California Residents

Supplemental Privacy Notice for California Residents

Last modified: April 8, 2024

This supplemental privacy notice for California residents (“Supplemental Notice”) supplements the information contained in this Website Privacy Policy and applies solely to residents of the State of California (“consumers” or “you“). We adopt this Supplemental Notice to comply with the California Consumer Privacy Act of 2018 (“CCPA”) and any terms defined in the CCPA have the same meaning when used in this Supplemental Notice. Under the CCPA, you have certain rights in relation to some of your personal data, including the right to certain disclosures and explanations of rights.

Information We Collect

We collect information that identifies, relates to, describes, references, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular California consumer, household, or device (“personal information”). In particular, we will collect (and have collected within the last twelve (12) months) the following categories of personal information from consumers through our websites and webpages:

We obtain the categories of personal information listed above from the following categories of sources:

• Directly from you. For example, from forms you complete or products and services you use.
• Indirectly from you. For example, from observing your actions on our Website.

Personal information does not include:

• Publicly available information from government records;
• De-identified or aggregated de-identified consumer information;
• Health or medical information covered by the Health Insurance Portability and Accountability Act of 1996 (HIPAA) and the California Confidentiality of Medical Information Act (CMIA), clinical trial data, or other qualifying research data; or
• Certain personal information covered under certain sector-specific privacy laws, including the Fair Credit Reporting Act (FCRA), the Gramm-Leach-Bliley Act (GLBA) or California Financial Information Privacy Act (FIPA), and the Driver’s Privacy Protection Act of 1994.

Use of Personal Information

We may use or disclose the personal information we collect for our operational purposes and for one or more of the following business purposes:

• To fulfill or meet the reason you provided the information. For example, if you share your name and contact information to request a price quote or ask a question about our products or services, we will use that personal information to respond to your inquiry. If you provide your personal information to purchase a product or service, we will use that information to process your payment and facilitate delivery. We may also save your information to facilitate new product orders or process returns.
• To provide products and services to consumers.
• To respond to consumer requests.
• To improve and personalize consumer access to and experience on our Website, for example, by telling consumers about new features, products, or services that may be of interest to them.
• To develop records, including records of consumers’ personal information.
• To contact consumers with information that might be of interest to them, including, to the extent permitted by law, information about clinical trials and educational and marketing communications about products and services of ours and of others.
• For analytical purposes and to research, develop, and improve programs, products, services and content.
• For activities to monitor and maintain the quality or safety of our products and services
• For activities described to consumers when collecting their personal information or as otherwise permitted under CCPA.
• For U.S. healthcare providers, to link name, National Provider Identifier (NPI), state license number, and/or IP address to web pages they visit, for compliance, marketing, and sales activities.
• To conduct audits and perform troubleshooting activities of our websites, products, and services.
• To detect and protect against security incidents and deceptive, malicious, or fraudulent activity.
• To ensure our Website, products, apps, and services function as intended, including debugging and repairing.
• To comply with a law or regulation, court order or other legal process.
• To evaluate or conduct a merger, divestiture, restructuring, reorganization, dissolution, or other sale or transfer of some or all of our assets, whether as a going concern or as part of bankruptcy, liquidation, or similar proceeding, in which personal information held by us about our Website users is among the assets transferred.

We will not collect additional categories of personal information or use the personal information we collected for materially different, unrelated, or incompatible purposes without providing you notice.

We intend to retain the categories of personal information listed above as long as is reasonably necessary for us to achieve the purposes listed above.

Sharing Personal Information

We may share your personal information by disclosing it to: (a) a third party for a business purpose or (b) any member of our corporate group, including subsidiaries, and affiliates, and other companies in which we have an ownership or economic interest for purposes that are consistent with those identified in our Privacy Policy and this Supplemental Privacy Policy. Some companies performing services on our behalf may collect personal information for us. In all cases in which we share consumers’ personal information with a third-party vendor, we require them to keep personal information confidential, and will only allow them to keep, disclose, or use consumers’ information to provide the services we asked them to provide. We may be required to release consumers’ personal information in response to a court order, subpoena, search warrant, law, or regulation. We may cooperate with law enforcement authorities in investigating and prosecuting users who violate our rules or engage in behavior which is harmful to other users or illegal. In addition, we may keep, disclose, and use consumers’ personal information in order to comply with U.S. FDA and other governmental guidance directions, regulations, and laws.

