Privacy Policy
LAST UPDATED: July 11, 2023
Soho Managing Company and its affiliated clinical entities (collectively, “SohoMD”) respect the privacy of others and the importance of the information you entrust to us. This Privacy Policy (“Privacy Policy”) is intended to explain SohoMD’s privacy practices with respect to its Services and the Site. This Privacy Policy is also intended to provide you (together with any person helping you visit, access, register with or use any of those online or digital properties, products or services, “you” or “your”) with an overview of the following:
● the type of information about you SohoMD collects through the Site;
● how SohoMD collects such information;
● how SohoMD uses such information;
● who will have access to such information; and
● SohoMD’s security measures for protecting such information.
This Privacy Policy applies to information collected through the Site. Carefully read this Privacy Policy in its entirety. Any capitalized terms not defined herein shall have the meaning as set forth in the Terms of Service.
You are automatically accepting and agreeing to the most-recent version of this Privacy Policy, as well as SohoMD’s Terms of Service, whenever you visit, access, register with, create or log into an Account, subscribe to or use the Site or any Services provided by SohoMD; and your continuing visits, access, registration with, subscription to or use of any of the forgoing reaffirms your acceptance and agreement in each instance.
INFORMATION WE MAY COLLECT
- Information You Provide to Us
We collect information you provide directly to us when using the Services. For example, we collect information when you register for our Services, complete a form, participate in any interactive features of the Services, request customer support, or otherwise communicate with us. The types of information we may collect include your name, email address, phone number mailing and billing address and payment information (“Personal Information”) and any other information you choose to provide. To the extent that you disclose to us any Personal Information of another individual, you represent that you have obtained such individual’s consent for the disclosure of such Personal Information, as well as the processing of the same in accordance with the terms of this Policy. We will never sell, rent, or trade your Personal Information or use Personal Information other than as needed to provide the Services requested by you. Soho MD discloses Personal Information only to those of its employees, contractors and affiliated organizations that (i) need to know the information in order to process it on yours and our behalf, and (ii) that have agreed in writing to non-disclosure restrictions at least as strong as those herein. We also may collect device-specific information (such as your hardware model, operating system version, unique device identifiers, and mobile network information including phone number). We may associate your device identifiers or phone number with your account. Depending on the nature of your inquiry or activities on the Site, we may also ask for other information relevant to your use of the Services.
You acknowledge and agree that communications, including phone calls or “chat” services, with SohoMD or our third-party agents may be monitored, recorded and retained by SohoMD. You consent to the monitoring and recording of all conversations between you and SohoMD and you release us from and against any and all claims, liabilities and losses that may result from any such monitored and/or recorded conversations.
SohoMD may collect personal and non-personal information (any information that is not personal information, such as anonymized data”) about you through the Site. Depending upon your use of the Site, the categories of such information might include:
- Basic contact details including your name, address, phone number, email.
- Order information including your name, billing address, shipping address, payment confirmation, email address, phone number.
- Account information including your username, password, security questions.
- Shopping information including the items you view, put in your cart or add to your wishlist.
- Customer support information including the information you choose to include in communications with us, for example, when sending a message through the Services.
- Some features of the Services may require you to directly provide us with certain information about yourself. You may elect not to provide this information, but doing so may prevent you from using or accessing these features.
- Information We Collect Automatically When You Use the Services
When you access or use the Services, we automatically collect information about you, including the following:
We collect information from or about the computers, phones, or other devices you use to access the Services, depending on the permissions you’ve granted. Here are some examples of the device information we may collect: attributes such as the operating system, hardware version, device settings, file and software names and types, battery and signal strength, and device identifiers; device locations, including specific geographic locations, such as through GPS, Bluetooth, or WiFi signals; and connection information such as the name of your mobile operator or ISP, browser type, language and time zone, mobile phone number and IP address. By using our Services, you agree to the publication of your IP address on this Services. Our Services is a location-aware website. When using our Services, we may ask you to share information about your location. If you voluntarily agree to share that information with us, we will collect that information from nearby wireless access points and your computer’s IP address
We may use technologies like cookies and pixel tags in our Services and third-party services. For example, cookies help us with things like understanding how you are interacting with our Services and improving them based on that information. You can set your browser to not accept cookies, but this may limit your ability to use the Services. Your web browser places cookies on your hard drive for record-keeping purposes and sometimes to track information about them. Any use of cookies by the Services or the owners of third-party services used Services, unless stated otherwise, serves to identify you and remember your preferences for the sole purpose of providing the service required by you. For specific information about the cookies that we use related to powering our store with Shopify, please check the following link.
