1. Data and Information We Collect
When you use the Site, we collect and/or process the following types of data:
a. Personal Data
“Personal Data” means any information relating to an identified or identifiable natural person. An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier. We collect Personal Data that you provide to us when you make a purchase; create an appointment; subscribe to one of our newsletters; contact us via phone, email, postal mail, or other means; chat with us on our Site; or respond to our communications to you (e.g., surveys, requests for feedback). This may include your first or last name, email address, social media usernames, telephone number, mailing address, billing address, payment information, organization name, geolocation information, or your IP address. We may also collect demographic information such as gender, nationality, ethnic origin, interests or preferences, business or company information, professional experience, educational background, professional or personal reference contact information, or social media URLs. In the European Economic Area (“EEA”), Personal Data includes an identification number, location information, and/or an online identifier.
b. Non-Personal Data
“Non-Personal Data” does not identify you, but provides insights regarding your use of the Site. We collect Non-Personal Data that may include information about your use of the Site, including but not limited to, Internet connection information, computer equipment information, web browser specifications, websites visited before accessing our Site, websites visited after leaving our Site, other similar information about traffic and usage as you navigate to, through, and away from our Site, chat interactions on the Site (including text exchanged during the interactions), donation amounts and frequencies, items purchased, purchase histories, information you post or otherwise submit to the Site, or emails you send to us.
Non-Personal Data that we collect may also include “Log Data.” Log Data refers to certain information about how a user uses our Site. Log Data may include the pages or features of the Site to which a User browsed and the time spent on those pages or features, the frequency with which the Site are used by a User, search terms, the links on our Site that a user clicked on or used, and related timestamps.
Personal Data and Non-Personal Data are collectively referenced as “Data.”
c. Health Information
When you schedule an appointment, we will obtain sensitive information related to your health, which is defined as Protected Health Information (“PHI”) under the Health Insurance Portability and Accountability Act (“HIPAA”). We act in compliance with the federal healthcare privacy and security rules, such as HIPAA and the Health Information Technology for Economic and Clinical Health (“HITECH”) Act, when receiving and processing your PHI. You can learn more about our PHI data practices and obligations under our Notice of Privacy Practices. Likewise, you can review all relevant patient consent forms on this page.
d. Geolocation Information
You may choose to allow us to access your location by granting the Site access to your location when prompted. You may change this setting on your device or browser. We may also determine location information about you based on information in your Internet connection data or provided by your ISP (e.g., your IP address).
e. Third-Party Social Networking Service(s)
If you choose to access, visit, and/or use any third-party social networking service(s) that may be integrated with our Site, we may receive your Personal Data and other information about you and your computer, mobile, or other device that you have made available to those social networking services, including information about your contacts through those services. For example, some social networking services allow you to push content from our Site to your contacts or to pull information about your contacts so you can connect with them on or through our Site. Some social networking services also will facilitate registration or enhance or personalize your experience on our Site. This includes if you “follow,” “like,” or link your social networking account to our Site. Your decision to use a social networking service in connection with our Site is voluntary. However, you should make sure you are comfortable with the information your third-party social networking services may make available by reviewing privacy policies of those providers and/or modifying your privacy settings directly with those networking Site/services.
2. Use of Data and Information
For Legitimate Interests. We use Non-Personal Data collected by clickstream information collection, web pixels, and cookies to store your preferences, improve website navigation, make personalized features and other services available to you, to generate statistical information, monitor and analyze user traffic and usage patterns, monitor and prevent fraud, investigate complaints and potential violations of our policies, to improve the our content and the products, services, materials, and other content that we describe or make available through the Site, and otherwise help administer and improve the Site.
