DME Supply USA Privacy Notice

Last updated: June 12, 2023

Click here to download a printable copy of this Privacy Notice

This Company, subsidiaries, direct and indirect (“the Company”) Privacy Notice describes how we handle information relating to an identified or identifiable person (“personal data”) and what privacy rights you may have in relation to your personal data. Our Privacy Notice applies to our websites that post a link to this Privacy Notice (collectively, the “Website”), when we provide our products and services, and during the general operation of our business. When you use our Website, or interact with us, you consent to the collection and handling of your data as described in this Privacy Notice.

Collection of Personal Data

We may collect the following categories of personal data:

• Identifiers (e.g., name)
• Contact information (e.g., telephone number, email address, physical address)
• Protected classification information (e.g., age, race, gender, physical or mental disability, sexual orientation, marital status)
• Commercial information (e.g., products or services purchased)
• Internet and network information (e.g., internet protocol address, information about a consumer’s interaction with our website)
• Geolocation data
• Inferences drawn from the categories of information identified here
• Sensitive personal information

We obtain the above categories of information from the following sources:

• From you when you directly or indirectly interact with us and provide us the data
• From your activities on our Website and through the use of cookies
• From social networks
• From public records
• From service providers
• From business partners

Cookies

We and our service providers use cookies to collect and store your data. Cookies are small files stored on your browser, device, or the page you are viewing. Some cookies are deleted once you close your browser, while others remain longer so you can be recognized when you return to our Website.

Cookies allow you to more easily use our Website and help us provide and improve it. Service providers may also use cookies to advertise to you based on your past visit(s) to the Website. Our advertisements may appear on other websites. To learn more about how you can exercise certain choices regarding this type of advertising, please click here (https://youradchoices.com/choices-faq). To learn more about cookies, and how to disable them using your browser settings, please review the “help” menu or customer support sections of your web browser. If you disable cookies, your ability to use our Website may be limited.

Use of Personal Data

We may use your personal data for any of the following purposes:

• To provide, maintain, and improve our products and services
• To communicate with you
• To provide you with information, products, and services that you request from us
• To conduct market and consumer studies
• To personalize, advertise, and market our services
• To evaluate your eligibility for funding programs
• To process payments or verify your financial or insurance data
• To provide patient and healthcare support
• To conduct research and development, including clinical trials
• To report and investigate adverse events
• To detect, investigate, prevent, and respond to fraud or any other harmful activities
• To comply with our legal and contractual obligations
• To exercise and defend legal claims
• To otherwise operate our business
• As described to you at the point of data collection or handling or otherwise where we are legally permitted or are required to do so

Data that is in an aggregated or deidentified form is not personal data. We may share deidentified data, including HIPAA deidentified data.

Sharing of data

We do not share or sell your personal data. We will not disclose or transfer your personal data to any third party except when one of the following is true:

• You consent to the disclosure
• The disclosure is to a party that controls, is controlled by, or is under common control with us
• The disclosure is related to a business purpose
• The disclosure is reasonably necessary for the establishment or maintenance of legal claims
• The disclosure is required by law
• The disclosure is reasonably related to the sale or other disposition of all or part of our business or assets
• The disclosure is not inconsistent with this Privacy Notice or our description at the point of collection or handling, and otherwise not prohibited by applicable law

When we disclose personal data for a business purpose, we enter a contract with the recipient that describes the purpose for handling the data and requires the recipient to keep them secure and confidential and not use them for any purpose except performing the contract. We have disclosed the following categories of data for a business purpose

• Identifiers
• Contact information
• Protected classification information
• Commercial information
• Internet and network information
• Geolocation data
• Inferences drawn from the categories of information identified here
• Sensitive personal information

We may disclose data for a business purpose to the following categories of third parties:

• Our affiliates
• Our business partners (e.g., healthcare professionals, advisory boards, educational institutions)
• Service providers (e.g., contract research organizations, data handling and technology services, customer service administrators, payment processors, advertising networks and marketers)
• Legal and administrative authorities
• To an entity related to a business transfer
• Third parties to whom you authorize us to disclose your information

Data transfers

If you are accessing the Website from outside of the U.S., please be aware that data collected through the Website may be transferred to the U.S. (We are based in the U.S. and our Website is hosted on servers in the U.S.) We transfer data to the U.S. for the purposes described in this Privacy Notice or our description at the point of collection or handling, and otherwise not prohibited by applicable law. Laws in the U.S. may be different from and provide less protection than those in the country you are located. We may also transfer personal data amongst ourselves or with service providers in other countries in order to process consumer privacy requests.

