WHAT INFORMATION DO WE COLLECT?
In general, you can visit the Site without telling us who you are or revealing any personally identifiable information about yourself. However, you should be aware that sections of the Service (including restricted portions of the Site) allow for the submission of and collection through use of the Service of personally identifiable information, including, but not limited to:
(1) your name and contact data (such as your e-mail address, phone number, and billing and physical addresses);
(2) your login and password;
(3) demographic and health and wellness data (such as your gender, date of birth, wellness background, weight, height, lifestyle information, medication history, and zip code);
(4) your communications with Practitioners conducted through the Service; and
(5) any information you provide when you contact or communicate with us (credit card data). We may also collect information from you necessary to provide you with services you request from Practitioners utilizing the Service, which may include, but is not limited to:
(a) payment information;
(b) insurance information;
(c) health and medical data (such as previous doctors or other healthcare providers you visited, your reason for visiting a healthcare provider, date of visit, medical history and condition, medications, images or videos and other medical and health information you share with us);
(d) identifying facial photographs;
(e) information regarding pregnancy and/or breastfeeding;
(f) demographic information including, but not limited to: ethnicity;
(g) detailed information regarding specific aesthetic concerns and triggers for these concerns;
(h) information regarding adverse reactions; and
(i) information regarding test results, diet, environmental risk factors, skin/hair characteristics, life style, smoking status, and SPF usage.
To protect your security and privacy, we require that you or your legal representative (as opposed to a third party on your behalf) enter the personally identifiable information that we collect and that the information be current. Northwestern Hair disclaims any legal duty to verify the accuracy of any personally identifiable information that you provide beyond what may be required by law for the particular purpose for which the information is to be used.
In addition to the information we collect directly from you, we may also collect certain information from the Practitioners who provide treatment or other services to you in connection with our Service. This information may include, but is not limited to, a Practitioner’s diagnoses, treatment plans (including prescription details) and notes. We may also receive information from third parties that pay for your care or provide you with treatment, laboratory care or prescription medication, which may include, for example, your prescription history, insurance policy, insurance eligibility and coverage, and laboratory test results.
We may automatically collect certain information from your device through which you access our Service. This information includes, but is not limited to, your language preferences, your phone number or other unique device identifier (the International Mobile Equipment Identity or the Mobile Equipment ID number), the IP address of your device, the manufacturer, model and operating system of your device, the name and version of our Service you are using, information regarding your browser and information that allows us to personalize our Service. We or our service providers may also collect information about how you interact with our Service and any of our websites to which our Service links, such as how many times you use a specific part of our Service, the amount of time you spend using our Service, how often you use our Service, actions you take in our Service and how you engage with our Service. For more details about this type of data collection, please refer to the section below on cookies and web beacons.
We will obtain information regarding your location or the location of your device through which you access our Service. Information regarding your location will be obtained directly from you when you provide us with your zip code. Alternatively, our Service may obtain precise information about the location of your device with your express consent. Once you have consented to the collection of the precise location of your device, you may adjust this consent by managing your location services preferences through the settings of your device.
HOW DO WE USE YOUR INFORMATION?
In connection with providing you with our Service, we and our affiliates may use, compile, analyze and save, your information for a number of purposes, including, but not limited to:
(a) verifying your identity and administering your account, including processing your payments and fulfilling your orders;
(b) communicating with you about our Service or your use of our Service, and sending you communications on behalf of the Practitioners;
(c) ensuring quality customer service by providing you customer support, responding to your requests or concerns, ensuring that our Service functions properly for you, and tailoring our Service to meet your needs;
(d) as applicable, facilitating the provision of healthcare services to you by a Practitioners, and ensuring the Practitioners the services and support necessary for health care operations;
(e) sending you push notifications (notifications may be enabled or disabled through your device or app settings depending on your device type); and
We use information regarding your location or the location of your device through which you access our Service for a number of purposes, including, but not limited to:
(a) identifying Practitioners who may provide you with healthcare services;
(b) providing you with a list of nearby pharmacies that may fulfill any prescriptions provided to you by your Practitioner; and
(c) identifying other healthcare providers whom you may visit at the recommendation of your Practitioner.
HOW DO WE DISCLOSE YOUR INFORMATION?
