Last modified: July 1, 2021
This policy applies to information we collect:
- on our Digital Services;
- in email, text, and other electronic messages between you and our Digital Services;
- when you interact with our advertising and applications on third party websites and services, if those applications or advertising include links to this policy.
It does not apply to information collected by:
- us offline or through any other means, including on any other website operated by ARS or any third party;
- any third party, including through any application or content (including advertising) that may link to or be accessible from or on the Digital Services.
Protected Health Information
Some information we collect about you constitutes or may constitute protected health information (“PHI”) regulated under the U.S. Health Insurance Portability and Accountability Act and its implementing regulations (“HIPAA”) and/or 42 C.F.R. Part 2, Confidentiality of Substance Use Disorder Patient Records (“Part 2”). ARS or your healthcare provider (“Provider”), as applicable, will provide you with a Notice of Privacy Practices describing the collection, use and disclosure of your PHI. ARS’s Notice of Privacy Practices can be accessed here. ARS will use and disclose PHI only in accordance with HIPAA and other applicable laws.
2. Children Under the Age of 18
Our Digital Services are not intended for children under the age of 18 and children under the age of 18 are not permitted to use our Digital Services. We will remove any information about a child under the age of 18 if we become aware of it.
Our Digital Services are not intended for children under 18 years of age. No one under age 18 may provide any information to or through the Digital Services. We do not knowingly collect Personal Data from children under 18. If you are under 18, do not use or provide any information on or in our Digital Services or on or through any of their features, including your name, address, telephone number, email address, or any screen name or user name you may use. If we learn we have collected or received Personal Data from a child under 18 without verification of parental consent, we will delete that information. If you believe we might have any information from a child under 18, please contact us at [email protected] or call us at 856-644-4978.
3. Information We Collect About You and How We Collect It
We collect different types of information about you, including information that may directly identify you, information that is about you but individually does not personally identify you, and information that we combine with our other users. This includes information that we collect directly from you or through automated collection technologies.
We collect several types of information from and about users of our Digital Services, specifically information:
- by which you may be directly personally identified, such as name, postal address, billing address, shipping address, e-mail address, home, work, and mobile telephone numbers, date of birth, credit or debit card number (for payment purposes only), insurance information, and medical history (“Personal Data”); and
- that is about you but individually may not directly identify you, such as traffic data, logs, referring/exit pages, date and time of your visit to or use of our Digital Services, error information, clickstream data, information about your mobile device (e.g., unique device identifier), IP address, mobile telephone number and other communication data and the resources that you access and use on or through our Digital Services.
We collect this information:
- directly from you when you provide it to us;
- automatically as you navigate through or use our Digital Services. Information collected automatically may include usage details, IP addresses, your Internet activity while on our Website and others (e.g., pages viewed, clicks, scrolling and mouse-overs) and other information collected through cookies, web beacons, session replay software and other tracking technologies;
- through the use of the global positioning system and Cell ID (“Geolocation”) which allows us to collect your precise or estimated location in real-time; and
- from third parties, for example, our business partners.
Information You Provide to Us
The information we collect on or through our Digital Services is:
- Personal Data such as the data identified above;
- information that you provide by filling in forms on our Digital Services. This includes information provided at the time of registering to use our Digital Services, using our services or other services available through the Digital Services, purchasing products, or requesting further services. We may also ask you for information when you report a problem with our Digital Services;
- records and copies of your correspondence (including email addresses), if you contact us; and
- details of transactions you carry out through our Digital Services and of the fulfillment of your orders. You may be required to provide financial information before placing an order through our Digital Services.
You also may provide information to be published or displayed (hereinafter, “posted”) on public areas of the Digital Services or transmitted to other users of the Digital Services or third parties (collectively, “User Contributions”). Your User Contributions are posted on and transmitted to others at your own risk. Although we limit access to certain pages, please be aware that no security measures are perfect or impenetrable. Additionally, we cannot control the actions of other users of the Digital Services with whom you may choose to share your User Contributions. Therefore, we cannot and do not guarantee that your User Contributions will not be viewed by unauthorized persons.
