Website Privacy Policy

Introduction

This privacy policy tells you about the information we collect from you when you use our website and/or where we provide services to you through the website (“Services”). In collecting this information, we are acting as a data controller and, by law, we are required to provide you with information about us, about why and how we use your data, and about the rights you have over your data.

Who We Are

PatientNow is a clinical photography photo management, documentation, and storage platform for the dermatology, aesthetics, plastic surgery, vein treatment, medical spa and wound care fields. Our address is 115 Inverness Dr E, Suite 100, Englewood, CO, 80112. You can contact us by post at the previously mentioned address or by email at .

Cookies

When you use our website to browse our products and services and view the information, we make available, a number of cookies are used by us and by third parties to allow the website to function, to collect useful information about visitors and to help to make your user experience better. We place only strictly necessary cookies automatically. Other cookies are used to improve the performance of the website and your browsing experience. We will seek consent to use other cookies, such as analytical and performance cookies, where required by applicable laws such as in the UK and Europe. In other jurisdictions, where permitted, we inform you that such cookies are placed and offer you the right to adjust your brower setting if you prefer to remove these cookies.

Most of the user activity in our mobile and web applications is tracked by the ID entered when the user logs in.

PatientNow, like most commerce companies, uses many different cookies on its websites, listed below. Cookies are small files that a site or its service provider transfers to your computer’s hard drive through your Web browser (if you allow) that enables the site’s or service provider’s systems to recognize your browser and capture and remember certain information. For instance, we use cookies to help us remember and process the items in your shopping cart. They are also used to help us understand your preferences based on previous or current site activity, which enables us to provide you with improved services. We also use cookies to help us compile aggregate data about site traffic and site interaction so that we can offer better site experiences and tools in the future.

We use cookies to compile aggregate data about site traffic and site interactions in order to offer better site experiences and tools in the future. We may also use trusted third-party services that track this information on our behalf. You can choose to have your computer warn you each time a cookie is being sent, or you can choose to turn off all cookies. You do this through your browser settings. Since browser is a little different, look at your browser’s Help Menu to learn the correct way to modify your cookies. If you turn cookies off, some features will be disabled. It may affect the user’s experience as these cookies make your site experience more efficient and the website may not function properly, however, you will still be able to place orders.

On our website, PatientNow uses a variety of Google’s advertising and tracking technologies. Google’s advertising policies can be summed up by Google’s Advertising Principles. They are put in place to provide a positive experience for users.
We use retargeting cookies to show our site visitors relevant product and promotional information when visiting our site or other websites that promote our products.

We have implemented the following:

  • Remarketing with Google AdSense and Facebook Google Display Network Impression Reporting.
  • We, along with third-party vendors such as Google, use first-party cookies (such as the
    Google Analytics cookies) and third-party cookies (such as the DoubleClick cookie) or
    other third-party identifiers together, to compile data regarding user interactions with
    ad impressions and other ad service functions as they relate to our website.
  • Opting out: Users can set preferences for how Google advertises to you using the
    Google Ad Settings page. Alternatively, you can opt out by visiting the Network
    Advertising Initiative opt Out page or by using the Google Analytics opt Out Browser add on.

We honor Do Not Track signals and Do Not Track, plant cookies, or use advertising when a Do Not Track (DNT) browser mechanism is in place. It’s also important to note that we do not allow third-party behavioral tracking.

Cookies Definitions:

  • Strictly necessary cookies — These cookies are essential for you to browse the website and use its features, such as accessing secure areas of the site. Cookies that allow web shops to hold your items in your cart while you are shopping online are an example of strictly necessary cookies. These cookies will generally be first-party session cookies. While it is not required to obtain consent for these cookies, what they do and why they are necessary should be explained to the user.
  • Preferences cookies — Also known as “functionality cookies,” these cookies allow a website to remember choices you have made in the past, like what language you prefer, what region you would like weather reports for, or what your username and password are so you can automatically log in.
  • Statistics cookies — Also known as “performance cookies,” these cookies collect information about how you use a website, like which pages you visited, and which links you clicked on. None of this information can be used to identify you. It is all aggregated and, therefore, anonymized. Their sole purpose is to improve website functions. This includes cookies from third-party analytics services if the cookies are for the exclusive use of the owner of the website visited.
  • Marketing cookies — These cookies track your online activity to help advertisers deliver more relevant advertising or to limit how many times you see an ad. These cookies can share that information with other organizations or advertisers. These are persistent cookies and almost always of third-party provenance.
  • Other/unclassified – Cookies in transit to being classified or not labelled.
    Cookie Name Classification Further Information 
    _adroll_fpc marketing Adroll used for retargeting
    _ar_v4 marketing Google DoubleClick 
    _gcl_au marketing First Party Conversion Linker
    APISID marketing YouTube Ad Tracking 
    DSID marketing Google DoubleClick 
    HSID marketing YouTube Ad Tracking 
    https://app.hubspot.com marketing Hubspot local & session storage
    https://insight.adsrvr.org marketing Indexed Database – The Trade Desk
    IDE marketing Google DoubleClick Ad Server
    RUL marketing Google DoubleClick Ad Server
    TDCPM marketing Ad platform – The Trade Desk
    TDID marketing Ad platform – The Trade Desk
    _guid marketing/tracking LinkedIn
    _hstc marketing/tracking Hubspot
    AnalyticsSyncHistory marketing/tracking LinkedIn
    bcookie marketing/tracking LinkedIn
    hubspotutk marketing/tracking HubSpot – stores user ID 
    lang marketing/tracking LinkedIn
    li_sugr marketing/tracking LinkedIn
    liap marketing/tracking LinkedIn
    lidc marketing/tracking LinkedIn
    lms_ads marketing/tracking LinkedIn – Ads
    lms_analytics marketing/tracking LinkedIn -Analytics
    sdsc marketing/tracking LinkedIn
    UserMatchHistory marketing/tracking LinkedIn 
    c_user necessary Facebook – Login connection 
    datr necessary Facebook – Login connection
    fr necessary Facebook – Login connection
    https://www.facebook.com necessary Facebook – Login connection
    LOGIN_INFO necessary YouTube – Account Login
    sb necessary Facebook – Login connection
    spin necessary Facebook – Login connection
    VISTITOR_INFO1_LIVE necessary YouTube – Account Login
    wordpress_test_cookie necessary WordPress – checks to see if user has cookies enabled
    wp-settings-12 necessary WordPress – checks to see if user is admin
    wp-settings-time-12 necessary WordPress – logout timer 
    xs necessary Facebook – Login connection
    YSC necessary YouTube – Account Login
    _ctmid preferences CallTrackingMetrics
    _Host-3PLSID preferences Google Sign in 
    _Secure-3PAPISID preferences Google Sign in
    _Secure-3PSID preferences Google Sign in
    _Secure-3PSIDCC preferences Google Sign in
    1P_JAR preferences Google Unique ID 
    drift_aid preferences Drift – Chat ID
    drift_campaign_refresh preferences Drift – Chat refresh
    driftt_aid preferences Drift 
    https://js.driftt.com preferences Drift
    https://patform.twitter.com preferences Twitter – Indexed Database
    LSOLH preferences Google Sign in
    messagesUtk preferences Hubspot
    NID preferences Google
    Personalization_id preferences Twitter
    PREF preferences YouTube 
    SAPISID preferences YouTube 
    SID preferences YouTube
    SIDCC preferences YouTube
    SSID preferences YouTube
    _asc statistics Alexa Analytics 
    _auc statistics Alexa Analytics
    _fbp statistics Facebook Analytics
    _ga statistics Google Analytics
    _ga_6G8D633KN7 statistics Goggle Analytics
    _gat statistics Google Tag Manager
    _gat_gtag_UA_124724018_1 statistics Google Tag Manager
    _gat_gtag_UA_196059789_1 statistics Google Tag Manager
    _gat_UA-9294534-1 statistics Google Tag Manager
    _gid statistics Goggle Analytics
    _sp_id.2b40 statistics Wistia
    _w_session statistics Wistia
    mp_a36067b00a263cce0299cfd960e26ecf_mixpane statistics MixPanel – Attribution of traffic sources
    ct10738 tracking Mongo Metrics – Call tracking 
    csbwfs_show_hide_status unclassified Show hide status 

When You Submit An Enquiry Via our Website

When you submit an enquiry via our website, we ask you for your name, contact telephone number, title, practice name, email address, how you heard about us, speciality, and services interested in.

We use this information to respond to your query, including providing you with any requested information about our products and services. We may also email you several times after your enquiry to follow up on your interest and ensure that we have answered your it to your satisfaction. We will do this based on our legitimate interest in providing accurate information prior to a sale.