We may identify you from your Personal Data, and we may merge or co-mingle Personal Data and Non-Personal Data. Except as otherwise stated, we may use information we collect from you for the legitimate business purpose of providing our services to you, including, but not limited to:
- operating, maintaining, and providing to you the features and functionality of our Site;
- send you Site-related notices, including notifications about our Site, newsletters, changes to the Site, or other information;
- establishing Accounts for users to use the Site;
- validate your username, e-mail, password, and/or other login credentials;
- customizing the Site-related content to your preferences;
- responding to your requests and provide user support;
- sending via e-mail information relevant to your upcoming appointment and any related follow ups;
- processing your purchases;
- providing you with merchandise or services you have requested or purchased from us;
- evaluating and improving the content of our Services;
- checking on your Account status and maintaining record of activities in connection with your use of the Site;
- enforcing our agreements, terms, conditions, and policies;
- working with our service providers who perform certain business functions or services on our behalf;
- preventing or investigating fraud (or for risk management purposes);
- complying with a legal obligations, court order, or in order to exercise our legal claims or to defend against legal claims;
- conducting aggregate or research analysis and developing business intelligence that helps us to enhance, operate, protect, make informed decisions and report on the performances of our Site;
- notifying of contest or sweepstakes results;
- sending e-mail and postal mail supplying the most recent service information or sending you information about an order (e.g., order confirmations, shipment notifications, etc.); and
If you are a user accessing our Site from within the EEA and we have collected your Personal Data (such user herein referred to as a “Data Subject”) and we have obtained your consent, we may also use your Data in the following ways; and, if you are a citizen of any other jurisdiction, you acknowledge that we may use your information in the following ways:
- to share your information with our corporate parents, subsidiaries, other affiliated entities, and associated entities;
- to send e-mail and postal mail to provide you with updates and news;
- to process any request you make; and
- to process the commercial transaction for which you provided Information.
Consent. In addition, we use third‐party e‐mail providers to deliver communications to you. This is an opt-in e-mail program. If you no longer want to receive these e-mail communications, you may opt-out of receiving e-mail communications through the “unsubscribe” link, featured in the footer our emails.
We may, from time to time, invite you to participate in online surveys. The information requested in these surveys may include, but is not limited to, your opinions, beliefs, insights, ideas, activities, experience, purchase history, and purchase intent regarding products, events, and the Site. The information collected by these surveys is used to research market trends, company growth, community needs, etc. Your input will help us to improve customer experience and shape development of our products and Services.
3. How We Share Information
We share your Data in the following ways:
- We may, sell, rent, or barter your Personal Data with certain third parties.
- We may store portions of your Data in locations outside of the direct control of Tend (e.g., on servers or databases co-located with service providers).
We may share your Data with the following parties:
- Service providers that help us administer and provide the Site (for example, a web hosting company whose services we use to host our platform). These third-party services providers have access to your Personal Data only for the purpose of performing services on our behalf. We have entered into contractual relationships with these service providers and require them to comply with all applicable information privacy laws and regulations and to use the Data only for the purposes for which it was disclosed;
- Any Data that you voluntarily disclose for posting to the Site becomes available to the public. This Data may be controlled by privacy or website customization settings. If you remove Data that you posted to the Site, copies may remain viewable, for example, in cached or archived pages or if other Users have copied or saved that Data;
- As we believe necessary: (i) under applicable law; (ii) to enforce applicable terms and conditions; (iii) to protect our rights, privacy, safety or property, and/or that of our affiliates, you, or others; (iv) to detect, prevent, or otherwise address fraud, security or technical issues; (v) to respond to claims that contact information (e.g., name, e-mail address, etc.) of a third-party has been posted or transmitted without their consent or as a form of harassment and (vi) to respond to requests from courts, law enforcement agencies, regulatory agencies, and other public and government authorities, which may include authorities outside your country of residence; and
- Pursuant to your express consent.
4. Third-Party Service Providers
We use third-party service providers to help us operate our Site, who may collect, store, and/or process the information detailed herein. We allow access to our Site and databases by third parties that provide us with services, such as technical maintenance, market research, community and forums management, auction services, and other functionality, but only for the purpose of and to the extent necessary to provide those services.
If you choose to make a purchase from our online store, sign up for an appointment, request to be on our mailing list on the Site, or take similar actions, we may forward your information to third parties for services such as credit card or other payment processing, order fulfillment, credit pre-authorization, and address verification. There are also times when you provide information about yourself to us in areas of the Site that may be managed or participated in by third parties. In such cases, the information may be used by us and by such third party, each pursuant to its own policies.
5. Information Security
We take reasonable steps online and offline to safeguard the Personal Data that you provide to us, including:
- hosting your Personal Data with enterprise-grade service providers that use Secure Sockets Layer (SSL) encrypted connections (HTTPS), secure multi-tiered firewalls, encryption, secure cloud-based environments, server authentication, and industry-standard firewalls;
- using password managing software to manage our passwords; and
- using two-factor authentication to access backend systems.
It is common knowledge that transmission of information via the Internet is not wholly secure, and we cannot guarantee the security of your Personal Data, or any other information, transmitted to or through any of our Site. Any transmission of Personal Data, or other information, is at your own risk. By using our Site, you acknowledge and accept these risks. As a result, we cannot guarantee or warrant the security of any information you disclose or transmit to us or that are otherwise provided to us and we cannot be responsible for the theft, destruction, or inadvertent disclosure of information. It is your responsibility to safeguard any passwords, ID numbers, or other special access features associated with your use of the Site. Any transmission of information is at your own risk.
