GET A FREE TRIAL

NOTIFYMD®

PRIVACY POLICY

Last Updated: May 2023

Live, LLC doing business as notifyMD® (“Company” “we” and “ours”) takes the privacy of our customers, our customers’ end users, and our website visitors (“User”, “you” and “yours”) very seriously. This Privacy Policy outlines our policies on the privacy of Personal Information (as defined herein) that we collect via the Internet and/or delivery of our Services (as defined in our Service Terms and Conditions located at https://notifymd.com/terms/. (“Terms”). Capitalized terms used herein but not defined will have the meaning given them in our Terms. If you have any questions on the use of information collected on our Site or used for the delivery of our Services, please feel free to contact us at customerservice1@notifymd.net.

As used in this Privacy Policy, “Personal Information” means information that identifies, relates to, describes, references, is capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer or household, such as:

Personal Information does not include (i) publicly available information; (ii) aggregate information, meaning data about a group or category of Services or Users from which individual identities and other Personal Information has been removed; or (iii) deidentified information that cannot be easily linked back to the individual. We collect your Personal Information (a) with your consent; (b) if we have a legitimate interest in doing so; or (c) as authorized or required by law. Personal Information as used herein includes Personal Data as defined by applicable law. We collect Personal Information from these sources:

Consumers. We interact with consumers (“Consumers”) who call, text, message, or communicate with us as a service provider to you and our other customers (“Customers”):

Customers. We collect and use Personal Information from our Customers with your consent and according to your instructions, as follows:

Note that you are solely responsible for ensuring you are authorized to share Personal Information with us for any purpose. We reserve the right to refuse your instructions to collect or process Personal Information about another individual without their consent or in a manner or for a purpose that we determine violates others’ privacy or publicity rights or otherwise violates our Terms, and such instructions may result in termination of Services at our option. We are not responsible for the privacy practices of any of our Customers or any third party.

Your Inquiries. If you contact us as a potential new Customer, Site visitor, or for any other reason, we will collect Personal Information from you to respond to your inquiry:

SECURITY
Our Site takes every precaution to protect our Users’ information. When you submit sensitive information via our Site, your information is protected both online and off-line. If we ask you to enter information, such as a credit card number and/or a social security number, that information is encrypted using SSL. While on a secure page, the lock icon on the bottom of Web browsers such as Microsoft Internet Explorer becomes locked, as opposed to un-locked, or open, when you are just “surfing.”

While we use SSL encryption to protect sensitive information online, we also do everything in our power to protect your information off-line. All of your information, not just the sensitive information mentioned above, is restricted in our offices. Only employees who need the information to perform a specific job (for example, our billing staff or a customer service representative) are granted access to Personal Information. Our employees are kept up-to-date on our security and privacy practices.

COOKIES
A cookie is a piece of data stored on your hard drive containing information about you. The usage of a cookie is not linked to any Personal Information while on our Site. Once you close your browser, the cookie simply terminates. For instance, by setting a cookie on our Site, you would not have to log in with a password more than once, thereby saving time while on our Site. If you reject the cookie, you may still use our Site. Cookies can also enable us to track and target your interests to enhance the experience on our Site.

WEB SERVER LOG FILES
We use IP addresses to analyze trends, administer our Site, track Users’ movements, and gather broad demographic information for aggregate use. IP addresses are not linked to Personal Information.

SHARING
We may disclose Personal Information for a business purpose to:

LINKS
Areas of this Site may contain links to other websites. Please be aware that we are not responsible for the privacy practices of other such websites. We encourage our Users to be aware when they leave our Site to read the privacy statements of each and every website that collects Personal Information.

NOTIFICATION OF CHANGES
If we decide to change our Privacy Policy, we will post those changes on our Site so Users are always aware of what information we collect, how we use it, and under what circumstances we disclose it.

QUESTIONS
If you have any questions or concerns or would like more information on this Privacy Policy please email customerservice1@notifymd.net.

