Log In

Privacy Notice

PRIVACY NOTICE

Last modified: September 1st, 2022

Please read this document carefully to understand our policies and practices regarding your information and how we will treat it. If you do not agree with our policies and practices, your choice is not to use our website(s). By accessing or using our website(s), you agree to this Privacy Notice. This Privacy Notice may change from time to time (see the Changes to Our Privacy Notice section below). Your continued use of our website(s) after we make changes is deemed to be acceptance of those changes, so please check here periodically for updates.

SunshineMD, LLC (“SunshineMD,” “we,” “us,” or “our”) respects your privacy and is committed to protecting it as described herein (“Privacy Notice” or “Notice”). This Privacy Notice describes the types of information we may collect from you or that you may provide when you visit our website located at sunshinemddata.com, our app, and our related sites, microsites, pages, and mobile sites, as well as our services platform, content, products, and services operated by SunshineMD (collectively, our “Site(s)”) and our practices for collecting, using, maintaining, protecting, and disclosing that information.

This Notice applies to information we collect:

  • On the Site.
  • In email, text, and other electronic messages between you and the Site.

It does not apply to information collected by:

  • Us offline or through any other means; or
  • Any third party (including any possible affiliates and subsidiaries), including through any application or content (including advertising) that may link to or be accessible from or on the Site.

Minors

Our Site is not intended for users under eighteen (18) years of age. No one under the age of 18 may provide any information to or on the Site. We do not seek or knowingly collect Personal Information (as defined below) from minors. If you are under the age of 18, you may not use or access the Site without supervision.

Information We Collect About You and How We Collect It

At any given time, we may collect the following kinds of information when you use the Site:

 

Information you provide directly to us. For certain activities, such as when you register, subscribe to our alerts, download our datasets, or contact us directly, we may collect some or all information that can be used to identify, locate, or contact an individual, alone or when combined with other personal or identifying information (“Personal Information”) including the following types of Personal Information:

  • Contact information, such as your full name, email address, mobile phone number, and address;
  • Username and password; and
  • Any other information you provide to us.

We may combine such information with information we may already have about you. We collect this information directly from you only when you provide it to us. Do not send us sensitive Personal Information that you do not consent for us to collect, use or disclose, such as social security numbers, banking details, driver’s license information, and healthcare information. We never require the disclosure of such sensitive Personal Information to perform any function of the Site.

Information we collect automatically. When you access and use the Site, we may use technology to automatically collect information to improve our Site and to deliver a better and more personalized service, which may include:

  • Location data;
  • Length of time you visit our Site;
  • Page views, click-stream information, and referring URL and logs;
  • The resources and devices that you access and use on or through the Site; and/or
  • Information about your device and internet connection, such as the device’s unique device identifier, IP address, operating system, browser type, and network information.

 

The Site may also access metadata and other information associated with other files stored on your device. Any such information that we may collect through automatic technological means will be aggregated as statistical data and will not include personal information (or will have personal identifiers removed), but we may maintain or associate this data with information we collect in other ways or receive from third parties.

We use third-party web tools for web analytics. We do not collect any personally identifiable information with these tools and only our staff, employees, and commercial partners will have access to this information. We use these tools to collect basic information about visits to the Site, which we use to maintain the Site, including:

  • Monitoring stability;
  • Measuring traffic;
  • Optimizing content; and
  • Helping make the Site more useful to visitors.

We may also collect technical data to address and fix technical problems and improve our Sites, including the memory state of your device when a system or app crash occurs while using our Sites. Your device or browser settings may permit you to control the collection of this technical data. This data may include parts of a document you were using when a problem occurred, or the contents of your communications. By using the Sites, you are consenting to the collection of this technical data.

We may also receive information about you from other sources, including through third-party services and organizations. For example, if you access third-party services, such as Facebook, Google, or Twitter, through the Sites to login to the Sites or to share information about your experience on the Sites with others, we may collect information from these third-party services.

