Return to policies overview

PRIVACY POLICY

Effective 03/03/2023

We welcome you to www.acubliss.app operated by DynaBliss, Inc. In the below Privacy Policy, we inform you about the scope of the processing of your personal data. In principle, we will only use your Personal data in accordance with the applicable data protection laws, in particular the California Consumer Privacy Act (“CCPA”), and the subsequent amendments from the California Privacy Rights and Enforcement Act (“CPRA”), the General Data Protection Regulation (“GDPR”), the Health Insurance Portability and Accountability Act (“HIPAA”) and only as described in this privacy policy.

If you are a Citizen of the European Union, please also refer to our GDPR Compliance Statement for supplemental information and our Data Processing Addendum. If you are a Canadian Citizen, please also refer to our PIPEDA Compliance Statement for supplemental information and our Data Processing Addendum.

For further information on the processing of protected health information in accordance with the Health Insurance Portability and Accountability Act, please refer to our HIPAA Compliance Statement.

The Operator

DynaBliss, Inc.
2226 MacArthur Blvd, #27505,
Oakland, California 94602, USA

Web: www.acubliss.app
E-Mail: privacy@dynabliss.com

  1. What is Personal data?

    1. Personal data in this sense are all individual details about personal or factual circumstances of an identified or identifiable natural person, such as your name, your telephone number, your address, and other information that you provide when you use my website and services or when you contact us about them.
  2. What data do we collect?

    1. When you participate in, access, request or use to any of our services, or online content through our social media presences we receive Personal data about you which we use to provide these services. This may consist of data such as your name, email address. In particular:

      1. when you access our website

        1. We collect data on every access to our website. The access data (log file) includes the name of the website accessed, file, date and time of access, amount of data transferred, notification of successful access, browser type and version, the user's operating system, referrer URL (the previously visited page), IP address and the requesting provider
      2. when contacting us

        1. When contacting us, your details are processed for the purpose of handling the request and its processing and may include your Name, E-mail address and other contact details, if you provide them.
      3. when you register for an account

        1. On our website, we offer you the opportunity to register by providing Personal data and non-Personal data, in particular your email address. The data is entered in the registration form is transmitted to us and stored. Registration is necessary in order to set up your account, which you can use to access our services. You can delete your account at any time on our website either by using the delete function in your account or by contacting us.
      4. when you use our Services

        1. We collect, process, and use the information you provide in the context of your use of our services this may include Personal data and non- Personal data.

        2. If you are a patient, then in addition to demographic information, we will collect information regarding your health conditions, medications, medical appointments, insurance provider, communications between you and your healthcare provider, and any other healthcare information you may self-report through the AcuBliss Platform.

        3. We store the information you provide for the period of processing and handling the contract between you and us. After the contract between us is terminated or expires, your data will be anonymized. Data that we are required to store due to legal, statutory, or contractual retention obligations will be blocked instead of being deleted to prevent it being used for other purposes. The processing of the data serves the fulfillment of the contract with you.

        4. Please note when using our services, you become the data controller and we become the data processor in accordance with Art. 28 of the GDPR, for further information please refer to our Data Processing Addendum.

        5. Where we process your Personal Data as a data intermediary on behalf of a third party, we will process your Personal Data in accordance with the instructions of the third party and shall use it only for the purposes agreed between you and the third party. All such Personal Data will be protected and retained in accordance with this privacy policy and our Data Processing Addendum, GDPR Compliance Statement, HIPAA Compliance Statement.

      5. payment transactions

        1. We do not collect or store any payment transaction information such as credit card numbers or bank details during the payment process. You only provide this information directly to the respective payment service provider.
      6. use of cookies

        1. We use so-called cookies on our website. Cookies are small text files that are stored on your respective device (PC, smartphone, tablet, etc.) and saved by your browser. For further information please refer to our Cookie Policy.
  3. On what grounds do we use Personal data?

    1. We use your Personal data for the following purposes and on the following grounds:

      1. on the basis of fulfilling our contract,

      2. on the basis of your consent,

      3. on the basis of legal obligations,

      4. on the basis of our legitimate interest, or

      5. on the basis of establishing, exercising or defending our legal rights.

  4. When do we disclose your Personal data?

    1. We disclose your Personal data in response to your business enquiry or your request for information within our Company in order to provide the best service possible and within our legitimate interest.

    2. We may share your information with organizations that help us provide the services described above and who may process such data on our behalf and to support this website and our services. For example, with our legal other professional advisors.

    3. If you are a patient user of the AcuBliss Platform, we will share your Personal data with your healthcare provider in order to provide your healthcare provider with the ability to manage your healthcare experience, including for scheduling appointments, tracking your healthcare progress, accessing your insurance information, providing you with invoices, and communicating with you.

