Privacy Policy

THE OBRIA MEDICAL CLINICS, INC.

PRIVACY POLICY

This Privacy Policy (“Privacy Policy” or “Policy”) explains how The Obria Group, Inc. and its affiliates (“OBRIA” or “Company” or “We” or “Us” or “our”) may gather, collect, record, hold, distribute, share, disclose or otherwise use any information or data about any users, visitors, subscribers, and customers (collectively “Users” or “You” or “Your who may use the OBRIA website located at obria.org/oregon (the “Company Website”)  or any affiliated websites, any  OBRIA mobile applications, or any other OBRIA platforms or programs (this Website together with these affiliated websites,  OBRIA mobile applications, and other OBRIA platforms and programs, are hereinafter collectively referred to as the  “Company Programs“).

Privacy while accessing or using the Company Website and all other Company Programs is of great importance to OBRIA.  Because We may gather some important information from our Users who may be using the Company Website or other Company Programs to learn about or, to gain access to certain features of, OBRIA’s professional health care services ( hereinafter the “OBRIA Professional Services”) we have established this Privacy Policy as a means to communicate Our information gathering and dissemination practices.

BY ACCESSING AND CONTINUING TO USE THE COMPANY WEBSITE OR ANY ONE OF THE OTHER COMPANY PROGRAMS, YOU HEREBY ACKNOWLEDGE AND AGREE: (A)  TO BE BOUND BY ALL OF THE PROVISIONS OF THIS PRIVACY POLICY AS PRESENTED TO YOU AS OF THE DATE OF YOUR FIRST USE OF  THE COMPANY WEBSITE OR ANY OTHER COMPANY PROGRAMS; AND (B) TO COMPLY WITH THE COMPANY WEBSITE TERMS OF USE, WHICH CAN BE ACCESSED AND REVIEWED AT obria.org/oregon/TERMS-OF-USE.

NO CHANGES (ADDITIONS OR DELETIONS) BY YOU TO THIS POLICY WILL BE ACCEPTED BY THE COMPANY. IF YOU DO NOT AGREE TO ALL THE PROVISIONS OF THIS PRIVACY POLICY, OR YOU DO NOT WISH YOUR PERSONAL INFORMATION TO BE USED PURSUANT TO THIS PRIVACY POLICY, THEN YOU SHOULD NOT USE ANY THE COMPANY WEBSITE OR ANY OTHER COMPANY PROGRAMS AND YOU SHOULD NOT PROVIDE ANY OF YOUR PERSONAL INFORMATION TO THE COMPANY.

THIS IS A BINDING CONTRACT BETWEEN YOU AND THE COMPANY AND YOU SHOULD DOWNLOAD AND PRINT THIS PRIVACY POLICY FOR YOUR RECORDS

SPECIAL NOTICE ABOUT PROTECTED HEALTH INFORMATION:

THIS PRIVACY POLICY DOES NOT APPLY TO INFORMATION CONSIDERED TO BE “PROTECTED HEALTH INFORMATION” THAT YOU SHARE WITH OBRIA IN CONNECTION WITH YOUR HEALTH RECEIPT OF HEALTHCARE SERVICES, EITHER ONLINE (INCLUDING WITHOUT LIMITATION THROUGH THE USE OF ANY OF THE COMPANY SERVICES) OR VIA IN-PERSON VISITS TO A FACILITY OPERATED BY OBRIA OR AN OBRIA LICENSEE.  THIS HEALTH INFORMATION IS PROTECTED ACCORDING TO OBRIA’S NOTICE OF PRIVACY PRACTICE UNDER THE HEALTH INSURANCE PORTABILITY AND ACCOUNTABILITY ACT (“HIPAA PRIVACY NOTICE”), WHICH CAN BE FOUND HERE: http://obria.org/oregon/hipaa-notice/   IT IS IMPORTANT THAT YOU REVIEW THE HIPAA PRIVACY NOTICE AS IT CONTAINS ADDITIONAL PROVISIONS AND PROTECTIONS RELATED TO THE USE AND DISCLOSURE OF YOUR PROTECTED HEALTH INFORMATION THAT GO BEYOND THE TERMS OF THIS PRIVACY POLICY. 

SPECIAL NOTICE TO CALIFORNIA RESIDENTS:

THE CALIFORNIA CONSUMER PRIVACY ACT (CCPA) PROVIDES CALIFORNIA RESIDENTS WITH SPECIFIC RIGHTS WHICH ARE EXPLAINED TO THESE PARTIES IN THE FOLLOWING SECTIONS OF THIS PRIVACY POLICY:

SPECIFIC DATA RIGHTS PURSUANT TO THE CCPA; OTHER NOTICES UNDER THE CCPA SECTIONS IN THIS PRIVACY POLICY PROVIDING SUCH NOTICE
THE CATEGORIES OF PERSONAL INFORMATION THAT WE COLLECT FROM YOU. SECTION 1
THE PURPOSES FOR WHICH WE USE YOUR PERSONAL INFORMATION SECTION 2
WHO WE SHARE YOUR PERSONAL INFORMATION WITH AND FOR THOSE PURPOSES. SECTION 3
YOUR RIGHT TO HAVE ACCESS TO YOUR PERSONAL INFORMATION, YOUR DATA PORTABILITY RIGHTS, AND YOUR DELETION REQUEST RIGHTS; AND HOW TO ACCESS THESE RIGHTS SECTION 4
NOTICE REGARDING SALE OF ANY PERSONAL INFORMATION TO A THIRD PARTY SECTION 4
NON-DISCRIMINATION NOTICE SECTION 4

 

CALIFORNIA RESIDENTS ARE ALSO DIRECTED TO SECTION 1.3 AND SECTION 4.7 OF THIS PRIVACY POLICY FOR NOTIFICATION ABOUT THE EXCLUSION OF CERTAIN HEALTH OR MEDICAL INFORMATION FROM THE SCOPE AND APPLICATION OF THE CCPA. IN SUCH INSTANCES, SUCH HEALTH OR MEDICAL INFORMATION MAY, INSTEAD, BE SUBJECT TO THE COMPANY’S  HIPAA PRIVACY NOTICE (AS DEFINED ABOVE), WHICH CAN BE FOUND HERE: http://obria.org/oregon/hipaa-notice/.   

THE CALIFORNIA’S SHINE THE LIGHT LAW.

Pursuant to Section 1798.83 of the California Civil Code, residents of California have the right to request from a business, with whom the California resident has an established business relationship, certain information with respect to the types of personal information the business shares with third parties for direct marketing purposes by such third party and the identities of the third parties with whom the business has shared such information during the immediately preceding calendar year.

To request a copy of the information disclosure provided by OBRIA pursuant to Section 1798.83 of the California Civil Code, please contact OBRIA at The Obria Group, Inc., 17731 Irvine Blvd. Ste.201-B, Tustin, CA, 92780 to info@obria.org.

  1. INFORMATION WE COLLECT

During a User’s access or use of the Company Website or any other Company Program, the Company may, either directly or by using its service providers, gather, collect, record, hold, distribute, share, disclose or otherwise use personal information or data about You which You provide to Us, as described in Section 1.1 below, or which is automatically collected, as described in Section 1.2 below (hereinafter collectively referred to as the User’s “Personal Information”).

1.1 INFORMATION YOU PROVIDE TO US.

We collect Personal Information that You provide to Us during Your use of the Company Website or any other Company Program. For example, We may require Users who use the Company Website or any other Company Services to give Us certain Personal Information that may be used to identify them, including without limitation the following types of Personal Information:

  • Your name
  • Your gender
  • Your birthdate or age
  • Your mailing address, phone/cell number, and/or email address;

Any other Information you my provide when you seek or otherwise request any information about the Company, including without limitation any information about any professional services that may be offered by or on behalf of the Company (“OBRIA Professional Services”).

1.2 INFORMATION AUTOMATICALLY COLLECTED.

When a User accesses or otherwise uses the Company Website or any other Company Program, We may automatically collect certain Personal Information about the user. In particular, You may be able to use the Company Website or other Company Programs without You affirmatively providing Personal Information, but your use of the Company Website or other Company Programs Services may still lead to the automatic collection of certain Personal Information.  Examples of the ways We may automatically collect Personal Information are:

  • Device Information. We (or our service providers) may collect information about the computer, tablet, phone or other device you use to access any of the Company Programs, including the Internet Protocol address, hardware models, operating system and version, mobile network information and other unique device
  • Cookies and other Web-based Tracking Technologies: We (or our service providers) may use different technologies such as cookies, web beacons, or other types of small temporary files or web-based tracking technologies to gather certain information. A cookie is a small data file stored by Your web browser on Your computer or mobile device (hard drive) that helps Us to improve the way We deliver our Company Website or other Company Programs to You, helps Us improve Your overall experience using Our Company Website or other Company Programs, and/or helps Us analyze the areas and features of our Company Programs that are most popular or to detect fraud.  Web beacons are electronic images that may be used in Our Company Programs or emails and help deliver cookies, count visits, and understand usage. Like many other websites, cookies and these other web-based tracking technologies may be used by Us (or our service providers) during Your visit to the Company Website or other Company Program in order to improve Your individual experience as a User of the Company Website or other Company Program or to generally improve or enhance the overall functionality of the Company Website or other Company Program. While most websites automatically accept cookies for these purposes, you may be able to instruct Your browser to stop accepting cookies or prompt You before accepting a cookie from the sites You visit, including the Company Website.
  • Web-based Analytical ToolsThe Company Website or other Company Programs may, from time to time, use certain web-based analytical tools, such as, but not limited to, Google Analytics, a web analytics service provided by Google, Inc. (collectively referred to as “Web-based Analytical Tools”).  These Web-based Analytical Tools may also uses cookies or other web-based tracking technologies to collect information about Users and how Users interact with or use the Company Website or other Company Programs Services and the information generated by these Web based Analytical Tools may be transmitted to and stored by the third party entity that offers the Web-based Analytical Tools. In that instance, the use of the information may also be subject to the privacy policies of the entity that offers the Web-based Analytical Tools.
  • Geo-location Data: Subject to any of Your device permissions, We (or our service providers) may be able to collect information about the precise location of your device or may gather other general location data based on GPS data, mailing address, and/or billing address (hereinafter collectively referred to as “Geo-location Data”).
  • Social Media Information. If any of Our Company Programs offer any social media features, such as the Facebook Like buttons or similar social media interactive mini-programs, these features may collect Your Internet Protocol address, which page You are visiting on Our Company Program, and may set a cookie to enable the feature to function properly. Social media features are either hosted by a third party or hosted directly on Our Company Program. Your interactions with these features maybe governed by the privacy policies of the company providing it (see Section 8 regarding Third Party Sites).
  • Other Ways that Personal Information May be Automatically Collected. There are other ways that your Personal Information may be automatically collected whey You access or use the Company Website or any other Company Program, including without limitation the following ways.
  • When You create an account with OBRIA
  • When You use certain features of our OBRIA Professional Services (as defined on the first page)
  • While We administer Your account
  • When You request to receive information, notifications, updates, or messages from OBRIA
  • During certain of Your communicating with OBRIA

