Privacy Policy MHC
Effective date – January 31, 2025
This Managed Health Connections Privacy Policy relates to the collection, use, and
disclosure of your Personal Data and PHI in your use of the Platform. You may
disclose Personal Data and PHI in your use of the Platform and you consent to
MHC’s collection, use, and disclosure practices related to such Personal Data and
PHI specified in this Privacy Policy. You further agree to comply with Applicable Law
related to the sharing of your Personal Data and your collection, use, and disclosure
of Personal Data belonging any third parties. If you do not consent and agree to
this Privacy Policy, you will immediately discontinue use of the Platform and
uninstall all related downloads and applications.
IF YOUR USE OF THE PLATFORM IS RELATED TO A RESEARCH STUDY, THEN IN
THE EVENT OF ANY CONFLICT OR INCONSISTENCY BETWEEN THIS PRIVACY
POLICY AND THE INFORMED CONSENT YOU PROVIDED IN CONNECTION WITH
THE RESEARCH STUDY, THE TERMS OF SUCH INFORMED CONSENT SHALL
CONTROL.
SECTION 1 Definitions
(a) “Applicable Law” means all applicable (1) state, federal, and international
laws and regulations, and (2) ethical, professional, and licensure requirements of
your profession if you are a healthcare provider.
(b) “Appropos Health ” means MHCs web and mobile application that makes
available a tool to be accessed by you to monitor use of alcohol or other
substances.
(c) “HIPAA” means the Health Insurance Portability and Accountability Act of
1996 and associated regulations, as amended.
(d) “MHC” means Managed Health Connections, Inc., a Delaware corporation
located at 203 N Washington St. Suite 302, Spokane, WA 99201
(e) “Neowithdrawal” means MHC’s web-based training platform that makes
available a training program and tool to provide information and measurement
related to conditions that may affect mothers and infant with specific conditions.
(f) “Personal Data” means any information relating to an identified or
identifiable natural person. An identifiable natural person is one who can be
identified, directly or indirectly, in particular by referencing an identifier such as a
name, an identification number, location data, an online identifier, or to one or
more factors specific to the physical, physiological, genetic, mental, economic,
cultural, or social identity of that natural person.
(g) “PHI” means (i) “Protected Health Information” as that term is used
under HIPAA, and (ii) “Patient identifying information” as that term is used
under 42 CFR § 2.11.
(h) “Platform” means the Website, the Neowithdrawal web-based training
platform, Appropos Health mobile application or related applications and all other
products or services provided by MHC.
(i) “Privacy Policy” means MHC’s policy related to the collection, use, and
disclosure of Personal Data and PHI as specified in this Managed Health
Connections Privacy Policy, the Platform, and any additional privacy statements
provided to you in writing.
(j) “Research Study” means any use of any portion of the platform which is
covered by a study or clinical trial approved by an Institutional Review Board.
(k) “User Account” means the account created by you to access and use the
Platform.
(l) “Website” means the portion of MHC’s website accessible by you located
at www.managedhealthconnections.com or www.neowithdrawal.com or
apropos.health.
(m) “You” means the individual or entity visiting, installing, downloading,
accessing, or otherwise using the Platform.
SECTION 2 Personal Data and PHI collected by MHC
(a) Information provided to MHC. This may include your first and last name,
birthdate, email, phone number, PHI, screening measures and surveys, professional
license, and other information when you create a User Account to access the
Platform. You may at any time update such information on your User Account once
it has been created.
(b) Information MHC collects from you automatically when you use the
Platform. MHC and its partners and affiliates may automatically collect certain
information about you when you use the Platform (“Usage Data”). Usage Data may
include IP address, device identifier, browser type, operating system, information
about your use of the Platform, and data regarding network connected hardware
(e.g., computer or mobile device). The methods that may be used on the Platform
to collect Usage Data include the following:
(1) Log information. Log information is data about your use of the Platform
such as IP address, browser type, internet service provider, referring/exit pages,
operating system, date/time stamps, and related data, and may be stored in log
files;
(2) Information collected by tracking technologies. Location-identifying
technologies, device tokens, and other tracking technologies now and hereafter
developed may be used to collect information about interactions with the Platform;
(3) Location-identifying technologies. GPS (global positioning systems) software,
geo-filtering, and other location-aware technologies locate (sometimes precisely)
you for purposes such as verifying your location and delivering or restricting
content based on your location;
(4) Device tokens. A device token is a unique identifier issued by the operating
system of your mobile device. You may sign up to receive “push notification”
messages through the Platform. To ensure messages reach the correct devices,
MHC relies on a device token unique to your mobile device. While MHC may be able
to access a list of the tokens, the MHC Mobile App and tokens do not reveal your
identity, unique device ID, or contact information to MHC.