In the preceding twelve (12) months, we have disclosed to third parties personal information from the above listed categories of personal information for the following business purposes:

(1) Auditing related to a current interaction with the consumer and concurrent transactions, including, but not limited to, counting ad impressions to unique visitors, verifying positioning and quality of ad impressions, and auditing compliance with this specification and other standards.

(2) Detecting security incidents, protecting against malicious, deceptive, fraudulent, or illegal activity, and prosecuting those responsible for that activity.

(3) Debugging to identify and repair errors that impair existing intended functionality.

(4) Short-term, transient use, provided that the personal information is not disclosed to another third party and is not used to build a profile about a consumer or otherwise alter an individual consumer’s experience outside the current interaction, including, but not limited to, the contextual customization of ads shown as part of the same interaction.

(5) Performing services on behalf of the business or service provider, including maintaining or servicing accounts, providing customer service, processing or fulfilling orders and transactions, verifying customer information, processing payments, providing financing, providing advertising or marketing services, providing analytic services, or providing similar services on behalf of the business or service provider.

(6) Undertaking internal research for technological development and demonstration.

(7) Undertaking activities to verify or maintain the quality or safety of a service or device that is owned, manufactured, manufactured for, or controlled by the business, and to improve, upgrade, or enhance the service or device that is owned, manufactured, manufactured for, or controlled by the business.

In the preceding twelve (12) months we have disclosed personal information from the following categories to a third-party human resources software service provider:  

(A) Identifiers such as a real name, alias, postal address, unique personal identifier, internet protocol address, email address, account name, or other similar identifiers.

(E) Biometric information.

(I) Professional or employment-related information.

We do not sell personal information of California consumers.

This does not include disclosures that are not a “sale” under the CCPA, including when:

• A consumer intentionally and deliberately instructs us to interact with a third party that does not sell that information;
• We use or share consumers’ personal information pursuant to a written contract with a qualified service provider that is necessary to perform a business purpose other than the reason supplied in the contract;
• Consumers’ personal information is transferred as part of a merger, acquisition, bankruptcy, or other transaction in which a third party assumes control of all or part of our business; or
• Disclosure of consumer identifiers with third parties for the sole purpose of informing others about consumer opt-out requests.

 Your Rights and Choices

The CCPA provides consumers (California residents) with specific rights regarding their personal information. This section describes your CCPA rights and explains how to exercise those rights.

Right to Know and Data Portability. You have the right to request we disclose certain information to you about our collection and use of your personal information over the past twelve (12) months (the “right to know“). Once we receive your request and confirm your identity (see Exercising Your Rights to Know or Delete below), we will disclose to you:

• The categories of personal information we collected about you.
• The categories of sources for the personal information we collected about you.
• Our business or commercial purpose for collecting or selling that personal information.
• The categories of third parties with whom we share that personal information.
• If we sold or disclosed your personal information for a business purpose, two separate lists disclosing:
  • sales, identifying the personal information categories that each category of recipient purchased; and
  • disclosures for a business purpose, identifying the personal information categories that each category of recipient obtained.
• The specific pieces of personal information we collected about you (also called a data portability request).

Right to Delete. You have the right to request we delete any of your personal information we collected from you and retained, subject to certain exceptions (the “right to delete“). Once we receive your request and confirm your identity (see Exercising Your Rights to Know or Delete below), we will review your request to see if an exception allowing us to retain the information applies. We may deny your deletion request if retaining the information is necessary for us or our service provider(s) to:

• Complete the transaction for which we collected the personal information, provide a good or service that you requested, take actions reasonably anticipated within the context of our ongoing business relationship with you, fulfill the terms of a written warranty or product recall conducted in accordance with federal law, or otherwise perform our contract with you.
• Detect security incidents, protect against malicious, deceptive, fraudulent, or illegal activity, or prosecute those responsible for such activities.
• Debug products to identify and repair errors that impair existing intended functionality.
• Exercise free speech, ensure the right of another consumer to exercise their free speech rights, or exercise another right provided for by law.
• Comply with the California Electronic Communications Privacy Act (Cal. Penal Code § 1546 seq.).
• Engage in public or peer-reviewed scientific, historical, or statistical research in the public interest that adheres to all other applicable ethics and privacy laws, when the information’s deletion may likely render impossible or seriously impair the research’s achievement, if you previously provided informed consent.
• Enable solely internal uses that are reasonably aligned with consumer expectations based on your relationship with us.
• Comply with a legal obligation.
• Make other internal and lawful uses of that information that are compatible with the context in which you provided it.
• We will delete or deidentify personal information not subject to one of these exceptions from our records and will direct our service providers to take similar action.