Information We Collect Through Automatic Data Collection Technologies
As you navigate through and interact with our Digital Services, we may use automatic data collection technologies (such as session replay and tracking technologies referred above) to collect certain information about your equipment, browsing actions, and patterns, specifically:
- Usage Details. Details of your visits to our Digital Services, such as traffic data, location, logs, referring/exit pages, date and time of your visit to or use of our Digital Services, error information, clickstream data, and other communication data and the resources that you access and use on or in the Digital Services.
- Device Information. Information about your computer, mobile device, and Internet connection, specifically your IP address, operating system, browser type, and Application version information.
- Location Data. The Digital Services, depending on the version, may collect information about the location of your device. If you do not want us to collect this information, you can chose not to enable or you can turn-off collection of location information using the privacy settings in the Digital Services or your device.
The information we collect automatically may include Personal Data or we may maintain it or associate it with Personal Data we collect in other ways or receive from third parties. It helps us to improve our Digital Services and to deliver a better and more personalized service by enabling us to:
- estimate our audience size and usage patterns;
- improve our product and services offering;
- store information about your preferences, allowing us to customize our Digital Services according to your individual interests; and
- recognize you when you return to our Digital Services.
The technologies we use for this automatic data collection may include:
- Third Party Providers. We use services like Google Analytics, Facebook, and SalesForce. These services are web analytics platforms provided by third parties to collect certain information relating to your use of our Website. These services may use “cookies”, which are text files placed on your computer, to help our Website analyze how users use the site. You can find out more about how Google uses data when you visit our Website by visiting “How Google uses data when you use our partners’ sites or apps”, (located at google.com/policies/privacy/partners/). We may also use Google Analytics Advertising Features or other advertising networks to provide you with interest-based advertising based on your online activity. For more information regarding Google Analytics please visit Google’s website, and pages that describe Google Analytics, such as www.google.com/analytics/learn/privacy.html. You can find out more about Facebook Analytics here. You can find out more about SalesForce here.
4. How We Use Your Information
We use your Personal Data for various purposes described below, including to:
- provide our Digital Services to you;
- provide products and services to you;
- provide you with information you request from us;
- enforce our rights arising from contracts;
- notify you about changes; and
- provide you with notices about your account.
We use information that we collect about you or that you provide to us, including any Personal Data:
- to provide our Website and its functionality, contents and services to;
- to provide our App and its functionality, contents and services;
- to provide our products and services to you;
- to provide you with information, products, or services that you request from us or that may be of interest to you;
- to process, fulfill, support, and administer transactions and orders for products and services ordered by you;
- to provide you with notices about your ARS account;
- to contact you in response to a request;
- to fulfill any other purpose for which you provide it;
- to carry out our obligations and enforce our rights arising from any contracts entered into between you and us, including for billing and collection;
- to notify you about changes to our Digital Services or any products or services we offer or provide though them;
- in any other way we may describe when you provide the information; and
- for any other purpose with your consent.
We may also use your information to contact you about goods and services that may be of interest to you, including through newsletters, in accordance with applicable law. If you wish to opt-out of receiving such communications, you may do so at any time by clicking unsubscribe at the bottom of these communications or by visiting your Account Preferences page. For more information, see Choices About How We Use and Disclose Your Information.
5. Disclosure of Your Information
- our affiliates and third party service providers that we use to support our business;
- to a company we merge, acquire, or that buys us, or in the event of change in structure of our company of any form;
- to comply with our legal obligations;
- to affiliates and third parties for their own commercial purposes in certain cases;
- to enforce our rights; and
- with your consent.
- to affiliates, contractors, service providers, and other third parties we use to support our business. The services provided by these organizations include providing IT and infrastructure support services, and ordering, marketing, and payment processing services;
- to healthcare Providers, third-party payers, and other third parties for purposes of treatment, payment and healthcare operations in accordance with HIPAA and other applicable law, and as further described in the “Protected Health Information” Section above and ARS’s Notice of Privacy Practices;
- to a buyer or other successor in the event of a merger, divestiture, restructuring, reorganization, dissolution, or other sale or transfer of some or all of our assets, whether as a going concern or as part of bankruptcy, liquidation, or similar proceeding, in which Personal Data held by ARS about our Digital Services users are among the assets transferred;
- to fulfill the purpose for which you provide it;
- for any other purpose disclosed by us when you provide the information; or
- with your consent.