(5) Cookies. Cookies are alphanumeric identifiers that MHC transfers to your
computer’s (or other device’s) persistent storage medium (e.g., hard drive) through
your browser to enable MHC’s systems to recognize your browser and tell MHC
how and when pages on the Platform are visited and by how many people. MHC
uses cookies to enhance visitors’ experiences, to learn more about their use of the
Platform, and to improve quality. Cookies MHC collects does not collect Personal
Data or PHI, but MHC may combine the general information collected through
cookies with Personal Data to tell MHC who you are or what your screen name or
email address is. Most browsers have an option for turning off the cookie feature
which will prevent your browser from accepting new cookies, as well as (depending
on the sophistication of your browser software) allowing you to decide on
acceptance of each new cookie in a variety of ways. MHC strongly recommends that
you leave the cookies activated because cookies enable you to take advantage of
some of the Platform’s most attractive features. Ads appearing on the Platform may
be delivered to users by MHC’s advertising partners who may set cookies. These
cookies allow the ad server to recognize your computer or other device each time
they send you an online advertisement to compile information about you or others
who use your computer or device. This information allows ad networks to, among
other things, deliver targeted advertisements that they believe will be of most
interest to you. This Privacy Policy covers the use of cookies by MHC and does not
cover the use of cookies by any advertisers. Some information about your use of
the Platform may be collected using tracking technologies across time and services
and used by MHC and third parties for delivering the Platform.
(c) Information MHC collects from its partners and other sources. MHC
may collect Personal Data that you have provided to MHC and its subsidiaries,
affiliates, business partners, and/or businesses related to MHC for purposes set out
below. MHC is not responsible or liable for the accuracy of the information
provided by third parties or for third party policies or practices. Generally, MHC
collects Personal Data directly from you. If third parties hold information MHC
requires, MHC will endeavor to ensure the information has been collected with
your consent. MHC may collect and use Personal Data that is aggregated and
anonymized (“Analytic Information”) from MHC subsidiaries, affiliates, business
partners, and/or businesses related to MHC, for various business purposes,
including enabling MHC to provide the Platform. Analytic Information, because it is
aggregated and anonymized, is no longer Personal Data as it cannot be used, alone
or in conjunction with other information, to identify an individual. MHC may use
this Analytic Information in a variety of ways, including to help analyze site traffic,
understand users’ needs and trends, and to improve MHC products and services.
MHC may use this information by itself or aggregate it with information MHC has
obtained from others. MHC may use, transfer, lease, sell, or otherwise
commercialize Analytic Information for any and all purposes without notice or
obligation to you, provided that the Analytic Information does not indicate your
identity and cannot be used, alone or in conjunction with other information, to
determine your identity. You will not have any rights arising from the creation,
collection, or use of the Analytic Information.
SECTION 3 Personal Data use
MHC collects Personal Data for purposes related to managing and developing its
businesses and operations, including (a) establishing, managing, and terminating
business relations with you, (b) reviewing the products and services that MHC
provides to you, (c) communicating and sending curated healthcare related
information of interest to you, including newsletters, alerts, and notifications, (d)
informing you of MHC’s products and services other than those that you have
specifically requested, (e) tracking and analyzing trends and patterns related to
MHC’s businesses and operations for market research related purposes, (f)
providing you with the Platform, (g) creating aggregated information or Analytic
Information that does not individually identify you, (h) complying with Applicable
Law, (i) any other reasonable purpose to which you consent, (j) for other purposes
which MHC will disclose to you before the time of collection, (k) to investigate
security breaches or cooperate with government authorities pursuant to a legal
matter, or (l) sending you transactional or informational emails such as customer
service communications in connection with the products you have registered to use
or changes to the Platform or policies.