Third-party practices

Our Website may contain links to third-party websites. If you visit a third-party website, you are subject to that website’s privacy notice and not ours.

Data storage and security

We may store your personal data in the U.S. such as, but not limited to, the cloud. Except as otherwise permitted or required by law, we retain your personal data only for as long as necessary to fulfill the purposes of collection. To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorized use of processing by other means, and any applicable legal requirements.

We maintain reasonable administrative, technical, and physical safeguards to protect your data from accidental, unlawful, or unauthorized destruction, loss, alteration, access, disclosure, or use. Our service providers are also required to adhere to reasonable security practices to further ensure the protection of your data. That being said, digital transmission and storage of data is not completely secure and we cannot guarantee the safety of your data.

Children

Our websites are not intended for children under 13 years of age. In the event we learn that we collected personal data from a child under the age of 13 through our website, we will delete the data unless they were collected with the appropriate consent or as otherwise permitted under applicable laws. We may collect personal data from a child with the consent of his or her parent or guardian outside of our website, such as when we offer patient support services.

Do Not Track

Your browser may allow you to set a Do Not Track (“DNT”) signal indicating that you do not wish your online activity to be tracked. We do not respond to and cannot act on received DNT signal headers.

Opt-out of communications

If you no longer wish to subscribe to our news, alerts, or any similar information sent by us, you can opt-out of receiving such communications by following the unsubscribe instructions included in each communication or by sending us your opt-out request using the “Contact” section below. If you opt-out, you may still receive communications related to your interactions with us, non-promotional communications, or others as required by law. We may also need to keep data we collected about you to record your decision to opt-out.

Your rights

This section describes data privacy rights you may have and how to exercise them. Depending on applicable law where you reside, you may be able to assert certain rights related to your personal information identified below. If any of the rights listed below are not provided under law for your jurisdiction, we have absolute discretion in providing you with those rights.

• To access: you can obtain information relating to the processing of your personal information and a copy of such personal information.
• To erase: you can require the deletion of your personal information to the extent permitted by law. We may also deny your deletion request to detect security incidents, protect against malicious, deceptive, fraudulent, or illegal activity, or prosecute those responsible for such activities. We will notify any third party that we have shared your personal information with and instruct the third party to delete your personal information.
• To object: you can object to the processing of your personal information on grounds relating to your particular situation. In cases of opposition to the processing of personal information the Company reserves the right to assess the application, which will not be accepted if there are legitimate reasons to proceed with the processing that prevail over your freedoms, interests and rights.
• To rectify: where you consider that your personal information is inaccurate or incomplete, you can require that such personal information be modified accordingly.
• To restrict: you can request the restriction of the processing of your personal information.
• To withdraw your consent: where you have given your consent for the processing of your personal information, you have the right to withdraw your consent at any time.
• To data portability: you have the right to have the personal information you have provided to us returned to you or, where technically feasible, transferred to a third party.
• To know: you have the right to be informed if in the last 12 months the Company has disclosed, sold or shared your personal information to a third party.
• To correct: you have the right to request to correct any inaccurate personal information about you. If any personal information requires correction, the Company will use commercially reasonable efforts to fulfill your correction request.
• To appeal: In some jurisdictions, applicable law may give you the right to appeal an action by Company with regard to a privacy request.