STATE SPECIFIC PRIVACY LAWS

State laws, including the California Consumer Privacy Act (“CCPA”), the Virginia Consumer Data Protection Act (“VCDPA”), the Colorado Privacy Act (“CPA”), the Connecticut Act Concerning Personal Data Privacy and Online Monitoring (“CTDPA”), and the Utah Consumer Privacy Act (“UCPA”) provide specific rights to Consumers within those states with respect to the Personal Information a covered business or controller collects from a User. This includes rights to (1) request access to the Personal Information we collect about the User and (2) request deletion or correction of such Personal Information. As we obtain Personal Information from Consumers on behalf of our Customers, we may be asked to assist our Customers with responding to access and deletion requests under these state laws.

CCPA Application to us (California)

Under the CCPA, a “service provider” is defined as an entity that:

(i) processes information on behalf of a business and

(ii) to which the business discloses a Consumer’s Personal Information for a business purpose pursuant to a written contract that prohibits the entity receiving the information from retaining, using, or disclosing the Personal Information for any purpose other than for the specific purpose of performing the services specified in the written or as otherwise permitted under the CCPA.

Pursuant to our agreements with our Customers, we act as a service provider for all Customers who retain our Services. We do not use any Personal Information we collect through our Services for any purposes not included in our agreements.

For Deletion Requests:

With respect to data collected by service providers, the CCPA provides a specific exception to deletion requests where data is maintained by a “business or a service provider” in order “to enable solely internal uses that are reasonably aligned with the expectations of the consumer based on the consumer’s relationship with the business and compatible with the context in which the consumer provided the information.” Cal. Civ. Code sect. 1798.105.

Because we collect Personal Information from Consumers on behalf of and at the direction of our Customers for the sole purpose of serving our Customers, and do NOT use the data for any purposes outside of our agreed-upon Services, our maintenance of Personal Information on behalf of our Customers we are exempt from deletion requests under the CCPA. Additionally, a Consumer who provides information to us is intending to provide that information for use by us in providing our Services to our Customer with whom the Consumer has a relationship. We are therefore using the Consumer’ Personal Information ‘to enable solely internal uses that are reasonably aligned with the expectations of the consumer based on the consumers’ relationship with the business and compatible with the context in which the consumer provided the information.’ Accordingly, we are not obligated to delete Personal Information in response to a Consumer request and, given the necessity of data retention in order to continue to provide Services to our Customers and the technical concerns with ad hoc deletion, we will not delete Personal Information in response to such requests.

For Data Access Requests:

If our Customer receives a data access request from a California Consumer and determines that we may have relevant data, our Customer can use our self-service portal to access the relevant information for production to the Consumer. Should a Customer be unable to access a specific Consumer’s Personal Information through the portal, our Customer may make a direct request to us to assist with the request. We will endeavor to provide our Customers with a response to any such request within 30 days of our receipt of the request.

For Correction Requests:

If our Customer receives a correction request from a California Consumer and determines that, we may have relevant data, our Customer can use our self-service portal to access the relevant information for production to the Consumer. Our Customer may then submit any correction to the data necessary and we will create a separate record noting the correction. Note: our records are read-only and may not be modified, so the corrected data will exist in a new record, but will not remove the old record.

VCDPA Application to us (Virginia):

Under the VCDPA, a processor is defined as “a natural or legal entity that processes personal data on behalf of a controller.” Pursuant to our agreements with our Customers, we act as a processor for all Customers who retain our Services. We do not use any Personal Information we collect through our Services for any purposes not included in our agreements with our Customers.

For Deletion and Correction Requests:

The VCDPA does not limit a processor’s ability to collect, use or retain data to: “Perform internal operations that are reasonably aligned with the expectations of the consumer or reasonably anticipated based on the consumer’s existing relationship with the controller or are otherwise compatible with processing data in furtherance of the provision of a product or service specifically requested by a consumer or the performance of a contract to which the consumer is a party.” Va. Code Ann. § 59.1-582

Because we collect Personal Information from Consumers on behalf of and at the direction of our Customers for the sole purpose of providing Services to our Customers, and do NOT use the data for any purposes outside of our agreed-upon Services, our maintenance of Personal Information on behalf of our Customers we are exempt from deletion requests under the VCDPA. Additionally, a Consumer who provides information to us is intending to provide that information for use by us in providing Services to our Customer with whom the Consumer has a relationship. We are therefore using the Personal Information in a way ‘reasonably aligned with the expectations of the Consumer or reasonably anticipated based on the Consumer’s existing relationship with the controller or are otherwise compatible with processing data in furtherance of the provision of a product or service specifically requested by a Consumer.’ Accordingly, we are not deleting or modifying Personal Information in response to a Consumer request and, given the necessity of data retention in order to continue to provide Services to our Customers and the technical concerns with ad hoc deletion, we will not delete or modify Personal Information in response to such requests.