SECTION 4 Personal Data and PHI disclosure
Personal Data and PHI may be disclosed to third parties
(a) if there is a change in ownership of all or a part of MHC through some form
of merger, purchase, sale, lease, or amalgamation or other form of business
combination, provided that the parties are bound by appropriate agreements or
obligations which require them to use or disclose your Personal Data or PHI in a
manner consistent with the use and disclosure provisions of this Privacy Policy,
unless you indicate otherwise,
(b) that are third party service providers, affiliates, and business associates,
including an organization or individual retained by MHC to perform functions on its
behalf,
(c) where you have provided your consent for such disclosure or where
disclosure is required or permitted by Applicable Law,
(d) to whom you directed us to share Personal Data or PHI. Once you direct us
to share your Personal Data or PHI with a third party, such Personal Data or PHI is
governed by the third-party’s privacy policy,
(e) where MHC is permitted or required by Applicable Law, even without your
knowledge or consent,
(f) when MHC shares or sells aggregated, de-identified data that does not
identify you with partners and the public. When MHC provide this information, it
ensure that the data does not identify you and cannot be associated back to you, or
(g) in connection with the performance of certain technological or
administrative functions, such as data management. Prior to making this disclosure,
MHC will take appropriate steps to ensure that the third party service providers
safeguard the Personal Data and use the Personal Data only for authorized
purposes set out in this Privacy Policy and in accordance with Applicable Law.
(h) no personal data related to an IRB Study will released under this section, the
terms of any Informed Consent document will apply .for
SECTION 5 Consent to collect, use, and disclose Personal Data and PHI
(a) It is important to MHC that it collects, uses, or discloses your Personal Data
and PHI only where MHC has your consent to do so or as provided in this Privacy
Policy. Depending on the sensitivity of the Personal Data or PHI, your consent may
be express, implied, or deemed (using an opt-out mechanism). Express consent can
be given electronically or in writing. Implied consent is consent that can reasonably
be inferred from your action or inaction (e.g., when you accept this Privacy Policy,
MHC will assume your consent to the collection, use, and disclosure of your
Personal Data for purposes related to your acceptance and use of the Platform, or
for other purposes identified to you at the relevant time). Deemed consent is
consent MHC assumes if you do not exercise an opt-out mechanism offered to you.
(b) By submitting your Personal Data and PHI to MHC or obtaining its services
via the Platform or otherwise, you consent to the collection of and use of your
Personal Data and PHI in the manner described in this Privacy Policy. To the extent
that MHC is required by Applicable Law to obtain your explicit consent for the
collection, use, or disclosure of your Personal Data or PHI in accordance with this
Privacy Policy, such consent will be requested at the appropriate time. If MHC plans
to use or disclose your Personal Data or PHI for a purpose not previously identified
(either in this Privacy Policy or separately), MHC will endeavor to advise you of that
purpose before such use or disclosure. MHC may collect, use, or disclose your
Personal Data or PHI without your knowledge or consent where MHC is permitted
or required to do so by Applicable Law.
(c) You may change or withdraw your consent at any time, subject to legal or
contractual restrictions and reasonable notice, by emailing the email address
specified in Section 10(c). In some circumstances, a change or withdrawal of
consent may limit MHC’s ability to provide products or services to you.
(d) In the case of personal contact information provided in conjunction with any
newsletter or other marketing initiatives, you may withdraw your consent to
receiving those communications and unsubscribe from any MHC subscriptions at
any time by emailing the email address specified in Section 10(c). In addition,
commercial electronic communications sent by MHC to which you have subscribed
will further contain an unsubscribe mechanism.
(e) You can stop all collection of data generated by use of the MHC Mobile App
by uninstalling it. You may also be able to exercise specific privacy choices, such as
enabling or disabling push notifications, by adjusting the permissions in your
mobile device.
SECTION 6 Personal Data and PHI storage and retention
(a) MHC endeavors to safeguard Personal Data using methods that are
appropriate to the sensitivity of the information, including using industry standard
methods for managing risks to the security of information, protecting the
confidentiality of all Personal Data and PHI when doing business internally or
externally with other organizations, and protecting all Personal Data and PHI with
appropriate and effective security safeguards, including physical, administrative,
and technology safeguards, against such risks as loss or theft, unauthorized access,
disclosure, copying, use, or destruction, regardless of the format in which it is held.
