Privacy and Information Security Policy

Kindred Medicine, a California Corporation (“Kindred”), is committed to safeguarding your online privacy with respect to the Personal Information that we may obtain from you on Kindred’s websites (the “Site”). Our Privacy and Information Security Policy (“Privacy Policy”) answers questions about your online privacy, including what Personal Information (i.e. information that identifies, relates to, describes, references, is capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer or device) (“Personal Information”) we may obtain from you and how it will be used and protected. Kindred may from time to time change this Privacy Policy, so please check back periodically.

  1. WHAT PERSONALLY IDENTIFIABLE INFORMATION DO WE OBTAIN FROM YOU? WHEN DO WE OBTAIN SUCH INFORMATION?
  2. HOW DO WE PROTECT THE SECURITY AND QUALITY OF YOUR PERSONAL INFORMATION?
  3. HOW DO WE USE YOUR INFORMATION?
  4. CAN YOU “OPT-OUT” OF RECEIVING COMMUNICATIONS FROM COMPANY?
  5. PRIVACY POLICIES OF COMPANY PARTNERS
  6. DO WE SELL OR RENT YOUR PERSONALLY INFORMATION?
  7. WITH WHOM DO WE SHARE INFORMATION?
  8. HOW CAN YOU UPDATE, CORRECT OR DELETE YOUR PERSONALLY INFORMATION?
  9. WHAT ARE COOKIES? HOW DO WE USE COOKIES?
  10. DO YOU HAVE CHOICES ABOUT COOKIES?
  11. WHAT ELSE SHOULD YOU KNOW ABOUT YOUR ONLINE PRIVACY?
  12. PRIVACY NOTICE FOR CALIFORNIA RESIDENTS

 

  1. WHAT PERSONALLY IDENTIFIABLE INFORMATION DO WE OBTAIN FROM YOU? WHEN DO WE OBTAIN SUCH INFORMATION?

If, upon visiting KindredMedicine.com, your use is limited to browsing our informational content, we will not require that you provide us with any Personal Information. However, if we do, we may also request Personal Information from you at other times. For example:

  • If you enroll for a membership through our Site, or purchase any product, we may ask that you provide us with certain Personal Information, including your name, credit card number, expiration date, e-mail address, mailing address, telephone number, personal or business website address, and link to appointment booking services. Your credit card information will be transferred to our third-party payment processer. Currently Kindred uses Stripe or its third-party designee (collectively referenced as “Stripe”) for processing. Stripe or its designated third party (as discussed in more detail below) employs a variety of security and risk management technologies to facilitate secure on-line transactions and to protect your credit information. You can find more information about Stripe at [https://stripe.com/us/privacy].
  • If you post to our Site, we will ask that you provide us with your name, e-mail address and password.
  • If you choose to participate in a customer survey conducted by us, our designee, or a third party with whom we contract, we may ask for your name, e-mail address and other information as may be required by the particular survey.
  • If you report a problem or submit a customer review, we will ask that you provide your name, e-mail address, membership number, address, phone number and fax number. Should you contact us for any reason other than to report a problem and/or submit a review, we may also keep a record and/or copy of your correspondence with us.
  • We do not knowingly collect Personal Information from children under 18, absent parental consent. If you are a parent or guardian and you are aware that your child has provided us with Personal Information, please contact us. If we discover that a child under 18 has provided us with Personal Information, we will delete such information from our servers as soon as possible.
  1. HOW DO WE PROTECT THE SECURITY AND QUALITY OF YOUR PERSONAL INFORMATION?

To protect the security and quality of your Personal Information, we have implemented technical and managerial procedures to maintain accurate, current and complete information as well as to protect your Personal Information against loss, misuse or alteration when it is under our control. Your Personal Information will be encrypted and stored on InMotion Hosting’s secured servers. You can find more information about InMotion Hosting at [https://www.inmotionhosting.com/privacy-policy]. Your membership account information is password protected so that access is limited to yourself and those with whom you share your password, Kindred, as well as third party access facilitated by Kindred with your prior permission. We have also taken steps to help protect the integrity of your personal financial information when you complete a purchase transaction on our Site. As noted above, we use Stripe to facilitate confidential online business transactions. Stripe helps prevent your credit information from being read by unauthorized persons as this information is transmitted over the Internet. You can find more information about Stripe at [https://stripe.com/us/privacy].

