Thera-Link, Inc. services, including (without limitation) our website and other interactive properties through which the services are delivered (collectively, the “Service”) are owned, operated and distributed by Therapy Brands (referred to in this Privacy Notice as “Thera-Link” or “we” and through similar words such as “us,” “our,” etc.). This Privacy Notice outlines the personal information that Thera-Link may collect, how Thera-Link uses and safeguards that information, and with whom we may share it.
THIS SERVICE IS OFFERED FROM THE UNITED STATES (“US”), IN PARTICULAR, IT IS NOT INTEDED FOR USE IN THE EUROPEAN UNION (“EU”). For individuals located outside of the US, please note that Thera-Link is a US based company. If you use the Service, all information, including personal information, will be transferred to Thera-Link in the US and used as described in this Notice.
Thera-Link encourages our customers, visitors, business associates, and other interested parties to read this Privacy Notice, which applies to all users. By using our Service or submitting personal information to Thera-Link by any other means, you acknowledge that you understand and agree to be bound by this Privacy Notice, and agree that Thera-Link may collect, process, transfer, use, and disclose your personal information as described in this Notice. Further, by accessing any part of the Service, you are agreeing to THE TERMS AND CONDITIONS OF OUR TERMS OF SERVICE (the “Terms of Service”). IF YOU DO NOT AGREE WITH ANY PART OF THIS PRIVACY NOTICE OR OUR TERMS OF SERVICE, PLEASE DO NOT USE ANY OF THE SERVICES.
Note on HIPAA
As a part the Service, you may be offered opportunity to use the Service for storage of data regulated by the Health Insurance Portability and Accountability Act (“HIPAA”). This Privacy Notice is not intended for compliance with HIPAA nor should it be presented to patients for HIPAA compliance. While the Service may provide HIPAA compliant storage of data, you are ultimately responsible for HIPAA compliance as it relates to your patients. By using the Service, you agree to abide by all federal and state laws, including laws that may apply to patient data or other personal information, including but not limited to HIPAA. You agree to fully indemnify Thera-Link for any third-party damages resulting from your violation of any federal or state laws.
If you are a patient viewing this Privacy Notice, please contact your provider for information regarding your medical records and/or HIPAA privacy disclosures.
What personal information do we collect about you?
Personal information (also commonly known as personally identifiable information (PII) or personal data) is information that can be used to identify you, or any other individual to whom the information may relate.
The personal information that we collect directly from those registering for the Service, includes the following categories:
- Name and contact information (e.g. address; phone number; email, fax);
- Billing Information (e.g. credit card, bank account, billing contact information);
- Service Information (e.g. current order/purchase information, purchase history, preferences, and interests);
- Company/employer information;
- Geographic or location information;
- Information in customer surveys or other offers;
- Information contained in posts you may on the public forums and interactive features of the Service;
- Other information that may be exchanged in the course of engaging with the Service. You will be aware of any subsequently collected information because it will come directly from you.
When providing personal information to Thera-Link as described in this Notice, that personal information is collected directly from you, and you will know the precise personal information being collected by us.
Collection of User Generated Content
We may invite you to post content on the Service, including your comments and any other information that you would like to be available on the Service, which may become public (“User Generated Content”). If you post User Generated Content, all of the information that you post will be available to authorized personnel of Thera-Link and may be made publicly available. You expressly acknowledge and agree that we may access in real-time, record and store archives of any User Generated Content on our servers to make use of them in connection with the Service. If you submit a review, recommendation, endorsement, or other User Generated Content through the Service, or through other websites including Facebook, Instagram, Google, Yelp, and other similar channels, we may share that review, recommendation, endorsement or content publicly on the Service. User Generated Content does not include any patient data and/or data regulated by HIPAA.
How does Thera-Link use personal information?
Subject to the terms of this Privacy Notice, Thera-Link uses the above described categories of personal information in several ways. Unless otherwise stated specifically, the above information may be used for any of the following purposes:
- to administer the Service to you;
- to respond to your requests;
- to distribute communications relevant to your use of the Service, such as system updates or information about your use of the Service;
- as may be necessary to support the operation of the Service, such as for billing, account maintenance, and record-keeping purposes;
- to send to you Thera-Link solicitations, product announcements, and the like that we feel may be of interest to you (you may “opt out” of receiving these marketing materials);
- in other manners after subsequent notice is provided to you and/or your consent is obtained, if necessary.