- Information We Obtained from Third Parties
Finally, we may obtain information about you from third parties, including from vendors and service providers who may collect information on our behalf, such as:
- Companies who support our Site and Services, such as Shopify.
- Our payment processors, who collect payment information (e.g., bank account, credit or debit card information, billing address) to process your payment in order to fulfill your orders and provide you with products or services you have requested, in order to perform our contract with you.
- When you visit our Site, open or click on emails we send you, or interact with our Services or advertisements, we, or third parties we work with, may automatically collect certain information using online tracking technologies such as pixels, web beacons, software developer kits, third-party libraries, and cookies.
Any information we obtain from third parties will be treated in accordance with this Privacy Policy. We are not responsible or liable for the accuracy of the information provided to us by third parties and are not responsible for any third party's policies or practices. For more information, see the section below, Third Party Websites and Links.
USE OF INFORMATION
SohoMD may use the personal and/or non-personal information it collects from you through the Site in a variety of ways, such as, for example, to:
1. Fulfill your requests;
2. Process your payments;
3. Place, fulfill, process, ship and/or track your orders and purchases;
4. Facilitate your movement through the Site;
5. Facilitate your use of the Site and/or its respective products and/or Services;
6. Provide customer service;
7. Send you communications like, for example, administrative emails, answers to your questions and updates about the Site;
8. Allow you to communicate with others through the Site like, for example, through online forums, chat rooms, and bulletin boards;
9. Provide you with information about SohoMD, its parent, subsidiary or affiliated companies and/or their respective businesses, products and services by letter, email, text, telephone or other forms of communication;
10. Provide you with customized content and services, including advertising and promotional information (e.g., targeted ads, retargeted ads), recommendations for content you might like, and cross-app or cross-site functionality across multiple third-party websites and mobile apps;
11. Provide you with information about third-party businesses, products and/or services by letter, email, text, telephone or other forms of communication;
12. Improve the Site and/or its respective content, features and services;
13. Improve the products, services, marketing and/or promotional efforts of SohoMD and/or its parent, subsidiary or affiliated companies;
14. Create new products, services, marketing and/or promotions for SohoMD and/or its parent, subsidiary or affiliated companies;
15. Market the businesses, products and/or services of SohoMD and/or its parent, subsidiary or affiliated companies;
16. Help personalize user experiences with the Site and/or its respective products and services;
17. Analyze traffic to and through the Site;
18. Analyze user behavior and activity on or through the Site;
19. Conduct research and measurement activities for purposes of product and service research and development, advertising claim substantiation, market research, and other activities related to SohoMD, its parent, subsidiary or affiliated companies, the Site, and/or their respective products and/or services;
20. Monitor the activities of you and others on or through the Site;
21. Create device fingerprints and profiles about the possible relationships among different browsers and devices;
22. Create consumer profiles, which may combine your personal or non-personal information from the Site with your personal or non-personal information from another source or service;
23. Protect or enforce SohoMD’s and/or its parent, subsidiary or affiliated companies’ respective rights and properties;
24. Protect or enforce the rights and properties of others (which may include you)
25. Abide by applicable law, court order or other governmental authority (including, without limitation and by way of example only, in response to a subpoena or other legal process); and/or
26. Investigate, prevent, or take legal action against someone who may be causing injury to, interfering with, or threatening the rights, obligations or properties of SohoMD, a user of the Site which may include you or anyone else who may be harmed by such activities.
