MDsimple obtains information about you when you use our Services. Please note that we need certain types of information so that we can provide Services to you. If you do not provide us with such information, or ask us to delete it, you may no longer be able to access or use all or part of our Services.
1. Information You Voluntarily Provide to Us
MDsimple collects information directly from you in a variety ways including:
MDsimple collects the following types of information directly from you:
2. Information We Collect Through Automated Means
MDsimple and our services providers (third party companies that work on our behalf) use a variety of technologies to assist in collecting information about your use of the Services and the devices you use to access the Services.
Visitor Data. When you use our Website, we collect information that will help us understand and analyze your experience interacting with our Services. For example, we may collect information related to domain names, the type of browsers used to access the Services, operating system software, browser plug-ins, cookie preferences, search engine keywords, the pages you viewed and amount of time spent on particular pages, terms you use in you searches on our Website, and similar information.
Location Information. When you use the Services, we and our service providers may automatically collect general location information (e.g., IP address, city/state and or postal code associated with an IP address) from your computer or mobile device. This information allows us to enable access to content that varies based on a user’s general location (e.g., to provide you with accurate sales tax information and to deliver content customized to your location).
Cookies. “Cookies” are a feature in your browser software. If enabled, we, or our service providers, may write cookies that may store small amounts of data on your computer about your visit to any of the pages of the Website. Cookies assist us in tracking which of our features appeal the most to you and what content you may have viewed on past visits. When you visit this Website again, cookies can enable us to customize our content according to your preferences.
You can disable cookies, although the Website may not function properly for you. Your browser preferences can be modified to accept or reject all cookies, or request a notification when a cookie is set. You may read more about cookies at http://cookiecentral.com. In order to use all of the features and functionality of MDsimple’s Website, you need to accept cookies.
Web Beacons. A web beacon, sometimes called a tracking pixels, is a programming code that can be used to display an image on a web page, but can also be used to transfer your unique user identification to a database and associate you with previously acquired information about an individual in a database. This allows MDsimple and our third-party service providers to track certain websites you visit. Web beacons are used to track online behavioral habits for marketing purposes to determine products or services you may be interested in. In addition to using web beacons on web pages, we also use web beacons in email messages sent to individuals listed in MDsimple’s database.
Other Online Tools. MDsimple may also use a web server log or an SDK. A web server log is a file where website activity is stored. An SDK is a set of tools and/or code that we embed in our software to allow third parties to collect information about how people interact with our Services.
As we continue to develop the Website and our Services, MDsimple may implement additional methods to gather information about the MDsimple community.
3. Information We Collect From Social Media and other Content Platforms
MDsimple maintains a presence on a variety of social media platforms. When you “like” or “follow” us on Facebook, Instagram, Twitter, or other social media platforms, we may collect some information about you. This information includes your name, email address, any comments or content you post that is relevant to MDsimple. We also collect your information if you sign up for a promotion and submit information to us through one of our social media accounts.
MDsimple also maintains several blogs as a part of its Services. When you comment or post content to any of our blogs, we will collect your name and email address.
4. Information We Receive From Other Sources
MDsimple works closely with third parties (including, for example, physicians, cannabis experts, and dispensaries with whom we partner to provide you with the Services and their healthcare services, subcontractors in software engineering, advertising networks, analytics, and search information providers). These third-parties may provide MDsimple with some additional information about you.
The following paragraphs describe how MDsimple uses your information in connection with our Services.
General Use. MDsimple will use your information as necessary to carry out and manage its Services. This includes, using your information to verify and administer your account, including processing payments and fulfilling orders (if applicable). We will use your information to communicate with you about MDsimple’s Services, your use of the Services or your inquiries related to the Services. We will send you communications on behalf of physicians or other medical marijuana consultants so that the Services satisfy your needs. MDsimple will use your information to ensure that content from our Services is presented in the most effective manner for you and for your computer or device, allow you to participate in interactive features of our Services (when you choose to do so), and as part of our efforts to keep our Services safe and secure.
Medical Marijuana Evaluations & Personalized Consultations. MDsimple will use your information to facilitate healthcare providers conducting their medical evaluations. Likewise, we will use your information to assist consultants in providing individualized marijuana consultations. MDsimple is the platform that providers/consultants use to communicate with you. MDsimple is not associated in any way with any of the providers/consultants.
Improve MDsimple’s Services. MDsimple continuously seeks to improve its Services. To do so, we conduct research to understand the effectiveness of our Services, improve our Services, and to better understand the MDsimple community. If we publish the results of our research to others, such research will be presented in a de-identified and aggregate form such that individual users cannot be identified.
