HealthROM, Inc.
User Privacy Policy

This notice describes how medical information about you may be used and disclosed in connection with your use of our web portal. Please review it carefully.

Collection of Information

We may collect the following types of information in connection with your ROM Technologies, Inc. (“ROM Tech”) account and services, including without limitation use of this web portal:

• Your name, email address, contact information, date of birth, phone number(s), and statistics generated from your rehabilitation sessions using HealthROM devices.

• Data about your HealthROM device, including your device ID, IP address, cookies, web beacons, browser type, operating system, cross-device matching data, and similar data, including without limitation metadata or data used for analytics purposes

• Information about when your HealthROM account was registered, modified or terminated, and dates/times of logins and logouts

• Any permissions and authorizations you have provided related to your HealthROM account including without limitation the identity of and other information concerning other individuals to whom you have given access to your account

• Information about and related to any services or third party platforms you use or access through your HealthROM account, including frequency of access, types of use, features or functionality used, client accounts accessed, etc.

• Security related information, such as your credentials which include but are not limited to username and password, number of failed login attempts, timeouts, past passwords, security questions for identity or account validation, number and frequency of username or password resets, permissions and authorizations for our services and those of third party platforms, and geo-locational information.

In addition, we may collect other information as permitted under applicable law. We may also share information regarding your HealthROM account and services as follows:

• Within HealthROM, including with employees, contractors, agents, and service providers, and with other third parties we use to support our business or services and who are bound by contractual obligation to keep information confidential and use it only for the purposes for which we disclose it to them;

• To protect our rights and property and the rights and property of our clients and others, including to enforce agreements, policies and terms of use;• To comply with applicable laws and regulations;• To respond to lawful requests, regulatory enquiries, investigations and legal process;

• To protect the safety of any person;

• With third parties other than as set out above and only with your consent;

• In connection with, or during the consideration, negotiation, or consummation of any merger, divestiture, restructuring, reorganization, dissolution, or other sale or transfer of some or all our assets, whether as a going concern or as part of bankruptcy, liquidation, or similar proceeding.In addition, we may share information as permitted under applicable law.

Cookies

We use cookies to authenticate users, block malicious use of login credentials, and shield unauthorized access to HealthROM properties and services. We also developed and use cookies to collect information on HealthROM and our services in order to understand and improve our services and the manner in which they are provided. These cookies also help us learn how well HealthROM and our services operate across different locations and identify any issues in the operation and provision of our services.

Third-Party Cookies

We also permit the setting of third-party cookies. These assist us in measuring and understanding how our products are used and how they can be optimized. We may also receive other analytics information from these third parties.

Most internet browsers accept cookies by default. You can block cookies by activating the setting on your browser that allows you to reject all or some cookies. The help and support area on your internet browser should have instructions on how to block or delete cookies. Some web browsers (including some mobile web browsers) provide settings that allow you to control or reject cookies or to alert you to when a cookie is placed on your computer, tablet or mobile device. Your HealthROM account also may not recognize if your browser sends a “do not track” signal or similar mechanism to indicate you do not wish to be tracked or receive interest-based ads.

For more information, visit the help page for your web browser

Data Retention

You agree that the Website and all Services provided by the Company are the property of the Company, including all copyrights, trademarks, trade secrets, patents, and other intellectual property ("Company IP"). You agree that the Company owns all right, title and interest in and to the Company IP and that You will not use the Company IP for any unlawful or infringing purpose. You agree not to reproduce or distribute the Company IP in any way, including electronically or via registration of any new trademarks, trade names, service marks or Uniform Resource Locators (URLs), without express written permission from the Company.

Security of Information

Security is of the utmost importance for HealthROM. HealthROM uses technical and physical safeguards to protect the security of your information from unauthorized disclosure. However, security cannot be guaranteed against all threats.

You may not assign or transfer your HealthROM account or share your HealthROM login, password, or any other credentials with any other person without our consent. Please notify us immediately if you believe the security of your HealthROM account may have been compromised.