  1. HOW DO WE USE YOUR INFORMATION?

Our primary use of your information is to administer, maintain and improve your experience on our Site generally as well as provide you with customized, personalization services and interactive communications.

  • If you check the “opt-in” feature on our Site, or if you do not uncheck a pre-checked “opt-in” box we may from time to time send you e-mails regarding our Site and promotions. Also, we occasionally may send you direct mail about products or services that we believe may be of interest to you.
  • We use your financial information (e.g., your credit card number) only to verify your credit and to bill you for memberships purchased through our Site. We also use your contact information as necessary to send you information about the memberships that you have purchased on our Site.
  • We use your IP address to help diagnose problems with our server and to administer the services offered on our Site. We also use your IP address to help identify you and to gather broad demographic information that we may share with our business partners, but only in the aggregate without any of your Personal Information.
  • We may research the demographics, interests and behavior of our customers based on the information provided to us during membership registration, during sweepstakes, contests and promotions, from our server log files, from cookies and from surveys. Our research may be compiled and analyzed on an aggregate basis. We may share this aggregate data with business partners, but only in the aggregate, without any of your Personal Information.
  1. CAN YOU “OPT-OUT” OF RECEIVING COMMUNICATIONS FROM COMPANY?

If you change your mind and decide that you no longer want to receive promotional e-mails and/or direct mailings, you may opt-out at any time by simply sending an e-mail request to Heal@KindredMedicine.com. Similarly, if you are not receiving our promotional e-mails and/or direct mailings and wish to receive these materials, you may opt-in at any time by simply sending an e-mail request to Heal@KindredMedicine.com.

  1. PRIVACY POLICIES OF COMPANY PARTNERS

Third parties that have links on our Site may collect Personal Information about you. We are not responsible for the privacy policies or practices of such sites and the practices of these sites are not governed by this Privacy Policy. If you have questions about the privacy policies or practices of a third-party site, you should contact the site administrator or web-master of the specific site. We may from time to time partner with other companies to offer co-branded services. Any information that you provide in connection with the co-branded services will become the joint property of Kindred and the parties with whom we contract. We will maintain your information in accordance with the terms of this Privacy Policy. However, this Privacy Policy does not govern the privacy policies and practices of our business partners. If you have questions about the privacy policies or practices of our business partners, you should contact them directly.

  1. DO WE SELL OR RENT YOUR PERSONAL INFORMATION?

No, as a general rule, we do not sell or rent your Personal Information to anyone. If and whenever we intend to share your Personal Information with a third party (other than to a party with whom we contract), you will be notified at the time of data collection or transfer, and you will have the option of not permitting the transfer. However, we may from time to time rent or sell demographic information in the aggregate that does not contain your Personal Information.

  1. WITH WHOM DO WE SHARE INFORMATION?

We generally will not disclose any of your Personal Information except when we have your permission to do so or under some special circumstances described below.

  • As noted previously, we may from time to time partner with other companies to offer co-branded services. Any information that you provide in connection with the co-branded services will become the joint property of Kindred and its business partners. We may also disclose other Personal Information about you to our business partners, but only if we have obtained your permission to make the disclosure before data collection or before transferring the data.
  • We may, from time to time, offer you the opportunity to receive materials or special offers from parties with whom we contract. If you want to receive this information, we may (but only with your permission) share your name and e-mail address with them.
  • Under confidentiality agreements, we may match user information with third-party data. We also may disclose aggregate demographic and/or user information and statistics in order to describe our customer base to prospective partners and other third parties, and for other lawful purposes.
  • We may disclose your Personal Information without your prior permission in special cases. For example, we may have reason to believe that disclosing the information is necessary to identify, contact or bring legal action against someone who may be violating the Kindred Terms and Conditions, or may be causing intentional or unintentional injury or interference to the rights or property of Kindred or any third party, including other customers. Also, we may disclose or access your Personal Information when we believe in good faith that law or regulation requires disclosure.
  1. HOW CAN YOU UPDATE, CORRECT OR DELETE YOUR PERSONAL INFORMATION?

