Website Privacy Policy

Introduction
This privacy policy tells you about the information we collect from you when you use our website and/or where we provide services to you through the website (“Services”). In collecting this information, we are acting as a data controller and, by law, we are required to provide you with information about us, about why and how we use your data, and about the rights you have over your data.

Who We Are
PatientNow is a clinical photography photo management, documentation, and storage platform for the dermatology, aesthetics, plastic surgery, vein treatment, medical spa and wound care fields. Our address is 115 Inverness Dr E, Suite 100, Englewood, CO, 80112. You can contact us by post at the previously mentioned address or by email at compliance@patientnow.com.

Cookies
When you use our website to browse our products and services and view the information, we make available, a number of cookies are used by us and by third parties to allow the website to function, to collect useful information about visitors and to help to make your user experience better. We place only strictly necessary cookies automatically. Other cookies are used to improve the performance of the website and your browsing experience. We will seek consent to use other cookies, such as analytical and performance cookies, where required by applicable laws such as in the UK and Europe. In other jurisdictions, where permitted, we inform you that such cookies are placed and offer you the right to adjust your brower setting if you prefer to remove these cookies.

Most of the user activity in our mobile and web applications is tracked by the ID entered when the user logs in.

PatientNow, like most commerce companies, uses many different cookies on its websites, listed below. Cookies are small files that a site or its service provider transfers to your computer’s hard drive through your Web browser (if you allow) that enables the site’s or service provider’s systems to recognize your browser and capture and remember certain information. For instance, we use cookies to help us remember and process the items in your shopping cart. They are also used to help us understand your preferences based on previous or current site activity, which enables us to provide you with improved services. We also use cookies to help us compile aggregate data about site traffic and site interaction so that we can offer better site experiences and tools in the future.

We use cookies to compile aggregate data about site traffic and site interactions in order to offer better site experiences and tools in the future. We may also use trusted third-party services that track this information on our behalf. You can choose to have your computer warn you each time a cookie is being sent, or you can choose to turn off all cookies. You do this through your browser settings. Since browser is a little different, look at your browser’s Help Menu to learn the correct way to modify your cookies. If you turn cookies off, some features will be disabled. It may affect the user’s experience as these cookies make your site experience more efficient and the website may not function properly, however, you will still be able to place orders.

On our website, PatientNow uses a variety of Google’s advertising and tracking technologies. Google’s advertising policies can be summed up by Google’s Advertising Principles. They are put in place to provide a positive experience for users.
We use retargeting cookies to show our site visitors relevant product and promotional information when visiting our site or other websites that promote our products.

We have implemented the following:

  • Remarketing with Google AdSense and Facebook Google Display Network Impression Reporting.
  • We, along with third-party vendors such as Google, use first-party cookies (such as the
    Google Analytics cookies) and third-party cookies (such as the DoubleClick cookie) or
    other third-party identifiers together, to compile data regarding user interactions with
    ad impressions and other ad service functions as they relate to our website.
  • Opting out: Users can set preferences for how Google advertises to you using the
    Google Ad Settings page. Alternatively, you can opt out by visiting the Network
    Advertising Initiative opt Out page or by using the Google Analytics opt Out Browser add on.

We honor Do Not Track signals and Do Not Track, plant cookies, or use advertising when a Do Not Track (DNT) browser mechanism is in place. It’s also important to note that we do not allow third-party behavioral tracking.

Cookies Definitions:

  • Strictly necessary cookies — These cookies are essential for you to browse the website and use its features, such as accessing secure areas of the site. Cookies that allow web shops to hold your items in your cart while you are shopping online are an example of strictly necessary cookies. These cookies will generally be first-party session cookies. While it is not required to obtain consent for these cookies, what they do and why they are necessary should be explained to the user.
  • Preferences cookies — Also known as “functionality cookies,” these cookies allow a website to remember choices you have made in the past, like what language you prefer, what region you would like weather reports for, or what your username and password are so you can automatically log in.
  • Statistics cookies — Also known as “performance cookies,” these cookies collect information about how you use a website, like which pages you visited, and which links you clicked on. None of this information can be used to identify you. It is all aggregated and, therefore, anonymized. Their sole purpose is to improve website functions. This includes cookies from third-party analytics services if the cookies are for the exclusive use of the owner of the website visited.
  • Marketing cookies — These cookies track your online activity to help advertisers deliver more relevant advertising or to limit how many times you see an ad. These cookies can share that information with other organizations or advertisers. These are persistent cookies and almost always of third-party provenance.
  • Other/unclassified- Cookies in transit to being classified or not labelled.
Cookie Name Classification Further Information
_adroll_fpc marketing Adroll used for retargeting
_ar_v4 marketing Google DoubleClick
_gcl_au marketing First Party Conversion Linker
APISID marketing YouTube Ad Tracking
DSID marketing Google DoubleClick
HSID marketing YouTube Ad Tracking
https://app.hubspot.com marketing Hubspot local & session storage
https://insight.adsrvr.org marketing Indexed Database – The Trade Desk
IDE marketing Google DoubleClick Ad Server
RUL marketing Google DoubleClick Ad Server
TDCPM marketing Ad platform – The Trade Desk
TDID marketing Ad platform – The Trade Desk
_guid marketing/tracking LinkedIn
_hstc marketing/tracking Hubspot
AnalyticsSyncHistory marketing/tracking LinkedIn
bcookie

marketing/tracking LinkedIn
hubspotutk marketing/tracking HubSpot – stores user ID
lang marketing/tracking LinkedIn
li_sugr marketing/tracking LinkedIn
liap marketing/tracking LinkedIn
lidc marketing/tracking LinkedIn
lms_ads marketing/tracking LinkedIn – Ads
lms_analytics marketing/tracking LinkedIn -Analytics
sdsc marketing/tracking LinkedIn
UserMatchHistory marketing/tracking LinkedIn
c_user necessary Facebook – Login connection
datr necessary Facebook – Login connection
fr necessary Facebook – Login connection
https://www.facebook.com necessary Facebook – Login connection
LOGIN_INFO necessary YouTube – Account Login
sb necessary Facebook – Login connection
spin necessary Facebook – Login connection
VISTITOR_INFO1_LIVE necessary YouTube – Account Login
wordpress_test_cookie necessary WordPress – checks to see if user has cookies enabled
wp-settings-12 necessary WordPress – checks to see if user is admin
wp-settings-time-12 necessary WordPress – logout timer
xs necessary Facebook – Login connection
YSC necessary YouTube – Account Login
_ctmid preferences CallTrackingMetrics
_Host-3PLSID preferences Google Sign in
_Secure-3PAPISID preferences Google Sign in
_Secure-3PSID preferences Google Sign in
_Secure-3PSIDCC preferences Google Sign in
1P_JAR preferences Google Unique ID
drift_aid preferences Drift – Chat ID
drift_campaign_refresh preferences Drift – Chat refresh
driftt_aid preferences Drift
https://js.driftt.com preferences Drift
https://patform.twitter.com preferences Twitter – Indexed Database
LSOLH preferences Google Sign in
messagesUtk preferences Hubspot
NID preferences Google
Personalization_id preferences Twitter
PREF preferences YouTube
SAPISID preferences YouTube
SID preferences YouTube
SIDCC preferences YouTube
SSID preferences YouTube
_asc statistics Alexa Analytics
_auc statistics Alexa Analytics
_fbp statistics Facebook Analytics
_ga statistics Google Analytics
_ga_6G8D633KN7 statistics Goggle Analytics
_gat statistics Google Tag Manager
_gat_gtag_UA_124724018_1 statistics Google Tag Manager
_gat_gtag_UA_196059789_1 statistics Google Tag Manager
_gat_UA-9294534-1 statistics Google Tag Manager
_gid statistics Goggle Analytics
_sp_id.2b40 statistics Wistia
_w_session statistics Wistia
mp_a36067b00a263cce0299cfd960e26ecf_mixpane statistics MixPanel – Attribution of traffic sources
ct10738 tracking Mongo Metrics – Call tracking
csbwfs_show_hide_status unclassified Show hide status

When You Submit An Enquiry Via our Website
When you submit an enquiry via our website, we ask you for your name, contact telephone number, title, practice name, email address, how you heard about us, speciality, and services interested in.

We use this information to respond to your query, including providing you with any requested information about our products and services. We may also email you several times after your enquiry to follow up on your interest and ensure that we have answered your it to your satisfaction. We will do this based on our legitimate interest in providing accurate information prior to a sale.