For Data Access Requests:

If a Customer receives a data access request from a Virginia Consumer and determines that we may have relevant data, our Customer can use our self-service portal to access the relevant information for production to the Consumer. Should a Customer be unable to access specific Personal Information through the portal, our Customer may make a direct request to us to assist with the request. We will endeavor to provide our Customers with a response to any such request within 30 days of our receipt of the request.

CPA Application to us (Colorado)

Under the CPA, a processor is defined as “a person that processes personal data on behalf of a controller.” Pursuant to our agreements with our Customers, we act as a processor for all Customers who retain our Services. We do not use any Personal Information we collect through our Services for any purposes not included in agreements with our Customers.

For Deletion and Correction Requests:

The CPA does not restrict a processor’s ability to: “perform internal operations that are reasonably aligned with the expectations of the Consumer based on the Consumer’s existing relationship with the controller.” § 6-1-1304et seq, C.R.S.

Because we collect Personal Information from Consumers on behalf of and at the direction of our Customers for the sole purpose of providing Services to our Customers, and do NOT use the data for any purposes outside of our agreed-upon Services, our maintenance of Personal Information on behalf of our Customers we are exempt from deletion requests under the CPA. Additionally, a Consumer who provides information to us is intending to provide that information for use by us in providing a service to our Customer with whom the Consumer has a relationship. We are therefore using the Personal Information in a way ‘that [is] reasonably aligned with the expectations of the Consumer based on the Consumer’s existing relationship with the controller.’ Accordingly, we are not deleting or modifying Personal Information in response to a Consumer request and, given the necessity of data retention in order to continue to provide Services to our Customers and the technical concerns with ad hoc deletion, we will not delete or modify Personal Information in response to such requests.

For Data Access Requests:

If a Customer receives a data access request from a Colorado Consumer and determines that we may have relevant data, our Customer can use our self-service portal to access the relevant information for production to the Consumer. Should a Customer be unable to access specific Personal Information through the portal, our Customer may make a direct request to us to assist with the request. We will endeavor to provide our Customers with a response to any such request within 30 days of our receipt of the request.

CTDPA Application to us (Connecticut):

Under the CTDPA, a processor is defined as “an individual who, or legal entity that, processes personal data on behalf of a controller.” Pursuant to our agreements with our Customers, we act as a processor for all Customers who retain our Services. We do not use any Personal Information we collect through our Services for any purposes not included in agreements with our Customers.

For Deletion and Correction Requests:

The CTDPA does not limit a processor’s ability to collect, use or retain data to: “Perform internal operations that are reasonably aligned with the expectations of the Consumer or reasonably anticipated based on the Consumer’s existing relationship with the controller or are otherwise compatible with processing data in furtherance of the provision of a product or service specifically requested by a Consumer or the performance of a contract to which the Consumer is a party.” CTDPA § 10 (b)(4).

Because we collect Personal Information from Consumers on behalf of and at the direction of our Customers for the sole purpose of providing Services to our Customers, and do NOT use the data for any purposes outside of our agreed-upon Services, our maintenance of Personal Information on behalf of our Customers we are exempt from deletion requests under the CTDPA. Additionally, a Consumer who provides information to us is intending to provide that information for use by us in providing a service to our Customer with whom the Consumer has a relationship we are therefore using the Personal Information in a way ‘reasonably aligned with the expectations of the Consumer or reasonably anticipated based on the Consumer’s existing relationship with the controller.’ Accordingly, we are not deleting or modifying Personal Information in response to a Consumer request and, given the necessity of data retention in order to continue to provide Services to our Customers and the technical concerns with ad hoc deletion, we will not delete Personal Information in response to such requests.