Notice Regarding Children and Minors

HealthROM recognizes the importance of protecting the privacy and safety of children. HealthROM accounts are not intended for users under the age of sixteen (16) years old, and such users are not authorized to have HealthROM accounts. If you believe we have collected data from a user under sixteen (16) years old without the consent of their parent or legal guardian, please let us know immediately by contacting us as indicated below and provide sufficient information so we can act appropriately on your request.

Telephone Consumer Protection Act (TCPA) Notice

In connection with your HealthROM account, we may need to send business, informational, support and security related messages (whether texts, alerts or calls) to all telephone numbers, including cellular numbers or mobile devices, you choose to provide on your HealthROM account, including on the HealthROM device itself. You agree such texts or calls may be pre recorded messages or placed with an automatic telephone dialing system. In addition, you agree that HealthROM may send service or account related text messages to cellular phone numbers you provide to HealthROM, and you agree to accept and pay all carrier message and data rates that apply to such text messages. If you choose to provide an e-mail or other electronic address on your HealthROM account, you acknowledge and consent to receive business and informational messages relating to your HealthROM account at the address, and you represent and warrant that such address is your correct address and is not accessible or viewable by any other person.

Disputes

Unless otherwise required by applicable law, or otherwise specified in other HealthROM terms applicable to the specific Services you are accessing or using through your HealthROM account (and then only to the extent that the dispute relates solely to such specific Services), you agree that all provisions regarding disputes set forth in our terms of use also apply to any disputes related to this HealthROM User Privacy Policy, including without limitation, choice of law, forum, service of process, mediation or arbitration, waiver of rights to trial by jury and agreement not to assert any claims in a consolidated or class action.

Your Rights

When it comes to your health information, you have certain rights. This section explains your rights and some of our responsibilities to help you.

Get an electronic or paper copy of your medical record

• You can ask to see or get an electronic or paper copy of your medical record and other health information we have about you. Ask us how by e-mailing CustomerService@HealthROM.com.

• We will provide a copy or a summary of your health information, usually within 10 business days of your request. We may charge a reasonable, cost-based fee.

Ask us to correct your personal or medical record

• You can ask us to correct personal or health information about you that is incorrect or incomplete. This will not apply to any notes made by your health care providers or other similar information, but does apply to fact-based metrics such as your date of birth, gender, or marital status. Ask us how by e-mailing CustomerService@HealthROM.com.

Request confidential communications

• You can ask us to contact you in a specific way (for example, home or office phone) or to send mail to a different address.

Ask us to limit what we use or share

• You can ask us not to use or share certain health information for treatment, payment, or our operations. We are not required to agree to your request, and we may say “no” if it would negatively affect your care.

• If you pay for a service or health care item out-of-pocket in full, you can ask us not to share that information for the purpose of payment or our operations with your health insurer. We will say “yes” unless a law requires us to share that information.

Get a list of those with whom we’ve shared information

• You are entitled upon request to a list (accounting) of the times we’ve shared your health information for six years prior to the date you ask, who we shared it with, and why.

• We will include all the disclosures except for those about treatment, payment, and health care operations, and certain other disclosures (such as any you asked us to make). We’ll provide one accounting a year for free but will charge a reasonable, cost-based fee if you ask for another accounting within 12 months.

Get a copy of this privacy notice

You can ask for a paper copy of this notice at any time, even if you have agreed to receive the notice electronically. We will provide you with a paper copy promptly.

Choose someone to act for you

• If you have given someone medical power of attorney or if someone is your legal guardian, that person can exercise your rights and make choices about your health information.• We will make sure the person has this authority and can act for you before we take any action.

File a complaint if you feel your rights are violated

• You can lodge a complaint with us if you feel we have violated your rights in any way. Please see information on Page 1 regarding how to contact us.

• You can also file a complaint with the U.S. Department of Health and Human Services Office for Civil Rights by sending a letter to:

200 Independence Avenue, S.W., Washington,
D.C. 20201, calling 1-877-696-6775, or visiting
www.hhs.gov/ocr/privacy/hipaa/complaints/.

Your Choices

For certain health information, you can tell us your choices about what we share. If you have a clear preference for how we share your information in the situations described below, talk to us. Tell us what you want us to do, and we will follow your instructions.

