EFFECTIVE JULY 23, 2023
Privacy Policy
This Privacy Policy (the “Privacy Policy”) describes how Voom Medical Devices, Inc., (“Voom,” “we,” “us,” or “our”) and our affiliated entities collect, use, and share your personal information. This Privacy Policy applies to your use of our Web site and all other digital and online services provided by us, including services we may provide or anticipate providing in the future, as well as information collected offline (collectively, our “Services”), and describes our privacy practices relating to those Services.
Please review this Policy in order to better understand how we collect, use, and share personal information. We value your privacy, and we are committed to protecting your personal information.
We may change this Privacy Policy at our sole discretion at any time. It is your responsibility to review our Privacy Policy each time you use our Services or provide Personal Information (as defined below) to us.
Personal Information We May Collect About You
“Personal Information” is defined as information that identifies, relates to, describes, is reasonably capable of being associated with, or could reasonably be linked to you, either directly or indirectly. Personal Information excludes information that is publicly available, de-identified, or aggregated.
The categories of Personal Information we may collect include:
- Identifiers such as your name, address, zip code, telephone number, email address, date of birth, and IP address
- Membership in a protected class, including but not limited to gender and age
- Commercial information, including records of products and/or services purchased, obtained, or considered, or other purchasing or consuming behaviors, histories, or tendencies
- Biometric information, including x-rays or other medical imaging
- Information relating to Internet use and other electronic network activity, including browsing history, search history, and information regarding your interactions with our Web sites, Services, or advertisements
- Professional and employment information
- Audiovisual information
- Geolocation data
- Information about your medical conditions, treatments, payment, and insurance coverage
- Inferences from any of the Personal Information we collect that may reflect your behaviors, preferences, characteristics, traits, trends, predispositions, or attitudes
Patient Health Information
In performing our core functions, we are not a covered entity or a business associate as defined under the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”) and the Health Information Technology for Economic and Clinical Health Act of 2009 (the “HITECH Act”). However, as we conduct business with medical practices, circumstances may arise when we may receive and store identifiable patient health information. In such instances, we do so in accordance with applicable laws, rules, and regulations, including those under HIPAA and the HITECH Act. For more information on your own healthcare provider’s information-sharing practices, please contact that provider’s office.
How We May Collect Personal Information
We may collect your Personal Information through various means, including information you directly provide to us, information we may receive from your healthcare providers, and when we automatically collect information about you through your use of our Services.
Information You May Provide to Us
We may collect personal information you provide directly to us, including when you or someone acting on your behalf does any of the following:
- Submits information through our website
- Submits information to us via email, digital form, telephone, or online chat
- Completes an assessment to determine if you are a candidate for our products and/or services
- Registers or maintains an account with us
- Registers for one of our webinars, meetings, presentations, or conferences
- Registers to download or receive information from us
- Submits a testimonial, success story, photo, or video to us
- Posts comments or replies in our online communities
- Conducts business with us as a medical provider or practice
- Applies for employment with us
- Obtains technical support or speaks with one of our customer service representatives
- Participates in a survey or marketing promotion
- Connects and/or engages with us via social media
Information We May Collect Automatically
In addition to information you provide to us as described above, we and our agents, vendors, business partners, consultants, and companies that assist us with marketing and advertising (collectively “Service Providers”) may automatically collect information about our Services and how you use them. Although we may limit access to certain pages, please be aware that no security measures are perfect or impenetrable. The following are examples of the types of Personal Information collected automatically when using the Services:
- IP address, browser type and language, operating system, access time, duration of visit, and referring Web site address
- The page(s) you view within our Web sites, search terms you enter, and other actions you take while visiting us online
- The pages you view immediately before and after you access our Services
- Information related to whether you have opened an email or clicked on a link contained in an email from us
- Information from a referring source such as an advertising site, blog, social media site, and others
- Information from surveys and promotions
- Information from content you post or share publicly on message boards, discussion forums, or other social media pages (including the content you post, your name, and a link to your profile) may be shared across our Services and in other public or private areas of the Internet. Please note that we cannot control the actions of other users of the Services with whom you choose to share content you post.
Cookies and Tracking Technologies
We and our Service Providers may use cookies, tracking pixels, and/or other tracking technologies to collect and store information about how you interact with our Services. Cookies are small files that a Web site or third party transfers to a computer’s hard drive through a web browser that enable the Web site’s or service provider’s systems to recognize the user’s browser and capture and remember certain information about the user. Tracking pixels are small, often-transparent graphic images that can be embedded in Web pages, videos, or emails, and can allow a Web server to collect certain information about you, such as whether you have viewed a particular Web page or email message.