    4. We may disclose Personal data with third parties in the event of a reorganization, merger, sale, joint venture, assignment, transfer, or other disposition of all or any portion of DynaBliss' corporate entity, assets, or stock (including in connection with any bankruptcy or similar proceedings)

    5. We may disclose Personal data in other circumstances such as when you agree to it or if the law, a Court order, a legal obligation or regulatory authority ask us to. If the purpose is the prevention of fraud or crime or if it is necessary to protect and defend our right, property or personal safety of our staff, the website and its users.

  5. Integration of third-party services and content

    1. We use content or service offers of third-party providers on the basis of our legitimate interests in order to integrate their content and services (hereinafter uniformly referred to as "content").

    2. This always requires that the third-party providers of this content are aware of the IP address of the user, as without the IP address they would not be able to send the content to their browser. The IP address is therefore necessary for the display of this content.

    3. Third-party providers may also use so-called pixel tags (invisible graphics, also known as "web beacons") for statistical or marketing purposes. The "pixel tags" can be used to evaluate information such as visitor traffic on the pages of our website. The pseudonymous information may also be stored in cookies on the user's device and may contain, among other things, technical information about the browser and operating system, referring websites, time of visit and other information about the use of our website, as well as being linked to such information from other sources.

    4. The following provides an overview of third-party providers and their content, together with links to their privacy policies, which contain further information on the processing of data and so-called opt-out measures, if any:

      1. Analytics and Tracking: Google Analytics by Google LLC and FullStory of FullStory Inc

      2. Patient Relationships Management:Fullscript by Natural Partners, LLC

      3. Customer Relationship Management: Zoho by Zoho Corporation Pvt. Ltd

      4. Content Management System and eCommerce: Squarespace, Inc

      5. Payment Processor: Stripe, Inc.

      6. Audio / Video Media: Vimeo.com, Inc.

      7. System Notifications, Mailings and SMS: Postmark by ActiveCampaign, LLC, Twillio SMS by Twillio inc. and MailChimp by Intuit Inc.

      8. Cloud Storage: Amazon Web Services by Amazon.com, Inc.

      9. Tag Management: Google Tag Manager and Google Site Tag by Google LLC

    5. We will not disclose or otherwise distribute your personal data to third parties unless this:

      1. is necessary for the performance of our services,

      2. you have consented to the disclosure,

      3. or the disclosure of data is permitted by relevant legal provisions.

    6. However, we are entitled to outsource the processing of your personal data in whole or in part to external service providers acting as processors. External service providers support us, for example, in the technical operation and support of the platform, data management, the provision and performance of services, marketing, as well as the implementation and fulfillment of reporting obligations.

    7. The service providers commissioned by us however will process your data exclusively in accordance with our instructions and we remain responsible for the protection of your data. Doing so we always make sure that service providers commissioned by us are carefully selected, follow strict contractual regulations, technical and organizational measures, and additional controls by us.

    8. We may also disclose Personal Data to third parties if we are legally obliged to do so e.g., by court order or if this is necessary to support criminal or legal investigations or other legal investigations or proceedings at home or abroad or to fulfill our legitimate interests such as in the event of a reorganization, merger, sale, joint venture, assignment, transfer, or other disposition of all or any portion of DynaBliss’s corporate entity, assets, or stock (including in connection with any bankruptcy or similar proceedings).

  6. Data retention

    1. We store your Personal Data for as long as you maintain a User Account and in accordance with service agreements with our health service provider customers. We will maintain your Personal Data only for as long as we have a valid business purpose and in accordance with applicable law. We may retain archived information for a period of five years (or longer if required by law) as necessary to comply with legal obligations, resolve disputes and enforce our agreements and other authorized uses under this Privacy Policy. At the end of the applicable retention period, we will remove your Personal Data from our databases and will request that our Business Partners remove your Personal Data from their databases. If there is any data that we are unable, for technical reasons, to delete entirely from our systems, we will put in place appropriate measures to prevent any further processing of such data.
  7. Your Rights (CCPA)

    1. Under the CCPA and the CPRA amendment, you can exercise the following rights:

      1. Right to Know/Access

      2. Right to Delete

      3. Right to Opt-out of Sale

      4. Right to Non-Discrimination

      5. Right to Rectification

      6. Right to Limit Use and Disclosure of Sensitive Personal Information

    2. Further, California’s “Shine the Light” law (Civil Code Section 1798.83) requires us to respond to requests from California asking about the business’s practices related to disclosing Personal Information to third parties for the third parties’ direct marketing purposes. You may make a request about our collection and disclosure of your Personal Information using the contact details provided

  8. Your Rights (GDPR)

    1. These rights are standardized in the GDPR. This includes:

      1. the right to information (Art. 15 GDPR),

      2. the right to rectification (Article 16 GDPR),

      3. the right to erasure (Article 17 GDPR),

      4. the right to restriction of data processing (Article 18 GDPR),

      5. the right to data portability (Article 20 GDPR),

      6. the right to object to data processing (Article 21 GDPR),

      7. the right to revoke any consent you have given (Art. 7 (3) GDPR), and

      8. the right to lodge a complaint with the competent supervisory authority (Art. 77 GDPR).