If you have any questions about security on our Site, or if you become aware of any unauthorized use of an Account, loss of your Account credentials, or suspect a security breach, notify us immediately via firstname.lastname@example.org.
6. Rights to Your Personal Data
You may change, edit, update, or delete the information that you provided when you set up your Account, when you purchased a product, set up an appointment, or joined our mailing list by sending a request to email@example.com. You may also request the deletion of this information by sending an e-mail to firstname.lastname@example.org. If you access our Site from certain jurisdictions, such as the EEA, you may have additional rights and options with regard to accessing, reviewing, correcting, and updating your Personal Data, as well as how we use and disclose your Personal Data.
As a Data Subject, you have the right to request access to your Personal Data as it exists in our records by e-mailing us at email@example.com. You also have the right to rectification, correction, or amendment of your Personal Data if it is inaccurate or incomplete. You may also have the right to erasure of your Personal Data; however, this is not always possible due to legal requirements and exceptions may apply. Please note that if you request erasure of your Account, we, in complying with your request, shall also delete any and all information that has been submitted to us through our Site.
A Data Subject may have the right to object to the processing of his or her Personal Data, for example, due to his or her particular situation, for direct marketing uses, or for scientific or historical research. In certain circumstances, Data Subjects may have the right to obtain a restriction on our processing of their Personal Data, in which case such Personal Data will, with the exception of storage, only be processed with the Data Subject’s consent or in circumstances such as our exercise or defense of legal claims or the protection of another person. Data Subjects may also have the right to request that we provide data portability for their Personal Data via a copy of the data in a commonly-used format and/or transfer their Personal Data directly to another data controller (where technically feasible). Exceptions to these rights may apply, for example, if the processing is necessary for a task carried out in the public interest. Finally, if a Data Subject has given his or her consent to our processing of his or her Personal Data for certain purposes, he or she has the right to withdraw consent to such use at any time by contacting us via the contact information below.
If you are not satisfied with how we manage your Personal Data, you have the right to make a complaint to a data protection regulator. A list of National Data Protection Authorities can be found here.
7. Information Retention
Following termination or deactivation of your Account, we may retain your Data for a reasonable amount of time for archival purposes. Furthermore, we may retain and continue to indefinitely use your Data contained in your communications to other users or posted in public or semi-public areas of the Site.
8. Geographic Data Transfers
In some instances we may need to transfer your Personal Data outside the EEA. In all cases, we take steps to ensure that transfers of such Personal Data are performed in accordance with applicable law and carefully managed to protect your privacy rights and interests. Transfers are limited to countries that are recognized as providing an adequate level of legal protection or where we can be satisfied that alternative arrangement are in place to protect your privacy rights. Therefore, where we transfer your Personal Data outside our corporate affiliates or to third parties who help provide our products and services, we obtain contractual commitments to protect your Personal Data under Data Protection Agreements and pursuant to Standard Contractual Clauses. Some of these assurances are well recognized certification schemes or such as the EU - US Privacy Shield for the protection of Personal Data transferred from within the EU to the United States. Where we receive requests for information from law enforcement or regulators, we carefully validate these requests before disclosing any Personal Data.
9. Data Protection Officer
We have appointed a Data Protection Officer to receive any data inquiry. If you have an inquiry regarding your Personal Data, pursuant to the rights listed in the preceding section (above), please send your message to firstname.lastname@example.org.
10. Links to Third Party Site
11. Children’s Privacy
We do not sell products or services for purchase by anyone under the age of thirteen (13). In accordance with the Children’s Online Privacy Protection Act (“COPPA”), we will never knowingly request or solicit Personal Data from anyone under the age of thirteen (13) without verifiable parental consent. In the event that we receive actual knowledge that we have collected such Personal Data without the requisite and verifiable parental consent, we will delete that information from our database as quickly as is practical. We reserve the right to request proof of age at any stage so that we can verify that minors are not using the Site.
12. Your California Privacy Rights
California Civil Code Section 1798.83 permits California residents to request and obtain a list of what Personal Data (if any) we disclosed to third parties for direct marketing purposes in the preceding calendar year and the names and addresses of those third parties. Requests may be made only once a year and are free of charge. Under Section 1798.83, California residents are entitled to request and obtain such information, by e-mailing a request to email@example.com.
14. How to Contact Us
By e-mail: firstname.lastname@example.org
By telephone: 888.818.3686
By regular mail:
9 Great Jones St,
New York, NY 10012