Privacy Policy

Privacy Policy

This Privacy Policy describes using and treating personal information when the services subject to this policy are used. This Policy was updated as of August 1, 2024. It will be modified as needed by OxyHealth and reviewed on an annual basis to reflect changes and clarifications in relevant privacy laws and best practices. For the EU General Data Protection Regulation (GDPR), OxyHealth serves as a Data Processor.

Privacy Overview

OxyHealth is committed to the following principles concerning your personal information:

  • We take the protection of your information seriously.
  • We do not use personal information for marketing or targeted advertising.
  • We store data in a highly secure Zoho data center located in Colorado, USA, which provides industry-leading compliance and privacy certifications to keep OxyHealth clients safe.
  • We maintain a comprehensive security program reasonably designed to protect the privacy, security, and confidentiality of your personal and sensitive information against risks – such as unauthorized access or use or unintended or inappropriate disclosure - through administrative, technological, and physical safeguards appropriate to the sensitivity of the information.
  • We do not sell your personal information to third parties.
  • Specifically for the purposes of SMS, we will not sell or share your phone number to outside parties.
  • We do not own your personal information. Regarding OxyHealth, you are the data owner, including any rights afforded by Copyright.
  • We do not use your personal information to build a personal profile of you other than to support the authorized purposes of the Health Institution as you authorized it.

Compliance with Privacy Laws

  • OxyHealth practices and procedures fully comply with United States Federal and State laws.
  • OxyHealth adheres to all HIPAA regulations to ensure the privacy and security of your health information.

Introduction

OxyHealth (“OxyHealth,” “we,” “our,” “us”) recognizes the importance of your right to privacy and wants you to be familiar with how we collect, use, and disclose any personal information that individually identifies you (e.g., name, phone number, e-mail address). It also describes your choices regarding using, accessing, and correcting your personal information.

This Privacy Policy explains how we collect, use, disclose and protect your personal information when you use our website (the “Site”), our mobile application (the “App”) and our services, including but not limited to our Web portal or any, electronic publications, newsletters and announcements (collectively, the “Services”). This Privacy Policy is incorporated into and forms part of our Terms Of Use, which outline the terms and conditions you agree to when using our Site, App and Services. We will only collect, use, and disclose your personal information per this Privacy Policy.

By using our Site, App or Services, you represent that you have provided all necessary consents to use the Site, App and Services as required under any applicable privacy laws and that you consent to the collection, use and disclosure of your personal information as outlined in this Privacy Policy. If you do not agree to the terms of this Privacy Policy, please do not use our Site, App or Services or supply your personal information to us.

By using our Site, App, or Services, you and your users agree not to use the services in a way to store, initiate or transmit data that is infringing, libellous, defamatory, abusive, designed to cause annoyance, inconvenience or distress to any person, constitutes harassment, or cyberbullying, or violates copyright laws. Users who commit such acts may have their access restricted, suspended or terminated at the discretion of OxyHealth. In cases of copyright allegations, OxyHealth has the right to remove the material allegedly offensive until the dispute is resolved. OxyHealth will notify the contracting party of any action against the offending user. A User may contest any deletion of content or suspension of use with OxyHealth, which will coordinate any decision with the protections and duties afforded by this Privacy Policy.

What Personal Information do we collect?

Personal information means any information about an identified or identifiable individual. The types of personal information that we may collect when using our Site, App or Services include, but are not limited to:

  • your name;
  • your e-mail address;
  • We do not collect Geolocation or Biometric data or Sensitive Data, as that term is defined in the GDPR. When you use our Services

Why Do We Collect Your Personal Information?

We collect, use, and disclose your personal information only to provide you with our Services. We may disclose your personal information to comply with legal and regulatory requirements and as otherwise may be permitted or required by applicable laws. We will only use the personal information we collect for the purposes it was collected. We collect your personal information for the following purposes and following applicable laws:

  • to provide you with access to our App and Services;
  • to allow you to use and benefit from our App and Services;
  • to identify and contact you when you request our Services;
  • to respond to your questions that you send by email or through our Site;
  • to obtain your feedback regarding our App and Services;
  • to support our business functions, such as internal business processes and
  • to meet any legal or regulatory requirements.

