- what personally identifiable information is collected through the website, how it is used and with whom it may be shared
- what choices are available to you regarding the use of your data
- the security procedures in place to protect your information
- how you can manage your information preferences and/or correct any inaccuracies in the information
- other information regarding your data that may be useful to you.
1. INFORMATION WE COLLECT
PERSONAL INFORMATION & USAGE DATA
We may collect, store and use the following kinds of data:
- information about your computer and about your visits to and use of this website (including your IP address, geographical location, browser type and version, operating system, referral source, length of visit, page views, website navigation)
- information relating to any transactions carried out between you and us on or in relation to this website, including information relating to any purchases you make of our goods or services
- information that you provide to us for the purpose of registering with us, including your name, address, telephone number, email addresses, etc.
- information that you provide to us for the purpose of subscribing to our website services, email notifications and/or newsletters
- any other information that you choose to provide to us;
2. HOW WE USE THE INFORMATION WE COLLECT
We will use your personal information to respond to you regarding inquires from you. Normally this will involve informing you about products and services we offer. We may share your personal information with third party providers outside of our organization, if necessary, to fulfill your request (e.g. to ship an order) or to facilitate our organization in managing our website.
Unless you opt out of our mailing list, we may contact you via email in the future to tell you about specials, or new products or services.
We share aggregated demographic information with our partners and advertisers. We may use an outside shipping company to ship orders, and a credit card processing company to bill users for goods and services. These companies do not retain, share, store or use personally identifiable information for any secondary purposes beyond filling your order. We may partner with another party to provide specific services. We will share names, or other contact information that is necessary for the third party to provide these services. These parties are not allowed to use personally identifiable information except for the purpose of providing these services.
3. HOW WE PROTECT THE INFORMATION WE COLLECT
We are committed to protecting the security of your information. We employ reasonable security measures designed to protect your information from unauthorized access, including reasonable technical and organizational precautions to prevent the loss, misuse or alteration of your personal information. We will store all the personal information you provide on our secure (password and firewall-protected) servers. Only employees who need the information to perform a specific job (for example, billing or customer service) are granted access to personally identifiable information. The computers/servers in which we store personally identifiable information are kept in a secure environment.
COMPLIANCE WITH LAWS AND LAW ENFORCEMENT
We cooperate with government and law enforcement officials to enforce and comply with the law. We may therefore disclose personal information, usage data and any other information about you, if we deem that it is reasonably necessary to: (a) satisfy any applicable law, regulation, legal process (such as a subpoena or court order) or enforceable governmental request; (b) enforce a contract, including investigation of potential violations thereof; (c) detect, prevent, or otherwise address fraud, security or technical issues; or (d) protect against harm to the rights, property or safety of our website, its users or the public as required or permitted by law.
YOUR INFORMATION MAY BE MAINTAINED WITHIN THE UNITED STATES
Please be aware that we process and store information in the United States. By using the website, you agree that the collection, use, transfer, and disclosure of your information and communications will be governed by the applicable laws in the United States. All of the data we collect is stored on servers located in the United States. Accordingly, we may transfer and store data outside of your home country. When we transfer data out of the European Economic Area or Switzerland, we make use of the EU-U.S. and Swiss-U.S. Privacy Shield Frameworks, EU-approved standard contractual data protection clauses, binding corporate rules for transfers to data processors, or other appropriate legal mechanisms to safeguard the transfer.
This web site contains links to other sites. Please be aware that we are not responsible for the content or privacy practices of such other sites. We encourage our users to be aware when they leave our site and to read the privacy statements of any other site that collects personally identifiable information.
SURVEYS & CONTESTS
From time-to-time our site requests information via surveys or contests. Participation in these surveys or contests is completely voluntary and you may choose whether or not to participate and therefore disclose this information. Information requested may include contact information (such as name and shipping address), and demographic information (such as zip code, age level). Contact information will be used to notify the winners and award prizes. Survey information will be used for purposes of monitoring or improving the use and satisfaction of this site.