This policy is not intended to place any limits on what we do with data that is aggregated and/or de-identified so it is no longer associated with an identifiable user of the Services. In other words, information about how you use the Services may be collected and combined with information about how others use the same Services, but no personally identifiable information will be included in the resulting data.
SHARING OF INFORMATION
We may share or transfer information about you as follows or as otherwise described in this Privacy Policy:
- With SohoMD’s employees, agents and administrators in connection with providing the Site and Services;
- With SohoMD’s parents, subsidiaries and affiliates who need access to such information to carry out work on our behalf;
- With service providers and other third parties who help SohoMD provide, manage, administer, maintain, monitor, distribute, operate or facilitate the Site, who help SohoMD develop, market or provide its products and services, or who help further SohoMD’s business efforts (e.g., web hosting companies, website administrators, mobile app distribution platforms, support services companies, data analysis companies, credit card or other payment processing companies, online shopping cart providers, advertising partners), as needed in order for them to perform such services;
- With third-party marketing partners for commercial purposes;
- With law enforcement or other governmental entities in response to what SohoMD believes to be an allegation or suspicion of illegal activity, a request relating to a civil or criminal investigation, an allegation or suspicion of illegal activity, a subpoena, a court order, or any other activity that may expose SohoMD to liability if it does not act or comply;
- With any third parties who SohoMD believes are necessary to help or allow SohoMD to protect and enforce its rights and properties (or the rights and properties of others), including, without limitation, to enforce its rights under SohoMD’s Terms of Service or any other agreements SohoMD has with you, and to protect and enforce its intellectual property rights;
- With any third parties in connection with or as a result of any potential or actual merger, acquisition or other event involving a change in ownership or control of SohoMD or SohoMD’ business (whether by sale of assets, merger, stock purchase or otherwise); and/or
- With your consent or at your direction, including if we notify you through the Services that certain information you provide will be shared in a particular manner and you provide this information.
We may also share aggregated or de-identified information, which cannot reasonably be used to identify you. This includes but is not limited to sharing information related to the research we conduct with various research and security organizations, including academic institutions or publications, as well as publishing our research online on our Services or through third party social media sites.
USER GENERATED CONTENT
The Services may enable you to post product reviews and other user-generated content. If you choose to submit user generated content to any public area of the Site or Services, this content will be public and accessible by anyone.
We do not control who will have access to the information that you choose to make available to others, and cannot ensure that parties who have access to such information will respect your privacy or keep it secure. We are not responsible for the privacy or security of any information that you make publicly available, or for the accuracy, use or misuse of any information that you disclose or receive from third parties.
THIRD PARTY PAYMENT SERVICES
We do not directly process any payments and do not store Your debit/credit card information. We use a third-party Payment Processor to bill You for our services. Secured socket layer technology is used for processing payment transactions with the Payment Processor. Payment processing shall be subject to the terms and conditions and privacy policy of the Payment Processor. For these third party service providers, we recommend that You read their privacy policies in order to understand the manner in which Your Personal Information and Your credit/debit card details will be handled by these providers.
THIRD PARTY WEBSITES AND LINKS
Our Site may provide links to websites or other online platforms operated by third parties. If you follow links to sites not affiliated or controlled by us, you should review their privacy and security policies and other terms and conditions. We do not guarantee and are not responsible for the privacy or security of such sites, including the accuracy, completeness, or reliability of information found on these sites. Information you provide on public or semi-public venues, including information you share on third-party social networking platforms may also be viewable by other users of the Services and/or users of those third-party platforms without limitation as to its use by us or by a third party. Our inclusion of such links does not, by itself, imply any endorsement of the content on such platforms or of their owners or operators, except as disclosed on the Services.