For Data Access Requests:

If a Customer receives a data access request from a Connecticut Consumer and determines that, we may have relevant data, our Customer can use our self-service portal to access the relevant information for production to the Consumer. Should a Customer be unable to access specific Personal Information through the portal, our Customer may make a direct request to us to assist with the request. We will endeavor to provide our Customers with a response to any such request within 30 days of our receipt of the request.

UCPA Application to us (Utah):

Under the UCPA, a processor is defined as “a person who processes personal data on behalf of a controller.” Pursuant to our agreements with our Customers, we act as a processor for all Customers who retain our Services. We do not use any Personal Information we collect through our Services for any purposes not included in agreements with our Customers.

For Deletion and Correction Requests:

The UCPA does not limit a processor’s ability to process Personal Information to perform an internal operation that is: “(i) reasonably aligned with the Consumer’s expectations based on the Consumer’s existing relationships with the controller; or (ii) otherwise compatible with processing to aid the controller or processor in providing a product or service specifically requested by a Consumer or a parent or legal guardian of a child or the performance of a contract to which the Consumer or a parent or legal guardian of a child is a party.” UCPA § 13-61-304(1)(m).

Because we collect Personal Information from Consumers on behalf of and at the direction of our Customers for the sole purpose of providing Services to our Customers, and do NOT use the data for any purposes outside of our agreed-upon Services, our maintenance of Personal Information on behalf of our Customers we are exempt from deletion requests under the UCPA. Additionally, a Consumer who provides information to us is intending to provide that information for use by us in providing Services to our Customer with whom the Consumer has a relationship. We are therefore using the Personal Information in a way ‘reasonably aligned with the Consumer’s expectations based on the Consumer’s existing relationships with the controller; or otherwise compatible with processing to aid the controller or processor in providing a product or service specifically requested by a Consumer.’ Accordingly, we are not deleting or modifying Personal Information in response to a Consumer request and, given the necessity of data retention in order to continue to provide Services to our Customers and the technical concerns with ad hoc deletion, we will not delete Personal Information in response to such requests.

For Data Access Requests:

If a Customer receives a data access request from a Utah Consumer and determines that we may have relevant data, our Customer can use our self-service portal to access the relevant information for production to the Consumer. Should a Customer be unable to access specific Personal Information through the portal, our Customer may make a direct request to us to assist with the request. We will endeavor to provide our Customers with a response to any such request within 30 days of our receipt of the request.

CALIFORNIA PRIVACY POLICY

Your privacy is important to us at notifyMD®, and its affiliates and subsidiaries (“we,” “us,” or “our”), and we are committed to safeguarding, preserving, and respecting your privacy rights. If you are a California resident, you have certain rights with respect to the collection, use, transfer, and processing of your personal information, as defined by the California Consumer Privacy Act (“CCPA”), Cal. Civ. Code § 1798.100 et seq., as amended by the California Privacy Rights Act (“CRPA”) and implementing regulations.

This California Privacy Policy (“Policy”) describes how we collect, use, share, disclose, retain, and secure the personal information we gather about you through our website, https://notifymd.com/ (the “Site”), and when you interact with us as a customer or otherwise (collectively, the “Services”) when you use our Site. This Policy does not apply to information collected from employees, job applicants, directors, contractors, or others within the employment context. Those individuals should review our Employee Privacy Policy for more information on their data collection and use.

We reserve the right to limit these rights where permitted under applicable law, including where your identity cannot be reasonably verified or to the extent your rights adversely affect the rights and freedoms of others.

What Information Do We Collect?

The below examples are illustrative examples from the CCPA and do not reflect the specific pieces of information we collect.

In the previous 12 months, we have collected the following categories of personal information:

1 Categories of personal information are as defined in Cal. Civ. Code. § 1798.140(v).

Category1 Examples Collected Retention Period
A. Identifiers A real name, alias, postal address, unique personal identifier, online identifier, Internet Protocol address, email address, account name, Social Security number, driver’s license number, passport number, or other similar identifiers. Yes Duration of the relationship or as required by law
B. Personal Information

A name, signature, Social Security number, physical characteristics or description, address, telephone number, passport number, driver’s license or state identification card number, insurance policy number, education, employment, employment history, bank account number, credit card number, debit card number, or any other financial information, medical information, or health insurance information.