In these cases, you have both the right and choice to tell us to:

• Share information with your family, close friends, or others involved in your care

• Share information in a disaster relief situation

If you are not able to tell us your preference, for example if you are unconscious, we may choose to share your information if we reasonably believe it is in your best interest. We may also share your information when needed to lessen a serious and imminent threat to your health or safety.

We never share your information for the following purposes (unless you give us written permission, which we will not solicit):

• Marketing purposes

• Sale of your information

Our Uses and Disclosures

How do we typically use or share your health information?

We typically use or share your health information in the following ways.

In the Course of Your Treatment

We may share your health information with health care professionals who are treating you.

In the delivery of our services

We may use and share your health information to deliver our services to you, to improve the delivery of your care by your health care professionals, and to contact you when necessary.

Billing and payment for your ROM Tech services

We may use and share your health information to bill and get payment from health plans or other entities.

How else can we use or share your health information?

We are allowed or required in some circumstances to share your information in other ways that most often contribute to the public good, such as public health and research. However, we have to meet many legal conditions before we can share your information for these purposes. For more information visit: www.hhs.gov/ocr/privacy/hipaa/understanding/consumers/index.html.

Help with public health and safety issues

We can share health information about you for certain situations such as:

• Preventing disease

• Helping with product recalls

• Reporting suspected abuse, neglect, or domestic violence

• Preventing or reducing a serious threat to anyone’s health or safety

Comply with the law

We will share information about you if state or federal laws require it, including with the Department of Health and Human Services and any applicable state or local health department.

Address workers’ compensation, law enforcement, and other government requests. We can use or share health information about you:

• For workers’ compensation claims

• For law enforcement purposes or in response to a valid legal mandate

• With health oversight agencies for activities authorized by law

Respond to Subpoenas, Court Orders, and Other Legal Actions

We can share health information about you in response to a court or administrative order, or in response to a subpoena.

OUR RESPONSIBILITIES

• We are required by law to maintain the privacy and security of your protected health information.

• We will let you know promptly if a breach occurs that may have compromised the privacy or security of your information.

• We must follow the duties and privacy practices described in this notice and give you a copy of it in writing if you so request.

• We will not use or share your information other than as described here unless you give us written permission. If you give us such permission, you may withdraw it at any time. You must advise us know in writing if you wish to revoke any previously given permission.

For more information regarding this privacy notice and your rights as a consumer of HealthROM services, visit: www.hhs.gov/ocr/privacy/hipaa/understanding/consumers/noticepp.html.

Changes to the Terms of this Notice

We reserve the right to change and/or update the terms of this notice at any time and without advance notice to you, and all such changes will apply to all information we have about you and we will update our website promptly upon any such changes or updates.

CONTACT

If you have any questions about this ROM Tech User Privacy Policy or any other aspects of your privacy rights with respect to ROM Tech, please contact us at:

HealthROM, Inc.
101 Silvermine Road
Brookfield, Connecticut 06804
Attention: Legal Department

By Email: CustomerService@HealthROM.com
By Phone: 1-888-374-0855

Cookie Policy

Like many other websites, we use cookies on this Site. A cookie is a small removable data file that is stored by the web browser on your computer that identifies your computer and browser when you visit HealthROM.com. We do not use cookies to collect Personal Information but rather to improve the quality of this Site.

Most web browsers are initially set up to accept cookies. You have the option to reset your web browser to refuse all cookies or to indicate when a cookie is being sent. Please note, however, that certain features of the Site may not function if you delete or disable cookies.

THIS SITE’S COOKIES DO NOT AND CANNOT INFILTRATE A VISITOR´S HARD DRIVE TO COLLECT ANY INFORMATION STORED ON THE HARD DRIVE.

Third Party Advertising Cookies

HealthROM.com may from time to time promote products or services through third party websites. Some of these third parties generate their own cookies in order to track how many visitors to this Site have seen their advertisement and to record how many people have seen it more than once.

Third party advertising cookies can are used for statistical purposes, for example, in providing you with future advertising that is more relevant to your interests.

We have no control over third party advertising cookies, but assure you that they cannot be used to identify an individual visitor. The only data that will be collected by these cookies is that the visitor has arrived on the third party's site having previously visited the HealthROM.com website.