ANALYTICS SERVICES
We may allow others to provide analytics service in connection with the Services, such as Google Analytics. These entities may use cookies, web beacons, and other technologies to collect information about your use of the Services, including your IP address, web browser, pages viewed, time spent on pages, links clicked, and conversion information. We and others may use this information to, among other things, analyze and track data, determine the popularity of certain content, personalize the user experience, and better understand your activity.
- To learn more about Google Analytics, please visit https://policies.google.com/privacy.
SECURITY
We adopt appropriate data collection, storage and processing practices and security measures to protect against unauthorized access, alteration, disclosure or destruction of your Personal Information. Please be aware that no security measures are perfect or impenetrable, and we cannot guarantee “perfect security.” In addition, any information you send to us may not be secure while in transit. We recommend that you do not use unsecure channels to communicate sensitive or confidential information to us.
PRIVACY POLICY CHANGES
SohoMD reserves the right to change, modify, add, or remove portions of this Policy at any time and without prior notice, and any changes will become effective immediately upon being posted unless we advise you otherwise. However, we will not use your Personal Information in a way that is materially different than the uses described in this Policy without giving you an opportunity to opt out of such differing uses. Your continued use of the Services after this Policy has been amended shall be deemed to be your continued acceptance of the terms and conditions of the Policy, as amended. We encourage you to review this Policy regularly.
A SPECIAL NOTE ABOUT MINORS
The Site is a general audience website intended for use by adults. The Site is not designed or intended to attract, and is not directed to or intended for, individuals under eighteen (18) years of age. SohoMD does not collect personal information through the Site from any person it actually knows to be under eighteen (18) years of age. If SohoMD obtains actual knowledge that it has collected personal information through the Site from a person under thirteen (18) years of age, then it will use reasonable efforts to refrain from further using such personal information or maintaining it in retrievable form.
Furthermore, if you are under eighteen (18) years of age, then you (or your parent or legal guardian) may at any time request that SohoMD remove content or information about you that is posted on the Site. Please submit any such request (“Request for Removal of Minor Information”) to Privacy@SohoMD.com, with a subject line of “Removal of Minor Information.”
For each Request for Removal of Minor Information, please state “Removal of Minor Information” in the email or letter subject line, and clearly state the following in the body:
- the nature of your request;
- the identity of the content or information to be removed;
- whether such content or information is found on the Site;
- the location on content or information on the Site (e.g., providing the URL for the specific web page the content or information is found on);
- that the request is related to the “Removal of Minor Information;”
- your name, street address, city, state, zip code and email address; and
- whether you prefer to receive a response to your request by mail or email.
SohoMD is not responsible for failing to comply with any Request for Removal of Minor Information that is incomplete, incorrectly labeled or incorrectly sent. Please note that the aforementioned removal does not ensure complete or comprehensive removal of such content or information posted on the Site. Also, please note that SohoMD is not required to erase or otherwise eliminate, or to enable erasure or elimination of, such content or information in certain circumstances, such as, for example, when an international, federal, state, or local law, rule or regulation requires SohoMD to maintain the content or information; when the content or information is stored on or posted to the Site by a third party other than you (including any content or information posted by you that was stored, republished or reposted by the third party); when SohoMD anonymizes the content or information, so that you cannot be individually identified; when you do not follow the aforementioned instructions for requesting the removal of the content or information; and when you have received compensation or other consideration for providing the content or information. The foregoing is a description of SohoMD’s voluntary practices concerning the collection of personal information through the Site from certain minors, and is not intended to be an admission that SohoMD is subject to the Children’s Online Privacy Protection Act, the Federal Trade Commission’s Children’s Online Privacy Protection Rule(s), or any similar international, federal, state, or local laws, rules, or regulations.
RETENTION
We will retain your Personal Information for the period of time that is necessary to fulfil the original purposes for which it has been collected. Please keep in mind that, in certain cases, a longer retention period may be required or permitted by law or to allow us to pursue our business interests, conduct audits, comply with our legal obligations, enforce our agreements or resolve any dispute.
The criteria used to determine our retention periods include:
- Time needed to provide you with our Services.