Thera-Link does not sell, re-sell, or distribute for re-sale your personal information. Aggregated information may be used internally and by third-party service providers in order to improve the Service as described below.
How do we share your personal information with third parties?
We may provide any of the described categories of personal information to Thera-Link employees, consultants, affiliates or other businesses or persons for the purpose of processing such information on our behalf in order to provide the Service to you. In such circumstances, we require that these parties agree to protect the confidentiality of such information consistent with the terms of this Privacy Notice.
We will not share your personal information with other, third-party companies for their commercial or marketing use without your consent or except as part of a specific program or feature for which you have the ability to opt-in or opt-out. We may share aggregated data with third-party service providers in order to improve the Service as described below.
In addition, we may release personal information: (i) to the extent we have a good-faith belief that such action is necessary to comply with any applicable law; (ii) where our records in indicate fraudulent activity or other deceptive practices that a government agency should be made aware of (iii) to enforce any provision of the Terms of Service, protect ourselves against any liability, defend ourselves against any claims, protect the rights, property and personal safety of any user, or protect the public welfare; (iv) when disclosure is required to maintain the security and integrity of the Service, or to protect any user’s security or the security of other persons, consistent with applicable laws (v) to respond to a court order, subpoena, search warrant, or other legal process, to the extent permitted and as restricted by law; or (vi) in the event that we go through a business transition, such as a merger, divestiture, acquisition, liquidation or sale of all or a portion of our assets.
Retention of Data
Thera-Link will retain your personal information only for as long as is necessary for the purposes set out in this Notice. We will retain and use personal information to the extent necessary to comply with our legal obligations (for example, if we are required to retain your data to comply with applicable laws), resolve disputes, and enforce our legal agreements and policies.
Thera-Link will also retain usage data for internal analysis purposes as described in the next section. Usage data is generally retained for a shorter period of time, except when this data is used to strengthen the security or to improve the functionality of the Service, or we are legally obligated to retain this data for longer periods.
Cookies, Device Data, and How it is Used
When you use our Service, we may record unique identifiers associated with your device (such as the device ID and IP address), your activity within the Service, and your network location. Thera-Link uses aggregated information (such as anonymous user usage information, cookies, IP addresses, browser type, clickstream information, etc.) to improve the quality and design of the Service and to create new features, promotions, functionality, and services by storing, tracking, and analyzing user preferences and trends. Specifically, we may automatically collect the following information about your use of Service through cookies, web beacons, and other technologies:
- domain name;
- browser type and operating system;
- web pages you view;
- links you click;
- IP address;
- the length of time you visit the Sites, Portals, and/or Services;
- the referring URL or the webpage that led you to the Sites.
We may also collect information regarding application-level events, such as crashes, and associate that temporarily with your account to provide customer service. In some circumstances, we may combine this information with personal information collected from you (and third-party service providers may do so on behalf of us).
International Data Transfer
If you are located outside the United States, in particular if you are located in Switzerland, the United Kingdom, or the European Economic Area (“EEA”), please note that we and our servers are located in the United States. Thera-Link does not market to or solicit customers from outside the US, therefore, users of the Service should not expect to avail themselves of the rights provided under the EU’s General Data Protection Regulation (“GDPR”). If you use the Service, all information, including personal information, will be transferred to Thera-Link in the US. By using the Service, you unambiguously consent to the transfer of your personal information and other information to the US and elsewhere for the purposes and uses described in this Notice. Further, you acknowledge that Thera-Link is not subject to the GDPR or similar international privacy laws, and, therefore, you will be unable to claim the privacy rights provided in those laws
California Privacy Rights
Please note that the CCPA is not fully applicable to personal information exchanged in all transactions (for example, CCPA does not apply to data regulated by HIPAA and does not fully apply in a business to business transaction). While Thera-Link treats the personal information of all customers and users of the Service with the same degree of care, you may not be eligible for all the rights described herein depending on the nature of the business relationship and the personal information collected.