We may also disclose your Personal Data, where permitted by and in accordance with applicable law:
- to comply with any court order, law, or legal process, including to respond to any government or regulatory request;
- to affiliates and third parties to market their products or services to you if you have not opted out of these disclosures. For more information, see Choices About How We Use and Disclose Your Information;
- if we believe disclosure is necessary or appropriate to protect the rights, property, or safety of ARS, our customers, or others. This includes exchanging information with other companies and organizations for the purposes of fraud protection and credit risk reduction.
For example, in the event the Personal Data is Protected Health Information regulated by HIPAA or Part 2, we may need to obtain your consent before disclosing your Personal Data for certain of the above purposes.
6. Choices About How We Use and Disclose Your Information
We offer you choices on how you can opt out of our use of tracking technology, disclosure of your Personal Data for our advertising to you, and other targeted advertising.
We do not control the collection and use of your information collected by third parties described above in Disclosure of Your Information. These third parties may aggregate the information they collect with information from their other customers for their own purposes.
In addition, we strive to provide you with choices regarding the Personal Data you provide to us. We have created mechanisms to provide you with control over your Personal Data:
- Promotional Offers from ARS. If you do not wish to have your email address used by ARS to promote our own products and services, you can opt-out at any time by clicking the unsubscribe link at the bottom of any email or other marketing communications you receive from us or logging onto your Account Preferences page. This opt out does not apply to information provided to ARS as a result of a product purchase, or your use of our services. You may have other options with respect to marketing and communication preferences through our Digital Services.
- Disclosure of Your Information to Affiliates and Third Parties. By using our Digital Services, you consent to our sharing of your Personal Data with our affiliates and third parties for their promotional purposes to the extent permitted by HIPAA and other applicable law. If you wish to unsubscribe from such affiliate and third parties’ promotions, you can do so by clicking the unsubscribe link at the bottom of any email or other marketing communications you receive from them. If you wish to opt-out of such sharing, please change your preferences in your Account Preferences page or email us [email protected].
- Targeted Advertising. To learn more about interest-based advertisements and your opt-out rights and options, visit the Digital Advertising Alliance and the Network Advertising Initiative websites (aboutads.info and www.networkadvertising.org). Please note that if you choose to opt out, you will continue to see ads, but they will not be based on your online activity. We do not control third parties’ collection or use of your information to serve interest-based advertising. However, these third parties may provide you with ways to choose not to have your information collected or used in this way. You can also opt out of receiving targeted ads from members of the NAI on its website.
7. Your Rights Regarding Your Information and Accessing and Correcting Your Information
You may contact us to access or change your Personal Data. You may also be able to review and change your personal information by logging into the Digital Service and visiting your Account Preferences page.
You can Contact Us to access and/or find out what information we have about you, and to correct that information. You can also review and change your Personal Data by logging into our Digital Services and visiting either the Settings or Account Preferences sections of our Digital Services. You may also notify us through the Contact Information below of any changes or errors in any Personal Data we have about you to ensure that it is complete, accurate, and as current as possible or to delete your account. We cannot delete your personal information except by also deleting your account with us. We may also not be able to accommodate your request if we believe it would violate any law or legal requirement (such as a medical record retention law that we are required to comply with) or cause the information to be incorrect.
8. Do Not Track Signals
We currently do not use automated data collection technologies to track you across websites. We currently do not honor do-not-track signals that may be sent by some browsers.
Some web browsers permit you to broadcast a signal to websites and online services indicating a preference that they “do not track” your online activities. At this time, we do not honor such signals, but we currently do not use automated data collection technologies to collect information about your online activities over time and across third party websites or other online services (behavioral advertising).
9. Data Security
Information transmitted over the Internet is not completely secure, but we do our best to protect your Personal Data. You can help protect your Personal Data and other information by keeping your password to our Digital Services confidential.
We have implemented measures designed to secure your Personal Data from accidental loss and from unauthorized access, use, alteration, and disclosure. We use encryption technology for information sent and received by us.
The safety and security of your information also depends on you. Where you have chosen a password for the use of our Digital Services, you are responsible for keeping this password confidential. We ask you not to share your password with anyone.
Unfortunately, the transmission of information via the Internet is not completely secure. Although we do our best to protect your Personal Data, we cannot guarantee the security of your Personal Data transmitted to, on or through our Digital Services. Any transmission of Personal Data is at your own risk. We are not responsible for circumvention of any privacy settings or security measures contained on the Website, in your operating system, or in the App except where required by law.