We and third parties that provide content or functionality on our Sites, may use one or more of the following technologies to automatically collect this information on or through our website:

  • Cookies (or browser/mobile cookies). A cookie is a small file placed on your device. Cookies are a way to carry information from one session on a website to another, or between sessions on related website, without having to burden a server machine with large quantities of data storage.
  • Flash Cookies. Certain features of the Site may use local stored objects (or Flash cookies) to collect and store information about your preferences and navigation to, from, and on the Site.
  • Web Beacons and Other Technologies. Pages of our Site and our emails may contain small electronic files known as web beacons (also referred to as clear gifs, pixel tags, and single-pixel gifs) that permit us to count users who have visited those pages or opened an email and for other related Site statistics (for example, recording the popularity of certain Site content and verifying system and server integrity). The information we may obtain in this manner would enable us to customize the Site and to measure the overall effectiveness of the Site.
  • Google. Google Analytics is a web analytics service provided by Google Inc. It uses cookies to collect, for example, information about the operating system and the browser that you use, your IP address, the Site you previously accessed (referrer URL) and the date and time of your visit to the Site. On subsequent repeated visits to the Site, frequently used information is automatically displayed for you. We are able to track your usage patterns with the help of the cookies. The information generated by cookies about the use of the Site is transmitted to a Google server, which may be located within or outside of, the United States, and stored there. Google will use this information to evaluate your use of the Site. Google may transfer these rights to third-parties insofar as it is required to do so by law or in order that data may be processed on Google’s behalf. By accepting this Notice, you consent to the processing of your data by Google.

Our Site may contain links to content maintained by third parties that we do not control. We allow third parties, including business partners, advertising networks, and other advertising service providers, to collect information about your online activities through cookies, pixels, local storage, and other technologies. These third parties may use this information to display advertisements on our Sites and elsewhere online tailored to your interests, preferences, and characteristics. We are not responsible for the privacy practices of these third parties, and the information practices of these third parties are not covered by this Privacy Notice.

Some third parties collect information about users of our Sites to provide interest-based advertising on our Sites and elsewhere, including across browsers and devices. These third parties may use the information they collect on our Sites to make predictions about your interests in order to provide you ads (from us and other companies) across the internet. Some of these third parties may participate in an industry organization that gives users the opportunity to opt out of receiving ads that are tailored based on your online activities.

How We Use Your Information

We may use information that we collect about you that you provided to us, including any Personal Information:

  • To communicate with you, including responding to your requests and asking for feedback through surveys or other messages.
  • To provide you with information about services we provide.
  • To carry out our obligations and enforce our rights arising from any contracts entered into between you and us, including to prevent potentially prohibited or illegal activities and otherwise in accordance with our Terms and Conditions.
  • To fulfill your orders and other requests.
  • To notify you about changes to our Site or any services we offer or provide through it.
  • To customize the content you see when you use the Sites.
  • To send you promotional materials from us or on behalf of our affiliates and trusted third-party partners.
  • To analyze your activity with us (including your interactions with our Site, social media pages, and emails or other forms of communication) and monitoring the effectiveness of our advertising and communications.
  • To address and fix technical problems and improve our Sites.
  • To comply with legal and regulatory requirements and responding to requests from courts or other government bodies.
  • In any other way we may describe when you provide the information, including the purpose for which you provided us the information.
  • For any other purpose with your consent.

We Do Not Sell Your Information

We do not sell your Personal Information (including de-identified and aggregate data) to any third parties. Any information we collect from you is stored locally and is not transferred to any outside entity or third-party, unless this Notice states otherwise. If information is transferred to a third party, it is not sold to the third party.

 

Disclosure of Your Information

We may disclose aggregated information about our users, and information that does not identify any individual, without restriction.

We may disclose Personal Information that we collect or you provide as described in this Privacy Notice:

  • To third-party vendors and service-providers that help us with specialized services, including billing, payment processing, customer service, email deployment, business analytics, marketing, advertising, performance monitoring, hosting, and data processing.
  • To our subsidiaries and affiliates.
  • To a third party for a business purpose. We only make these business purpose disclosures under written contracts that describe the purposes, require the recipient to keep the Personal Information confidential, and prohibit using the disclosed information for any purpose except performing the contract.
  • To a buyer or other successor in the event of a merger, divestiture, restructuring, reorganization, dissolution, or other sale or transfer of some or all of SunshineMD’s assets, whether as a going concern or as part of bankruptcy, liquidation, or similar proceeding, in which Personal Information held by SunshineMD about our Site users is among the assets transferred.
  • To fulfill the purpose for which you provide it.
  • For any other purpose disclosed by us when you provide the information.
  • With your consent.