California Privacy Rights Notice

This Privacy Notice for California Residents supplements the information contained in above included Privacy Policy and applies solely to all visitors, users, and others who reside in the State of California (“consumers” or “you”). We adopt this notice to comply with the California Consumer Privacy Act of 2018 (CCPA) and any terms defined in the CCPA have the same meaning when used in this Notice.

Where noted in this Notice, the CCPA temporarily exempts personal information reflecting a written or verbal business-to-business communication (“B2B personal information”) from some its requirements.

Information We Collect

We collect information that identifies, relates to, describes, references, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer, household, or device (“personal information”). Personal information does not include:

  • Publicly available information from government records.
  • De-identified or aggregated consumer information
  • Information excluded from the CCPA’s scope, like:
    • Health or medical information covered by the Health Insurance Portability and Accountability Act of 1996 (HIPAA) and the California Confidentiality of Medical Information Act (CMIA) or clinical trial data.

In particular, we have collected the following categories of personal information from consumers within the last twelve (12) months:



Category





A. Identifiers.






B. Personal information categories listed in the California Customer Records statute ( Cal. Civ. Code § 1798.80(e)).














C. Protected classification characteristics under California or federal law.











D. Commercial information









E. Biometric information










F. Internet or other similar network activity





G. Geolocation data.




H. Sensory data.




I. Professional or employment-related information.





J. Non-public education information (per the Family Educational Rights and Privacy Act (20 U.S.C. Section 1232g, 34 C.F.R. Part 99)).





K. Inferences drawn from other personal information.



Examples

A real name, alias, postal address, unique personal identifier, online identifier, Internet Protocol address, email address, account name, Social Security number, driver’s license number, passport number, or other similar identifiers.

A name, signature, Social Security number, physical characteristics or description, address, telephone number, passport number, driver’s license or state identification card number, insurance policy number, education, employment, employment history, bank account number, credit card number, debit card number, or any other financial information, medical information, or health insurance information.

Some personal information included in this category may overlap with other categories.


Age (40 years or older), race, color, ancestry, national origin, citizenship, religion or creed, marital status, medical condition, physical or mental disability, sex (including gender, gender identity, gender expression, pregnancy or childbirth and related medical conditions), sexual orientation, veteran or military status, genetic information (including familial genetic information).




Records of personal property, products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies.


Genetic, physiological, behavioral, and biological characteristics, or activity patterns used to extract a template or other identifier or identifying information, such as, fingerprints, faceprints, and voiceprints, iris or retina scans, keystroke, gait, or other physical patterns, and sleep, health, or exercise data.




Browsing history, search history, information on a consumer’s interaction with a website, application, or advertisement.




Physical location or movements.




Audio, electronic, visual, thermal, olfactory, or similar information.



Current or past job history or performance evaluations.



Education records directly related to a student maintained by an educational institution or party acting on its behalf, such as grades, transcripts, class lists, student schedules, student identification codes, student financial information, or student disciplinary records.


Profile reflecting a person’s preferences, characteristics, psychological trends, predispositions, behavior, attitudes, intelligence, abilities, and aptitudes.



Collected





      YES







       YES

















      YES












      YES









      YES










       NO






      YES




      YES




       NO






       NO








      YES

We obtain the categories of personal information listed above either directly from you (e.g., from your use of the Services) or indirectly from you (e.g., observing your actions on our website or through our devices), as further described above.

Use of Personal Information

We may use, or disclose the personal information we collect for one or more of the following purposes:


  • To fulfill or meet the reason you provided the information. For example, providing HealthROM products or services to you or responding to questions about HealthROM products or services.
  • To provide, support, personalize, and develop HealthROM web properties, products and services.
  • To create, maintain, customize, and secure your account with us.
  • To process your requests, purchases, transactions, and payments and prevent transactional fraud.
  • To provide you with support and to respond to your inquiries, including to investigate and address your concerns and monitor and improve our responses.
  • To personalize your website and services experience and to deliver content and product and service offerings relevant to your interests via email or text message with your consent, where required by law.
  • To help maintain the safety, security, and integrity of HealthROM, our website, products and services, databases and other technology assets, and business.
  • For testing, research, analysis, and product development, including to develop and improve the HealthROM website, products, and services.
  • To respond to law enforcement requests and as required by applicable law, court order, or governmental regulations.
  • As described to you when collecting your personal information or as otherwise set forth in the CCPA.