State consumer privacy laws may provide their residents with additional rights regarding our use of their personal information. To learn more about consumer privacy rights in other states and how to exercise them, visit:

• California - California Consumer Protection Act (CCPA)
• Virginia – Virginia Consumer Data Protection Act (VDCPA)
• Colorado – Consumer Protection Act (CPA)
• Connecticut – Connecticut Data Privacy Act (CTDPA)
• Utah – Utah Consumer Protection Act (UCPA)
• Texas – Texas Data Privacy and Security Act (TDPSA)

To exercise your privacy rights, send us your verifiable consumer request using the “Contact” section below.

You may exercise your rights to know, delete or correct by only you, or someone legally authorized to act on your behalf, may make a request to know, delete or correct related to your personal information. Depending on your jurisdiction, your ability to submit multiple requests within the same 12-month period may be limited.

The verifiable consumer request must (i) provide sufficient information that allows us to reasonably verify you are the person about whom we collected personal data only, and (ii) describe your request with sufficient detail that allows us to properly understand, evaluate, and respond to it. You may designate an authorized agent to make a request on your behalf subject to proof of identity and authorization. We may request that your authorized agent have written permission from you to make requests on your behalf and may need to verify your authorized agent’s identity. We will only use personal data provided in a verifiable consumer request to verify the requestor's identity or authority to make the request.

We will respond to your request consistent with the California Consumer Privacy Act (“CCPA”), the Virginia Consumer Data Protection Act (VCDPA), the Colorado Consumer Protection Act (“CPA”), the Connecticut Data Privacy Act (“CTDPA”), the Utah Consumer Protection Act (“UCPA”) and the Texas Data Privacy and Security Act (“TDPSA”) which does not apply to certain data, such as those collected as part of a clinical trial and medical and healthcare information, and which prohibits us from providing certain sensitive information in response to a consumer request.

Please note we do not have data that would allow us to directly identify clinical trial subjects.

Data Protection Notice from Google Analytics

The Company uses Google Analytics, a web analytics service provided by Google, Inc, (“Google”). Google Analytics uses “cookies,” which are text files placed on your computer, to help the website analyze how uses use the site. The Information generated by the cookie about your use of the website (including your IP address) will be transmitted to and stored by Google on servers in the United States.

On behalf of the website provider Google will use this information for the purpose of evaluating your use of the website, compiling reports on website activity for website operators and providing other services relating to website activity and internet usage to the website provider. Google will not use this information for cross-context behavioral advertising, nor will Google associate your IP address with any other data held by Google.

Response Timing and Format

will confirm receipt of your request within ten (10) business days. If you do not receive confirmation within the 10-day timeframe, please contact as provided “Contact” section below. The Company endeavors to substantively respond to a verifiable consumer request within forty-five (45) days of its receipt. If we require more time (up to another 45 days), we will inform you of the reason and extension period in writing.

Any disclosures we provide will only cover the 12-month period preceding our receipt of your request. The response we provide will also explain the reasons we cannot comply with a request, if applicable. For data portability requests, we will select a format to provide your personal information that is readily useable and should allow you to transmit the information from one entity to another entity without hindrance.

We do not charge a fee to process or respond to your consumer request unless it is excessive, repetitive, or manifestly unfounded. If we determine that the request warrants a fee, we will tell you why we made that decision and provide you with a cost estimate before completing your request.

Anti-Discrimination

The Company will not discriminate against you for exercising any of your rights stated above. Specifically, unless permitted by law, the Company will not:

• Deny you goods or services.
• Charge you different prices or rates for goods or services, including through granting discounts or other benefits, or imposing penalties.
• Provide you a different level or quality of goods or services.
• Suggest that you may receive a different price or rate for goods or services or a different level or quality of goods or services.

Privacy Notice updates

This Privacy Notice was updated in June 2023.

We reserve the right to amend this Privacy Notice at our discretion and at any time. Any changes will be posted on this page with an updated revision date. By using the Website, or interacting with us, you agree to be bound by the Privacy Notice as posted.

Contact

If you have any questions, comments, or requests, please contact us:

by mail:

at DME Supply USA
c/o Privacy Officer
19387 U.S. 19 North
Clearwater, Florida 33764

by telephone:

1-866-763-4363 (toll free)

or through our online privacy request form available at:
DMESupplyUsa.com/contact