We may also disclose your Personal Information:

  • To comply with any court order, law, or legal process, including to respond to any government or regulatory request.
  • To enforce or apply our Terms of Use and other agreements, including investigation of potential violations this Privacy Notice.
  • To initiate, render, bill, and collect for services.
  • To respond to your support requests.
  • If we believe disclosure is necessary or appropriate to protect the rights, property, or safety of SunshineMD, our customers, or others. This includes exchanging information with other companies and organizations for the purposes of fraud protection and credit risk reduction.

If you access third-party services, such as Facebook, Google, or Twitter, to login to the Sites or to share information about your experience on the Sites with others, these third-party services may be able to collect information about you, including information about your activity on the Sites, and they may notify your connections on the third-party services about your use of the Sites, in accordance with their own privacy policies.

If you choose to engage in public activities on the Sites, you should be aware that any information you share there can be read, collected, or used by other users of these areas. You should use caution in disclosing Personal Information while participating in these areas. We are not responsible for the information you choose to submit in these public areas.

Retention Period

Your information will be stored and retained by us for a maximum of three (3) years, after which time, it will be deleted or destroyed.

Data Security

We have implemented measures designed to secure your information from accidental loss and from unauthorized access, use, alteration, and disclosure. All information you provide to us is encrypted and stored on our secure servers behind firewalls. Unfortunately, the transmission of information via the internet is not completely secure. Although we do our best to protect your information, including Personal Information, we cannot guarantee the security of your information transmitted to our Site. Any transmission of Personal Information is at your own risk. We are not responsible for circumvention of any privacy settings or security measures contained on the Site.

Your Choices About Data Collection, Use, Disclosure

  • We strive to provide you with options regarding your Personal Information. If you do not want us to collect your information, as described in this Notice, do not use the Site. This section describes mechanisms we provide for you to control certain uses and disclosures of your information.
  • Tracking Technologies. You can set your browser to refuse all or some cookies, or to alert you when cookies are being sent. To learn how you can manage your Flash cookie settings, visit the Flash player settings page on Adobe’s website. If you disable or refuse cookies or Flash cookies or block the use of other tracking technologies, some parts of the Site may then be inaccessible or not function properly.
  • Email and Promotional Offers. When you contact us through certain forms on the Site, you may be added to our email list to receive email messages. At any time, you can choose to no longer receive such emails by using the “unsubscribe” method found at the bottom of each email or by sending us an email or other correspondence stating your request.
  • Contact us/Personal Information. If you have any questions regarding this Privacy Notice, have a specific request to access, correct, or delete any personal information that you have provided to us, or if you feel that the Site has not followed its obligations in this Privacy Notice or our Terms of Use, feel free to contact us, as provided below. Note that we may have to delete your user account on the Site, in order to delete your personal information. We may not accommodate a request to change information if we believe the change would violate any law or legal requirement or cause the information to be incorrect.

If you do not want us to use your information in this way, please contact us at privacy@sunshinemddata.com or 215 S. Broad Street, Suite 203, Philadelphia, PA 19107.

You may be able to refuse or disable cookies by adjusting your web browser settings. Because each web browser is different, please consult the instructions provided by your web browser (typically in the “help” section). If you choose to refuse, disable, or delete these technologies, some of the functionality of the Sites may no longer be available to you.

***********************

CALIFORNIA RESIDENTS ONLY

California residents are subject to heightened protections under the California Consumer Protection Act (CCPA). We adopt this section to comply with the CCPA and any terms defined in the CCPA, but not defined in this Privacy Notice, have the same meaning under the CCPA when used in this Privacy Notice. Information in this section only pertains to California residents. The rest of this Privacy Notice pertains to both California residents and all other residents. Information on what information we collect, how we collect it, who we disclose it to is explained elsewhere in this Privacy Notice.

