Doctor's Data Inc

Online Privacy Practices

Doctor's Data Inc. (DDI) takes the issue of privacy very seriously. We want to provide visitors to our site the security, privacy and confidentiality that they expect from a healthcare services provider.

DDI does not collect any personal information from anyone who is merely visiting or browsing the site. Personal information is collected if the visitor chooses to request literature through download or mail, sends DDI an email message or uses the client account section of our website.

Types of Personal Information Collected

Email Inquiries

DDI invites visitors on its site to send email messages to DDI so that we may respond to inquiries regarding our products and services. DDI retains copies of these email messages for as long as necessary to respond to the request and to satisfy any legitimate interest of DDI. The information provided by a visitor will be used to respond to the visitor's inquiry and to provide better customer service.

Clients

In the client account section of our website, DDI collects personal information necessary to provide data requested by our clients (for example, test results, account balances and lists of transactions).

Use of Cookies

A cookie is a small piece of information about an Internet session that may be created when a visitor accesses a web site. DDI uses cookies for easier navigation within the site and to provide a higher level of convenience for the visitor. Cookies used by DDI do not retrieve any information from the visitor's personal computer.

We use different types of cookies: "session cookies" and "persistent cookies." Session cookies are temporary cookies that remain on your device until you leave the site. A persistent cookie remains on your device for much longer until you manually delete it (how long the cookie remains will depend on the duration or "lifetime" of the specific cookie and your browser settings).

DDI uses session cookies that are necessary for us to provide the services you use, such as logging into the client account section of the site, You are able to disable placement of cookies by setting your browser to decline cookies, though this may worsen your user experience, and you may not be able to access certain sections of the site. Most browsers will tell you how to stop accepting new cookies, how to be notified when you receive a new cookie, and how to disable existing cookies. A useful resource for information about deleting and controlling cookies can be found at AboutCookies.org.

We also use Google Analytics, a popular web analytics service provided by Google, Inc. Google Analytics uses session and persistent cookies to help us to analyze how users use the site. It counts the number of visitors and tells us things such as length of stay on the site or the average number of pages a user views.

The information generated by the cookie about your use of our website (including your IP address) will be transmitted to and stored by Google on servers in the United States. Google will use this information for the purpose of evaluating your use of our website, compiling reports on website activity and providing other services relating to website activity and internet usage.

Google may also transfer this information to third parties where required to do so by law, or where such third parties process the information on Google's behalf. Google undertakes not to associate your IP address with any other data held by Google.

You can opt out of tracking by Google Analytics and Google Analytics Demographics and Interest Reporting services by visiting Google Ads Settings or by downloading the Google Analytics Opt-Out Browser Add-on.

If you have Adobe Flash installed on your computer (most computers do) and you use our audio or video players on our site, Google Analytics will try to store some additional data on your computer. This data is known as a Local Shared Object or Flash cookie. A useful resource for information about Adobe Flash player settings can be found by clicking here.

Do Not Track Settings

The major browsers have attempted to implement the draft “Do Not Track” (“DNT”) standard of the World Wide Web Consortium (“W3C”) in their latest releases. As this standard has not been finalized, DDI’s site is not compatible with DNT and does not recognize DNT settings.

IP Addresses

An IP address is a number automatically assigned to your computer whenever you access the Internet. All computer identification on the Internet is conducted with IP addresses, which allow computers and servers to recognize and communicate with each other. DDI collects IP addresses in order to conduct system administration and site analysis. If a visitor requests pages from DDI, the DDI servers enter the visitor's IP address into a log. To maintain visitor anonymity, DDI does not associate IP addresses with records containing personal information. However, DDI will use IP addresses to identify any visitors who refuse to comply with DDI's in-house rules or terms of service, and to identify visitors who threaten our service, site, customers or others.

Use of Information

DDI uses the information collected from its web site visitors to address the specific needs of those visitors, to provide better customer service and to provide the latest information regarding DDI's products and services. The information collected is also used to provide a record of communications between DDI and its site visitors and to comply with any applicable legal or regulatory requirements.

DDI also may use this information to communicate with you about its other products and service that we believe may be of interest to you, where we have a legitimate basis for doing so. Every marketing email you will receive from us will contain clear information on how to unsubscribe from future communications. If you sign up for communications from us but then wish to unsubscribe, follow the unsubscribe instructions in the email you receive from us. You can also exercise these rights by contacting us using the contact details provided under the "How to contact us" section.

Once we receive your unsubscribe request, we will cease our marketing communication with you until and unless you re-subscribe for one of our mailing lists.

Sharing of Information with Third Parties

DDI does not rent, sell or transmit any personal information collected through its site to any third-party marketers, and only shared personal information as described in this privacy statement. Personal information may be transmitted to a third party if there is a specific need to complete a transaction requested by the visitor, or is required by law. We may transfer your personal information to any person to whom we transfer any of our rights or obligations under any agreement, or in connection with a sale, merger or consolidation of our business or other transfer of our assets, whether voluntarily or by operation of law, or who is otherwise deemed to be our successor or transferee.