In general, we and our Service Providers may use cookies, pixels, and other tracking technologies, including Web beacons and HTTP referrers, to optimize the functionality of the Services, to help us understand how the Services are used, and to provide users with interest-based content or advertising based on their browsing activities.
For more information about cookies, including how to adjust your browser settings to refuse cookies and how to remove cookies from your browser, visit www.allaboutcookies.org.
How We May Use Personal Information
We may use your Personal Information for the following purposes:
- To help you determine whether you may be a candidate for our products and/or services
- To assist you in finding a doctor or surgeon qualified to perform a procedure using our products and/or services
- To respond to questions, requests, and comments we receive from you
- To provide you with downloadable documents and information about our products and/or services
- To deliver educational information about medical conditions and our products and/or services
- To deliver promotional offers and advertisements regarding our products and/or services
- To operate and improve our Web sites and the Services
- For customer service and security, and to detect, prevent, and mitigate fraudulent, harmful or illegal activities
- For purposes of hiring and employment with us
We may aggregate or de-identify your Personal Information so that it can no longer be linked to you. Aggregated/de-identified information may be used for any purpose.
How We May Share Your Personal Information
We may share Personal Information internally among our Web sites, and with our contractors, business partners, physician networks, and Service Providers. We may also share Personal Information if legally necessary, or to protect the rights, privacy, safety or security of you, us, our Services, or our Web sites. We do not sell Personal Information.
Service Providers
We may engage third-party service providers to help us design and operate our Web sites and Services, understand how users interact with our Web sites and Services, improve Web site security, and assist us with marketing our Services through social media, email marketing, and other methods and channels. Our Service Providers may use cookies, tracking pixels, and similar technologies to collect information about your use of our Web sites, as well as information about your use of other Web sites over time. Our Service Providers may include Google, Facebook, Instagram, and others.
Google Analytics
We may use Google Analytics to help us analyze user activity on our Web sites. Google Analytics uses cookies to generate information about your use of our Web sites, compiling reports on Web site activity, and providing other information related to user activity and Internet usage. If you would like to know more about how data is collected, used, and shared by Google, please review Google’s Privacy Policy. You may prevent Google Analytics from collecting your information by disabling cookies on your browser or by opting out of Google’s use of cookies via the Google Analytics Opt-out Page at https://tools.google.com/dlpage/gaoptout.
Ads on Third-Party Sites
We may share personal information with third-party sites (such as Google, Facebook, Instagram, LinkedIn, YouTube, Twitter, and others) to market our products and services to you while you are browsing the Internet or using social media. For more information on how these sites use your personal information to target advertising to you, please visit their Web sites.
Public Forums, Testimonials, and Patient Experience Features
We may offer features on our Web sites to allow users to connect with each other and share their experiences. You are not required to use these features, and if you do, we remind you to exercise good judgment and use common sense when posting or sharing your information, photos, or videos with others.
Please be aware that any Personal Information you choose to submit in any communities, forums, reviews, or other internet or social media channels, can be read, collected, or used by others, and could be used to send unsolicited messages to you. While we maintain our safety and privacy controls, please be aware that no security measures are perfect or impenetrable. We cannot control the actions of other users of the Services with whom you share content with. You can help us to make our Web sites (including public forums) welcoming for all users by reporting any offensive or unwelcome conduct to us.
At certain times and for certain purposes, we may engage our Service Providers to assist in providing community services to you.
Online Chat
Some of our Web sites may offer an online chat feature that permits you to ask questions and receive real-time answers about our products and/or services. We may use service providers to help us run our online chat feature. If you choose to use this feature, the content of the chat messages, as well as your name, email address, and other personal information you provide may be shared with our chat Service Providers.
Our Websites Are Not Intended for Children
Our Web sites are not intended for children nor are they targeted to children under the age of 18, and we do not knowingly collect Personal Information from children under the age of 18. If we learn that we possess information from a child under the age of 18, we will delete such information in accordance with the Children’s Online Privacy Protection Act (“COPPA”) and other applicable laws. If you are a parent or guardian and you believe that your child under the age of 18 has provided us with Personal Information without your consent, including their name, address, telephone number, email address, or any screen name or user name they may use, please contact us at [email protected].
Email Communications
From time to time, we and our Service Providers may send you email communications marketing our Services. You may unsubscribe from our marketing communications by clicking the “unsubscribe” link found in every commercial email we send, or by sending a request to unsubscribe to [email protected]. If you opt out of receiving our marketing email communications, we may still send you email messages related to your account with us, including specific transactions or interactions with our Services.