Under the CCPA, California residents have the following rights:

  1. Right to Know
  2. Right to Deletion
  3. Right to Opt-Out of Sale
  4. Right to Non-Discrimination

Information We Collect

The obligations and rights in this section do not apply to Personal Information we collect about job applicants, independent contractors, current or former full-time, part-time, and temporary employees and staff, officers, directors, or owners of SunshineMD, business users, or residents of any state other than California. This section applies only to California residents, and for this section only, Personal Information is defined as information that identifies, relates to, describes, references, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer, household, or device. Some of the information collected, including some that you may provide to us such as through email communications, is considered Personal Information. Pursuant to the California Consumer Privacy Act, we are required to disclose to you upon your request (no more than twice in any 12-month period, subject to some exceptions) the following categories of Personal Information collected within the past 12 months:

Category Examples Collected
A. Identifiers. A real name, alias, postal address, unique personal identifier, online identifier, Internet Protocol address, email address, account name, Social Security number, driver’s license number, passport number, or other similar identifiers. YES
B. Personal information categories listed in the California Customer Records statute (Cal. Civ. Code § 1798.80(e)). A name, signature, Social Security number, physical characteristics or description, address, telephone number, passport number, driver’s license or state identification card number, insurance policy number, education, employment, employment history, bank account number, credit card number, debit card number, or any other financial information, medical information, or health insurance information.

Some Personal Information included in this category may overlap with other categories.

 YES
C. Protected classification characteristics under California or federal law. Age (40 years or older), race, color, ancestry, national origin, citizenship, religion or creed, marital status, medical condition, physical or mental disability, sex (including gender, gender identity, gender expression, pregnancy or childbirth and related medical conditions), sexual orientation, veteran or military status, genetic information (including familial genetic information). NO
D. Commercial information. Records of personal property, products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies. YES
E. Biometric information. Genetic, physiological, behavioral, and biological characteristics, or activity patterns used to extract a template or other identifier or identifying information, such as, fingerprints, faceprints or facial scans, and voiceprints, iris or retina scans, keystroke, gait, or other physical patterns, and sleep, health, or exercise data. NO
F. Internet or other similar network activity. Browsing history, search history, information on a consumer’s interaction with a website, application, or advertisement. YES
G. Geolocation data. Physical location or movements. YES
H. Sensory data. Audio, electronic, visual, thermal, olfactory, or similar information. NO
I. Professional or employment-related information. Current or past job history or performance evaluations. NO
J. Non-public education information (per the Family Educational Rights and Privacy Act (20 U.S.C. Section 1232g, 34 C.F.R. Part 99)). Education records directly related to a student maintained by an educational institution or party acting on its behalf, such as grades, transcripts, class lists, student schedules, student identification codes, student financial information, or student disciplinary records. NO
K. Inferences drawn from other Personal Information. Profile reflecting a person’s preferences, characteristics, psychological trends, predispositions, behavior, attitudes, intelligence, abilities, and aptitudes. YES

 

  1. Right to Know

You have the right to request the disclosure of certain information to you about our collection and use of your Personal Information over the past 12 months (the “right to know”). Once we receive your request and confirm your identity (see Accessing and Correcting Your Information), we will disclose to you:

  • The categories of Personal Information we collected about you.
  • The categories of sources for the Personal Information we collected about you.
  • Our business or commercial purpose for collecting or selling that Personal Information.
  • The categories of third parties with whom we share that Personal Information.
  • If we sold or disclosed your Personal Information for a business purpose, two separate lists disclosing:
    • sales, identifying the Personal Information categories that each category of recipient purchased; and
    • disclosures for a business purpose, identifying the Personal Information categories that each category of recipient obtained.
  • The specific pieces of Personal Information we collected about you (also called a data portability request).
  1. Right to Delete

You have the right to request that we delete any of your Personal Information that we collected from you and retained, subject to certain exceptions (the “right to delete”). Once we receive your request and confirm your identity (see Exercising Your Rights to Know or Delete), we will review your request to see if an exception allowing us to retain the information applies. We may deny your deletion request if retaining the information is necessary for us or our service provider(s) to:

  1. Complete the transaction for which we collected the Personal Information, provide a good or service that you requested, take actions reasonably anticipated within the context of our ongoing business relationship with you, fulfill the terms of a written warranty or product recall conducted in accordance with federal law, or otherwise perform our contract with you.
  2. Detect security incidents, protect against malicious, deceptive, fraudulent, or illegal activity, or prosecute those responsible for such activities.
  3. Debug products to identify and repair errors that impair existing intended functionality.
  4. Exercise free speech, ensure the right of another consumer to exercise their free speech rights, or exercise another right provided for by law.
  5. Comply with the California Electronic Communications Privacy Act (Cal. Penal Code § 1546 et. seq.).
  6. Engage in public or peer-reviewed scientific, historical, or statistical research in the public interest that adheres to all other applicable ethics and privacy laws, when the information’s deletion may likely render impossible or seriously impair the research’s achievement, if you previously provided informed consent.
  7. Enable solely internal uses that are reasonably aligned with consumer expectations based on your relationship with us.
  8. Comply with a legal obligation.
  9. Make other internal and lawful uses of that information that are compatible with the context in which you provided it.