How Long We Keep Your Personal Information

DDI keeps your personal information only as long as we need it to provide services to you and fulfill the purposes described in this Policy. This is also the case for anyone that we share your personal information with and who carries out services on our behalf. Retention periods can vary significantly based on the type of information and how it is used. Our retention periods are based on criteria that include legally mandated retention periods, pending or potential litigation, accounting and tax issues, contract requirements, operational directives or needs, and historical archiving. When we no longer need to use your personal information and there is no need for us to keep it to comply with our legal or regulatory obligations, resolve disputes and enforce our agreements, we’ll either remove it from our systems or anonymize it so that we can't identify you.

Processing of Personal information in coutries outside of theEuropean Economic Area (EEA)

Your personal information will be processed in the United States, where DDI is located, and may be processed in other countries outside the European Economic Area (“Third Countries”), that may not offer the same level of data protection as that afforded by the EU General Data Protection Regulation (“GDPR”). We will process personal data (or procure that it be processed) in the Third Countries in accordance with the requirements of applicable law, which will include having appropriate contractual undertakings in legal agreements with service providers who process personal information on our behalf in such Third Countries.

EEA Resident Rights

If you are a resident of the EEA, you have the following data protection rights under the GDPR:

If you wish to access, correct, update or request deletion of your personal information, you can do so at any time by contacting us using the contact details provided under the "How to contact us" section.

In addition, you can object to processing of your personal information, ask us to restrict processing of your personal information or request portability of your personal information. Again, you can exercise these rights by contacting us using the contact details provided under the "How to contact us" section.

You have the right to opt-out of marketing communications we send you at any time. You can exercise this right by clicking on the "unsubscribe" or "opt-out" link in the marketing emails we send you. Additionally you may opt-out by sending an email to: info@doctorsdata.com, or you may contact us using the contact details provided under the "How to contact us" section.

Similarly, if we have collected and processed your personal information with your consent, then you can withdraw your consent at any time. Withdrawing your consent will not affect the lawfulness of any processing we conducted prior to your withdrawal, nor will it affect processing of your personal information conducted in reliance on lawful processing grounds other than consent.

You have the right to complain to a data protection authority about our collection and use of your personal information. For more information, please contact your local data protection authority.

DDI has in place specific procedures in relation to any Subject Access Requests (“SAR”) that European data subjects might, and are entitled to, make. Put simply, a SAR is a request made by you which requires us to provide you with details of your personal data for an individual European data subject which we hold and process and a description of how we process it. If you have any questions, complaints, of wish to exercise your rights under the GDPR, you may contact us directly. We will consider and address your request in accordance with applicable laws.

Notwithstanding the foregoing, we reserve the right to keep any information in our archives that we deem necessary to comply with our legal obligations, resolve disputes and enforce our agreements.

Information Security

To protect your personal information from unauthorized access and use, we apply organizational and technical security measures in accordance with the applicable law. These measures include computer safeguards and secured files and buildings.

Certain DDI employees will be provided with a visitor's information to respond to that visitor's needs and provide the visitor with information requested. All DDI employees are instructed and trained to use strict standards of care in handling personal and confidential customer information. DDI employees who do not conform to DDI's confidentiality policy are subject to disciplinary action including dismissal.

The DDI Web site has security measures in place to protect against the loss, misuse and alteration of the information under our control. DDI employs strict security measures to safeguard online transactions; personal information is stored in a secured database and always sent via an encrypted Internet channel. To protect the confidentiality of the information submitted, DDI requires that visitors have a browser that supports 128-bit "strong" encryption, i.e., Microsoft's Internet Explorer 9.0 and higher, or another comparable web browser.

Your California Privacy Rights

Under California Civil Code Section 1798.83, California users are entitled to request information relating to whether a business has disclosed personal information to any third parties for the third parties’ direct marketing purposes. DDI does not sell or share your personal information with third party companies for their direct marketing purposes without your consent.

Privacy of Children

We do not knowingly collect or use any personal information from children on our Website ("children" are individuals who have not reached the age of majority in their residential jurisdictions). We do not knowingly allow children to order our products, communicate with us, or use any of our online services. Should you suspect that a child of whom you are the parent or legal guardian has provided us with Personal Data, please contact us using one of the methods specified below and we will work with you to address this issue.

Updates to This Privacy Statement

DDI may update this privacy statement from time to time. When we update this Notice, we will revise the “Effective Date” date below and post it to the Website. If material changes are made, we will place a prominent notice on our Website for at least 30 days prior to the change taking effect, or, for current clients or others with whom we have a business relationship, we will communicate with you directly by email.

How to Contact Us

If you have any questions about this privacy statement or requests with regard to the personal information we hold about you, you may call us at 1-800-323-2784 or +1-630-377-8139, send an email to: privacy@doctorsdata.com, or write to us at the following address:

Doctor's Data, Inc.
Attention: Privacy Officer
3755 Illinois Avenue
St. Charles, Il 60174-2420 USA

Effective May 25, 2018

About Doctor’s Data

Quality Assurance and Control

Research Commitment

Clinical Laboratory and Technologies

Qualifications and Licensing

HIPAA Notice of Privacy Practices

Online Privacy Practices