You may edit your Personal Information and your password at any time by sending an e-mail request to Heal@KindredMedicine.com.

  1. WHAT ARE COOKIES? HOW DO WE USE COOKIES?

Cookies enable us to customize and personalize your experience on our Site, including the products and promotions that are offered to you. Essentially, a cookie is a small amount of data that is sent to your browser from a web server and is stored on your computer’s hard drive. We use cookies for several purposes in connection with the operation of our Site

  • We may use cookies to identify you and access your information stored on our computers in order to deliver you a better and more personalized experience. For example, we may use cookies to tell you about products and services specific to your interests.
  • Upon request, we will save your “user name” so that you do not have to re-enter it every time you visit our Site. In providing you with this service, we use cookies.
  • We may use cookies to estimate our customer base and customer usage patterns. Each browser accessing our Site may use given a unique cookie that is then used to determine the extent of repeat visits and the customer activity during those visits. We may use the historical information to help target promotions based on customer interests and behavior, both specifically to individual customers and on an aggregate basis with respect to all customers.

Business partners that offer co-branded services on our Site, may use their own cookies. We have no control over those cookies, nor does this Privacy Policy cover how your Personal Information contained in those cookies may be used or protected. If you have any questions about the cookies of such third parties, or about the use of your Personal Information by such third parties, you should contact the site administrator or web-master of the third-party site.

  1. DO YOU HAVE CHOICES ABOUT COOKIES?

Yes, you have several choices with respect to cookies. You can modify your browser preferences to accept all cookies, to notify you when a cookie is set, or to reject all cookies. However, our Site uses cookie-based authentication. Accordingly, if you choose to reject all cookies, you may not be able to log onto our Site and/or use our services or participate in our sweepstakes, contests or promotions.

  1. WHAT ELSE SHOULD YOU KNOW ABOUT YOUR ONLINE PRIVACY?

It is important to remember that whenever you voluntarily disclose Personal Information on-line, your information can be collected and used by others. If you transmit or post Personal Information on-line that is accessible to others, you will not be able to control how that information is used by others. When we receive the transmitted information, we will use the procedures summarized in this Privacy Policy to ensure the integrity and security of that information in our systems. Unfortunately, notwithstanding any of the steps taken by us, it is not possible to guarantee the security and integrity of data transmitted over the Internet. Consequently, while we take the above-described reasonable steps to protect your Personal Information, we cannot and do not warrant the security or integrity of any information you transmit to us when registering for our Site or otherwise. All such transmission of information is at your own risk. Moreover, though we are committed to having our Site comply with this Privacy Policy, you are ultimately responsible for maintaining the secrecy of your password and your Personal Information. If you are careless with your password, or you decide to share your password with third parties, you must be aware of the risk that such third parties will have access to all your Personal Information.

  1. PRIVACY NOTICE FOR CALIFORNIA RESIDENTS

This Privacy Notice for California Residents applies to individuals who live in the State of California and whose data is subject to the California Consumer Privacy Act of 2018 (CCPA).

  • We collect Personal Information.

Personal Information does not include: publicly available information from government records; deidentified or aggregated consumer information; information excluded from the CCPA’s scope; Personal Information covered by certain sector-specific privacy laws, including the Fair Credit Reporting Act (FCRA), the Gramm-Leach-Bliley Act (GLBA) or California Financial Information Privacy Act (FIPA), and the Driver’s Privacy Protection Act of 1994.