1.3 EXCLUSIONS FROM PERSONAL INFORMATION SUBJECT TO THIS PRIVACY POLICY

“Personal Information” for purposes of this Privacy Policy does not include any of the following types of information:

(i)   Publicly available information from government records.

(ii)  De-identified or aggregated consumer information.

(iii) ANY INFORMATION THAT, PURSUANT TO THE CCPA, IS EXCLUDED FROM CCPA’S GOVERNANCE, INCLUDING WITHOUT LIMITATION THE FOLLOWING INFORMATION:

  • ANY OF THE FOLLOWING INFORMATION:

(a) HEALTH INFORMATION OR MEDICAL INFORMATION COVERED BY OR OTHERWISE SUBJECT TO THE U.S. FEDERAL HEALTH INSURANCE PORTABILITY AND ACCOUNTABILITY ACT OF 1996 (HIPAA) AND ITS RELATED REGULATIONS; AND/OR

(b)  HEALTH INFORMATION OR MEDICAL INFORMATION COVERED BY OR OTHERWISE SUBJECT TO THE THE CALIFORNIA CONFIDENTIALITY OF MEDICAL INFORMATION ACT (CMIA) AND ITS RELATED REGULATIONS.

IN SUCH INSTANCES, SUCH HEALTH OR MEDICAL INFORMATION MAY, INSTEAD, BE SUBJECT TO THE COMPANY’S  HIPAA PRIVACY NOTICE (AS DEFINED ABOVE ON THE FIRST PAGE OF THIS POLICY), WHICH CAN BE FOUND HERE: http://obria.org/oregon/hipaa-notice/.

  • ANY INFORMATION COLLECTED AS PART OF A CLINICAL TRIAL; OR
  • ANY OTHER INFORMATION COVERED BY CERTAIN OTHER SECTOR-SPECIFIC PRIVACY LAWS, INCLUDING THE FAIR CREDIT REPORTING ACT (FRCA), THE GRAMM-LEACH-BLILEY ACT (GLBA), THE CALIFORNIA FINANCIAL INFORMATION PRIVACY ACT (FIPA), AND THE DRIVER’S PRIVACY PROTECTION ACT OF 1994.
  1. HOW WE USE YOUR INFORMATION.

2.1  PRIMARY WAYS WE USE YOUR INFORMATION.  User’s Personal Information may be gathered, collected, recorded, held, or otherwise used by or on behalf of the Company (including by Our service providers) to provide, maintain, and improve our Services to You, including for the following purposes:

  • To provide, operate and otherwise maintain the Company Website and any other Company Programs;
  • To facilitate the ability of OBRIA personnel to provide their OBRIA Professional Service (as such term is defined on the first page) to certain Users, including without limitation scheduling appointments with You;
  • To promote and market our OBRIA brand and our OBRIA Professional Services;
  • To compile a database of Users;
  • In other ways as we deem appropriate in our sole discretion provide our OBRIA Professional Services;
  • To provide You with any other goods/services that You and OBRIA agree to.
  • To contact You to further discuss interest in Our company, the goods and services that We provide, and to send information regarding our company or partners, such as promotions and events.
  • To allow other companies, including but not limited to those that use the same customer and potential customer database that We use, to possibly contact You using your Personal Information.
  • To send You information about, or to otherwise communicate with You (including without limitation by sending You an email, a newsletter, or other correspondence via any other methods of communication) regarding any of the following: (i) updates to the Company Website or other Company Programs: (ii) any of the Company’s goods or services, including without limitation any OBRIA Professional Services that may be provided to a User; (iii) any other events, activities or programs offered by the Company; or (iv) any other information We believe You may find of interest; provided, however You may “Opt-Out” from receiving this information, at any time, by following the “Opt-Out” instructions in Section 5.1 of this Privacy Policy.
  • To use any credit card or other authorized payment method information that you provide to OBRIA (and, without limiting the generality of foregoing, You hereby authorize OBRIA, or a credit card processor of its choosing to receive appropriate billing information, bill such credit card or to make such charges as applicable);
  • To monitor and analyze trends, usage, and activities in connection with the Company’s goods/services and industry;
  • To further personalize Your experience and the advertisements and content You see when You use any Company Programs based on Your preferences, interests, and browsing and purchasing behavior;
  • For compliance purposes as may be required by applicable laws or regulations or as requested by any judicial process or governmental agency (including without limitation for Company’s tax reporting) or as may be requested under any subpoena (See Section 3 of this Privacy Policy);
  • To carry out any other purpose described to You at the time the Personal Information is collected.