If you are a California resident, California law may provide you with certain rights with regard to your personal information under the California Consumer Privacy Act (“CCPA”). Throughout this Privacy Notice you will find information required by CCPA regarding the categories of personal information collected from you; the purposes for which we use personal information, and the categories of third parties your data may be shared with. This information is current as of the date of the Notice and is applicable in the 12 months preceding the effective date of the Notice.
As a California resident, the CCPA provides you the ability to make inquiries regarding to your personal information. Specifically, the degree to which the information is not already provided in this Privacy Notice, you have the right to request disclosure about the collection and use of your personal information over the past 12 months, including:
- The categories of personal information collected about you.
- The categories of sources for the personal information collected about you.
- The business or commercial purpose for collecting your personal information.
- The categories of third parties with whom your personal information was shared.
- The specific pieces of personal information collected about you.
- If your personal information was disclosed for a business purpose, the personal information categories disclosed and the categories of third parties to which the information was disclosed.
- If your personal information was sold in the past 12 months, the personal information categories sold and the categories of third parties to which the information was sold (Note: THERA-LINK DOES NOT SELL YOU PERSONAL INFORMATION).
Please note that you may only make the above requests twice in a 12-month period. You also have the right to request that any of your personal information collected and retained be deleted, subject to certain exceptions. Finally, you have the right to not receive discriminatory treatment by Thera-Link or any business for exercising any of the rights provided under CCPA.
You may submit a request regarding your rights under CCPA by contacting us at one of the following: email@example.com or toll-free at 844-758-6852
If we receive a CCPA request from you, we will first make a determination regarding the applicability of the law, and we will then take steps to verify your identity prior to responding. The steps to verify your identity may vary based on our relationship with you, but, at a minimum, it will take the form of confirming and matching the information submitted in the request with information already held by Thera-Link and/or contacting you through previously used channels to confirm that you submitted the request (i.e. confirming identity through contact information that we have on file, not the contact information submitted to make the request).
Your rights as stated here can also be exercised by an authorized agent on your behalf. Thera-Link will follow the standards set by the Attorney General of California regarding designation of an authorized agent to exercise rights under CCPA. You may review information available through the Attorney General website (https://www.oag.ca.gov/privacy/ccpa) regarding how an individual can be designated as an authorized agent under CCPA.
In addition to CCPA, California Civil Code Section 1798.83 permits users of the Website who are California residents to request certain information regarding its disclosure of personal information to third parties for their direct marketing purposes. To make such a request, please contact us as described here.
Third Party Advertisers
Information Security and User Responsibility
Thera-Link employs industry-standard security measures designed to protect the security of all information submitted through the Service. However, the security of information transmitted through the internet or via a mobile device can never be guaranteed. We are not responsible for any interception or interruption of any communications through the internet or for changes to or losses of data.
Users of the Service are responsible for maintaining the security of any password, user ID or other form of authentication involved in obtaining access to password protected or secure areas of the Service. In order to protect you and your information, we may suspend your use of any of the Service, without notice, pending an investigation, if any breach of security is suspected.
The Service may contain links to other websites maintained by third parties. Please be aware that we exercise no control over linked sites and Thera-Link is not responsible for the privacy practices or the content of such sites. Each linked site maintains its own independent privacy and data collection policies and procedures, and you are encouraged to view the privacy policies of these other sites before providing any personal information.
You hereby acknowledge and agree that Thera-Link is not responsible for the privacy practices, data collection policies and procedures, or the content of such third-party sites, and you hereby release Thera-Link from any and all claims arising out of or related to the privacy practices, data collection policies and procedures, and/or the content of such third-party sites.
The Service is not intended for children under the age of 13, and Thera-Link does not knowingly collect the personal information of children under the age of 13.
Changes to this Privacy Notice
Thera-Link reserves the right to modify this Privacy Notice from time to time in order that it accurately reflects the regulatory environment and our data collection principles. When material changes are made to this Privacy Notice, Thera-Link will post the revised Notice on our website. This Privacy Notice was last modified as of April 22, 2020.
If you have any questions or comments about this Privacy Notice or the Service provided by Thera-Link, please contact us at: firstname.lastname@example.org