16) Modification & Variation

The Company may, from time to time and at any time without notice to You, modify this Agreement. You agree that the Company has the right to modify this Agreement or revise anything contained herein. You further agree that all modifications to this Agreement are in full force and effect immediately upon posting on the Website and that modifications or variations will replace any prior version of this Agreement, unless prior versions are specifically referred to or incorporated into the latest modification or variation of this Agreement.

a) To the extent any part or sub-part of this Agreement is held ineffective or invalid by any court of law, You agree that the prior, effective version of this Agreement shall be considered enforceable and valid to the fullest extent.

b) You agree to routinely monitor this Agreement and refer to the Effective Date posted at the top of this Agreement to note modifications or variations. You further agree to clear Your cache when doing so to avoid accessing a prior version of this Agreement. You agree that Your continued use of the Website after any modifications to this Agreement is a manifestation of Your continued assent to this Agreement.

c) In the event that You fail to monitor any modifications to or variations of this Agreement, You agree that such failure shall be considered an affirmative waiver of Your right to review the modified Agreement.

17) Entire Agreement

This Agreement constitutes the entire understanding between the Parties with respect to any and all use of this Website. This Agreement supersedes and replaces all prior or contemporaneous agreements or understandings, written or oral, regarding the use of this Website.

18) Service Interruptions

The Company may need to interrupt Your access to the Website to perform maintenance or emergency services on a scheduled or unscheduled basis. You agree that Your access to the Website may be affected by unanticipated or unscheduled downtime, for any reason, but that the Company shall have no liability for any damage or loss caused as a result of such downtime.

19) Term, Termination & Suspension

The Company may terminate this Agreement with You at any time for any reason, with or without cause. The Company specifically reserves the right to terminate this Agreement if You violate any of the terms outlined herein, including, but not limited to, violating the intellectual property rights of the Company or a third party, failing to comply with applicable laws or other legal obligations, and/or publishing or distributing illegal material. If You have registered for an account with Us, You may also terminate this Agreement at any time by contacting Us and requesting termination. At the termination of this Agreement, any provisions that would be expected to survive termination by their nature shall remain in full force and effect.

20) No Warranties

You agree that Your use of the Website and Services is at Your sole and exclusive risk and that any Services provided by Us are on an "As Is" basis. The Company hereby expressly disclaims any and all express or implied warranties of any kind, including, but not limited to the implied warranty of fitness for a particular purpose and the implied warranty of merchantability. The Company makes no warranties that the Website or Services will meet Your needs or that the Website or Services will be uninterrupted, error-free, or secure. The Company also makes no warranties as to the reliability or accuracy of any information on the Website or obtained through the Services. You agree that any damage that may occur to You, through Your computer system, or as a result of loss of Your data from Your use of the Website or Services is Your sole responsibility and that the Company is not liable for any such damage or loss.

21) Limitation on Liability

The Company is not liable for any damages that may occur to You as a result of Your use of the Website or Services, to the fullest extent permitted by law. The maximum liability of the Company arising from or relating to this Agreement is limited to the greater of one hundred ($100) US Dollars or the amount You paid to the Company in the last six (6) months. This section applies to any and all claims by You, including, but not limited to, lost profits or revenues, consequential or punitive damages, negligence, strict liability, fraud, or torts of any kind.

22) General Provisions

a) LANGUAGE: All communications made or notices given pursuant to this Agreement shall be in the English language.

b) JURISDICTION, VENUE & CHOICE OF LAW: Through Your use of the Website or Services, You agree that the laws of the State of Connecticut shall govern any matter or dispute relating to or arising out of this Agreement, as well as any dispute of any kind that may arise between You and the Company, with the exception of its conflict of law provisions. In case any litigation specifically permitted under this Agreement is initiated, the Parties agree to submit to the personal jurisdiction of the state and federal courts of the following county: Fairfield County, Connecticut. The Parties agree that this choice of law, venue, and jurisdiction provision is not permissive, but rather mandatory in nature. You hereby waive the right to any objection of venue, including assertion of the doctrine of forum non conveniens or similar doctrine.