2.2  OTHER WAYS WE MAY USE YOUR INFORMATION.  In addition to the above, Your Personal Information may be gathered, collected, recorded, held or otherwise used for the following additional purposes:

  • To use with, or otherwise distribute, share or disclose to, any of the Company’s professional advisors such as attorneys or accountants (“Outside Professionals”) in order to facilitate the professional advice from those Outside Professionals; or
  • To use with, or otherwise distribute, share or disclose to, any government agencies or third parties in order to comply with, or otherwise pursuant to, any subpoena, court order, or other governmental order, law or regulation (including without limitation tax reporting).
  • 3  OTHER TERMS REGARDING THE USE OF YOUR INFORMATION.

2.3.1       Subject to Section 1.3(iii) above in this Privacy Policy, the Company may also use or share Your Personal Information only for the purposes as described in this Section 2 and in Section 3 herein, unless We reasonably determine We need to use it for another reason and that reason is compatible with the original purpose(s) described herein.  For example, we consider de-identification, aggregation, and other forms of anonymization of Personal Information to be compatible with the purposes listed herein and in Your interest because the anonymization of such information reduces the likelihood of improper disclosure of that information. If We need to use Your Personal Information for an unrelated purpose, we will notify You and We will explain the legal basis which allows Us to do so.

2.3.2    PLEASE NOTE THAT WE MAY PROCESS YOUR PERSONAL INFORMATION WITHOUT YOUR KNOWLEDGE OR ADDITIONAL CONSENT IN COMPLIANCE WITH THIS PRIVACY POLICY AND WHERE DOING SO IS REQUIRED OR PERMITTED BY LAW INCLUDING WITHOUT LIMITATION ANY SUBPOENA OR OTHER TYPES OF COURT ORDERS.

  1. SHARING OF INFORMATION

We may distribute, share or disclose Personal Information about You as follows or as otherwise described herein:

  • Affiliates and Subsidiaries. We may disclose Your Personal Information with our affiliates or subsidiaries for any of the purposes described herein.
  • Service Providers. We may share or disclose Your Personal Information with Our service provides or other third-party vendors that We retain in connection with the provision of the Company Programs, including without limitation the following types of service providers that We may engage:
    • Email, internet or other telecommunication service providers;
    • Cloud, other data storage, or other hosting service providers;
    • Third-party payment service providers, including without limitation third-party credit card processors (see Third-Party Application Providers below);
    • Analytics companies who assist Us with various types of data analytics (see Analytics Partners below);
    • Third parties shippers; or
    • Other third-party contractors we engage to assist Us in providing Our goods and services.
  • Third-Party Application Providers. If a third-party application is used to support Our Company Programs, we may share or disclose Your Personal Information to such third-party application providers, including without limitation third-party credit card processors or other third-party payment service providers.
  • Analytics Partners. We may use analytics services provided by a third-party analytics service provider or by using one of their tools, such as but not limited to Google Analytics, to collect and process certain analytics data. These services may also collect data about Your use of other websites, apps, and online resources.
  • Aggregated Form. We may make certain automatically-collected, aggregated, or otherwise de-identified Personal Information available to third parties for various purposes, including (i) compliance with various reporting obligations; (ii) for business or marketing purposes; or (iii) to assist such parties in understanding our Users’ interests, habits, and usage patterns for certain programs, content, services, advertisements, promotions, and/or functionality available through the Company Programs.
  • Advertising/Marketing Partners. We may work with or third-party advertising or marketing companies (collectively, “Advertising Partners”) in order to provide You with advertisements, marketing or other information that We think may interest You. These Advertising partners may set or access their own cookies, pixel tags or similar technologies on our Company Programs or they may otherwise collect or have access to data about You which they may collect over time and across different online services. These Advertising partners may also provide Us with their own independent data about potential customers and such data could include data about You previously collected by the Advertising Partner.
  • Social Media Features. The Company Programs may, now or in the future, offer social media features, including certain sharing tools or other integrated tools (such as the Facebook “Like” button), which let You share actions that You take on Our social media pages. Your use of such features enables the sharing of Personal Information with the public, depending on the settings You establish with the entity that provides the social sharing feature.
  • Merger, Sale, or Other Asset Transfers. We may share or disclose or otherwise transfer Your Personal Information to the Company’s Outside Professionals (as defined in Section 2.2 herein), other advisors, potential transactional partners, or other third parties in connection with the consideration, negotiation, or completion of a corporate transaction in which We are acquired by or merged with another company or We sell, liquidate, or transfer all or a portion of Our assets. The use of Your Personal information following any of these events will be governed by this Privacy Policy.
  • As Required By Law, Subpoena or Similar Government Order. We may access, preserve, share, or disclose Your Personal Information if We believe doing so is required or appropriate to: (i) comply with all laws or regulations, including any tax reporting requirements of the Company; (ii) comply with any other law enforcement requests or legal process, such as a court order or subpoena; (iii) respond to Your requests; or (iv) protect Your, Our, or others’ rights, property, or safety. FOR THE AVOIDANCE OF DOUBT, WE MAY BE REQUIRED TO DISCLOSURE YOUR PERSONAL INFORMATION TO: (I) TAXING AUTHORITIES AS PART OF OUR TAX REPORTING REQUIREMENTS; OR (II) LAW ENFORCEMENT AUTHORITIES OR OTHER GOVERNMENTAL AGENCIES OR VIA SUBPOENA ARISING OUT OF YOUR USE OF ANY UNLAWFUL OR INFRINGING CONTENT WHILE USING ANY COMPANY PROGRAM.
  • Company’s Outside Professionals. We may share or disclose Your Personal Information with any of the Company’s Outside Professionals (as defined in Section 2.2 herein) in order to facilitate the professional advice such Outside Professionals provide to the Company.
  • Consent. We may also share or disclose Your Personal Information with your permission.
  1. ADDITIONAL RIGHTS OF CALIFORNIA RESIDENTS UNDER THE CCPA