MHC collects and stores your information on secure servers meeting the
requirements of Applicable Law.
(b) MHC retains your Personal Data and PHI for up to 3 years after you cease to
be an active Platform user. You will be considered an inactive user after 1 year with
no activity on the Platform, starting from the date of your last access. Once the
Personal Data or PHI is no longer required to fulfill the purpose for which it was
collected and no longer required or permitted to be retained for legal or business
purposes, it is securely destroyed or made anonymous pursuant to MHC’s data
retention schedule.
SECTION 7 Accessing your Personal Data and PHI
(a) Any Personal Data or PHI you provide to MHC can be accessed and modified
from your User Account. If you remove Personal Data or PHI from your User
Account, it will no longer appear to you on the Platform. Backups of that Personal
Data or PHI will remain in association with your User Account and in MHC’s archive
servers until deleted in accordance with MHC’s data retention schedule.
(b) You may also ask to see the Personal Data and PHI that MHC holds about
you. If you want to review, verify, or correct your Personal Data or PHI, please email
the email address specified in Section 10(c).
(c) When making an access request, MHC may require specific information from
you to confirm your identity and right to access, as well as to search for, and
provide you with, the Personal Data and PHI that MHC holds about you. If you need
help in preparing your request, please email the email address specified in Section
10(c).
(d) For any Personal Data or PHI shared with your consent, you may ask MHC to
provide you with a copy of such Personal Data or PHI in a commonly used and
machine-readable format. You may also request of MHC, if technically feasible, to
send this information to other data processors.
(e) MHC may not be able to provide you with access to your Personal Data or
PHI in situations where such refusal is permitted or required by Applicable Law.
MHC will inform you of the reasons why, subject to any legal or regulatory
restrictions, access has been denied.
(f) You must keep us informed of changes to your Personal Data. You can
correct any inaccuracies by accessing and modifying the information provided in
your User Account. You acknowledge and agree that MHC will have no liability
associated with or arising from your failure to maintain accurate contact or other
information, including your failure to receive critical information about the Platform
or your User Account.
(g) When your User Account is deactivated or terminated for any reason, your
Personal Data and PHI will be removed from the User Account. Backup copies of
your Personal Data and PHI will be removed from MHC’s servers based on MHC’s
data retention schedule, which means it may persist in MHC’s archive for up to 3
years, during which MHC may continue to use your de-identified data.
SECTION 8 Security
MHC values your trust in providing us your Personal Data and PHI. We use industry
standard security measures intended to help protect against the loss, misuse,
unauthorized access, or alteration of information under our control both during
transmission and once the information is received. But remember that no method
of transmission over the internet or method of electronic storage is 100% secure
and reliable and we cannot guarantee its absolute security. MHC puts the following
safeguards in place to ensure security of your data:
(a) MHC does not sell, rent, disclose, or use your Personal Data or PHI without
your authorization or unless permitted or required by law;
(b) Personal Data and PHI is secured through password protection and can only
be accessed by authorized users.
(c) Personal Data and PHI is firewall-protected and under electronic surveillance
24 hours a day, 7 days a week.
(d) Personal Data and PHI is only temporarily stored on tablets or mobile
devices accessing the Platform until submitted before such Personal Data or PHI is
immediately deleted. All temporarily stored data is encrypted so that if a session
ends unexpectedly, or if a tablet or mobile device is lost or stolen, no Personal Data
or PHI can be accessed.
(e) Personal Data or PHI transmitted between the Platform and MHC’s data
centers is protected using industry-standard TLS (256-bit AES keys).
(f) Personal Data and PHI is stored in a highly-secured data center, protected
by multi-layer protocols. This means
(1) the servers housing the Personal Data and PHI are stored in a secured
building with multiple layers of physical security,
(2) at the network level, servers are placed in a secure subnet protected by
firewalls,
(3) front-end servers and database servers are on physically different networks
and have limited connectivity,
(4) the security of all server networks is monitored by an intrusion detection
system that is staffed 24/7 by trained security professionals,
(5) within the database server, Personal Data and PHI are stored in encrypted
form, and
(6) Personal Data and PHI are stored using AES 256-bit encryption.