Your request is stored and processed as an email which is hosted by Google with the United States. It is also logged on a CRM system on a cloud server based in the United States. Note that the United States may have different and/or lower standards of data protection laws compared to those in your country of residence.

We do not use the information you provide to make any automated decisions that might affect you.

We keep request emails for two years, after which they are securely archived. CRM records are kept for during the lifetime of the potential contract with customers, if no contract is agreed to, records are kept for three years after the last contact.

When You Purchase a Product from Our Website
When you purchase products from us, we ask you for your name, contact telephone number, title, practice name, email address, how you heard about us, speciality, and services interested in. We process the information that we collect when you decide to use our services and register on PatientNow and/or make a purchase, on the legal basis that data processing is necessary to perform a contract we are about to enter or have entered with you (“Contractual Necessity”). In the event you fail to provide such data, you may not be able to use our services.

We require this information to process your payment, deliver your products or services and fulfil our contract with you. We record your IP address to show that the correct tax was applied to the sale, which is required by law.

Your information is stored on our website and on our cloud server, both of which are based in the United States. Your credit card details are passed to a third-party payment processor which is based in the United States and with whom we have a contractual agreement which provides effective safeguards for your information. We do not retain your credit card information.

We do not use the information you provide to make any automated decisions that might affect you. We keep your order information for an indefinite period, as the license we sell for our products do not expire, unless subscription(s) is cancelled.

When You Sign Up to Receive Our Newsletter, Podcast, or Webinars
When you sign up to receive our newsletter, we ask for your name and your email address. We will ask for your consent to use your name and email address to email you our newsletter which contains information about our products and other information which we feel might be of interest to you.

You can withdraw your consent at any time, and we will stop sending you the newsletter.

Your name and email address are shared with a third-party mailing system which is based in United States. This company has contractually committed to providing appropriate safeguards for your personal data which means it will be protected in line with the legal requirements of the United States, EU, and Canada.

We do not use the information you provide to make any automated decisions that might affect you.

We keep your personal data for as long as we produce and distribute our newsletter. If you withdraw your consent, we will mark your details so that they are not used and delete them after two years.

When You Download a Sample Document
When you request to download a sample document, such as a white paper, we ask for your name, company name (which is optional) and your email address.

We use this information to email you a link to download the requested document. We may also email you after your download to follow up on your interest in our products and services. We will do this based on our legitimate interest in marketing to prospects for our products and services.

Your name and email address are shared with a third-party mailing system which is based in United States. This company has contractually committed to providing appropriate safeguards for your personal data which means it will be protected in line with the legal requirements of the United States, EU, and Canada.

We do not use the information you provide to make any automated decisions that might affect you.

Your personal data is stored for one year after you requested your download, after which it is deleted.

When You Take Part in Our Feedback Survey
When you take part in our feedback survey, we record your name, your email address, your organization name, your job role and your answers to questions we ask about your opinion of, and use of, our products and services.

We use this information to develop and improve our products and services and our customer relationships. Your job role, organization, and some or all your comments may be publicly displayed on our website as a testimonial. We will do this based on our legitimate interest in marketing our products and services.

Your details are shared with a third-party surveys system which is based within the United States.

We do not use the information you provide to make any automated decisions that might affect you.

Your personal data is stored for two years, or for as long as we are marketing the product or services that the review refers to, whichever is shorter. You may ask us to remove a testimonial that is based on your feedback from our website at any time.

How Do We Use Your Personal Information?
Our primary purpose in collecting personal information is to carry out and perform our contractual obligations with you and for our legitimate purpose of providing the Services through the website.
Any personal information collected by us in connection with your use of the Services will be used for the purposes specified in this Website Privacy Policy. Any personal information submitted by you for publication on the website grants us a right to use your personal information.
Your personal information may be used by us for one or all of the following commercial reasons:

  • Providing and improving the Services;
  • Identifying and communicating with you;
  • Internal record keeping;
  • Payment and transaction-based fraud-prevention to protect you and other website users;
  • Sending you promotional emails about new products, special offers, or other information which we think you may find interesting;
  • Customizing the website.