Some personal information included in this category may overlap with other categories.

Yes Duration of the relationship or as required by law
C. Protected Classification Characteristics Under California or Federal Law Age (40 years or older), race, color, ancestry, national origin, citizenship, religion or creed, marital status, medical condition, physical or mental disability, sex (including gender, gender identity, gender expression, pregnancy or childbirth and related medical conditions), sexual orientation, veteran or military status, genetic information (including familial genetic information). No N/A
D. Commercial Information Records of personal property, products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies. Yes Duration of the relationship or as required by law
E. Biometric Information Genetic, physiological, behavioral, and biological characteristics, or activity patterns used to extract a template or other identifier or identifying information, such as, fingerprints, faceprints, and voiceprints, iris or retina scans, keystroke, gait, or other physical patterns, and sleep, health, or exercise data. No N/A
F. Internet or Other Similar Network Activity Browsing history, search history, information on a consumer’s interaction with a website, application, or advertisement. Yes 45 months
G. Geolocation Data Physical location or movements. Yes 26 months
H. Sensory Data Audio, electronic, visual, thermal, olfactory, or similar information. Yes Duration of the relationship or as required by law
I. Professional or Employment-Related Information Current or past job history or performance evaluations. No N/A
J. Non-Public Education Information Education records directly related to a student maintained by an educational institution or party acting on its behalf, such as grades, transcripts, class lists, student schedules, student identification codes, student financial information, or student disciplinary records. No N/A
K. Inferences Drawn of the Consumer Inferences drawn from personal information identified above to create a profile about a consumer reflecting a consumer’s preferences, characteristics, psychological trends, predispositions, behavior, attitudes, intelligence, abilities, and aptitudes. Yes 26 months
L. Sensitive Personal Information

Personal information that reveals (a) Social Security, driver’s license, state identification card, or passport number; (b) account log-in, financial account, debit card, or credit card number in combination with any required security or access code, password, or credential allowing access to an account; (c) precise geolocation; (d) racial or ethnic origin, religious or philosophical beliefs, or union membership; (e) the contents of a consumer’s mail, email, and text messages unless the business is the intended recipient of the communication; or (f) genetic data.

Biometric information processed for the purpose of uniquely identifying a consumer, personal information collected and analyzed concerning a consumer’s health, sex life, or sexual orientation.

Some Sensitive Personal Information included in this category may overlap with other categories.

Yes Duration of the relationship or as required by law

Sources From Which Personal Information Is Collected

We collect your personal information directly from you, from your interaction with the Services, from publicly available sources, and from third parties, which collect the personal information directly from you.

Business or Commercial Purposes for Which Personal Information Is Collected

Your personal information is used for the following purposes:

Third Parties with Whom Personal Information Is Disclosed, Shared, or Sold

In the preceding 12 months, we have disclosed the following personal information about consumers for business purposes:

In the preceding 12 months, we have shared for cross-contextual behavioral advertising the following the personal information in categories A (identifiers), B (personal), D (commercial), F (internet), G (geolocation), and K (inferences).

In the preceding twelve (12) months, we have not sold the personal information of any consumer for monetary consideration. However, our use of cookies and other tracking technologies may be considered a sale of personal information under the CCPA. Categories of personal information that we have sold under the CCPA include categories A (identifiers), B (personal), D (commercial), F (internet), G (geolocation), and K (inferences). Categories of third parties to whom personal information is sold under the CCPA include data analytics providers and advertising and marketing providers.

You can opt out of our tracking technologies for analytics and advertising service providers by clicking the Your Privacy Choices link or by broadcasting the Global Privacy Control signal during your browsing session. Please note that your use of our Site will still be tracked by notifyMD® and its service providers.

In the preceding twelve (12) months, notifyMD® has not knowingly sold personal information of consumers under the age of sixteen (16) years of age.

We do not have actual knowledge that we sell or share the personal information of consumers under sixteen (16) years of age.

