This Privacy Notice applies to Well Clinic San Francisco (usually referred to just as “us”, “our”, “we” or something similar) web site. By using our web site, you consent to the data practices in this notice.
Personal data (usually referred to just as “data” below) will only be processed by us to the extent necessary and for the purpose of providing a functional and user-friendly website, including its contents, and the services offered there. We may collect personal information such as your name, email address, home or work phone number or other information you provide us. We use this information to answer questions you may ask us, deliver services to you that you request, and send you updates and communicate with you when you ask us to. We may also collect information about your computer hardware and software, such as your IP address, browser type, domain names, access times and referring web site address. We use this information to operate our service, maintain our quality of service, and provide general statistics regarding use of our website. Of the data we collect through our website (which we will talk about in more detail below), we do not collect or process what are called “special categories” of data that may risk your rights and freedoms. For example, through our website, we do not collect any characteristics of protected classifications including age, race or ethnic origin, religion or philosophical beliefs, sexual orientation, political opinions, trade union memberships, biometric data used to identify an individual, data related to sexual orientation, sexual preferences, sex life, gender, or data related to gender identity or expression. You may provide us health-related information through our website in a form you can fill out, called “personal health information” (“PHI” for short), which is discussed in our HIPAA Policy, below.
I. Information about us
II. The data we collect, how we use it, and the rights you have regarding our use of your data
III. Information about the data processing
I. Information about us and your data
The party responsible for this website for purposes of data protection is:
Well Clinic San Francisco
383 Rhode Island St. Suite 201
San Francisco, CA
II. The data we collect, how we use it, and the rights you have regarding our use of your data.
It should not surprise you we collect any information you enter on our site, send us through email, or that you give us in any other way. If you do not fill out contact forms or send us your information with your explicit consent, we do not collect this information about you. When you visit a website, you disclose certain information, such as your Internet Protocol (IP) address and the time of your visit. This site, like many other sites, records this basic information about visits to our site through Google Analytics, but we reasonably anonymize IP addresses by blocking part of your IP address so that it cannot be reasonably connected to you or used to identify you. We will talk more about this later. We encourage you to review the privacy policies of the websites you visit, as we cannot control the information third parties gather about you, including the websites your visit before you visit our website or websites you may visit after you visit our website.
We collect two types of information about you. The first type of information we collect is information by which you may be personally identified and you voluntarily provide to us, such name and email address. If you have other requests of us, such as telling us how we can help when you fill in our website Contact Us form or reporting a problem with our website, you may choose to provide us information such as your name, postal address, email address, or any other identifier by which you may be contacted by us online or offline (“personally identifiable information”). We may keep a copy of your correspondence (including your email address) if you write us. This includes any social media posts you may make on our social media sites (such as Facebook or LinkedIn) so we can keep track of who submitted what and are able to contact you if we need to regarding your submission.
The second type of information we may collect is information that is about you individually but does not by itself identify you (“non-personal information”). This type of information is generally collected automatically as you navigate through a website, and could include such information as IP addresses, which URL you came from, browsing patterns and actions, location data, zip code, operating system of your computer, browser type and information collected through cookies, flash cookies, web beacons, logs and other tracking technologies that helps us continually improve our services to you, but when you use our website we reasonably anonymize and aggregate this information, so it cannot be used to reasonably identify you.
The information we collect is used for administering our business activities and fulfilling any other purpose for which you provide it and consent. If you are in the EU, UK or Switzerland, or any other country, this data is transferred out of the country you accessed our website with your consent. You have explicitly consented to us transferring your first and last name, email, and any other information you provide to us to California, United States, in order for us to perform services for you and your requests of us to do so as well as to our processors, sub processors and third-party vendors, who are also located in the United States or Canada. If you do not fill out contact forms or send us your information with your explicit consent, we do not collect your information. We may use your information: to carry out our obligations and enforce our rights for contracts entered into between you and us; to prevent fraud; to protect the rights and/or life of an individual; to protect our rights or prevent misuse of our website, property or services; to notify you about changes to our website, new services, or special offers; to recognize you when you return to our Site and remember your preferences; and, when you ask us to use your information for business activities administered by third parties, such as releasing your address information to the delivery service to deliver products/services that you ordered or provide order information to third parties that help us provide customer service.
Your personal data is yours and you have rights over it, including but not limited to:
- the right to be informed about the collection and use of your personal data;
- the right of access to your personal data and any supplementary information;
- the right to have any errors in your personal data rectified;
- the right to have your personal data erased (“right to be forgotten”);
- the right to block or suppress the processing of your personal data;
- the right to move, copy or transfer your personal data from one IT environment to another;
- the right to withdraw your consent of our processing of your personal and data;
- the right to file a complaint with your local supervisory authority;
- the right to object to processing of your personal data in certain circumstances;
- the right to non-discrimination for the same prices and service as those who have and have not exercised their privacy rights (although, as mentioned above, exercising rights such as the right to be forgotten, may prevent you from using our services and certain aspects of our website); and,
- rights related to automated decision-making (i.e. where no humans are involved) and profiling (i.e. where certain personal data is processed to evaluate an individual).
However, after saying all of that, please know there are exceptions to these rights, many examples of which we have listed in this policy.