   Exercising Your Rights to Know or Delete

To exercise your rights to know or delete described above, please submit a request by either:

• Emailing us at privacy@clinicomp.com.
• Visiting clinicomp.com.
• Calling 1-800-350-8202

Only you, or someone legally authorized to act on your behalf, may make a request to know or delete related to your personal information.

You may also make a request to know or delete on behalf of your child by contacting us as stated above and providing documentation to allow us to verify your identity.].

You may only submit a request to know twice within a twelve (12)-month period. Your request to know or delete must:

• Provide sufficient information that allows us to reasonably verify you are the person about whom we collected personal information or an authorized representative, which may include information that will allow us to match the information you provide with the information we already have on file, or we may contact you through email, by text, or by phone (that you have previously provided to us) to verify your identity. We may also use other verification methods as the circumstances dictate.
  • To the extent possible, we will avoid requesting additional information from you for the purposes of verification. If, however, if we cannot verify your identity from the information already maintained by us, we may request that you provide additional information for the purposes of verifying your identity, and for security or fraud-prevention purposes. We will delete such additionally provided information as soon as we finish verifying you.
• Describe your request with sufficient detail that allows us to properly understand, evaluate, and respond to it.

We cannot respond to your request or provide you with personal information if we cannot verify your identity or authority to make the request and confirm the personal information relates to you.

You do not need to create an account with us to submit a request to know or delete.

We will only use personal information provided in the request to verify the requestor’s identity or authority to make it.

Response Timing and Format.

We will confirm receipt of your request within ten (10) business days. If you do not receive confirmation within the ten (10)-day timeframe, please contact privacy@clinicomp.com.

We endeavor to substantively respond to a verifiable consumer request within forty-five (45) days of its receipt. If we require more time (up to another forty-five (45) days), we will inform you of the reason and extension period in writing.

If you have an account with us, we will deliver our written response to that account. If you do not have an account with us, we will deliver our written response by mail or electronically, at your option.

Any disclosures we provide will only cover the twelve (12)-month period preceding our receipt of your request. The response we provide will also explain the reasons we cannot comply with a request, if applicable. For data portability requests, we will select a format to provide your personal information that is readily useable and should allow you to transmit the information from one entity to another entity without hindrance.

We do not charge a fee to process or respond to your verifiable consumer request unless it is excessive, repetitive, or manifestly unfounded. If we determine the request warrants a fee, we will tell you why we made that decision and provide you with a cost estimate before completing your request.

Non-Discrimination.

We will not discriminate against you for exercising any of your CCPA rights. Unless permitted by the CCPA, we will not:

• Deny you goods or services.
• Charge you different prices or rates for goods or services, including through granting discounts or other benefits, or imposing penalties.
• Provide you a different level or quality of goods or services.
• Suggest that you may receive a different price or rate for goods or services or a different level or quality of goods or services.

However, we may offer you certain financial incentives permitted by the CCPA that can result in different prices, rates, or quality levels. Any CCPA-permitted financial incentive we offer will reasonably relate to your personal information’s value and contain written terms that describe the program’s material aspects. Participation in a financial incentive program requires your prior opt-in consent, which you may revoke at any .

Changes to Our Privacy Policy

We reserve the right to amend this Supplemental Privacy Policy at our discretion and at any time. When we make changes to this Supplemental Privacy Policy, we will post the updated policy on the Website and update the policy’s effective date. e encourage you to review this privacy notice frequently to be informed of how we are protecting your information.

Your continued use of our Websites following the posting of changes constitutes your acceptance of such changes.

Contact Information

If you have any questions or comments about this Supplemental Privacy Policy, the ways in which we collect and use your information described in this Supplemental Privacy Policy, your choices and rights regarding such use, or wish to exercise your rights under California law, please do not hesitate to contact us at:

Phone: 1-800-350-8202
Website: www.clinicomp.com
Email: privacy@clinicomp.com

Postal Address:

CliniComp
Attn: Regulatory
9655 Towne Centre Drive, San Diego, CA 92121

If you need to access this Policy in an alternative format due to having a disability, please contact privacy@clinicomp.com.