We have summarized below the lawful basis of processing your personal information:

Purpose Lawful Basis
To contact you and to respond to your requests, inquiries, and other communications We have a legitimate interest to respond to your requests and inquiries for ongoing business administration
To deliver Services to you To manage and perform our contract with you
For business administration, including statistical analysis We have a legitimate interest to properly manage and administer our relationship with you and to ensure that we are as effective and efficient as we can be
To personalize your visit to the website and to assist you while you use the website We have a legitimate interest to properly manage and administer our relationship with you and to ensure that we are as effective and efficient as we can be
To improve the website by helping us understand who uses the Website We have a legitimate interest to properly manage and administer our relationship with you and to ensure that we are as effective and efficient as we can be
In connection with corporate sales or other restructuring events We have a legitimate interest to process your personal information in connection with the sale or reorganization of all or part of our business or its assets
For fraudprevention and detection and to comply with applicable laws, regulations, or codes of practice including complying with any obligations that derive from anti-money laundering and counter-terrorism legislation To comply with our legal obligations and our legitimate interests

You have a right to object to processing of your personal information where that processing is carried out for our legitimate interest.

How Do We Disclose Your Personal Information?
We may disclose your personal information in the good faith belief that such action is necessary to:

  • To comply with a legal obligation;
  • To protect and defend the rights or property of PatientNow;
  • To prevent or investigate possible wrongdoing in connection with the Services or the website;
  • To protect the personal safety or rights of users of the Services or the public;
  • To protect against legal liability.

Subject to applicable law, we may share your personal information with:

  • Partners and other third-party service providers: to operate PatientNow’s Services, we may share your personal information with our partners and other service providers. These service providers may provide us with support services such as origination of communications, receipt or support services, or customer relationship management services.
  • PatientNow group entities: we may share your personal information with our affiliated entities, each of whom shall comply with the terms of this Website Privacy Policy with respect to its use and disclosure of such personal information.
  • Third-parties through their websites: the website may enable you to share information directly on or through websites or online services operated by third parties. For example, the website may contain links to third-party websites. If you choose to browse such websites, you may disclose your personal information to those third-party websites. PatientNow is not liable for the content or action of such third-party websites.
  • For legal purposes: we may disclose your personal information for PatientNow’s legitimate business interests or to comply with applicable law, investigate, prevent, or take action regarding illegal activities, suspected fraud, violations of our terms and conditions, or to cooperate with regulatory authorities or law enforcement, to establish, exercise, or defend our legal rights or defend against legal claims.
  • Aggregated information. From time to time, PatientNow may also share anonymised and aggregated information about its customers or users of the website.

Retention of Personal Information
Personal information that we collect, access, or process will be retained only as long as necessary for the fulfilment of the purposes for which it was collected and for [seven] years after the later of the last commercial transaction or commercial communication with you, unless otherwise provided in agreements between you and PatientNow or as required or authorized by law. Personal information that is no longer required to fulfil the identified purposes and for our retention purposes will be destroyed, erased, or de-identified.

Your Rights as a Data Subject
By law, you can ask us what information we hold about you, and you can ask us to correct it if it is inaccurate or ask us to restrict the use of your data or to delete your data. You can also object to any legitimate interest processing of your data. If we have asked for your consent to process your personal data, you may withdraw that consent at any time. Note that all of these rights are subject to restrictions and exemptions under applicable law and, therefore, we may not be able to implement your request fully.

If we are processing your personal data for reasons of consent or to fulfil a contract, you can ask us to give you a copy of the information in a machine-readable format so that you can transfer it to another provider.

You have the right to ask us to stop using your information for a period if you believe we are not doing so lawfully.

Finally, in some circumstances you can ask us not to reach decisions affecting you using automated processing or profiling.

To submit a request regarding your personal data by email, post or telephone, please use the contact information provided above in the Who Are We section of this policy.

Your Right to Complain
If you have a complaint about our use of your information, we prefer you to contact us directly in the first instance so that we can address your complaint. However, you can also contact the Data Protection Commission (EU) via their website at dataprotection.ie or write them at

21 Fitzwilliam Square South
Dublin 2
D02 RD28
Ireland

You can also make a complaint to any other supervisory authority in your country of residence if in the UK or Europe.

Updates to This Privacy Policy
We regularly review and, if appropriate, update this privacy policy from time to time, and as our services and use of personal data evolves. If we want to make use of your personal data in a way that we haven’t previously identified, we will contact you to provide information about this and, if necessary, to ask for your consent. We will update the version number and date of this document each time it is changed.