California residents have the right to request specific disclosures about our privacy practices, including telling you about the information we share with third parties for marketing purposes and the rights listed above (such as the right to non-discrimination). To make such a request, please contact us at the addresses below.
We do not process or respond to “Do Not Track” signals or other similar transmissions that indicate a request to disable online tracking of users who visit our site or who use our services.
III. Information about the data processing
You can request access to all your personally identifiable information and manage your data, including your withdrawal of consent, by sending an e-mail to us. We may not accommodate a request to change information if we believe the change would violate a law or cause the information to be incorrect. Please note that the personally identifiable information and non-personal information that we maintain will be deleted or anonymized after we determine there is no longer any reason to process your information or otherwise fulfill our contractual obligations to you, whichever is more appropriate. While we do not hold personal data any longer than we need to, the duration will depend on your relationship with us. Also, if you request us to delete your information, you should realize that that deleting personal information may affect our ability to deliver services or may result in deleting your account completely.
Depending on which of our services you use, more than one company may be the controller of your personal data in our processors and sub-processors, discussed below. We will not disclose any personally identifiable information to any third party without first receiving your permission, which includes our processors and sub-processors and third-party vendors, below. We do not sell, trade, or rent your personally identifiable information to others.
The importance of security of your personally identifiable information is also very important to us. We have implemented measures designed to secure your personally identifiable information from accidental loss and from unauthorized access, use, alteration, and disclosure. For example, we use security software to protect the confidentiality of your personally identifiable information. We use a Secure Socket Layer/Transport Layer Security technology when information is submitted to us on line. We do not store any of your personal data at our location, but instead use secure cloud storage. However, please know that when we access your personally identifiable information from our computers, it is protected in several ways with firewalls, data encryption, physical security for our buildings, files and information contained therein and other current industry standards. In addition, our business practices are reviewed periodically for compliance with policies and procedures governing the security and confidentiality of our information. Our business practices limit employee access to confidential information, and limit the use and disclosure of such information to authorized persons. Non-personal information that you provide or that we collect also resides on a secure server in our processor and sub processor and cloud infrastructure mentioned above and is only accessible via password. We also use old fashioned lock and key with locking office doors, locking desks, building security systems, and other physical security measures.
Unfortunately, no data transmission over the Internet or any wireless network can be guaranteed to be 100% secure. As a result, while we strive to protect your personally identifiable information, you acknowledge that: (a) there are security and privacy limitations of the Internet which are beyond our control; (b) the security, integrity and privacy of any and all information and data exchanged between you and us through this site cannot be guaranteed; and (c) any such information and data may be viewed or tampered with in transit by a third party. Any transmission of personal information is at your own risk. We are not responsible for circumvention of any privacy settings or security measures contained on the website or other service.
You can read more about the protections and treatment of your PHI below in the HIPAA data part of our privacy notices.
Children and our websites
This website does not provide services or sell products to children under the age of 18. If you are under the age of 18 years old, please do not enter any information into this site and do not use this site. If we learn we have collected or received personal information from a child under 18 without verification of parental consent, we will delete that information. If you are aware of any information we may have collected from a child under 18 years of age, please let us know so that we can delete that information.
a) Session cookies
b) Third-party cookies
c) Disabling cookies
If you prevent or restrict the installation of cookies, not all of the functions on our site may be fully usable.
We use Google Analytics on our website. This is a web analytics service provided by Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043 (hereinafter: Google). The Google Analytics service is used to analyze how our website is used. Usage and user-related information, such as IP address, place, time, or frequency of your visits to our website will be transmitted to a Google server in the United States and stored there. However, we use Google Analytics with the so-called anonymization function, whereby Google truncates the IP address before it is transmitted to us. The data collected in this way is in turn used by Google to provide us with an evaluation of visits to our website and what visitors do once there. This data can also be used to provide other services related to the use of our website and of the internet in general. Google states that it will not connect your IP address to other data. In addition, Google provides further information with regard to its data protection practices at: https://www.google.com/intl/en/policies/privacy/partners including options you can exercise to prevent such use of your data. In addition, Google offers an opt-out add-on at:
Our website uses Google Maps to display our location and to provide directions. This is a service provided by Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043 (hereinafter: Google). To enable the display of certain fonts on our website, a connection to the Google server in the USA is established whenever our website is accessed.
Our website uses Google Fonts to display external fonts. This is a service provided by Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043 (hereinafter: Google).
To enable the display of certain fonts on our website, a connection to the Google server in the USA is established whenever our website is accessed. When you access our site, a connection to Google is established from which Google can identify the site from which your request has been sent and to which IP address the fonts are being transmitted for display.
Google offers detailed information at: https://adssettings.google.com/authenticated and https://policies.google.com/privacy in particular on options for preventing the use of data.
Our website uses the plug-in of the Facebook social network. Facebook.com is a service provided by Facebook Inc., 1601 S. California Ave, Palo Alto, CA 94304, USA. In the EU, this service is also operated by Facebook Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland, hereinafter both referred to as “Facebook.” Further information about the possible plug-ins and their respective functions is available from Facebook at https://developers.facebook.com/docs/plugins/.
Changes to our Privacy Notices
Privacy Policies and Data Collection from Third Party Websites.
Well Clinic of San Francisco
100 Bush Street, Suite 508
San Francisco, CA 94110