In addition to the other notices that we have provided in this Privacy Policy, We hereby provide the following notices to all California residents regarding their rights under the CCPA:

4.1  ACCESS TO SPECIFIC INFORMATION AND DATA PORTABILITY RIGHTS

Each User has the right to request that the Company disclose certain information to You about the Company’s collection and use of Your Personal Information over the past 12 months. Once the Company receives and confirms Your verifiable consumer request (see Section 4.4: Exercising Your Access, Data Portability, and Deletion Rights), the Company will disclose to You (per your request):

  • The categories of Personal Information We collected about You.
  • The categories of sources for the Personal Information We collected about You.
  • Our business or commercial purpose for collecting or selling that Personal Information.
  • The categories of third parties with whom We share that Personal Information.
  • The specific pieces of Personal Information We collected about You (also called a data portability request).
  • If We sold or disclosed your Personal Information for a business purpose; two separate lists disclosing:
    • Sales (if any), identifying the Personal Information categories that each category of recipient purchased; and
    • disclosures for a business purpose, identifying the Personal Information categories that each category of recipient obtained.

4.2  DELETION REQUEST RIGHTS

Each User has the right to request that the Company delete any of Your Personal Information that the Company collected from You and retained, subject to certain exceptions. Once the Company receives and confirms Your verifiable consumer request (see Section 4.4: Exercising Your Access, Data Portability, and Deletion Rights), the Company will delete (and direct our service providers to delete) Your Personal Information from our records, unless an exception applies. However, the Company may deny Your deletion request if retaining the information is necessary for the Company or its service provider(s) to:

  • Complete the transaction for which We collected the Personal Information, provide a good or service that You requested, take actions reasonably anticipated within the context of Our ongoing business relationship with You, or otherwise perform Our contract with You;
  • Detect security incidents, protect against malicious, deceptive, fraudulent, or illegal activity, or prosecute those responsible for such activities;
  • Debug products to identify and repair errors that impair existing intended functionality;
  • Exercise free speech, ensure the right of another consumer to exercise their free speech rights, or exercise another right provided for by law;
  • Comply with the California Electronic Communications Privacy Act (Cal. Penal Code § 1546 seq.);
  • Engage in public or peer-reviewed scientific, historical, or statistical research in the public interest that adheres to all other applicable ethics and privacy laws, when the information’s deletion may likely render impossible or seriously impair the research’s achievement, if You previously provided informed consent;
  • Enable solely internal uses that are reasonably aligned with consumer expectations based on Your relationship with Us; or
  • Comply with a legal obligation; or
  • Make other internal or lawful uses of that information that are compatible with the context in which You provided it.

 

 4.3 NOTIFICATION REGARDING SALE (IF ANY) OF PERSONAL INFORMATION

In view of the definition of “sale” under CCPA, our Company may, either now or in the future, exchange, share, and/or “sell” (as defined under the CCPA) certain Personal Information to certain third parties.  CLICK HERE for the Company’s “DO NOT SELL MY PERSONAL INFORMATION” notice to California residents about their right to stop any such “sales”, if any such “sales” exist:obria.org/oregon/ccpa.

