CAPSA HEALTHCARE PRIVACY POLICY

 

Last Updated: [July 14, 2021]

 

This Privacy Policy explains how Capsa Solutions, LLC d/b/a Capsa Healthcare and our subsidiaries and affiliated companies (“Capsa,” “we,” or “us”) collect, use, and disclose information about our customers, prospective customers, and website visitors when they access and use our websites, purchase our products or services, complete a survey, contact our sales or customer support teams, or otherwise interact with us. We refer to our customers, prospective customers, and website visitors as “you” throughout this policy.

 

Except as indicated below in the section titled “Biometric Data,” this Privacy Policy does not apply to information we process on our customers’ behalf when they use our products and services.  Certain Capsa products and services enable customers to collect and process information, including personal information used for identification and security purposes and health-related information. We process this information solely for the purpose of providing our products and services to our customers and only in accordance with their written instructions. The collection, use, retention, and deletion of this information is controlled by our customers and subject to their respective privacy policies. Please refer to our customers’ privacy policies for more information.

 

We may change this Privacy Policy from time to time. If we make changes, we will notify you by revising the date at the top of this policy and, in some cases, we may provide you with additional notice (such as adding a statement to our websites’ homepages or sending you a notification). We encourage you to review this Privacy Policy regularly to stay informed about our information practices and the choices available to you.

 

CONTENTS

 

Collection of Information

Use of Information

Sharing of Information

Analytics

Biometric Data

Transfer of Information to the United States and Other Countries

Your Choices

Your California Privacy Rights

Additional Disclosures for Individuals in Europe

Contact Us

 

COLLECTION OF INFORMATION

 

Information You Provide to Us

We collect information you provide directly to us. For example, we collect information when you contact us for information about our products and services, sign up for our newsletters and marketing communications, request a quote, create an account, make a purchase, request customer support, or otherwise communicate with us. The types of personal information we may collect include your name and business contact information, such as your email address, postal address, phone number, and the name of your employer. If you purchase products and services from us, we also collect financial and commercial information about you, such as payment method, including credit card information or bank account information, date of purchase, and delivery and setup information, and other information related to your account, such as product and service preferences and any feedback you choose to provide.

Information We Collect Automatically When You Interact with Us

When you access or use our websites, we automatically collect certain information, including:

  • Device and Usage Information: We collect information about how you access and use our websites, such as your operating system version, IP address, unique device identifiers, and browser type. We also collect information about your activity on our websites, such as access times, pages viewed, links clicked, and the page you visited before navigating to our websites.
  • Information Collected by Cookies and Similar Tracking Technologies: We (and our service providers) use tracking technologies, such as cookies and web beacons, to collect information about you. Cookies are small data files stored on your hard drive or in device memory that help us improve our websites and your experience, see which areas and features of our websites are popular, and count visits. Web beacons (also known as “pixel tags” or “clear GIFs”) are electronic images that we use on our websites and in our emails to help deliver cookies, count visits, and understand usage and campaign effectiveness. For more information about cookies and how to disable them, see our Cookie Policy [https://www.capsahealthcare.com/cookie-policy/] and the Your Choices section below.

Information We Collect from Other Sources

We obtain information from third-party sources. For example, we may collect your name and contact information from our distributors or marketing vendors.

Information We Derive

We may derive information or draw inferences about you based on the information we collect. For example, we may make inferences about your location based on your IP address.

 

USE OF INFORMATION

We use the information we collect to manage our business relationship with you and provide our products and services. We also use the information we collect to:

 

  • Create and maintain your account;
  • Process transactions and send you related information, including confirmations, receipts, invoices, customer experience surveys, and recall notices;
  • Send you technical notices, security alerts, and support and administrative messages;
  • Respond to your comments and questions and provide customer service;
  • Communicate with you about products, services, and events offered by Capsa and others and provide news and information that we think will interest you (see the Your Choices section below for information about how to opt out of these communications at any time);
  • Monitor and analyze trends, usage, and activities in connection with our websites, products and services;
  • Detect, investigate, and prevent security incidents and other malicious, deceptive, fraudulent, or illegal activity and protect the rights and property of Capsa and others;
  • Debug to identify and repair errors on our websites, products and services;
  • Comply with our legal and financial obligations; and
  • Carry out any other purpose described to you at the time the information was collected.

 

SHARING OF INFORMATION

 

We share personal information in the following circumstances or as otherwise described in this policy:

  • We share personal information with vendors, service providers, and consultants that perform services for us, such as companies that assist us with web hosting, customer service, analytics, and marketing and advertising.
  • We may disclose personal information if we believe that disclosure is in accordance with, or required by, any applicable law or legal process, including lawful requests by public authorities to meet national security or law enforcement requirements.
  • We may share personal information if we believe that your actions are inconsistent with our user agreements or policies, if we believe that you have violated the law, or if we believe it is necessary to protect the rights, property, and safety of Capsa, our users, the public, or others.
  • We share personal information with our lawyers and other professional advisors where necessary to obtain advice or otherwise protect and manage our business interests.
  • We may share personal information in connection with, or during negotiations concerning, any merger, sale of company assets, financing, or acquisition of all or a portion of our business by another company.
  • Personal information is shared between and among Capsa and our current and future parents, affiliates, and subsidiaries and other companies under common control and ownership.
  • We share personal information with your consent or at your direction.

We also share aggregated, anonymized, or de-identified information that cannot reasonably be used to identify you.