You can always review, correct, update, or change the personal information we have on file about you. Upon your request, we will: (1) correct, update or change your personal information; (2) stop sending you messages if you wish to opt out of our direct marketing efforts; and/or (3) disable your account to prevent any future activity through that account. You may make any of these requests by emailing the request to the email address given in our Contact Information below. Please do not email any sensitive information.
We retain information only for so long as it continues to help us monitor or improve the services. The exact length depends on the type of information collected and processed. When personal information or usage data is no longer needed it will be automatically deleted or anonymized.
COMPLIANCE WITH GDPR
To the extent required by law, we comply with the EU General Data Protection Regulation (GDPR). GDPR gives users the following rights:
- Right of erasure (right to be forgotten)
- Right of rectification
- Right to be informed
- Right of access
- Right to restrict processing
- Right to data portability
- Right to object
- Right not to be subject to automated decision making
- Right to complain to a supervisory authority
If you do not believe that we are in compliance with GDPR, please email your concerns to the email address given in our Contact Information below.
40 E Putnam Ave
Cos Cob, CT 06807
Greenwich Medical Spa notice of Privacy Practices Effective August 1, 2005 THIS NOTICE DESCRIBES HOW MEDICAL INFORMATION ABOUT YOU MAY BE USED AND DISCLOSED AND HOW YOU CAN GET ACCESS TO THIS INFORMATION. PLEASE REVIEW IT CAREFULLY. WHO WILL FOLLOW THIS NOTICE? This notice describes the practices of Greenwich Medical Spa and the practices that will be followed by all of Greenwich Medical Spa workforce members who handle your medical information. OUR PLEDGE REGARDING YOUR PROTECTED HEALTH INFORMATION Greenwich Medical Spa understands that medical information about you and your health is personal. We are committed to protecting medical information about you. We maintain our records and conduct our treatment environment with a goal of providing the highest level of protection for your medical information, while still providing you with the highest level of medical care. This notices applies to all of the records of your medical care which are received or created by Greenwich Medical Spa. Your other medical treatment providers (e.g. doctors, hospitals, home health agencies, etc.) may have different policies or notices regarding the use and disclosure of your medical information. This notice will tell you about the ways in which Greenwich Medical Spa may use and disclose medical information about you. Your medical information, also referred to as “protected health information” is that information about you, including demographic information, that may identify you and that relates to your past, present or future physical or mental health information and related health care services. In this notice, we also describe your rights and certain obligations Greenwich Medical Spa has regarding the use and disclosure of your protected health information. We are required by name to: Make sure that medical and other information that identifies you (protected health information) is kept private. Give your this notice of our legal duties and privacy practices with respect to protected health information about you. Follow the terms of the notice that is currently in effect. USES AND DISCLOSURES FOR TREATMENT, PAYMENT AND HEALTH CARE OPERATIONS By becoming a patient at Greenwich Medical Spa, you are giving consent for Greenwich Medical Spa to use your protected health information for certain activities, including treatment, payment and other health care operations. Sometimes, you may hear these three activities referred to as “TPO”. First of all, we may use and disclose protected health information about you so that Greenwich Medical Spa and its medical professionals can treat you. For example, we may use your past medical information in order to diagnose your present condition or we may provide information regarding your medical condition to another doctor to whom we refer you for additional care. We may also use and disclose protected health information about you so that we may be paid for the medical treatment we provide you. For example, we will submit protected health information about you to your insurance company in order to receive payment for services we have provided to you. We may also use and disclose protected health information about you for Greenwich Medical Spa‘s health care operations, in other words, those other tasks that we need to perform to make sure that you are provided the highest quality of medical care. For example, we may use your protected health information to evaluate how we can better meet your needs or we may provide protected health information about you to an auditor who reviews our books so that we can keep our license to provide medical services in . Other uses and disclosures of your protected health information The following uses of your protected health information may be made without any additional authorization from you. (Not every use or disclosure is listed, but be assured that all uses and disclosures made by Greenwich Medical Spa are only those which are permitted under the law). Licensure proceedings by the American Board of Plastic Surgery. Uses and disclosures for appointment reminders We may use and disclose your medical information to contact you as a reminder that you have an appointment at the office. If you request that such communications be made confidentially, please contact our office in writing at 40 E Putnam Ave, Cos Cob, CT 06807. We will accommodate all reasonable requests. Uses and disclosures to others involved in your healthcare We may disclose to a member of your family, a relative, a close friend, or any other person you identify, your protected health information that directly relates to that person’s involvement in your medical care. If you are unable to agree or object to this disclosure, we may disclose such information as necessary if we determine that it is in your best interests based on our professional judgment. We may also use or disclose protected health information to notify or assist in notifying a family member, personal representative or any other person that is responsible for your care of your location, general condition, or death. Finally, we may use