Do Not Track
We do not currently have the technology to automatically respond to “Do Not Track” (DNT) signals sent by web browsers, mobile devices, or other mechanisms.
Our Service Providers, such as Google, may collect data that relates to you on our Web sites, across time, and over other Web sites. Their responsiveness to DNT signals is governed by their privacy policies. You also may limit certain tracking functions by disabling cookies in your web browser. For more information on DNT, please visit https://allaboutdnt.com/.
Information Security
We have implemented appropriate and reasonable physical, technical, and administrative safeguards to help prevent unauthorized access to, use of, and disclosure of, your Personal Information. However, there is no perfect security, and we cannot guarantee the security of your Personal Information. You are responsible for maintaining the secrecy of any credentials used to access your account with us, such as passwords or user names, and we ask that you report suspected unauthorized activity to us immediately.
Your Privacy Rights Based on State Law
In addition to the disclosures and rights set forth elsewhere in this Privacy Policy, you and other users may have certain rights based on applicable state law, e.g., for California residents, the California’s Privacy Rights Act (CPRA). Other states have passed consumer privacy laws that may be applicable to Voom and your use of this Services. These supplemental disclosures and rights apply to you and your use of the Services to the extent applicable state law applies to Voom and your use of the Services. Please contact us using the Contact Information at the end of this Privacy Policy if you have any questions regarding your rights under applicable state law.
Categories of Personal Information Collected
As described in more detail in other areas of our Privacy Policy, we collect and/or disclose Personal Information about you when you visit or use the Services, including information about you that you provide to us, and information that we automatically collect from you or your computer or device as you use the Services.
Personal Information does not include information that is: (a) publicly available information from government records; (b) de-identified or aggregated consumer information; or (c) certain information excluded from the scope of applicable state law (e.g., PHI covered under HIPAA and medical information may be covered under HIPAA and other state laws).
Categories of Sources From Which We Have Collected Personal Information
We collect Personal Information directly from you, for example when you provide it to us, when you contact us through the Services; and indirectly from you automatically through your computer or device as you use the Services. We may also collect Personal Information about you from our Service Providers.
Use of Personal Information
We do not sell your Personal Information and have not done so in the prior 12 months from the effective date of this Privacy Policy. We may use or disclose the Personal Information we collect for our business purposes described elsewhere in this Privacy Policy.
Sharing Personal Information
Voom may disclose your Personal Information to a third party for one or more business purposes. When we disclose Personal Information for a business purpose, such as to Service Providers, we enter a contract that describes the purpose and requires the recipient to both keep that Personal Information confidential and not use it for any purpose except performing the contract.
Disclosures of Personal Information for Business Purposes
We may disclose your Personal Information for our business purposes, such as your contact information, other information you have provided to us and unique identifiers that identify you to us or to our Service Providers.
Right to Opt Out of the Sale of Your Personal Information
You may have the right to opt out of the sale of their personal information. However, since we do not sell Personal Information, there is no need to submit such a request to us. If you have any questions, please reach out to us by email at [email protected] or by phone at 844-372-5489.
Right to Request More Information
You may have the right to request more information regarding the following, to the extent applicable:
- The categories of personal information we have collected about you
- The categories of sources from which the personal information was collected
- Our business or commercial purposes for collecting your personal information
- The categories of third parties with which we share your personal information
- The categories of personal information that we disclosed for a business purpose in the preceding 12 months, and for each category identified, the categories of third parties to whom we disclosed that particular category of personal information
- The specific pieces of personal information we have collected about you
You may submit a request for the information above via email to [email protected] or by phone at 844-372-5489. In connection with submission of your request, we will take steps to verify your identity as outlined below, and you will need to verify your identity before action is taken.
Please note that due to the different requirements of the applicable laws, our response times may vary depending on the specific type(s) of information sought. We respond to all verifiable requests for information as soon as we reasonably can, and no later than legally required.
Right to Request Deletion of Your Personal Information
You may also have the right to request that we delete your Personal Information collected or maintained by us. Once we receive your request, we will let you know what, if any, Personal Information we can delete from our records, and we will direct any Service Providers (such as Google Analytics) that may have collected personal information about you through our Web sites to delete your Personal Information from their records. There may be circumstances where we cannot delete your Personal Information or direct Service Providers to delete your Personal Information from their records. For example, if we need to: (1) retain your Personal Information to complete a transaction or provide services; (2) detect security incidents; (3) protect against unlawful activities; (4) identify, debug or repair errors; or (5) comply with a legal obligation. You may submit a request to delete your personal information via email to [email protected] or by phone at 844-372-5489. In connection with submission of your request, we will take steps to verify your identity as outlined below, and you will need to verify your identity before action is taken.