After receipt of your request and confirmation of your identity, we will delete or de-identify Personal Information not subject to one of these exceptions from our records and will direct our service providers to take similar action.

 

Exercising Your Rights to Know or Delete

Only you, or someone legally authorized to act on your behalf, may make a request to know or delete  your Personal Information.

You may only submit a request to know twice within a 12-month period. Your request to know or delete must:

  1. Provide sufficient information that allows us to reasonably verify you are the person about whom we collected Personal Information or an authorized representative, which may include:
  • Verifying Personal Information (such as date of birth, address, etc.) with a SunshineMD representative, or
  • Provide legal documentation verifying you are the legal guardian of the subject to whom the Personal Information identifies.
  1. Describe your request with sufficient detail that allows us to properly understand, evaluate, and respond to it.

We cannot respond to your request or provide you with Personal Information if we cannot verify your identity or authority to make the request and confirm the Personal Information relates to you.

We will only use Personal Information provided in the request to verify the requestor’s identity or authority to make it.

We endeavor to substantively respond to a verifiable consumer request within forty-five (45) days after its receipt. If we require more time (up to another 45 days), we will inform you of the reason and extension period in writing. We will deliver our written response by mail or electronically, at your option.

Any disclosures we provide will only cover the 12-month period preceding our receipt of your request. The response we provide will also explain the reasons we cannot comply with a request, if applicable. For data portability requests, we will select a format in our discretion to provide your Personal Information that is readily useable and should allow you to transmit the information from one entity to another entity without unreasonable hindrance.

We do not charge a fee to process or respond to your verifiable consumer request unless it is excessive, repetitive, or manifestly unfounded. If we determine that the request warrants a fee, we will tell you why we made that decision and provide you with a cost estimate before completing your request.

  1. Right to Opt-Out of Sale

We do not sell your information to any third parties. If this changes and we do decide to sell your information, this Privacy Notice will be updated and you will have the right to opt-out of the sale of your information.

  1. Non Discrimination

We will not discriminate against you for exercising any of your rights under this Privacy Notice including, we will not (unless permitted by law):

  1. Deny you goods or services.
  2. Charge you different prices or rates for goods or services, including through granting discounts or other benefits, or imposing penalties.
  3. Provide you a different level or quality of goods or services.
  4. Suggest that you may receive a different price or rate for goods or services or a different level or quality of goods or services.

However, we may offer you certain financial incentives permitted by law that can result in different prices, rates, or quality levels. Any permitted financial incentive we offer will reasonably relate to your Personal Information’s value and contain written terms that describe the program’s material aspects. Participation in a financial incentive program requires your prior opt-in consent, which you may revoke at any time. We do not currently provide any financial incentives, but this is subject to change.

Other California Privacy Rights

California’s “Shine the Light” law (Civil Code Section § 1798.83) permits users of our Site that are California residents to request certain information regarding our disclosure of Personal Information to third parties for their direct marketing purposes. To make such a request, please send an email to privacy@sunshinemddata.com.

***********************

FOR ALL SITE USERS

Accessing and Correcting Your Information

You can review and change your account information by sending us an email stating your request to privacy@sunshinemddata.com.

Using the Site from Outside the United States

This Notice is intended to cover collection of information on or via the Site from residents of and within the United States. If you are visiting the Site from outside the United States, please be aware that the data protection laws governing this Site might not be as restrictive as those in your country. By using the Site, you understand that your information may be transferred to our facilities and those third parties with whom we share it as described in this Privacy Notice.

Changes to Our Privacy Notice

We reserve the right to amend this Privacy Notice at our discretion and at any time. When we make changes to this Privacy Notice, we will post the updated Notice on the Site and update the Notice’s date. Your continued use of our Site following the posting of changes constitutes your acceptance of such changes.

Contact Information

To ask questions or comment about this Privacy Notice and our privacy practices, contact us at hello@sunshinemddata.com or 1100 Ludlow Street, 7th Street, Philadelphia PA 19107.