SECTION 9 Disclaimers
(a) MHC does not assume any responsibility for your use or misuse of Personal
Data or PHI, or your healthcare providers’ or patients’ use or misuse of Personal
Data or PHI, as applicable, whether intentional or inadvertent, while using the
Platform. MHC may amend or delete any content (along with the right to revoke
any access rights to the Platform) that MHC determines in its sole discretion
violates this section.
(b) All users of the Platform, including healthcare providers, are independent
persons and not partners, agents, or employees of MHC. You acknowledge and
agree that MHC has no control over the quality, knowledge, legality, or actions of
such users. All information found on the Platform and recommendations or
instructions to use the Platform are to be followed at your own risk. MHC is not
liable for the acts, errors, omissions, representations, warranties, conditions,
breaches, or negligence of any user of the Platform, including healthcare providers,
or for any personal injuries, death, property damage, or other resulting damages or
expenses.
SECTION 10 Miscellaneous
(a) Contacting MHC. To change or withdraw your consent or make a
complaint, or direct questions or concerns about this Privacy Policy, please email
the email address specified in Section 10(c).
(b) Updates to this Privacy Policy. MHC may update this Privacy Policy from
time to time. Use of Personal Data or PHI MHC collects now is subject to this Privacy
Policy in effect at the time such Personal Data or PHI is used. If MHC makes
changes in the way it uses Personal Data or PHI, it will notify you by emailing the
address in your User Account, or posting to the Platform. You are bound by any
changes to this Privacy Policy when you use the Platform after you have been
notified or such changes have been first posted.
(c) Notices. Notice from MHC to you will be given by email to the email address
specified in your User Account. You acknowledge and agree that MHC will have no
liability associated with or arising from your failure to maintain accurate contact or
other information on your User Account, including your failure to receive critical
information about this Privacy Policy or the Platform. Notice from you to MHC may
be given by email to [email protected], or physical mail at
Managed Health Connections, LLC, 203 N Washington St, Suite 302, Spokane, WA
99201.
Privacy Notice For California Residents
Definitions
Website
Managed Health Connections, LLC or
http://managedhealthconnections.com/mesmerize
Owner (or We)
Indicates the natural person(s) or legal entity that provides this Website to Users.
User (or You)
Indicates any natural person or legal entity using this Website.
This Privacy Notice for California Residents supplements the information contained
in the Website’s Privacy Policy and applies solely to all visitors, users, and others
who reside in the State of California. We adopted this notice to comply with the
California Consumer Privacy Act of 2018 (CCPA) and any terms defined in the CCPA
have the same meaning when used in this notice.
Information We Collect
The Website collects information that identifies, relates to, describes, references, is
capable of being associated with, or could reasonably be linked, directly or
indirectly, with a particular consumer or device (“personal information”).
In particular, Website has collected the following categories of personal information
from its consumers within the last 12 months:
Category Examples Collected
A. Identifiers. A real name, alias, postal
address, unique personal
identifier, online identifier,
Internet Protocol address,
email address, account
name, Social Security
YES
number, driver’s license
B. Personal information
categories listed in the
California Customer
Records statute (Cal. Civ.
Code § 1798.80(e)).
C. Protected classification
characteristics under
California or federal law.
number, passport number,
or other similar identifiers.
A name, signature, Social
Security number, physical
characteristics or
description, address,
telephone number,
passport number, driver’s
license or state
identification card
number, insurance policy
number, education,
employment, employment
history, bank account
number, credit card
number, debit card
number, or any other
financial information,
medical information, or
health insurance
information.
Age (40 years or older),
race, color, ancestry,
national origin, citizenship,
religion or creed, marital
status, medical condition,
physical or mental
disability, sex (including
gender, gender identity,
gender expression,
pregnancy or childbirth
and related medical
conditions), sexual
orientation, veteran or
military status, genetic
information (including
familial genetic
information).
YES
YES
D. Commercial Records of personal YES
information. property, products or
services purchased,
obtained, or considered,
or other purchasing or
consuming histories or
tendencies.