Category Examples Collected?
Identifiers A real name, alias, postal address, unique personal identifier, online identifier, Internet Protocol address, email address, account name, or other similar identifiers. Yes
Personal information categories listed in the California Customer Records statute (Cal. Civ. Code § 1798.80(e)) Information that is protected against security breaches such as: name, signature, physical characteristics or description, address, telephone number, passport number, driver’s license or state identification card number, insurance policy number, education, employment, employment history, bank account number, credit card number, debit card number, or any other financial information, medical information, or health insurance information. Yes
Protected classification characteristics under California or federal law Age (40 years or older), race, color, ancestry, national origin, citizenship, religion or creed, marital status, medical condition, physical or mental disability, sex (including gender, gender identity, gender expression, pregnancy or childbirth and related medical conditions), sexual orientation, veteran or military status, genetic information (including familial genetic information). Yes
Commercial information Records of personal property, products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies. Yes
Biometric information Genetic, physiological, behavioral, and biological characteristics, or activity patterns used to extract a template or other identifier or identifying information, such as, fingerprints, faceprints, and voiceprints, iris or retina scans, keystroke, gait, or other physical patterns, and sleep, health, or exercise data. No
Internet or other similar network activity Browsing history, search history, information on a consumer’s interaction with a website, application, or advertisement. Yes
Geolocation data Physical location or movements. Yes
Sensory data Audio, electronic, visual, thermal, olfactory, or similar information. No
Professional or employment-related information Current or past job history or performance evaluations. No
Non-public education information (per the Family Educational Rights and Privacy Act (20 U.S.C. Section 1232g, 34 C.F.R. Part 99)). Education records directly related to a student maintained by an educational institution or party acting on its behalf, such as grades, transcripts, class lists, student schedules, student identification codes, student financial information, or student disciplinary records. No
Inferences drawn from other Personal Information. Profile reflecting a person’s preferences, characteristics, psychological trends, predispositions, behavior, attitudes, intelligence, abilities, and aptitudes. Yes

 

  • We generally do not collect additional categories of Personal Information or use the Personal Information we collected for significantly different or meaningfully unrelated purposes without providing you notice.
  • We obtain the categories of Personal Information listed above from the following categories of sources:
  1. Directly from you. For example, from forms you complete on our Site.
  2. Indirectly from you. For example, from observing your actions on our Site or interactions with our advertisers.
  • Third parties. For example, partner websites.
  • We may use, or disclose the Personal Information we collect for one or more of the following business purposes: To fulfill or meet the reason you provided the information. For example, if you share Personal Information in order to be enrolled as a Site member; To provide you with information, products or services; To provide you with email alerts, event registrations and other notices; To enforce our rights arising from any agreements entered into between you and Kindred, including billing; To improve our Site and present its contents to you; For testing, research, analysis, and product development; As necessary or appropriate to protect the rights, property, or safety of ourselves and others; To respond to law enforcement requests and as required by applicable law, court order, or governmental regulations; As described to you when collecting your Personal Information or as otherwise set forth in the CCPA.
  • Kindred may disclose your Personal Information to a third party for a business purpose. When we disclose Personal Information for a business purpose, we enter a contract that describes the purpose and requires the recipient to both keep that Personal Information confidential and not use it for any purpose except performing the contract.
  • The CCPA provides California residents with specific rights regarding their Personal Information. The chart below describes your CCPA rights and explains how to exercise those rights.

 

 

 

 

 

 

Right To Exercise This Right Time Frame and Response from Kindred If We Cannot Complete Your Request
Access to specific information (e.g. categories, sources, and business purposes for collection, use, and sale) in the last 12 months. Submit request and confirm your “verifiable consumer request” via the contact information below. We will evaluate and respond to your request electronically or by mail (at your request) within 45 days. If we require more time, we will inform you of the reason and extension period in writing. We will explain the reasons we cannot comply with a request in our response.
Deletion of information. You have the right to request that Kindred delete your Personal Information, subject to certain exceptions Submit request and confirm your “verifiable consumer request” via the contact information below. We will evaluate and respond to your request electronically or by mail (to the physical address you provided in your written request for physical correspondence) within 45 days. If we require more time, we will inform you of the reason for the extension and the extension time period in writing. Once we confirm your verifiable consumer request, we will delete (and direct our service providers to delete) your Personal Information from our records, unless an exception applies. We will explain the reasons we cannot comply with a request in our response. The law does not require us to honor requests to delete where it is necessary in certain circumstances for us or our service provider to maintain Personal Information. These include: provide a good or service; perform our contract or take action reasonably anticipated in the context of our ongoing relationship with you; detect and protect against malicious, deceptive, fraudulent, or illegal activity, or prosecute those responsible for such activities; debug products to identify and repair errors that impair existing intended functionality; exercise and/or support free speech provided for by law; comply with the California Electronic Communications Privacy Act (Cal. Penal Code § 1546 et. seq.); engage in research for which you provided informed consented that complies with applicable laws when deletion will seriously impair the research; use internally for purposes aligned with your expectations and our relationship; comply with a legal obligation or make other lawful use compatible with the context in which information was provided.