4.4  EXERCISING YOUR ACCESS, DATA PORTABILITY, AND DELETION RIGHTS

To exercise the access, data portability, deletion rights, and other rights described in this Section 4, the User must submit a verifiable consumer request to the Company by either:

  • Calling the Company at 949-273-5040.
  • Emailing the Company at: info@obria.org.

Only You, or a person registered with the California Secretary of State that You authorize to act on Your behalf, may make a verifiable consumer request to the Company related to Your Personal Information. You may also make a verifiable consumer request on behalf of Your minor child. You may only make a verifiable consumer request for access or data portability twice within a 12-month period. The verifiable consumer request must:

  • Provide sufficient information that allows the Company to reasonably verify that You are the person about whom We collected Personal Information or an authorized representative.
  • Describe Your request with sufficient detail that allows the Company to properly understand, evaluate, and respond to it.

The Company cannot respond to Your request or provide You with Personal Information if the Company cannot verify Your identity or authority to make the request and confirm the Personal Information relates to You. Making a verifiable consumer request does not require You to create an account with us. The Company will only use Personal Information provided in a verifiable consumer request to verify the requestor’s identity or authority to make the request.

4.5  RESPONSE TIMING AND FORMAT

If You send a verifiable consumer request from You as set forth in Section 4.4 above, the Company will endeavor to respond to such verifiable consumer request within forty-five (45) days of its receipt. If We require more time (up to a total aggregate of 90 days), the Company will inform You of the reason and extension period in writing. If You have an account with Us, we will deliver our written response to that account. If You do not have an account with Us, we will deliver Our written response by mail or electronically. Any disclosures We provide will only cover the 12-month period preceding the verifiable consumer request’s receipt. The response We provide will also explain the reasons We cannot comply with a request, if applicable. For data portability requests, we will select a format to provide Your Personal Information that is readily useable and should allow You to transmit the information from one entity to another entity without hindrance. We do not charge a fee to process or respond to Your verifiable consumer request unless it is excessive, repetitive, or manifestly unfounded. If We determine that the request warrants a fee, We will tell You why We made that decision and provide You with a cost estimate before completing Your request.

4.6  NON-DISCRIMINATION NOTICE

The Company will not discriminate against You for exercising any of Your rights under the CCPA. Unless permitted by the CCPA, We will not:

  • Deny You goods or services;
  • Charge You different prices or rates for goods or services, including through granting discounts or other benefits, or imposing penalties;
  • Provide You a different level or quality of goods or services; or
  • Suggest that You may receive a different price or rate for goods or services or a different level or quality of goods or services.

4.7  SPECIAL NOTICE ABOUT EXCLUSION OF CERTAIN INFORMATION FROM GOVERNANCE OF THE CCPA

IN ACCORDANCE WITH THE CCPA, THE COLLECTION AND USE OF THE FOLLOWING INFORMATION IS NOT SUBJECT TO OR GOVERNED BY THE CCPA AND, THUS, IS EXCLUDED FROM THE TERMS AND CONDITIONS OF SECTION 4 OF THIS PRIVACY POLICY

  • ANY OF THE FOLLOWING INFORMATION:

(a) HEALTH INFORMATION OR MEDICAL INFORMATION COVERED BY OR OTHERWISE SUBJECT TO THE U.S. FEDERAL HEALTH INSURANCE PORTABILITY AND ACCOUNTABILITY ACT OF 1996 (HIPAA) AND ITS RELATED REGULATIONS; AND/OR

(b)  HEALTH INFORMATION OR MEDICAL INFORMATION COVERED BY OR OTHERWISE SUBJECT TO THE THE CALIFORNIA CONFIDENTIALITY OF MEDICAL INFORMATION ACT (CMIA) AND ITS RELATED REGULATIONS.

IN SUCH INSTANCES, SUCH HEALTH OR MEDICAL INFORMATION MAY, INSTEAD, BE SUBJECT TO THE COMPANY’S  HIPAA PRIVACY NOTICE (AS DEFINED ABOVE ON THE FIRST PAGE OF THIS POLICY), WHICH CAN BE FOUND HERE: http://obria.org/oregon/hipaa-notice/.

  • ANY INFORMATION COLLECTED AS PART OF A CLINICAL TRIAL; OR
  • ANY OTHER INFORMATION COVERED BY CERTAIN OTHER SECTOR-SPECIFIC PRIVACY LAWS, INCLUDING THE FAIR CREDIT REPORTING ACT (FRCA), THE GRAMM-LEACH-BLILEY ACT (GLBA), THE CALIFORNIA FINANCIAL INFORMATION PRIVACY ACT (FIPA), AND THE DRIVER’S PRIVACY PROTECTION ACT OF 1994.
  1. CERTAIN ADDITIONAL CHOICES YOU MAY HAVE ABOUT YOUR INFORMATION