E. Biometric information. Genetic, physiological, YES
behavioral, and biological
characteristics, or activity
patterns used to extract a
template or other
identifier or identifying
information, such as
fingerprints, faceprints,
and voiceprints, iris or
retina scans, keystroke,
gait, or other physical
patterns, and sleep,
health, or exercise data.
F. Internet or other similar Browsing history, search YES
network activity. history, information on a
consumer’s interaction
with a Website,
application, or
advertisement.
G. Geolocation data. Physical location or YES
movements.
H. Sensory data. Audio, electronic, visual, YES
thermal, olfactory, or
similar information.
I. Professional or Current or past job history YES
employment-related or performance
information. evaluations.
J. Non-public education Education records directly YES
information (per the related to a student
Family Educational Rights
and Privacy Act (20 U.S.C.
Section 1232g, 34 C.F.R.
Part 99)).
K. Inferences drawn from
other personal
information.
maintained by an
educational institution or
party acting on its behalf,
such as grades,
transcripts, class lists,
student schedules, student
identification codes,
student financial
information, or student
disciplinary records.
Profile reflecting a
person’s preferences,
characteristics,
psychological trends,
predispositions, behavior,
attitudes, intelligence,
abilities, and aptitudes.
YES
Personal information does not include:
• Publicly available information from government records.
• Deidentified or aggregated consumer information.
• Information excluded from the CCPA’s scope, like certain health or medical
information and other categories of information protected by different laws.
We obtain the categories of personal information listed above from the following
categories of sources:
• Directly from you. For example, from forms you complete or products and
services you purchase.
• Indirectly from you. For example, from observing your actions on our
Website.
Use of Personal Information
We may use or disclose the personal information we collect for one or more of the
following business purposes:
• To fulfill or meet the reason you provided the information. For example, if
you share your name and contact information to request a price quote or ask
a question about our services, we will use that personal information to
respond to your inquiry. If you provide your personal information to
purchase a product or service, we will use that information to process your
payment and facilitate delivery. We may also save your information to
facilitate new product orders or process returns.
• To process your requests, purchases, transactions, and payments and
prevent transactional fraud.
• To provide you with support and to respond to your inquiries, including to
investigate and address your concerns and monitor and improve our
responses.
• To respond to law enforcement requests and as required by applicable law,
court order, or governmental regulations.
• As described to you when collecting your personal information or as
otherwise set forth in the CCPA.
• To evaluate or conduct a merger, divestiture, restructuring, reorganization,
dissolution, or other sale or transfer of some or all of our or our affiliates’
assets in which personal information held by us or our affiliates about our
Website users is among the assets transferred.
We will not collect additional categories of personal information or use the personal
information we collect for materially different, unrelated, or incompatible purposes
without providing you notice.
Sharing Personal Information
We may disclose your personal information to a third party for a business purpose.
When we disclose personal information for a business purpose, we enter a contract
that describes the purpose and requires the recipient to both keep that personal
information confidential and not use it for any purpose except performing the
contract.
We share your personal information with the following categories of third parties:
• Service providers.
Your Rights and Choices
The CCPA provides consumers (California residents) with specific rights regarding
their personal information. This section describes your CCPA rights and explains
how to exercise those rights.
Access to Specific Information and Data Portability Rights
You have the right to request that we disclose certain information to you about our
collection and use of your personal information over the past 12 months. Once we
receive and confirm your verifiable consumer request (see Exercising Access, Data
Portability, and Deletion Rights), we will disclose to you:
• The categories of personal information we’ve collected about you.
• The categories of sources for the personal information we’ve collected about
you.
• Our business or commercial purpose for collecting or selling that personal
information.
• The categories of third parties with whom we share that personal
information.
• The specific pieces of personal information we’ve collected about you (also
called a data portability request).
• If we sold or disclosed your personal information for a business purpose, two
separate lists disclosing:
o sales, identifying the personal information categories that each
category of recipient purchased; and
o disclosures for a business purpose, identifying the personal
information categories that each category of recipient obtained.