We do not collect, maintain, use, or share your personal information beyond what is needed to provide you with our Services for the purposes listed above as you authorized.

When Do We Collect Personal Information?

We may collect your personal information when you voluntarily provide it to us by using our Services. As described elsewhere in this Policy, we do not begin to collect or release your data to other parties until consent from you has been obtained through the application or where appropriate.
For example, we may ask you to provide personal information if you:

  • use our Site, App, and Services;
  • register, update or create an account on our Site, App or through a third-party service;
  • Sign into your account;
  • send us a question or comment by email, message, or phone;
  • register to receive newsletters, articles, and updates about our services and
  • Otherwise, you may participate in features of our Site, App, and Services that ask for or require personal information.

Any personal information posted, used, or disclosed on a Facebook page, YouTube page or other social networking page or site is subject to that website’s privacy policy and is not subject to this Privacy Policy. We do not collect data using cookies or beacons, except as stated below. Information is not shared with any social networking sites or third parties and can, through the use of the OxyHealth settings, block or restrict access to third-party sites.

How Do We Safely Store Your Personal Information?

We securely store your personal information in the United States if you reside there. We maintain technical, physical, and administrative security safeguards to protect your personal information against loss, theft, and unauthorized access. Any personal information you provide us is exchanged on a secure server. We store data in a highly secure Zoho data center. Provides industry-leading compliance and privacy certifications to keep clients in OxyHealth safe.

Unfortunately, no data transmission over the Internet can be guaranteed to be 100% secure. As a result, while we are committed to protecting your personal information, we cannot ensure or warrant the security of any information you provide.

We take reasonable steps to verify your identity before granting access to your account on our Site. This may include verifying your identity with personal information or multi-factor authentication. We train our employees to be aware of the importance of maintaining the confidentiality of personal information.

We provide further protection for your stored data, which is discussed in the “Data Security" section below.

Limiting Collection of Personal Information

We limit the collection of personal information to what is necessary to fulfill the purposes identified in this Privacy Policy, and we collect, use, and disclose your personal information by this Privacy Policy.

Use, Disclosure and Retention of Personal Information

Your personal information will not be used without your consent for purposes other than those for which it was collected or per applicable laws. From time to time, we may use personal information for new or additional purposes, in which case we will amend the Privacy Policy to include these new or additional purposes.

We may generate Anonymous Data from personal information collected through the Site, App and Services by removing information that makes the data personally identifiable to an individual. This includes information about how users interact with specific areas of the Services. We anonymize personal information collected through the Site, App or Services by de-identifying records or aggregating data so that individual records cannot be linked to an original Client record system or other personal records from the OxyHealth database. We use Anonymous Data within the system to improve our Products. We may also use it to demonstrate the effectiveness of our products and develop and improve them.

We do not disclose Directory Information to the Public or any organization or individual except in a manner consistent with this Privacy Policy.

Retention Of Records

We retain your personal information only for as long as we need it to fulfill the purposes for which it was collected, to ensure your compliance with our Terms of Service, and to comply with our legal obligations.

We only knowingly retain your personal information for the period required to provide our Services to you and to support our purposes authorized by you.

Third-Party Access

Third parties do not have direct access to your data. We may also use and disclose your personal information to service providers, data processors and other third parties (“Third Parties”) under the following limited circumstances:

  • To service providers that help with our operations and Site, App and Services, including, without limitation, monitoring and analyzing Site and App data, operating and maintaining the Site and App, and for product improvement. We periodically use other third parties to perform other core functions.
  • These service providers and partner companies may only use your personal information for the purposes described in this Privacy Policy. We require that our vendors and third parties with whom your personal information is shared to deliver our Services, if any, are obligated to implement the same commitments identified in this Privacy Policy for the given personal information, including log-in protocols and rigorous, verified security measures. In the event the data is not used by the third party in a manner consistent with this policy, the data will be removed from the third party, and their copies of the data will be deleted;
  • when necessary to protect our safety, property or other rights, our representatives, customers and users of the Site, App and Services, including to detect and prevent fraud;
  • if we sell or transfer all or a portion of our business or assets to a related company or a third party. Your personal information will remain subject to any pre-existing Privacy Policy unless you agree to the privacy policy of the company or third party that acquires your personal information, and in such a case, you will be notified of any transfer of data to the new entity, and OxyHealth will ensure that the new entity agrees to the same privacy protections found in this Policy;
  • with your consent or when otherwise required by law. When permitted under applicable law, we will provide you with notice if we receive a government or legal request for your personal information;
  • Third parties will be prohibited from reidentifying anonymous data or combining anonymous data with personally identifiable data.
  • You have the right to notify OxyHealth that you do not wish to have your data transferred to third parties. In such an event, your use of OxyHealth may be compromised or rendered impractical.
  • We do not sell or transfer your data to third parties save to fulfill the purposes of this Agreement. Data will not be shared with third parties for the purposes of advertising, creating automated profiles, or data enhancements. Neither OxyHealth nor third parties within its controls will engage in social or targeted advertising. In short, our products and services are not designed to deliver advertising or permit the delivery of advertising, either from OxyHealth or third parties within its controls. Users who receive advertising are strongly urged to contact OxyHealth for rectification.
  • Users do not currently have direct access to third parties who perform services for OxyHealth. If they do, OxyHealth will require the third party to verify the user's identity before permitting access.

Access To Data

All your personal information, content, and activities are associated with your account. OxyHealth strives to create an environment where data stored is accurate and accessible. OxyHealth will delete or modify data found to be inaccurate.

Commitment to Data Security

We will use administrative, physical, and technical safeguards to protect Client Data from unauthorized access, disclosure, acquisition, destruction, use or modification. These efforts will include:

  • The appropriate training of employees who have access to the data.
  • Access to data stored on OxyHealth’s servers will be restricted to senior managers.
  • All employees with access to data will have background checks.
  • Data in transit will be encrypted.
  • Data in storage will be encrypted.
  • Any user who has access to appropriate data must create an account.
  • Periodic security audits are needed to identify improvements in OxyHealth's security technology and practices.

Data Breach Process

If we experience unauthorized access to your data, we will notify you by email and to any relevant legal authorities without unreasonable delay following applicable law. Our notification will provide details about the unauthorized access. We will also take reasonable steps to conduct a threat assessment, remedy any data breach's impact on you, and take other steps as required by law.

Cookies, Web Beacons, and Other Similar Technology

As you interact with this Site, we may use automatic data collection technology and services that record and collect information that identifies your computer, tracks your use of this Site, and collects certain other information about you and your surfing habits. This data collection technology may include cookies, web beacons, and similar technologies on this Site to enhance functionality and navigation for our visitors. These cookies and beacons will be used only to support and enhance the Services we provide, as more detailed below.

What Are Cookies and Web Beacons?

A cookie is a text file that websites send to a visitor’s computer or other Internet-connected device to identify the visitor’s browser uniquely or store browser settings. Web beacons are invisible image files used for tracking purposes. Web beacon-type functions allow us to count the number of users who have visited a particular web page or to access certain cookies.

Web Analytics

Our site also uses third-party analytics services to track technical issues such as telemetry, which is concerned with load, performance and usage metrics, exception reports, and other diagnostic data. Some of the analytics services we use may place cookies in the browser of the visitor of the web pages, which allows for an analysis of your use of the site. The only user data visible in the diagnostic reports are URLs, and as a best practice, our Service does not put any personal data in plain text in a URL. Analytics services we use may also use “cookies” to analyze how you use our Site. We may also use cookies to carry out frequency, page usage, and marketing assessments. We utilize cookie information for these assessments without a link to your personal information, so the assessment is entirely anonymous.

Personal Information and Data Protection Rights

Your personal information is subject to international data transfer or jurisdiction laws. Compliance with International data transfer laws will be handled by a Data Protection Officer (“DPO”) or other contact.

We want to ensure you are fully aware of all your data protection rights. Every user is entitled to the following:

The right to access – You may request access to or copies of your personal information, which we may hold by contacting us using the contact information set forth below, and we will respond within the periods provided under applicable laws. We must verify your identity before providing you with the personal information we hold about you. There is no cost for these access requests unless you require copies of records. We may not be able to provide you with access to your personal information if the information cannot be separated from the personal information of others, cannot be disclosed for security or commercial confidentiality, or is protected by legal privilege. If we cannot provide access to your personal information, we will advise you of the reasons access is being denied unless we are prohibited by law from doing so.