We may disclose your information to third parties in connection with the provision of our Service or as otherwise permitted or required by law. For example, we may disclose your information to:
(a) our third-party service providers that provide services such as the hosting of our Service, data analysis, IT services and infrastructure, customer service, e-mail delivery, auditing and other similar services;
(b) Practitioners to schedule and fulfill appointments and provide health care services as part of the Service;
(c) Practitioners to whom you send messages through our Service;
(d) Practitioners for other treatment, payment or healthcare operations purposes upon your request;
(e) third parties as we believe necessary or appropriate to comply with applicable laws; and
(f) to a third party in the event of any reorganization, merger, sale, joint venture, assignment, transfer, liquidation or other disposition of all or any portion of our business, assets or stock. With respect to transfers to third party agents of Northwestern Hair under the Privacy Shield, the Privacy Shield requires that Northwestern Hair remain liable should those agents process your information in a manner inconsistent with the Privacy Shield Principles. There may also be instances where Northwestern Hair may be required to share your information with third parties who have not been retained by Northwestern Hair, during inspections or audits, in response to lawful requests by public authorities, including to meet national security or law enforcement requirements, or as ordered or directed by courts or other governmental agencies. Many entities receiving your information under these conditions have privacy requirements that apply to their handling of your information.
Northwestern Hair will not disclose your information to third parties for their own separate use unless you have consented to such sharing. However, we may share the information about you that you provide to us with other companies collecting and using the
information you provide to us to better understand the offers, promotions, health and wellness benefits, insurance trends, employer related trends, and types of advertising that are most appealing to our customers. After the information is collected by these third parties, it is aggregated so it is not personally identifiable or tied to you or any other user. We also offer you the ability to choose (opt-out) whether your information is
(a) to be disclosed to a non-agent third party or
(b) to be used for a purpose that is incompatible with the purpose(s) for which it was originally collected or subsequently authorized by you. For sensitive information (i.e. personal information specifying medical or health conditions, racial or ethnic origin; etc.), you are given affirmative or explicit (opt in) choice if the information is to be disclosed to a third party or used for a purpose other than those for which it was originally collected or subsequently authorized by you through the exercise of opt in choice. EU and Swiss individuals have a right of access to correct or delete information we hold about you. If your personal information changes you may contact firstname.lastname@example.org or by postal mail at the contact information listed below. We will respond to your request to access within 30 days.
We may also collect and group demographic and preferences information, responses to surveys and other personally identifiable information that we collect from you into an aggregate, nonpersonally identifiable form for disclosure to our existing or potential business partners, affiliates, sponsors, regulators as part of further product development, including as part of a pre- market submission with the FDA, or other third parties. However, please be assured that this aggregate data will in no way personally identify you or any other parties participating in the Service.
When you submit personally identifiable information to us as part of the Service, you may be given an opportunity to opt in to receiving additional information from or on behalf of Northwestern Hair and/or selected third parties. If you opt in, you may be added to our list of Secure Users who will receive additional features, promotional and marketing communications from us, our partners and/or other third parties. If you initially opt in to receiving such communications and you later decide that you no longer want to receive them, you may opt out of receiving promotional and marketing communications from us and/or our partners and other third parties by contacting us at email@example.com. If you discontinue your use of the Service for a period of ninety days or more we may require you to re-register or otherwise stop communicating with you electronically.
Further, in the event that your access to the Site and use of the Services are offered in connection with a program offered or supported by your employer, we may disclose certain group health results with your employer, provided that this group health information is aggregated and not personally identifiable.
HOW DO WE STORE INFORMATION?
USE BY MINORS
COOKIES AND WEB BEACONS
We may also employ software technology known as “web beacons” or “clear GIFs,” which helps us keep track of what content on our Service is effective. Web beacons are small graphics with a unique identifier that are used to track the online movements of Internet users. Web beacons are embedded in the web pages you review, so they are not stored on your hard drive. The web beacons we may use will not track or collect any personally identifiable information about you and they are in no way linked to your personally identifiable information.
SECURITY OF INFORMATION AND DISCLOSURES
Northwestern Hair uses industry standard security measures to safeguard information concerning, and submitted by, users like you. Despite the security measures employed by Northwestern Hair, you should be aware that it is impossible to guarantee absolute security with respect to information sent through the Internet or as part of a mobile application.
We strive to use reasonable physical, technical and administrative measures to protect information under our control. However, you must keep your password secure and your account confidential, and you are responsible for any and all use of your account. If you have reason to believe that the security of your account has been compromised, please notify us immediately in accordance with the “Contacting Us” section below.
When using our Service, you may choose not to provide us with certain information, but this may limit the features you are able to use. You may also choose to opt out of receiving certain communications (e.g., newsletters, promotions) by emailing us your preference. Please note that even if you opt out, we may still send you service-related communications.
If you reside in the EU or Switzerland, you may access your information by sending a request to Northwestern Hair at the address specified in “Contacting Us” information below.
If you reside in California and have provided your personally identifiable information to us, you may request information once per calendar year about our disclosures of certain categories of your personally identifiable information to third parties for their direct marketing purposes. Such requests must be submitted in writing using the email address in the “Contacting Us” section below.
PRIVACY SHIELD NOTICE FOR USERS IN THE EUROPEAN UNION AND SWITZERLAND
Northwestern Hair, Inc. 1452 E 53rd St, Suite 1208, Chicago, IL 60611
Last Revised: May 16, 2019