communication between Concierge MD and you; detect and correct bugs and to improve our Website; safeguard our IT infrastructure and intellectual property; process your requests, purchases, transactions, and payments; detect and prevent fraud and other financial crime; and promote, support, and market our business.
  • To Fulfill Our Obligations to You under our Contract. We process your Personal Data in order to fulfill our obligations to you pursuant to our contract with you to deliver our goods and services to you.
  • As Required by Law. We may also process your Personal Data when we are required or permitted to by law; to comply with government inspections, audits, and other valid requests from government or other public authorities; to respond to legal process such as subpoenas; or as necessary for us to protect our interests or otherwise pursue our legal rights and remedies (for instance, when necessary to prevent or detect fraud, attacks against our network, or other criminal and tortious activities), defend litigation, and manage complaints or claims.

4. Special Categories of Information

We may process some Personal Data considered sensitive when necessary to carry out our obligations under the law or to protect our legitimate interests.

Some Personal Data processed by Concierge MD may be considered sensitive, including personal data that reveals your racial or ethnic origin or personal data concerning your health. Concierge MD processes this information only to the extent necessary to carry out its obligations under the law or to the extent necessary to protect Concierge MD’s legitimate interests.

5. Automated Decision Making

We generally do not use your Personal Data with any automated decision making processes.

Concierge MD does not use your Personal Data with any automated decision making process, including profiling, which may produce a legal effect concerning you or similarly significantly affect you.

6. Your Rights Regarding Your Information and Accessing and Correcting Your Information

You may have certain rights under applicable data protection laws, including the right to access and update your Personal Data, restrict how it is used, transfer certain Personal Data to another controller, withdraw your consent at any time, and the right to have us erase certain Personal Data about you. You also have the right to complain to a supervisory authority about our processing of your Personal Data.

Applicable data protection laws may provide you with certain rights with regards to our processing of your Personal Data.

  • Access and Update. You can review and change your Personal Data by logging into the Website and visiting your “Account” page. You may also notify us through the Contact Information listed below or through our Website’s Contact Us form of any changes or errors in any Personal Data we have about you to ensure that it is complete, accurate, and as current as possible. We may also not be able to accommodate your request if we believe it would violate any law or legal requirement or cause the information to be incorrect.
  • Right to be Forgotten. You have the right to request that we delete all of your Personal Data. We cannot delete your Personal Data except by also deleting your user account, and we will only delete your account when you request that we do so or after a final determination that your Personal Data was unlawfully processed. We may not accommodate a request to erase information if we believe the deletion would violate any law or legal requirement or cause the information to be incorrect. In all other cases, we will retain your Personal Data as set forth in this policy. In addition, we cannot completely delete your Personal Data as some data may rest in previous backups. These will be retained for the periods set forth in our disaster recovery policies.
  • You have the right to lodge a complaint with the applicable supervisory authority in the country you live in, the country you work in, or the country where you believe your rights under applicable data protection laws have been violated. However, before doing so, we request that you contact us directly in order to give us an opportunity to work with you to resolve any concerns about your privacy.
  • How You May Exercise Your Rights. You may exercise any of the above rights by contacting us through any of the methods listed under Contact Information below and through Contact Us form on our Website. If you contact us to exercise any of the foregoing rights, we may ask you for additional information to verify your identity. We reserve the right to limit or deny your request if you have failed to provide sufficient information to verify your identity or to satisfy our legal and business requirements. Please note that if you make unfounded, repetitive, or excessive requests (as determined in our reasonable discretion) to access your Personal Data, you may be charged a fee subject to a maximum set by applicable law.

7. Consent to Processing of Personal Data in the United States / In Other Countries Outside the European Economic Area

We may process your Personal Data outside of your home country, including but not limited to the United States. We only do this when we are legally permitted to do so and when we have appropriate safeguards in place to protect your Personal Data.

If you are a resident of the European Economic Area (“EEA”), in order to provide our Website, products, and services to you, we may send and store your Personal Data outside of the EEA, including but not limited to the United States. Accordingly, your Personal Data may be transferred outside the country where you reside or are located, including to countries that may not or do not provide an equivalent level of protection for your Personal Data. Your information may be processed and stored in the United States and United States federal, state, and local governments, courts, or law enforcement or regulatory agencies may be able to obtain disclosure of your information through the laws of the United States. By using our Website, you represent that you have read and understood the above and hereby consent to the storage and processing of Personal Data outside the country where you reside or are located, including in the United States.

Your Personal Data is transferred by Concierge MD to another country only if it is required or permitted under applicable data protection law and provided that there are appropriate safeguards in place to protect your Personal Data. To ensure your Personal Data is treated in accordance with this Privacy Notice when we transfer it to a third party, Concierge MD uses Data Protection Agreements between Concierge MD and all other recipients of your data that include, where applicable, the Standard Contractual Clauses adopted by the European Commission (the “Standard Contractual Clauses”). The European Commission has determined that the transfer of Personal Data pursuant to the Standard Contractual Clauses provides an adequate level of protection of your Personal Data but may need to be supplemented with additional measures on a case-by-case basis after an analysis that such supplemental measures can provide you with an essentially equivalent level of protection as afforded in the EU. When, as a result of this analysis, we believe this to be appropriate and necessary, these Standard Contractual Clauses have been supplemented in this way. Under these Standard Contractual Clauses, you have the same rights as if your data was not transferred to such third country. You may request a copy of the Data Protection Agreement by contacting us through the Contact Information below.[1]

8. Data Retention Periods

We retain your Personal Data for as long as you keep your account open. In some instances, we may keep it after you close your account; for example, we may keep it:

· On our backup and disaster recovery systems;

· For as long as necessary to protect our legal interests; and

· To comply with other legal requirements.

Concierge MD will retain your Personal Data for the entire time that you keep your account open. After you close your account, we retain your Personal Data until you request that we remove it. However, Personal Health Information is retained for 7 years or until you request that we remove it, whichever is longer.

9. Changes to this GDPR Website Privacy Addendum

Concierge MD reserves the right to amend this GDPR Website Privacy Addendum at our discretion and at any time and at any time and as described in our Website Privacy Notice. When we make changes to this GDPR Website Privacy Addendum, we will post the updated notice on the Website and update the notice’s effective date. Your continued use of our Website following the posting of changes constitutes your acceptance of such changes.

Contact Information

You may contact us through the contact information below. If you wish to contact us, you may contact us through the contact information below or through the Contact Us form on our Website.

If you have any questions, concerns, complaints or suggestions regarding our Privacy Notice, have any requests related to your Personal Data pursuant to applicable laws, or otherwise need to contact us, you may contact us at the contact information below or through the Contact Us form on our Website.

To Contact Concierge MD (Controller)

Concierge MD

United States
(323) 931-4662
Contact Form

Experience Care with ConciergeMD

ConciergeMD offers coverage throughout the United States.