Your request is stored and processed as an email which is hosted by Google with the United States. It is also logged on a CRM system on a cloud server based in the United States. Note that the United States may have different and/or lower standards of data protection laws compared to those in your country of residence.

We do not use the information you provide to make any automated decisions that might affect you.

We keep request emails for two years, after which they are securely archived. CRM records are kept for during the lifetime of the potential contract with customers, if no contract is agreed to, records are kept for three years after the last contact.

When You Purchase a Product from Our Website

When you purchase products from us, we ask you for your name, contact telephone number, title, practice name, email address, how you heard about us, speciality, and services interested in. We process the information that we collect when you decide to use our services and register on PatientNow and/or make a purchase, on the legal basis that data processing is necessary to perform a contract we are about to enter or have entered with you (“Contractual Necessity”). In the event you fail to provide such data, you may not be able to use our services.

We require this information to process your payment, deliver your products or services and fulfil our contract with you. We record your IP address to show that the correct tax was applied to the sale, which is required by law.

Your information is stored on our website and on our cloud server, both of which are based in the United States. Your credit card details are passed to a third-party payment processor which is based in the United States and with whom we have a contractual agreement which provides effective safeguards for your information. We do not retain your credit card information.

We do not use the information you provide to make any automated decisions that might affect you. We keep your order information for an indefinite period, as the license we sell for our products do not expire, unless subscription(s) is cancelled.

When You Sign Up to Receive Our Newsletter, Podcast, or Webinars

When you sign up to receive our newsletter, we ask for your name and your email address. We will ask for your consent to use your name and email address to email you our newsletter which contains information about our products and other information which we feel might be of interest to you.

You can withdraw your consent at any time, and we will stop sending you the newsletter.

Your name and email address are shared with a third-party mailing system which is based in United States. This company has contractually committed to providing appropriate safeguards for your personal data which means it will be protected in line with the legal requirements of the United States, EU, and Canada.

We do not use the information you provide to make any automated decisions that might affect you.

We keep your personal data for as long as we produce and distribute our newsletter. If you withdraw your consent, we will mark your details so that they are not used and delete them after two years.

When You Download a Sample Document

When you request to download a sample document, such as a white paper, we ask for your name, company name (which is optional) and your email address.

We use this information to email you a link to download the requested document. We may also email you after your download to follow up on your interest in our products and services. We will do this based on our legitimate interest in marketing to prospects for our products and services.

Your name and email address are shared with a third-party mailing system which is based in United States. This company has contractually committed to providing appropriate safeguards for your personal data which means it will be protected in line with the legal requirements of the United States, EU, and Canada.

We do not use the information you provide to make any automated decisions that might affect you.

Your personal data is stored for one year after you requested your download, after which it is deleted.

When You Take Part in Our Feedback Survey

When you take part in our feedback survey, we record your name, your email address, your organization name, your job role and your answers to questions we ask about your opinion of, and use of, our products and services.

We use this information to develop and improve our products and services and our customer relationships. Your job role, organization, and some or all your comments may be publicly displayed on our website as a testimonial. We will do this based on our legitimate interest in marketing our products and services.

Your details are shared with a third-party surveys system which is based within the United States.

We do not use the information you provide to make any automated decisions that might affect you.

Your personal data is stored for two years, or for as long as we are marketing the product or services that the review refers to, whichever is shorter. You may ask us to remove a testimonial that is based on your feedback from our website at any time.

How Do We Use Your Personal Information?

Our primary purpose in collecting personal information is to carry out and perform our contractual obligations with you and for our legitimate purpose of providing the Services through the website.
Any personal information collected by us in connection with your use of the Services will be used for the purposes specified in this Website Privacy Policy. Any personal information submitted by you for publication on the website grants us a right to use your personal information.
Your personal information may be used by us for one or all of the following commercial reasons:

  • Providing and improving the Services;
  • Identifying and communicating with you;
  • Internal record keeping;
  • Payment and transaction-based fraud-prevention to protect you and other website users;
  • Sending you promotional emails about new products, special offers, or other information which we think you may find interesting;
  • Customizing the website.