  9. Your Rights (HIPAA)

    1. When it comes to your health information, you have additional rights. To exercise any of these rights, contact us at the contact information listed above.

    2. In particular:

      1. You can ask to see or get an electronic or paper copy of your medical record and other health information we have about you.

      2. You can ask us to correct health information about you that you think is incorrect or incomplete.

      3. You can ask us to contact you in a specific way (for example, home or office phone) or at a specific location (for example, to send mail to a different address).

      4. You can tell us your choices about what we share.

      5. You can ask us to limit what we use or share

      6. You can get a list of those with whom we have shared information

      7. You can get a copy of this Notice

      8. You can choose someone to act for you

      9. You can file a complaint if you feel your rights are violated

    3. Please contact us at any time with questions and suggestions regarding data protection and to enforce your rights.

    4. To help protect your privacy and maintain security, we take steps to verify your identity before granting you access to your personal information or complying with your request. To the extent permitted by applicable law, we may charge a reasonable fee to comply with your request.

    5. We will not deny, charge different prices for, or provide a different level or quality of goods or services if you choose to exercise these rights.

  10. Controls For Do-Not-Track Features

    1. Most web browsers and some mobile operating systems and mobile applications include a Do-Not-Track ('DNT') feature or setting you can activate to signal your privacy preference not to have data about your online browsing activities monitored and collected. At this stage no uniform technology standard for recognizing and implementing DNT signals has been finalized. As such, we do not currently respond to DNT browser signals or any other mechanism that automatically communicates your choice not to be tracked online. If a standard for online tracking is adopted that we must follow in the future, we will inform you about that practice in a revised version of this privacy notice.
  11. Do Not Sell My Personal data

    1. We do not sell information that directly identifies you, like your name, address, social security number, banking information, or phone records. In fact, we do not even share that type of information except with service providers who can use the information solely to provide a service on our behalf, when a consumer directs us to share the information. If applicable, you can choose whether you want this sharing or not. Remember, we don’t sell data that directly identifies you unless we have your explicit permission, no matter what choice you make.
  12. How do we protect your Personal data?

    1. We protect your data using state of the art technical, and physical safeguards and operate a firm system of policies, confidentiality agreements, digital safeguards, and procedures to ensure the highest level of administrative protection.

    2. The data we collect from you may be stored, with appropriate technical and organizational security measures applied to it, on our servers. In all cases, we follow generally high data protection standards and advanced security measures to protect the personal data submitted to us, both during transmission and once we receive it.

  13. Automated decision-making and profiling

    1. We do not use automation for decision-making and profiling
  14. Personal data and children

    1. The services available on our Platform are aimed at people aged 18 and over. We will not knowingly collect, use or disclose Personal data from minors under the age of 18 without first obtaining consent from a legal guardian through direct offline contact. The parent or guardian will be provided with (i) information about the specific type of Personal data being collected from the minor, (ii) the purpose for which it will be used, and (iii) the opportunity to object to any further collection, use or storage of such information. We comply with youth protection laws.
  15. Accuracy

    1. It is important that the data we hold about you is accurate and current, therefore please keep us informed of any changes to your Personal data.
  16. Updating your information

    1. If you believe that the information, we hold about you is inaccurate or that we are no longer entitled to use it and want to request its rectification, deletion, or object to its processing, please do so within your user account or by contact us. For your protection and the protection of all of our users, we may ask you to provide proof of identity before we can answer the above requests.

    2. Keep in mind, we may reject requests for certain reasons, including if the request is unlawful or if it may infringe on trade secrets or intellectual property or the privacy of another user. Also, we may not be able to accommodate certain requests to object to the processing of Personal data, notably where such requests would not allow us to provide our service to you anymore.

  17. Data Breaches/Notification

    1. Databases or data sets that include Personal data may be breached inadvertently or through wrongful intrusion. Upon becoming aware of a data breach, we will notify all affected individuals whose Personal data may have been compromised, and the notice will be accompanied by a description of action being taken to reconcile any damage as a result of the data breach. Notices will be provided as expeditiously as possible after which the breach was discovered.
  18. Changes

    1. This Privacy Policy and our commitment to protecting the privacy of your Personal data can result in changes to this Privacy Policy. Please regularly review this policy to keep up to date with any changes.
  19. Who should I contact for more information?

    1. If you have any questions or comments about our Privacy Policy or wish to exercise your rights under applicable laws, please contact us using the following contact details:

DynaBliss, Inc.
2226 MacArthur Blvd, #27505,
Oakland, California 94602, USA

Web: www.acubliss.app
E-Mail: privacy@dynabliss.com

This Privacy Policy was last updated on Friday, March 03, 2023


Return to policies overview