- Whether your account with us is active. You may contact us to make your account inactive at any time.
- Legal, contractual, or similar obligations to retain your data, such as mandatory data retention laws in the applicable jurisdiction, government orders to preserve data relevant to an investigation, or data that must be retained for the purposes of contract or litigation.
Please note that we are not responsible for storing any information that you provide to us or for any content or information that we provide to you. You are solely responsible for retaining backup files of any information and content that you provide or receive in connection with the Services.
TRANSFER OF PERSONAL INFORMATION; INTERNATIONAL VISITORS
The Services are provided from the United States. If you are located outside of the United States, any information you provide to us may be transferred out of your country and into the United States. You understand that data stored in the United States may be subject to lawful requests by the courts or law enforcement authorities in the United States. Personally identifiable information collected through the Services may be stored and processed in the United States or, if and as applicable for international users, any other country in which SohoMD or its affiliates, subsidiaries or service providers maintain facilities. If your Personal Information is transferred to a country other than your home country, we will take measures to protect it with appropriate contract clauses or other applicable safeguards.
If you are an international visitor, you acknowledge that by providing your Personal Information, you are: (a) permitting the transfer of your Personal Information to the United States which may not have the same data protection laws as the country in which you reside; and (b) permitting the use of your Personal Information in accordance with this Privacy Policy.
Subject to local law, you may also have certain rights regarding information that we have collected and that is related to you. For example, if you are located in the European Union with rights under the General Data Protection Regulation (“GDPR”), you have the right to withdraw previously provided consent for our processing of your “personal data” as such term is defined under the GDPR, by contacting us at privacy@sohomd.com. Such individuals also have the following rights:
- Right to access – In accordance with Article 15 of the GDPR, this right allows individuals to obtain confirmation as to whether or not personal data concerning him or her is being processed and provides access to such personal data. It also allows individuals to request details of the processing of his or her personal data, including, without limitation, categories of recipients to whom the personal data has been or will be disclosed and the purposes of the processing.
- Right to rectify – In accordance with Article 16 of the GDPR, this right allows individuals to rectify any inaccurate personal data about him or her.
- Right to restrict processing – This right allows individuals to block or suppress processing of personal data under certain circumstances in accordance with Article 18 of the GDPR.
- Right to be forgotten – This right is also known as the “right to erasure.” In accordance with Article 17 of the GDPR, it is an individual’s right to have personal data erased or to prevent processing in specific circumstances.
- Right of data portability – In accordance with Article 20 of the GDPR, this right allows individuals to move, copy or transfer personal data from one place to another in a secure manner without interrupting the integrity and usability of the information.
- Right to object to processing – In accordance with Article 21 of the GDPR, this right allows individuals to object to certain types of processing, including direct marketing, profiling and providing for purposes of scientific or historical research and statistics.
- Right to withdraw your consent - You shall have the right to withdraw your consent at any time with regard to the processing of the User Information in accordance with Article 7 para. 3 GDPR.
- Right to lodge a complaint - You may lodge a complaint with the supervisory authority in accordance with Article 77 para. 1 of the GDPR, if you feel that the processing of the data relating to you infringes the GDPR.
- Right to effective judicial remedy - You shall have the right to an effective judicial remedy where You consider that Your rights under the GDPR have been infringed as a result of the processing of Your personal data and the same is in non-compliance with the GDPR.
Legal Bases for Processing: We rely on the following legal basis to process your personal data: (i) it may be necessary for us to use and disclose your personal data for the performance and fulfillment of the contract between us and to provide you with our Services; (ii) if you specifically consent to certain uses of your personal data, we may use your personal data in a manner consistent with that consent; and (iii) we will also process, transfer, disclose and preserve personal data when we have a good faith belief that doing so is necessary.
To exercise any of the above rights, or if you have any questions or comments about the Policy or our privacy practices, please contact us at privacy@SohoMD.com.
To read State Addendum to the SohoMD Privacy Policy click here.