Promotional Communications. We will use your personal information to communicate with you by email, postal mail, phone, or text message about surveys, promotions, special events or our products and Services and those of our affiliates or third-party partners, and any of their related businesses. By creating an account and using this Website, you are giving your express permission to MDsimple and their agents or vendors the right to contact you with targeted advertising materials by email, text message (SMS), telephone or cellphone, including the use of automated, predictive, programmable, or similar (“robodialers”) dialers or dialing software, or any other means of communication to provide promotional offers. To the extent applicable, you expressly acknowledge that you are solely responsible for all charges billed by your mobile service provider. If you no longer wish to receive promotional communications by email, please follow the unsubscribe link located at the end of the email message.
Marketing/Performance Analysis & Data Analytics. We will use your information to help us better understand your interests and needs, such as by engaging in analysis and research regarding use of the Services. We may use your information to measure or understand the effectiveness of advertising and content we serve to you and others, and to deliver and customize relevant advertising and content to you.
Aggregate/De-Identified Data. We may aggregate and/or de-identify any information collected through the Services so that such information can no longer be linked to you or your device (“Aggregate/De-Identified Information”). We may use Aggregate/De-Identified Information for any purpose, including for research and marketing purposes, and may also share such data with any third parties, including advertisers, promotional partners, and sponsors. We may receive monetary and/or other compensation for sharing Aggregate/De-Identified Information with such third parties.
1. Data Analytics
We may use third-party web analytics services (such as those of Google Analytics (including Google Signals, Google User-ID, and other Google Analytics features) and MixPanel) on our Services to collect and analyze usage information through cookies and similar tools; engage in auditing, research, or reporting; assist with fraud prevention; try to locate the same unique users across multiple browsers or devices to better tailor services and features; and provide certain features to you. If you have a Google account with personalized advertising enabled, through Google Signals, Google will also be able to gather for us analytics and engagement information from across the various devices you use to access the Services. To prevent Google from using your information for analytics (including cross-device tracking for personalization purposes), you may install the Google Analytics Opt-out Browser Add-on. And to opt out of Google Signals, please open your “Settings” app, locate and tap “Google,” select “Ads,” and turn ON “Opt out of Ads Personalization.” You may also be able to disable cross-device tracking through your Android or Apple device-based settings.
If you receive email from us, we may use certain analytics tools, such as clear GIFs to capture data such as when you open our message or click on any links or banners our email contains. This data allows us to gauge the effectiveness of our communications and marketing campaigns.
2. Online Advertising
We sometimes provide our customer information (such as email addresses) to service providers, who may “match” this information in de-identified form to cookies (or mobile ad identifiers) and other proprietary IDs, in order to provide you with more relevant ads when you visit other websites and mobile applications.
Please note that if you exercise the opt out choices above, you will still see advertising when you use the Services, but it will not be tailored to you based on your online behavior over time.
3. Mobile Advertising
When using mobile applications from us or others, you may also receive tailored in-application advertisements. We may use third-party service providers to deliver advertisements on mobile applications or for mobile application analytics. Each operating system, iOS for Apple phones, Android for Android devices, and Windows for Microsoft devices provides its own instructions on how to prevent the delivery of tailored in-application advertisements. We do not control how the applicable platform operator allows you to control receiving personalized in-application advertisements; thus, you should contact the platform provider for further details on opting out of tailored in-application advertisements. You may review the support materials and/or the device settings for the respective operating systems to opt-out of tailored in-app advertisements.
4. Notice Concerning Do Not Track
Do Not Track (“DNT”) is a privacy preference that users can set in certain web browsers. We are committed to providing you with meaningful choices about the information collected on our website for third party purposes, and that is why we provide the variety of opt-out mechanisms listed above. However, we do not currently recognize or respond to browser-initiated DNT signals. To learn more about Do Not Track, you can do so here.
Veriheal may share your information in the following ways:
Affiliates & Related Business Entities. We may share the information we collect with our affiliates or related business entities for the purposes of delivering products or services to you, ensuring a consistent level of service, and to enhance our products, services, and your customer experience.
Healthcare Providers, Consultants, and Services. We may share your information with healthcare providers in order to schedule and fulfill appointments so that the healthcare providers may provide medical marijuana evaluations or personalized consultations.