5.1  OPT-OUT FROM RECEIVING INFORMATION FROM THE COMPANY.

5.1.1   YOU CAN OPT-OUT FROM RECEIVING INFORMATION FROM THE COMPANY.  In the event a User has provided the Company with Personal Information such as that discussed above, and thereafter a User does not want to continue to directly receive further notices, or information from the Company such as emails about the Company’s products or services, the User must send a message to the Company at this email address: info@obria.org  in which the User states that the User no longer wants to receive these communications directly from the Company (“Opt-Out”). Once the Company has received the User’s request to Opt-Out, the Company will use commercially reasonable efforts, in a commercially reasonable time period, to try to carry out such User’s request to Opt Out; provided, however, the Company will not have any obligation to retrieve, and cannot prevent the further use by others of, such User’s Personal Information which may have been shared up to that time with other parties as permitted by the provisions of this Privacy Policy.

5.1.2   EFFECT OF OPT-OUT.  If a User elects to Opt-Out, and provided such User has properly delivered its Opt-Out request to the Company in accordance with Section 5.1.1 herein, such User will no longer receive emails directly from the Company after a commercially reasonable time from the date such User sent its Opt-Out notice to the Company. However, the Company does not have any obligations under, or liability arising out of, this Privacy Policy with regard to a User’s decision to share its Personal Information with, Our use of, any other internet websites, forums, or programs that the User may have linked to via the Company Website which are not under the Company’s direct control or ownership. Accordingly, after sending Your Opt-Out to the Company, You may need to contact these other entities directly regarding their use of Your Personal Information.

5.3. GEO-LOCATION DATA.

You may be able to prevent your device from sharing precise location information, including without limitation some or all of the Geo-Location Data described in Section 1.2 above, at any time through your device’s operating system settings

5.3. DO NOT TRACK: SPECIAL ADDITIONAL NOTICE TO CALIFORNIA RESIDENTS.

Some browsers have a “DO NOT TRACK” feature that lets website users inform websites or other applications that they do not want to have their online activities tracked. These “do not track” features may also give website users other choices regarding the collection of their personal identifiable information. However, these “do not track” features and “do not track’ signals are not yet uniform. ACCORDINGLY, EACH USER OF THE COMPANY WEBSITE OR ANY OTHER COMPANY PROGRAM IS HEREBY NOTIFIED THAT THE COMPANY WEBSITE AND THE OTHER COMPANY PROGRAMS ARE NOT CURRENTLY SET UP TO RESPOND TO ANY OF THE USER’S “DO NOT TRACK” FEATURES OR “DO NOT TRACK” SIGNALS.

5.4. CHILDREN; COPPA NOTICE.

This Company Website and other Company Programs are not directed to children under the age of 13. We adhere to the U.S. federal Children’s Online Privacy Protection Act (“COPPA“) and will not knowingly register or otherwise collect any Personal Information from any child under the age of 13. We ask that minors under the age of 13 not submit any Personal Information to the Company. If You have reason to believe a child under the age of 13 has provided the Company with any Personal Information, please contact the Company at info@obria.org and request that such information be deleted from Our records.

  1. ENFORCEMENT OF THIS PRIVACY POLICY BY COMPANY.

Each User confirms and agrees that by the User’s act of using any of the Company Programs, including without limitation uploading any of the User’s Personal Information or any other content via any Company Program, the User: (a) unconditionally agrees to all of the terms and conditions of this Privacy Policy; and (b) further agrees that no provision of this Privacy Policy shall limit, condition, alter, or amend, in any way whatsoever, any rights that User may have separately granted to the Company pursuant to any other agreement that the User may have separately entered into with the Company.

  1. USER RESPONSIBLE FOR UPDATING USER’S OWN PERSONAL INFORMATION; DATA SECURITY ISSUE.

7.1   USER RESPONSIBLE FOR UPDATING PERSONAL INFORMATION.  Users are solely responsible for correcting, updating, or modifying any and all of the User’s Personal Information as it appears in, and as otherwise stored or contained in, any Company Program. Without in any way limiting the foregoing, User acknowledges and agrees that the Company does not have an independent obligation to maintain the accuracy or completeness of any of Personal Information provided by the User to the Company, including such Personal Information once it is stored, described or otherwise contained in the Company Website or in any other Company Program

 

7.2 REVIEWING AND UPDATING YOUR INFORMATION

If You register for an account on the Company Website or any other Company Program, You may review and update Your account information by logging in to Your account with Your username and password at https://locator.obria.org/login as well as through additional links throughout the Company Website or other applicable Company Program.

 

7.3 ISSUES YOU SHOULD BE AWARE REGARDING DATA SECURITY

Please note that data that is transported over an open network, such as the Internet or e-mail, may be accessible to anybody. We cannot guarantee the confidentiality of any communication or material transmitted via such open networks. When disclosing any personal information via an open network, you should remain mindful of the fact that it is potentially accessible to others, and consequently, can be collected and used by others without your consent. In particular, while individual data packets are often encrypted, the names of the sender and recipient are not. A third party may therefore be able to trace an existing bank account or relationship or one that is subsequently created. Even if both the sender and recipient are located in the same country data may also be transmitted via such networks to other countries regularly and without controls, including to countries that do not afford the same level of data protection as your country of domicile.