We have summarized below the lawful basis of processing your personal information:

Purpose Lawful Basis
To contact you and to respond to your requests, inquiries, and other communications We have a legitimate interest to respond to your requests and inquiries for ongoing business administration
To deliver Services to you To manage and perform our contract with you
For business administration, including statistical analysis We have a legitimate interest to properly manage and administer our relationship with you and to ensure that we are as effective and efficient as we can be
To personalize your visit to the website and to assist you while you use the website We have a legitimate interest to properly manage and administer our relationship with you and to ensure that we are as effective and efficient as we can be
To improve the website by helping us understand who uses the Website We have a legitimate interest to properly manage and administer our relationship with you and to ensure that we are as effective and efficient as we can be
In connection with corporate sales or other restructuring events We have a legitimate interest to process your personal information in connection with the sale or reorganization of all or part of our business or its assets
For fraudprevention and detection and to comply with applicable laws, regulations, or codes of practice including complying with any obligations that derive from anti-money laundering and counter-terrorism legislation To comply with our legal obligations and our legitimate interests

You have a right to object to processing of your personal information where that processing is carried out for our legitimate interest.

How Do We Disclose Your Personal Information?

We may disclose your personal information in the good faith belief that such action is necessary to:

  • To comply with a legal obligation;
  • To protect and defend the rights or property of PatientNow;
  • To prevent or investigate possible wrongdoing in connection with the Services or the website;
  • To protect the personal safety or rights of users of the Services or the public;
  • To protect against legal liability.

Subject to applicable law, we may share your personal information with:

  • Partners and other third-party service providers: to operate PatientNow’s Services, we may share your personal information with our partners and other service providers. These service providers may provide us with support services such as origination of communications, receipt or support services, or customer relationship management services.
  • PatientNow group entities: we may share your personal information with our affiliated entities, each of whom shall comply with the terms of this Website Privacy Policy with respect to its use and disclosure of such personal information.
  • Third-parties through their websites: the website may enable you to share information directly on or through websites or online services operated by third parties. For example, the website may contain links to third-party websites. If you choose to browse such websites, you may disclose your personal information to those third-party websites. PatientNow is not liable for the content or action of such third-party websites.
  • For legal purposes: we may disclose your personal information for PatientNow’s legitimate business interests or to comply with applicable law, investigate, prevent, or take action regarding illegal activities, suspected fraud, violations of our terms and conditions, or to cooperate with regulatory authorities or law enforcement, to establish, exercise, or defend our legal rights or defend against legal claims.
  • Aggregated information. From time to time, PatientNow may also share anonymised and aggregated information about its customers or users of the website.

Retention of Personal Information

Personal information that we collect, access, or process will be retained only as long as necessary for the fulfilment of the purposes for which it was collected and for [seven] years after the later of the last commercial transaction or commercial communication with you, unless otherwise provided in agreements between you and PatientNow or as required or authorized by law. Personal information that is no longer required to fulfil the identified purposes and for our retention purposes will be destroyed, erased, or de-identified.

Your Rights as a Data Subject

By law, you can ask us what information we hold about you, and you can ask us to correct it if it is inaccurate or ask us to restrict the use of your data or to delete your data. You can also object to any legitimate interest processing of your data. If we have asked for your consent to process your personal data, you may withdraw that consent at any time. Note that all of these rights are subject to restrictions and exemptions under applicable law and, therefore, we may not be able to implement your request fully.

If we are processing your personal data for reasons of consent or to fulfil a contract, you can ask us to give you a copy of the information in a machine-readable format so that you can transfer it to another provider.

You have the right to ask us to stop using your information for a period if you believe we are not doing so lawfully.

Finally, in some circumstances you can ask us not to reach decisions affecting you using automated processing or profiling.

To submit a request regarding your personal data by email, post or telephone, please use the contact information provided above in the Who Are We section of this policy.

Your Right to Complain

If you have a complaint about our use of your information, we prefer you to contact us directly in the first instance so that we can address your complaint. However, you can also contact the Data Protection Commission (EU) via their website at dataprotection.ie or write them at

21 Fitzwilliam Square South
Dublin 2
D02 RD28
Ireland

You can also make a complaint to any other supervisory authority in your country of residence if in the UK or Europe.

Updates to This Privacy Policy

We regularly review and, if appropriate, update this privacy policy from time to time, and as our services and use of personal data evolves. If we want to make use of your personal data in a way that we haven’t previously identified, we will contact you to provide information about this and, if necessary, to ask for your consent. We will update the version number and date of this document each time it is changed.