 

  • To exercise your rights under the CCPA, you must submit a “verifiable consumer request.” Only you, or a person registered with the California Secretary of State that you authorize to act on your behalf, may make a verifiable consumer request related to your Personal Information. You may also make a verifiable consumer request on behalf of your minor child. A verifiable consumer request must:
    1. Provide sufficient information that allows us to reasonably verify you are the person about whom we collected Personal Information or an authorized representative of said person.
    2. Describe your request with sufficient detail that allows us to properly understand, evaluate, and respond to it. Please note that (a) if we cannot verify your identity or authority to make the request, we will not be able to fulfill your request, and (b) the information provided for verification will only be used for that purpose.
  • We do not charge a fee to process or respond to your verifiable consumer request unless it is excessive, repetitive, or manifestly unfounded. If we determine that the request warrants a fee, we will tell you why we made that decision and provide you with a cost estimate before completing your request.
  • If you are 16 years of age or older, you have the right to direct us to not sell your Personal Information at any time (the “right to opt-out”). We do not sell the Personal Information of consumers we actually know are less than 16 years of age, unless we receive affirmative authorization (the “right to opt-in”) from either the consumer who is between 13 and 16 years of age, or the parent or guardian of a consumer less than 13 years of age. Consumers who opt-in to Personal Information sales may opt-out of future sales at any time. To exercise the right to opt-out, you (or your authorized representative) may submit a request to us by visiting the following webpage and sending us a message via the contact information below. Once you make an opt-out request, we will wait at least twelve (12) months before asking you to reauthorize the sale of your Personal Information. However, you may change your mind and opt back in to Personal Information sales at any time by visiting our Site and sending us a message. We will only use Personal Information provided in an opt-out request to review and comply with the request.
  • We will not discriminate against you for exercising any of your CCPA rights. Unless permitted by the CCPA, we will not: deny you goods or services; charge you different prices or rates for goods or services, including through granting discounts or other benefits, or imposing penalties; provide you a different level or quality of goods or services; suggest that you may receive a different price or rate for goods or services or a different level or quality of goods or services. We may offer you certain financial incentives such as discounted prices, rates, or quality levels. Any permitted financial incentive we offer will reasonably relate to your Personal Information’s value and contain written terms that describe the program’s material aspects. Participation in a financial incentive program requires your prior opt in consent, which you may revoke at any time. California’s “Shine the Light” law (Civil Code Section § 1798.83) permits users of our Site that are California residents to request certain information regarding our disclosure of Personal Information to third parties for their direct marketing purposes. To make such a request, please send us an electronic message through our Site or write us at our address listed below.
  • We reserve the right to amend this privacy notice at our discretion and at any time. When we make changes to this privacy notice, we will post the updated notice on the www.Kindredmedicine.com/privacypolicy and update the notice’s effective date. Your continued use of our Site following the posting of changes constitutes your acceptance of such changes.
  • You can contact Kindred with your questions, comments, rights requests, and other CCPA-related inquiries by:

Mail:

ATTN: Kindred Medicine Privacy Office

1316 Centinela Ave.,

Inglewood, CA 90302

 

Email:

Heal@KindredMedicine.com

If you believe your Personal Information was accessed without permission, please contact Kindred by the means listed above.

 

CONTACT US

If you have any questions or comments about this Privacy Policy or the practices of our Site, please feel free to e-mail us at heal@kindredmedicine.com.

This Privacy Notice is effective 1/1/2020. Certain rights granted by the CCPA will not be effective until 1/1/2021.