Your data may be lost during transmission or may be accessed by unauthorized parties. We do not accept any liability for direct or indirect losses as regards the security of your Personal Information or data during its transfer via the Internet. Please use other means of communication if you think this is necessary or prudent for security reasons.

  1. LINKS TO, AND USE OF, THIRD-PARTY SITES OR PROGRAMS.

The Company Website or other Company Programs may now or in the future provide links or other access to Internet websites, forums or other programs which are not under the Company’s sole control and not solely owned by the Company (collectively referred to as “Third Party Sites”). If a User clicks on a link to, or otherwise gains access to, any such Third-Party Site, the User will be transported to one of these Third-Party Sites.

THIS PRIVACY POLICY ONLY APPLIES TO THE COMPANY WEBSITE AND THE OTHER COMPANY PROGRAMS DIRECTLY OWNED BY THE COMPANY.  THEREFORE, THIS PRIVACY POLICY: (A) DOES NOT DESCRIBE THE PRIVACY POLICIES OF ANY OF THESE THIRD-PARTY SITES; AND (B) DOES NOT GOVERN THE COLLECTION OR USE OF YOUR PERSONAL INFORMATION BY THE THIRD-PARTY SITES. THE COMPANY IS NOT RESPONSIBLE FOR THE PRIVACY PRACTICES OF ANY OF THESE THIRD-PARTY SITES.  IF A USER CLICKS ON A LINK TO, OR IS SENT TO A LINK OF, OR OTHERWISE GAINS ACCESS TO, A THIRD-PARTY SITE, THE USER SHOULD REVIEW THE PRIVACY STATEMENTS OR POLICIES OF SUCH THIRD-PARTY SITES (IF ANY) TO DETERMINE THAT PARTICULAR THIRD PARTY SITES’ PRACTICES WITH REGARD TO THE COLLECTION AND USE OF PERSONALLY IDENTIFIABLE INFORMATION. 

WITHOUT LIMITING THE GENERALITY OF THE FOREGOING, EACH USER AGREES THAT IF THE USER USES ANY THIRD PARTY SITES IN ANY WAY, THE USER IS AWARE THAT ANY OF THE USER’S PERSONAL INFORMATION THAT THE USER PROVIDES TO THAT THIRD PARTY SITE MIGHT BE READ, COLLECTED, SHARED, DISTRIBUTED, OR OTHERWISE USED BY OTHER USERS OF THAT THIRD PARTY SITE OR BY ANY OTHER THIRD PARTIES, AND COULD BE USED TO SEND THE USER UNSOLICITED MESSAGES. THE COMPANY IS NOT RESPONSIBLE FOR ANY PERSONAL INFORMATION THAT THE USER ELECTS TO SUBMIT IN, OR OTHERWISE MAKE AVAILABLE TO, THESE THIRD-PARTY SITES.

Any link to any Third Party Site from the Company Website or any other Company Program does not imply any endorsement of the privacy practices of such Third Party Site by the Company, and no such Third Party Site is authorized to make any representation or warranty on our behalf.

  1. THIS PRIVACY POLICY MAY CHANGE.

This Privacy Policy may be changed from time to time and at any time by the Company. The Company reserves the right to change it without notice to a User.  YOU HEREBY AGREE THAT YOU ARE BOUND BY THE VERSION OF THIS PRIVACY POLICY THAT IS IN EFFECT AT THE TIME YOU FIRST USE THE COMPANY WEBSITE OR ANY OTHER COMPANY PROGRAM. THE TERMS OF THIS PRIVACY POLICY MAY BE DIFFERENT THE NEXT TIME YOU USE THE COMPANY WEBSITE OR ANY OTHER COMPANY PROGRAM.  ANY USE OF THE COMPANY WEBSITE OR ANY OTHER COMPANY PROGRAM BY YOU AFTER SUCH AMENDMENT(S) SHALL BE DEEMED TO CONSTITUTE ACCEPTANCE BY THE USER OF THE AMENDMENT(S) FOR USE OF ALL COMPANY PROGRAMS.  EACH USER SHOULD REGULARLY REVIEW AND PRINT THIS PRIVACY POLICY FOR THE USER’S RECORDS.

  1. THIS PRIVACY POLICY IS INTEGRAL PART OF THE TERMS OF USE

This Policy is an integral part of the Terms of Use of the Company Website and all other Company Programs and any use of the Company Website and all other Company Programs is governed by those Terms of Use.

  1. COMMUNICATING WITH COMPANY.

Questions regarding this Policy or the practices of the Company Website or any other Company Program should be directed to OBRIA by emailing such questions to info@obria.org.

 

Updates to our Privacy Policy

If you have any questions regarding this Privacy Policy, you should contact our Customer Service Department. http://obria.org/oregon/contact