Individual Rights        

Right to Know About Personal Information Collected, Disclosed, Shared, or Sold

You have the right to request that we disclose the personal information we collect, use, and disclose about you to third parties. There are two types of Rights to Know requests that you can make:

  1. Right to Know (Abbreviated Request): If you make a Right to Know (Abbreviated Request), you will receive the following information about you:
    • a. Categories of personal information collected, sold, or shared;
    • b. Categories of sources from which personal information is collected;
    • c. Categories of third parties to whom the information is sold, shared or disclosed;
    • d. Business or commercial purpose for collecting, sharing, or selling personal information;
    • e. Categories of personal information disclosed for a business purpose and categories of persons to whom it was disclosed for a business purpose.
  2. Right to Know (Specific Pieces of Information Request): If you make a Right to Know (Specific Pieces of Information Request), you will receive the following information about you:

        Specific pieces of personal information collected about you.

This information will be provided to you free of charge, unless we determine that your request is manifestly unfounded or excessive. You may request this information twice in a 12-month period.

There are certain exceptions to a consumer’s Right to Know. We will state in our response if an exception applies.

        Right of Deletion

You have the right to request that we and our service providers delete any personal information about your which we have collected from you upon receipt of a verifiable request. This right is subject to certain exceptions. We will state in our response if an exception applies.

        Right to Opt-Out of the Sale or Sharing of Personal Information

You have the right to opt-out of the sale or sharing of your personal information by a business subject to certain laws and regulations.

We recognize the Global Privacy Control. Your browser must be able to support the Global Privacy Control (“GPC”) for us to recognize your opt-out preference signal.

Please note that opt-out choices may be stored via cookies. If you clear cookies, if your browser blocks cookies, or if you view the page from a different browser or device, your opt-out choice may no longer be logged or recognized.

For more information, please visit https://notifymd.com/privacy-policy/.

        Right to Non-Discrimination

You have the right not to receive discriminatory treatment for exercising the privacy rights conferred by California law. We will not discriminate against you because you exercised any of your privacy rights, including, but not limited to, by: denying goods or services to you; charging different prices or rates for goods or services, including through the use of discounts or other benefits or imposing penalties; providing a different level of quality of goods or services to you; or suggesting that you will receive a different price or rate for goods or services or a different level or quality of goods or services. We will also not retaliate against any employee, applicant for employment, or independent contractor for exercising their rights under the CCPA.

        Right of Correction

If we maintain inaccurate personal information about you, then you have the right to request that we correct the inaccurate personal information upon receipt of a verifiable request. Taking into account the nature of the personal information and purposes of processing the personal information, you have the right to request that we correct inaccurate personal information about you, if applicable.

        Right to Limit Use and Disclosure of Sensitive Personal Information

If we process Sensitive Personal Information, we will only do so for the purposes specifically authorized by California law and in a manner that is necessary and proportionate for those purposes. As such, we do not perform any processing for which a Right to Limit request is available.

        Submitting Requests

You can submit your request by emailing us at https://my.datasubject.com/16CVvZSmPFx0VPvo9/25350 or by toll-free phone at 1-800-207-7920.

        Verifying Requests

To ensure the protection of your personal information, we must verify that the individual submitting a request to know, request to delete, or request to correct is the consumer to whom the request relates prior to processing the request. To verify a California consumer’s identity, we may request up to three pieces of personal information about you when you make a request to compare against our records. We may also request that you sign a declaration under the penalty of perjury from the consumer whose personal information is the subject of the request.

Making a verifiable consumer request does not require you to create an account with us.

We will only use personal information provided in your request to verify your identity and will delete any information you provide after processing the request. We reserve the right to take additional steps as necessary to verify the identity of California consumers where we have reason to believe a request is fraudulent.

        Authorized Agents

You may choose a person or a business registered with the California Secretary of State that you authorize to act on your behalf to submit your requests (“Authorized Agent”). If you choose to use an Authorized Agent, we require that you provide the Authorized Agent with written permission to allow them to submit your request and that you verify your identity directly with us. Failure to do so may result in notifyMD® denying your request.

Contact Us

If you have any questions about this Privacy Policy, please contact us by email at customerservice1@notifymd.net, via phone at 800-477-2475, or at:

notifyMD®
9003 Airport Freeway, Suite G300
North Richland Hills, TX 76180