Deletion Request Rights
You have the right to request that we delete any of your personal information that
we collected from you and retained, subject to certain exceptions. Once we receive
and confirm your verifiable consumer request (see Exercising Access, Data
Portability, and Deletion Rights), we will delete (and direct our service providers to
delete) your personal information from our records, unless an exception applies.
We may deny your deletion request if retaining the information is necessary for us
or our service provider(s) to:
• Complete the transaction for which we collected the personal information,
provide a good or service that you requested, take actions reasonably
anticipated within the context of our ongoing business relationship with you,
or otherwise perform our contract with you.
• Detect security incidents, protect against malicious, deceptive, fraudulent, or
illegal activity, or prosecute those responsible for such activities.
• Debug products to identify and repair errors that impair existing intended
functionality.
• Comply with the California Electronic Communications Privacy Act (Cal. Penal
Code § 1546 seq.). Enable solely internal uses that are reasonably aligned
with consumer expectations based on your relationship with us.
• Comply with a legal obligation.
• Make other internal and lawful uses of that information that are compatible
with the context in which you provided it.
Exercising Access, Data Portability, and Deletion Rights
To exercise the access, data portability, and deletion rights described above, please
submit a verifiable consumer request to us by either:
• Calling us at 509-290-6062
• Emailing us at [email protected]
Only you, or a person registered with the California Secretary of State that you
authorize to act on your behalf, may make a verifiable consumer request related to
your personal information. You may also make a verifiable consumer request on
behalf of your minor child.
You may only make a verifiable consumer request for access or data portability
twice within a 12-month period. The verifiable consumer request must:
• Provide sufficient information that allows us to reasonably verify you are the
person about whom we’ve collected personal information or an authorized
representative.
• Describe your request with sufficient detail that allows us to properly
understand, evaluate, and respond to it.
We cannot respond to your request or provide you with personal information if we
cannot verify your identity or authority to make the request and confirm the
personal information relates to you.
Making a verifiable consumer request does not require you to create an account
with us.
We will only use personal information provided in a verifiable consumer request to
verify the requestor’s identity or authority to make the request.
Response Timing and Format
We endeavor to respond to a verifiable consumer request within forty-five (45) days
of its receipt. If we require more time, we will inform you of the reason and
extension period in writing.
We will deliver our written response by mail or electronically, at your option.
Any disclosures we provide will only cover the 12-month period preceding the
verifiable consumer request’s receipt. The response we provide will also explain the
reasons we cannot comply with a request, if applicable. For data portability
requests, we will select a format to provide your personal information that is readily
useable and should allow you to transmit the information from one entity to
another entity without hindrance.
We do not charge a fee to process or respond to your verifiable consumer request
unless it is excessive, repetitive, or manifestly unfounded. If we determine that the
request warrants a fee, we will tell you why we made that decision and provide you
with a cost estimate before completing your request.
Personal Information Sales
We will not sell your personal information to any party. If in the future, we
anticipate selling your personal information to any party, we will provide you with
the opt-out and opt-in rights required by the CCPA.
Non-Discrimination
We will not discriminate against you for exercising any of your CCPA rights. Unless
permitted by the CCPA, we will not:
• Deny you goods or services.
• Charge you different prices or rates for goods or services, including through
granting discounts or other benefits, or imposing penalties.
• Provide you a different level or quality of goods or services.
• Suggest that you may receive a different price or rate for goods or services or
a different level or quality of goods or services.
Other California Privacy Rights
California’s “Shine the Light” law (Civil Code Section § 1798.83) permits users of our
Website that are California residents to request certain information regarding our
disclosure of personal information to third parties for their direct marketing
purposes. To make such a request, please send an email to
Changes to Our Privacy Notice
We reserve the right to amend this privacy notice at our discretion and at any time.
When we make changes to this privacy notice, we will post the updated notice on
our Website and update the notice’s effective date. Your continued use of our
Website following the posting of changes constitutes your acceptance of such
changes.
Contact Information
If you have any questions or comments about this notice, the ways in which we
collect and use your information described below and in our Privacy Policy, your
choices and rights regarding such use, or wish to exercise your rights under
California law, please do not hesitate to contact us at:
• Phone: 509-290-6062
• Website: http://managedhealthconnections.com/mesmerize
• Email: [email protected]