Verification of Requests for Further Information or to Delete Personal Information
Upon submission of a request for information or a request to delete information, we will take reasonable steps to confirm that the person submitting the request to know or request to delete is the person to whom the information relates, and to prevent unauthorized access or deletion of information. The specific steps taken to verify the identity of the requesting person may vary based on the nature of the request, including the type, sensitivity, and value of the information requested; the risk of harm posed by unauthorized access or deletion; the likelihood that fraudulent or malicious actors may seek the information; the robustness of personal information provided to verify your identity; the nature of our business relationship with you; and available technology for verification.
We will generally try to avoid requesting additional information from you for the purpose of verification, but we may need to do so if we cannot verify your identity based on the information already maintained by us. If we request additional information to verify your identity, it will be for that purpose only, and will be deleted as soon as practical after processing the request, except as otherwise provided by law.
The following generally describes the verification processes we may use:
- Password Protected Accounts. If you have a password-protected account with us, we may use existing authentication practices to verify your identity, but we will require re-authentication before disclosing or deleting data. If we suspect fraudulent or malicious activity relating to your account, we will require further verification as described below before complying with a request to know or delete.
- Verification for Non-Accountholders. If you do not have, or cannot access, a password-protected account with us, we will generally verify your identity as follows:
- For requests to know categories of personal information, we will verify your identity to a reasonable degree of certainty, by matching at least two data points provided by you with reliable data points maintained by us.
- For requests to know specific pieces of personal information, we will verify your identity to a reasonably high degree of certainty, by matching at least three data points provided by you with reliable data points maintained by us. We will also require a declaration, signed under penalty of perjury, that the person requesting the information is the person whose information is the subject of the request or that person’s authorized representative. We will maintain all signed declarations as part of our records.
- For requests to delete personal information, we will verify your identity to a reasonable degree or a reasonably high degree of certainty depending on the sensitivity of the personal information and the risk of harm posed by unauthorized deletion. We will act in good faith when determining the appropriate standard to apply.
If there is no reasonable method by which we can verify your identity, we will state this in response to a request to know or delete personal information, including an explanation of why we have no reasonable method to verify your identity.
Right to Non-Discrimination for the Exercise of Your Privacy Rights
We will not discriminate against you for exercising any of your rights under applicable state law. Unless permitted by applicable law, we will not:
- Deny you goods or services.
- Charge you different prices or rates for goods or services, including through granting discounts or other benefits, or imposing penalties.
- Provide you with a different level or quality of goods or services.
Suggest that you may receive a different price or rate for goods or services or a different level or quality of goods or services.
Shine The Light
Under California’s “Shine the Light” law (California Civil Code §1798.83), California residents who provide personal information in obtaining products or services for personal, family or household use are entitled once per calendar year to request and obtain from us information about the customer information we shared, if any, with other businesses for their own direct marketing uses. If applicable, this information would include the categories of customer information and the names and addresses of those businesses with which we shared customer information for the immediately prior calendar year (e.g. requests made in 2020 will receive details concerning 2019 sharing activities).
To obtain this information, please send an email message to [email protected] with “Request for California Privacy Information – Shine the Light” on the subject line and in the body of your message. We will in turn provide the requested information on covered sharing to you at your email address.
International Users
All data is stored and processed in the United States. By using and accessing our site, users who reside or are located in countries outside of the United States agree and consent to the transfer to and processing of personal information on servers located outside of the country where they reside, and that the protection of such information may be different than required under the laws of their residence or location.
Changes to This Privacy Policy
This Privacy Policy may be revised periodically. It is our policy to post any changes we make to our Privacy Policy on the home page or other prominent location on the Services. If we make material changes to how we treat our users’ Personal Information, we will notify you as required or permitted by applicable law. The date this Privacy Policy was last revised is identified at the top of the page. You are responsible for periodically visiting our Services and this Privacy Policy to check for any changes. Your use of the Services indicates your acceptance of this Privacy Policy and any then-current revisions.
How to Contact Us
All data is stored and processed in the United States. By using and accessing our site, users who reside or are located in countries outside of the United States agree and consent to the transfer to and processing of personal information on servers located outside of the country where they reside, and that the protection of such information may be different than required under the laws of their residence or location.
Voom Medical Devices, Inc.
800A 5th Avenue, Suite 403
New York, NY 10065