Service Providers and Third-Party Vendors. We provide access to or share your information with select third parties who use the information to perform services on our behalf. They provide a variety of services to us, including billing, sales, marketing, advertising, analytics, research, customer service, shipping and fulfillment, data storage, IT and security, fraud prevention, payment processing, and auditing and legal services. These entities may also include health care organizations and other third parties we use to support our business or in connection with the administration and support of the Services.
Business Transfers. As MDsimple continues to grow, we may buy, merge, or partner with other companies. In such transactions, your information may be among the assets that are transferred.
Public Forums. Certain features of our Services make it possible for you to share comments publicly with other users. Any information that you submit through such features is not confidential, and we may use it for any purpose (including in testimonials or other marketing materials). For example, if you submit a product review on one of our Websites or blogs, we may display your review (along with the name provided, if any) on other MDsimple websites and on third-party websites. Any information you post openly in these ways will be available to the public at large and potentially accessible through third-party search engines. Accordingly, please take care when using these features.
Aggregate/De-Identified Information. We reserve the right to create Aggregate/De-Identified Data from the information we collect through the services and our sharing of such Aggregate/De-Identified Data is in our sole discretion. We may receive monetary and/or other compensation for our sharing of such Aggregate/De-Identified Information.
The Website and email messages that you receive from Veriheal may sometimes contain hypertext links to the websites of third parties. MDsimple is not responsible for the privacy practices or the content of such other websites. Linked websites may contain links to websites maintained by third parties. Such links are provided for your convenience and reference only. MDsimple does not operate or control in any respect any information, software, products or services available on such third party websites. The inclusion of a link to a website does not imply any endorsement of the services or the site, its contents, or its sponsoring organization.
1. Our Data Security Program
We have adopted, implemented and maintain an enterprise-wide corporate information security and privacy program that includes technical, organizational, administrative, and other security measures designed to protect, as required by applicable law, against reasonably anticipated or actual threats to the security of your personal information (the “Security Program”). Our Security Program was created by reference to the obligations set forth under the Health Insurance Portability and Accountability Act (“HIPAA”). It includes, among many other things, procedures for assessing the need for, and as appropriate, either employing encryption and multi-factor authentication or using equivalent compensating controls. We therefore have every reason to believe our Security Program is reasonable and appropriate for our business and the nature of foreseeable risks to the personal information we collect. We further periodically review and update our Security Program, including as required by applicable law.
2. Our Incident Response and Management Plan
Despite the significant investment we’ve made in, and our commitment to, the Security Program we cannot guarantee that your personal information, whether during transmission or while stored on our systems, otherwise in our care, or the care of our third-party vendors and service providers, will be free from either failed or successful attempts at unauthorized access or that loss or accidental destruction will never occur. Except for our duty under applicable law to maintain the Security Program, we necessarily disclaim, to the maximum extent the law allows, any other liability for any such theft or loss of, unauthorized access or damage to, or interception of any data or communications including personal information.
All that said, as part of our Security Program, we have specific incident response and management procedures that are activated whenever we become aware that your personal information was likely to have been compromised. Those procedures include mechanisms to provide, when circumstances and/or our legal obligations warrant, notice to all affected data subjects within the timeframes required by law, as well as to give them such other mitigation and protection services (such as the credit monitoring and ID theft insurance) as may be required by applicable law. We further require in the contracts with our vendors and business partners that they notify us immediately if they have any reason to believe that an incident adversely affecting personal information we provided to them has occurred.
We do not, for instance, collect personal information from data subjects in the European Economic Area, United Kingdom, or Switzerland or elsewhere abroad. Similarly, we do not target or tailor our Website or Services or any of our other US-based business activities to appeal to, or specifically attempt to do business in those jurisdictions. In terms of California, although we may do business within the state, we do not meet any of the various statutory thresholds and criteria that would bring us under the CCPA.
For general visitors, consumers and regulators who have questions about whether or how the GDPR, CCPA or other industry- or jurisdiction-specific laws apply to us, you can contact us using the contact information below.
Federal law imposes special restrictions and obligations on commercial website operators who direct their operations toward, and collect and use information from children under the age of 13. We take those age-related requirements very seriously, and, consistent with them, do not intend for our Website or Services to be used by children under the age of 18, and certainly not by anyone under the age of 13. Moreover, we do not knowingly collect personal information from minors under the age of 18. If we become aware that anyone under the age of 18 has submitted personal information to us via our Website or Services, we will delete that information and not use it for any purpose whatsoever. We encourage parents and legal guardians to talk with their children about the potential risks of providing personal information over the Internet.