Surgery Advisors LLC Privacy and Confidentiality Policy

 

This Privacy Policy describes how your personally identifiable and non personally identifiable information is collected, used, and shared when you visit https://surgeryadvisor.wpengine.com (the “Site”) or provide information to Surgery Advisors LLC (SA) when you consider procuring and / or then procure healthcare services through SA.  If you visit our Site, attempt to or procure healthcare services through SA, you acknowledge and agree to the terms of this Privacy Policy and that the policy may be modified at times. 

PERSONALLY IDENTIFIABLE INFORMATION WE COLLECT

To best serve your health needs, SA collects information from you on our site, via third party software, and/or orally, and/or using offline forms. If you provide us with written permission/authorization, we may also collect information from a third party such as your physician or healthcare provider. All healthcare information that identifies you is referred to as “personally identifiable information” and is shared with our network of medical/dental providers and hospitals in order to provide you with a healthcare solution.  Your personally identifiable information will only be used when necessary to provide healthcare services you have requested, and/or as otherwise required by law.

We have added security layers so that your information is kept safe. These include: Secure Socket Layer (SSL) 128 bit encryption, the use of third party software (business associate agreements signed) that is HIPAA compliant and only allowing authorized personnel to access your information for business purposes. No personally identifiable information is collected through the site’s servers, as all information collected is through embedded forms with HIPAA compliant third party vendors. In addition, emails sent to SA are within a HIPAA compliant system via Google Workspace. While we have taken these security measures, no system is completely impenetrable, so we cannot guarantee that information will not be intercepted or breached while being transmitted over the internet. 

We use the personally identifiable information that we collect generally to fulfill healthcare procedure appointments placed through us (including processing your payment information, arranging for your trip and accommodations,  and providing you with invoices and/or order confirmations). Additionally, we use this information to:

Communicate with you;

Screen our orders for potential risk or fraud; and

When in line with the preferences and authorizations you have shared with us, provide you with information or advertising relating to our products or services.

We will share some of your personally identifiable information for payment processing.  We do not, however, share your personally identifiable health information for payment processing.  We use Square to power our payment solutions. You can read more about how Square uses your Personal Information here: https://squareup.com/help/us/en/article/3796-privacy-and-security. 

SA will not sell or transfer your personally identifiable information to a third party for any purpose other than to provide the healthcare services you request. In the unlikely event SA, or any of its assets, is acquired by another party, your personally identifiable information may be transferred to the acquiring party. Finally, we may also share your personally identifiable information to comply with applicable laws and regulations, to respond to a subpoena, search warrant or other lawful request for information we receive, or to otherwise protect our rights.

Your personally identifiable health information will be retained in our record retention system for up to 10 years past the last recorded event.

We do not house and/or retain any medical records generated by the healthcare providers in Mexico when and/or after they perform the procedures you have requested. In the event you need those records, please request them from the healthcare providers in Mexico who performed the healthcare procedures.  To reiterate, SA does not request, receive, store and/or retain any medical records that were generated by healthcare providers in Mexico who performed medical procedures on you.

SA does not collect, store or disclose any information about children under the age of 18 years with the consent of a parent or legal guardian.  If we receive information from a minor under the age of 18 years, we will use that information only to notify the minor that we require the consent of a parent or legal guardian.

NON PERSONALLY IDENTIFIABLE INFORMATION WE COLLECT AND HOW WE USE IT

When you visit the Site, we automatically collect certain information about your device, including information about your web browser, IP address, time zone, and some of the cookies that are installed on your device. Additionally, as you browse the Site, we collect information about the individual web pages or products that you view, what websites or search terms referred you to the Site, and information about how you interact with the Site. We refer to this automatically-collected information as “Device Information.”  The device information we collect and store does not identify you personally (non personally identifiable information).

We collect Device Information using the following technologies:

– “Cookies” are data files that are placed on your device or computer and often include an anonymous unique identifier. For more information about cookies, and how to disable cookies, visit http://www.allaboutcookies.org.

– “Log files” track actions occurring on the Site, and collect data including your IP address, browser type, Internet service provider, referring/exit pages, and date/time stamps.

– “Web beacons,” “tags,” and “pixels” are electronic files used to record information about how you browse the Site.

We use the Device Information that we collect to help us screen for potential risk and fraud (in particular, your IP address), and more generally to improve and optimize our Site (for example, by generating analytics about how our customers browse and interact with the Site, and to assess the success of our marketing and advertising campaigns)

We share your Personal Information with third parties to help us use your Personal Information, as described above. We also use Google Analytics to help us understand how our customers use the Site. You can read more about how Google uses your Personal Information here: https://www.google.com/intl/en/policies/privacy/. 

You can also opt-out of Google Analytics here: https://tools.google.com/dlpage/gaoptout.

LINKS TO OTHER SITES

Our Site contains links to other websites (“linked sites”).  We are not endorsing any products or services found at the linked sites.  We are not responsible for content or privacy practices of the linked sites and disclaim any and all responsibility and liability associated with your use of the linked sites.  We recommend that you review the privacy statements posted on those sites and understand their policies on disclosing and using personally identifiable and non personally identifiable information.

BEHAVIOURAL ADVERTISING

As referenced above, we may use your Personal Information to provide you with targeted advertisements or marketing communications we believe may be of interest to you. For more information about how targeted advertising works, you can visit the Network Advertising Initiative’s (“NAI”) educational page at http://www.networkadvertising.org/understanding-online-advertising/how-does-it-work.

You can opt out of targeted advertising by:

FACEBOOK – https://www.facebook.com/settings/?tab=ads

GOOGLE – https://www.google.com/settings/ads/anonymous

BING – https://advertise.bingads.microsoft.com/en-us/resources/policies/personalized-ads

Additionally, you can opt out of some of these services by visiting the Digital Advertising Alliance’s opt-out portal at: http://optout.aboutads.info/.

DO NOT TRACK

Please note that we do not alter our Site’s data collection and use practices when we see a Do Not Track signal from your browser.

YOUR RIGHTS

If you are a European resident, you have the right to access personal information we hold about you and to ask that your personal information be corrected, updated, or deleted. If you would like to exercise this right, please contact us through the contact information below. Additionally, if you are a European resident we note that we are processing your information in order to fulfill contracts we might have with you (for example if you make an order through the Site), or otherwise to pursue our legitimate business interests listed above. Additionally, please note that your information will be transferred outside of Europe, including to Canada and the United States.

DATA RETENTION

When you place an order through the Site, we will maintain your order for healthcare services information for our records unless and until you ask us to delete this information.  Your personally identifiable health information will be retained in our record retention system for up to 10 years past the last recorded event.

MINORS

The Site is not intended for individuals under the age of 18.  SA does not collect, store or disclose any information about children under the age of 18 years with the consent of a parent or legal guardian.  If we receive information from a minor under the age of 18 years, we will use that information only to notify the minor that we require the consent of a parent or legal guardian.

CHANGES

We may update this privacy policy from time to time in order to reflect, for example, changes to our practices or for other operational, legal or regulatory reasons.

CONTACT US

For more information about our privacy practices, if you have questions, or if you would like to make a complaint, please contact us by e-mail at hello@surgery-advisors.com

Applicable Date: 7/3/2021