or disclose your protected health information to an authorized public or private entity to assist in disaster relief efforts and to coordinate uses and disclosures to family or other individuals involved in your health care. Uses and disclosures in emergency situations We may use or disclose your protected health information in an emergency treatment situation. If this happens, your physician will attempt to obtain your acknowledgment of this Notice as soon as reasonably practicable after the delivery of treatment. Uses and disclosures for health-related benefits or services From time to time, Greenwich Medical Spa may use and disclosure protected health information to tell you about certain health related benefits or services that may be of interest to you. Uses and disclosures required by law We will use or disclose protected health information about you when required to do so by federal, state, or local law. The use or disclosure will be made in compliance with the law and will be limited to the relevant requirements of the law. You will be notified, if the law requires us to do so, of any such uses or disclosures. We must make disclosures to you and when required by the Secretary of the Department of Health and Human Services to investigate or determine our compliance with the law. Uses and disclosures related to communicable diseases We may disclose your protected health information, if authorized by law, to a person who may have been exposed to a communicable disease or may otherwise be at risk of contracting or spreading the disease or condition. Disclosures for health oversight activities We may disclose protected health information to a health oversight agency for activities authorized by law. These activities include, for example, audits, investigations, and inspections. These activities are necessary for the government to monitor the health care system, the delivery of health care, government benefit programs, other government regulatory programs and civil rights laws. Disclosures of abuse or neglect We may disclose your protected health information to a public health authority authorized by law to receive reports of child abuse or neglect. In addition, we may disclose your protected health information if we believe that you have been a victim of abuse, neglect or domestic violence to a governmental entity or agency authorized to receive such information. In such cases, the disclosure will only be made in accordance with CT law. Disclosures to the food and drug administration We may disclose your protected health information to a person or company required by the Food and Drug Administration (FDA) to report adverse events, product defects or other problems, biologic product deviations, track products; to enable product recalls; to make repairs or replacements; or to conduct post-market surveillance, as required. Disclosures for lawsuits and disputes If you are involved in a lawsuit or a dispute, we may disclose protected health information about you in response to a court order or administrative order. We may also disclose protected health information about you in response to a subpoena, discovery request, or other lawful process by someone else involved in the dispute, but only if efforts have been made to tell you about the request or to obtain an order protecting the information requested. Disclosures to law enforcement We may release protected health information if asked to do so by a law enforcement official, in response to a court order, subpoena, warrant, summons, or similar process. Other related disclosures may include disclosures relating to individuals who are Armed Forces personnel, to national security and intelligence agencies, as well as disclosures to authorized federal officials for the protection of the President of the United States or other authorized persons or foreign heads of state. Disclosures to coroners, funeral directors, and organ donation We may disclose protected health information about you to a coroner or medical examiner for identification purposes, determining cause of death, or for the coroner or medical examiner to perform other duties required by law. We may also disclose protected health information about you to a funeral director in order to permit the funeral director to carry out legal duties, and may do so if death is reasonably anticipated. Your protected health information may also be disclosed for certain organ donations to which you may have agreed. Disclosures for research We may disclose your protected health information to researchers when their research has been approved and protocols have been established to ensure the privacy of your information. We may also disclose a limited set of your information, as allowed under the law, for research purposes. Disclosures related to criminal activity We may disclose your protected health information, consistent with federal and CT laws, if we believe that the use or disclosure is necessary to prevent or lessen a serious or imminent threat to the health or safety of a person or the public, or if it is necessary for law enforcement authorities to identify or apprehend an individual. Disclosures for Workers’ Compensation We may release protected health information about you for Workers’ Compensation or similar programs. These programs provide benefits for work-related injuries or illnesses. YOUR RIGHTS REGARDING PROTECTED HEALTH INFORMATION ABOUT YOU Right to inspect and copy You have the right to inspect and copy protected health information that may be used to make decisions about your medical care. Usually this right includes both medical and billing records. You must submit your request in writing. If you request a copy of the information, we may charge a fee for the costs of copying, mailing or other supplies associated with your request. Your request to inspect and copy your information may only be denied in very limited circumstances and you have a right to request that any such denial be reviewed. Right to request restrictions You have the right to request that we restrict the use and disclosure of your protected health information for treatment, payment and health care operations. We are not required to agree to your request. If we do agree, we will comply with your request unless the information is needed to provide you emergency treatment. To request restrictions, you must make your request in writing to 40 E Putnam Ave, Cos Cob, CT 06807. In your request, you must tell us:
- What information you want to limit.