10. California Privacy Rights for California Residents
Under some circumstances, California law may provide you with the right to obtain a list of third parties (if any) that we provide your Personal Data to for their own direct marketing purposes.
CALIFORNIA PRIVACY RIGHTS
Categories of Personal Data ARS Collects – California Residents
Personal Data does not include information that is: (a) publicly available information from government records; (b) de-identified or aggregated consumer information; or (c) certain information excluded from the scope of CCPA (e.g., PHI covered under HIPAA and medical information covered under the California Medical Information Act).
Categories of Sources from which ARS has collected Personal Data
We collect Personal Data directly from you, for example when you provide it to us, when you contact us through our Digital Services, when you create a ARS account; and indirectly from you automatically through your computer or device as you use our Digital Services. We may also collect Personal Data about you from our advertising partners and service providers.
Use of Personal Data Collected from California Residents
Sharing Personal Data – California Residents
ARS may disclose your Personal Data to a third party for one or more business purposes. When we disclose Personal Data for a business purpose, such as to service providers, we enter a contract that describes the purpose and requires the recipient to both keep that Personal Data confidential and not use it for any purpose except performing the contract.
Disclosures of Personal Data for Business Purposes:
We may disclose your Personal Data for our business purposes, such as your contact information, other information you have provided to us and unique identifiers that identify you to us or to our service providers, such as companies that assist us with marketing and advertising. Please refer to Information We Collect About You and How We Collect It for additional information and details.
We disclose your Personal Data to certain third parties such as our health care Provider partners, service providers, including companies that assist us with marketing and advertising. For additional information please refer to “How We Use Your Information” and “Disclosure of Your Information”).
Access Request Rights
California residents have the right to request that ARS disclose certain information to you about our collection and use of your Personal Data over the past 12 months for the above business and commercial purposes. To submit an access request, see Exercising Access and Deletion Rights. Once we receive and confirm your verifiable consumer request, we will disclose to you:
- The categories of Personal Data we collected about you.
- The categories of sources for the Personal Data we collected about you.
- Our business or commercial purpose for collecting that Personal Data.
- The categories of third parties with whom we share that Personal Data.
- The specific pieces of Personal Data we collected about you.
- If we sold or disclosed your Personal Data for a business purpose, two separate lists disclosing:
- sales, identifying the Personal Data categories that each category of recipient purchased; and
- disclosures for a business purpose, identifying the Personal Data categories that each category of recipient obtained.
Deletion Request Rights
California residents have the right to request that ARS delete your Personal Data that we collected from you and retained, subject to certain exceptions. Once we receive and confirm your verifiable consumer request, we will delete (and direct our service providers to delete) your Personal Data from our records, unless certain exceptions apply.
Exercising Access and Deletion Rights
To exercise the access and deletion rights described above, please submit a verifiable consumer request to us by either:
Only you, or a person registered with the California Secretary of State that you authorize to act on your behalf, may make a verifiable consumer request related to your Personal Data. You may also make a verifiable consumer request on behalf of your minor child. You may only make a verifiable consumer request for access twice within a 12-month period. The verifiable consumer request must:
- Provide sufficient information that allows us to reasonably verify you are the person about whom we collected Personal Data or an authorized representative.
- Describe your request with sufficient detail that allows us to properly understand, evaluate, and respond to it.
We will not discriminate against you for exercising any of your CCPA rights. Unless permitted by the CCPA, we will not:
- Deny you goods or services.
- Charge you different prices or rates for goods or services, including through granting discounts or other benefits, or imposing penalties.
- Provide you a different level or quality of goods or services.
- Suggest that you may receive a different price or rate for goods or services or a different level or quality of goods or services.
Other California Privacy Rights
California Civil Code Section 1798.83 (California’s “Shine the Light” law) permits users of our Digital Services that are California residents and who provide Personal Data in obtaining products and services for personal, family, or household use to request certain information regarding our disclosure of Personal Data to third parties for their own direct marketing purposes. If applicable, this information would include the categories of Personal Data and the names and addresses of those businesses with which we shared your Personal Data with for the immediately prior calendar year (e.g., requests made in 2020 will receive information regarding such activities in 2019). You may request this information once per calendar year. To make such a request, please contact us using the Contact Information below.
12. Contact Information
You may contact us through the contact information below.