c) ARBITRATION: In case of a dispute between the Parties relating to or arising out of this Agreement, the Parties shall first attempt to resolve the dispute personally and in good faith. If these personal resolution attempts fail, the Parties shall then submit the dispute to binding arbitration. The arbitration shall be conducted in the following county: Fairfield County. The arbitration shall be conducted by a single arbitrator, and such arbitrator shall have no authority to add Parties, vary the provisions of this Agreement, award punitive damages, or certify a class. The arbitrator shall be bound by applicable and governing Federal law as well as the law of the following state: Connecticut. Each Party shall pay their own costs and fees. Claims necessitating arbitration under this section include, but are not limited to: contract claims, tort claims, claims based on Federal and state law, and claims based on local laws, ordinances, statutes or regulations. Intellectual property claims by the Company will not be subject to arbitration and may, as an exception to this sub-part, be litigated. The Parties, in agreement with this sub-part of this Agreement, waive any rights they may have to a jury trial in regard to arbitral claims.

d) ASSIGNMENT: This Agreement, or the rights granted hereunder, may not be assigned, sold, leased or otherwise transferred in whole or part by You. Should this Agreement, or the rights granted hereunder, by assigned, sold, leased or otherwise transferred by the Company, the rights and liabilities of the Company will bind and inure to any assignees, administrators, successors, and executors.

e) SEVERABILITY: If any part or sub-part of this Agreement is held invalid or unenforceable by a court of law or competent arbitrator, the remaining parts and sub-parts will be enforced to the maximum extent possible. In such condition, the remainder of this Agreement shall continue in full force.

f) NO WAIVER: In the event that We fail to enforce any provision of this Agreement, this shall not constitute a waiver of any future enforcement of that provision or of any other provision. Waiver of any part or sub-part of this Agreement will not constitute a waiver of any other part or sub-part.

g) HEADINGS FOR CONVENIENCE ONLY: Headings of parts and sub-parts under this Agreement are for convenience and organization, only. Headings shall not affect the meaning of any provisions of this Agreement.

h) NO AGENCY, PARTNERSHIP OR JOINT VENTURE: No agency, partnership, or joint venture has been created between the Parties as a result of this Agreement. No Party has any authority to bind the other to third parties.

i) FORCE MAJEURE: The Company is not liable for any failure to perform due to causes beyond its reasonable control including, but not limited to, acts of God, acts of civil authorities, acts of military authorities, riots, embargoes, acts of nature and natural disasters, and other acts which may be due to unforeseen circumstances.

j) ELECTRONIC COMMUNICATIONS PERMITTED: Electronic communications are permitted to both Parties under this Agreement, including e-mail or fax. For any questions or concerns, please email Us at the following address: info@healthrom.com.

22) General Provisions

Company has made every attempt to ensure the accuracy and reliability of the information provided on www.healthrom.com website. However, the information is provided “as is” without warranty of any kind. Company does not accept any responsibility or liability for the accuracy, content, completeness, legality, or reliability of the information contained on this website.

No warranties, promises and/or representations of any kind, expressed or implied, are given as to the nature, standard, accuracy or otherwise of the information provided in this website nor to the suitability or otherwise of the information to your particular circumstances.

We cannot and will not guarantee that this website is free from computer viruses or anything else that has destructive properties.

We shall not be liable for any loss or damage of whatever nature (direct, indirect, consequential, or other) whether arising in contract, tort or otherwise, which may arise as a result of your use of (or inability to use) this website, or from your use of (or failure to use) the information on this website. This website may provide links to other websites owned by third parties. The content of such third party sites is not within our control, and we cannot and will not take responsibility for the information or content thereon. Links to such third party sites are not to be taken as an endorsement by Company of the third party site, or any product promoted, offered or sold on the third party site, nor that such sites are free from computer viruses or anything else that has destructive properties. We cannot and do not take responsibility for the collection or use of personal data from any third party site.In addition, we will not accept responsibility for the accuracy of third party advertisements.

HealthROM and the HealthROM logo are registered trademarks of Company.