 

ANALYTICS

 

We allow others to provide analytics services on our behalf across the web. These entities may use cookies, web beacons, device identifiers, and other technologies to collect information about your use of our websites, including your IP address, web browser, pages viewed, time spent on pages or in mobile apps, links clicked, and conversion information. This information may be used by Capsa and others to, among other things, analyze and track data, determine the popularity of certain content, and better understand your online activity.

 

BIOMETRIC DATA

Certain Capsa products and services employ devices and software that allow our customers to obtain information about users’ fingerprints (“finger records”) for verification and security purposes. Capsa processes and stores users’ finger records to provide our products and services to our customers. In some cases, finger records are stored locally on customers’ devices or on customers’ networks. In other cases, finger records may be stored in a cloud environment with reasonable security protocols made available by Capsa (in accordance with applicable law). In all cases, Capsa’s customers are responsible for the collection, use, retention, deletion, and control of users’ finger records, and the privacy policies and notices of Capsa’s customers govern the collection, use, retention, deletion, and control of finger records. With respect to finger records accessible to Capsa, Capsa will retain finger records only for so long as a customer’s user continues to interact with the customer’s device(s), as indicated by the customer, or until Capsa receives a written request to delete the finger records. Capsa will not retain finger records for more than one year after receiving written notice that a customer’s user has ceased interacting with the customer.

 

TRANSFER OF INFORMATION TO THE UNITED STATES AND OTHER COUNTRIES

 

Capsa is headquartered in the United States, and we have operations and service providers in the United States, France, Germany, the Netherlands, Spain and other locations. We and our service providers may transfer your personal information to, or store or access it in, jurisdictions that may not provide levels of data protection that are equivalent to those of your home jurisdiction. We will take steps to ensure that your personal information receives an adequate level of protection in the jurisdictions in which we process it. If you are in the European Economic Area (“EEA”), the United Kingdom, or Switzerland, we provide adequate protection for the transfer of personal data to countries outside of those jurisdictions by executing the Standard Contractual Clauses adopted by the European Commission (a copy of the Standard Contractual Clauses we use to facilitate these data transfers is available below).

 

YOUR CHOICES

Account Information

You may update and correct certain account information at any time by logging into your online account or requesting that your account administrator make these changes. You can also contact us to request these changes.

Cookies

Most web browsers are set to accept cookies by default. If you prefer, you can usually adjust your browser settings to remove or reject browser cookies. Please note that removing or rejecting cookies could affect the availability and functionality of our websites. For more information about cookies and how to disable them, see our Cookie Policy [https://www.capsahealthcare.com/cookie-policy/] or our consent management tool on our websites.

Communications Preferences

You may opt out of receiving promotional emails from Capsa by following the instructions in those communications. If you opt out, we may still send you non-promotional emails, such as those about your account or our ongoing business relations.

YOUR CALIFORNIA PRIVACY RIGHTS

The California Consumer Privacy Act or “CCPA” (Cal. Civ. Code § 1798.100 et seq.) affords consumers residing in California certain rights with respect to their personal information. If you are a California resident, this section applies to you. The CCPA requires that we provide transparency about any personal information we might “sell,” which broadly means scenarios in which Capsa has shared personal information with third parties in exchange for valuable consideration. Capsa does not, and will not, sell your personal information, and we will not discriminate against you if you exercise your rights under the CCPA.

 

ADDITIONAL DISCLOSURES FOR INDIVIDUALS IN EUROPE

 

If you are located in the EEA, the United Kingdom, or Switzerland, you have certain rights and protections under the law regarding the processing of your personal data, and this section applies to you.

 

Legal Basis for Processing

 

When we process your personal data, we will do so in reliance on the following lawful bases:

 

  • To perform our responsibilities under our contract with you (e.g., processing payments for and providing the products and services you requested).
  • When we have a legitimate interest in processing your personal data to operate our business or protect our interests (e.g., to provide, maintain, and improve our websites, products and services, conduct data analytics, and communicate with you).
  • To comply with our legal obligations (e.g., to maintain a record of your consents and track those who have opted out of marketing communications).
  • When we have your consent to do so (e.g., when you opt in to receive marketing communications from us). When consent is the legal basis for our processing your personal data, you may withdraw such consent at any time.

 

Data Retention

 

We store personal data for as long as necessary to carry out the purposes for which we originally collected it and for other legitimate business purposes, including to meet our legal, regulatory, or other compliance obligations.

 

Data Subject Requests

 

Subject to certain limitations, you have the right to request access to the personal data we hold about you and to receive your data in a portable format, the right to ask that your personal data be corrected or erased, and the right to object to, or request that we restrict, certain processing. If you would like to exercise any of these rights, you can contact us.

 

Questions or Complaints

 

If you have a concern about our processing of personal data that we are not able to resolve, you have the right to lodge a complaint with the Data Protection Authority where you reside. Contact details for your Data Protection Authority can be found using the links below:

 

For individuals in the EEA: https://edpb.europa.eu/about-edpb/board/members_en

For individuals in the UK: https://ico.org.uk/global/contact-us/

For individuals in Switzerland: https://www.edoeb.admin.ch/edoeb/en/home/the-fdpic/contact.html

 

Do not track preferences

 

Do Not Track is a function that allows visitors not to be tracked by websites. Do Not Track options are available in a number of browsers including:

CONTACT US

 

If you have any questions about this Privacy Policy, please contact us at privacy@capsahealthcare.com.