- Whether you want to limit our use, disclosure, or both.
- To whom you want the limits to apply.
Right to confidential communications You also have the right to request to receive private health information communications (such as appointment confirmations) by alternative means or at alternative locations. For example, you can ask that we only contact you at work or by mail. To request confidential communications, you must make your request in writing to 40 E Putnam Ave, Cos Cob, CT 06807. We will not ask you the reason for your request. We will accommodate all reasonable requests. Your request must specify how or where you wish to be contacted. Right to amend If you feel that the protected health information we have about you is incorrect or incomplete, you have the right to request that your protected health information be amended. Only the health care entity (e.g., doctor, hospital, clinic, etc.) that created your protected health information is responsible for amending it. For more information regarding the procedures for submitting such a request, contact 40 E Putnam Ave, Cos Cob, CT 06807. Right to an accounting of disclosures You have a right to an accounting of disclosures of your protected health information, for purposes other than treatment, payment or health care operations by Greenwich Medical Spa or any of the people or companies who perform treatment, payment or health care operations on our behalf. To request this list of disclosures we made of protected health information about you, you must submit a request in writing to 40 E Putnam Ave, Cos Cob, CT 06807. Your request must state a time period which may not be longer than six (6) years prior to the date of your request and may not include dates before August 1, 2005. Your request should indicate the form in which you want the list (for example, on paper or electronically). You will be charged for photocopying. Right to a paper copy of this notice You have the right to a paper copy of this Notice. You may ask us to give you a copy of this notice at any time. You may obtain a copy of this Notice at our website: greenwichmedicalspa.com To obtain a paper copy of this Notice, contact 203-637-0662 To learn more about these procedures, or to make any of these requests, you should contact our Office Manager at 203-637-0662. Changes to this notice Greenwich Medical Spa reserves the right to change this notice. We reserve the right to make the revised or changed Notice effective for protected health information we already have about you, as well as any information we create or receive in the future. We will post a copy of the current Notice on Greenwich Medical Spa website: greenwichmedicalspa.com. The Notice will contain, in the top right-hand corner, the effective date. Complaints If you believe your privacy rights have been violated and/or that Greenwich Medical Spa or has not followed this policy, you may file a complaint with Office Manager or with the Secretary of the Department of Health and Human Services. To file a complaint with contact Office Manager, 40 E Putnam Ave, Cos Cob, CT 06807. All complaints must be submitted in writing. You will not be penalized for filing a complaint. Other uses of protected health information Other uses and disclosures of your protected health information not covered by this notice or the laws that apply to will be made only with your written permission (“authorization”). If you provide us permission to use or disclose protected health information about you, you may revoke that permission, in writing, at any time. If you revoke your permission, we will no longer use or disclose protected health information about you for the reasons covered by your authorization. You understand that we are unable to take back any disclosures we have already made with your permission, and that we are required to retain our records of the medical treatment or other services that we have provided to you. Questions? If you have any questions regarding this notice, please contact the Office Manager at Greenwich Medical Spa.