  • The right to rectification – You may request to update, change, or correct your personal information using the contact information below. You have the right to request that we correct or complete any personal information you advise us is inaccurate or incomplete. Where appropriate, the amended information shall be transmitted to third parties having access to such information. If you have any concerns about the information provided, please contact these parties directly.
  • The right to erasure – You can request that we erase your personal information under certain conditions.
  • The right to restrict processing – You have the right to request that we restrict processing your personal information under certain conditions.
  • The right to object to processing – You have the right to object to our processing of your personal information under certain conditions.
  • The right to data portability – You can request that we transfer the information we have collected to another organization or directly to you under certain conditions.

If you make a request, we have one month to respond. If you would like to exercise any of these rights or have an unresolved privacy or data use concern that we still need to address satisfactorily, please contact us at privacy@Oxyhealth.com.

Electronic Communications

We comply with the United States CAN-SPAM Act and Canada's Anti-Spam Legislation (CASL), laws that set the rules for commercial email, establish requirements for commercial messages and give recipients of such messages the right to opt-out. We will not send you electronic communications in contravention of this law. As part of signing up to receive the Services, you may have also opted to receive email communications from us. If you opt to receive such communications, we may use the information to communicate with you regarding our products, services, and promotions, provide you with other information you request, or improve our product and service offerings.

You will always have the opportunity to “unsubscribe” from receiving any of our emails or other communications at any time, and we will ensure that our emails include instructions on how to unsubscribe if you no longer wish to receive future emails from us. We provide an ongoing opportunity to unsubscribe or opt out of contacting us by accessing our Site by email to privacy@Oxyhealth.com.

If you decide to unsubscribe, we will only contact you (i) for the purposes allowed under applicable law, (ii) to send you notices of changes to our Privacy Policy, or (iii) to receive Service-related messages.

Changes to this Privacy Policy

We reserve the right to change or replace this Privacy Policy at our sole discretion at any time to comply with changes in applicable law or to reflect evolving best practices. Please check back occasionally to ensure you know of any updates or changes in this Privacy Policy. Suppose we propose to make any material changes. We will post the most current version of our Privacy Policy on our Site and indicate at the top of this page the date this Privacy Policy was last revised. Your continued access or use of this Site, App or Services after any such changes constitutes your acceptance of the Privacy Policy as revised.

This privacy policy was last updated on August 1, 2023. You may access an archive of our previous Privacy Policies by contacting us at privacy@Oxyhealth.com.

Your Consent to the Terms of this Privacy Policy

By using our Services and providing us with your personal information, you agree that OxyHealth may collect your personal information, and you voluntarily consent to the collection, use, disclosure, and transfer of your personal information per this Privacy Policy. If you do not agree with any of the terms of this Privacy Policy, please do not use our Site, App or Services or provide us with any personal information. If you do not understand the nature, purpose, and consequences of us collecting, using, and disclosing your personal information, please do not use our Site, App or Services or provide us with any personal information, and contact us at the contact information set forth below so that we can address your questions or concerns.

Subject to legal and contractual requirements, you may refuse or withdraw your consent for specific purposes identified in this Privacy Policy at any time by contacting us using the contact information below. If you refuse or withdraw your consent, you acknowledge that we may not be able to provide you or continue to provide you with certain services or information that may be valuable to you.

Any dispute concerning privacy arising between you and OxyHealth is subject to the terms and conditions of use and this Privacy Policy, including limitations on damages, arbitration, and the application of the laws of the corresponding location.

How to Contact Us

We welcome your feedback. If you have questions, comments, or concerns about this Privacy Policy or would like to do any of the following:

  • see your personal information that you have already sent us so that you can correct, update, or delete it from our files;
  • ask that we not send you electronic communications or otherwise contact you;
  • request a copy of our Privacy Policy in another language or
  • report any complaint or violation of this Privacy Policy

Contact OxyHealth at privacy@Oxyhealth.com

* Solace210®, Respiro270®, Vitaeris320®, Quamvis320® Fortius420® and Fortius420 - EXP are federally registered and trademarked names of Oxy-Health, LLC and are fully protected under federal law.

For More Information, Please call 562.906.8888