Privacy Notice for California Residents for Sydney Care

Last Updated: June 29, 2020


This Privacy Notice for California Residents for Sydney Care, the mobile service ("Application") operated by CareMarket, Inc. ("CareMarket, Inc.," "we" or "us"), applies to individuals who live in the State of California and whose data is subject to the California Consumer Privacy Act of 2018 (CCPA). Below describes what information CareMarket collects that is subject to the CCPA, your rights under the CCPA, and how you can enforce those rights under the CCPA. Any terms defined in the CCPA have the same meaning when used here.

Information We Collect

We collect information that identifies, relates to, describes, references, is capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer or device ("Personal Information").

Personal Information does not include:

  • Publicly available information lawfully made available from government records.
  • Deidentified or aggregated consumer information.
  • Information excluded from the CCPA's scope, like:
    • health or medical information covered by the Health Insurance Portability and Accountability Act of 1996 (HIPAA) and the California Confidentiality of Medical Information Act (CMIA) or clinical trial data;
    • personal information covered by certain sector-specific privacy laws, including the Fair Credit Reporting Act (FCRA), the Gramm-Leach-Bliley Act (GLBA) or California Financial Information Privacy Act (FIPA), and the Driver's Privacy Protection Act of 1994.

If certain types of information are exempt from CCPA, and therefore this policy, other CareMarket or third party privacy policies may apply.

CareMarket has collected the following categories of Personal Information from its consumers within the last twelve (12) months:


Category

Examples

Collected?

A. Identifiers.

A real name, alias, postal address, unique personal identifier, online identifier, Internet Protocol address, email address, account name, Social Security number, driver's license number, passport number, or other similar identifiers.

YES

B. Personal information categories listed in the California Customer Records statute (Cal. Civ. Code § 1798.80(e)).

Information that is protected against security breaches such as: name, signature, Social Security number, physical characteristics or description, address, telephone number, passport number, driver's license or state identification card number, insurance policy number, education, employment, employment history, bank account number, credit card number, debit card number, or any other financial information, medical information, or health insurance information.

Some personal information included in this category may overlap with other categories may not be subject to all the rights under the CCPA.

YES

C. Protected classification characteristics under California or federal law.

Age (40 years or older), race, color, ancestry, national origin, citizenship, religion or creed, marital status, medical condition, physical or mental disability, sex (including gender, gender identity, gender expression, pregnancy or childbirth and related medical conditions), sexual orientation, veteran or military status, genetic information (including familial genetic information).

YES

D. Commercial
information.

Records of personal property, products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies.

NO

E. Biometric information.

Genetic, physiological, behavioral, and biological characteristics, or activity patterns used to extract a template or other identifier or identifying information, such as, fingerprints, faceprints, and voiceprints, iris or retina scans, keystroke, gait, or other physical patterns, and sleep, health, or exercise data.

YES

F. Internet or other similar network activity.

Browsing history, search history, information on a consumer's interaction with a website, application, or advertisement.

YES

G. Geolocation data.

Physical location or movements.

YES

H. Sensory data.

Audio, electronic, visual, thermal, olfactory, or similar information.

NO

I. Professional or employment-related information.

Current or past job history or performance evaluations.

NO

J. Non-public education information (per the Family Educational Rights and Privacy Act (20 U.S.C. Section 1232g, 34 C.F.R. Part 99)).

Education records directly related to a student maintained by an educational institution or party acting on its behalf, such as grades, transcripts, class lists, student schedules, student identification codes, student financial information, or student disciplinary records

NO

K. Inferences drawn from other personal information.

Profile reflecting a person's preferences, characteristics, psychological trends, predispositions, behavior, attitudes, intelligence, abilities, and aptitudes.

YES


We generally do not collect additional categories of personal information or use the personal information we collected for significantly different or meaningfully unrelated purposes without providing you notice.

Where We Obtain Personal Information

We obtain the categories of personal information listed above from the following categories of sources:

  • Directly from you or your devices. For example, from forms you complete on our website.
  • Indirectly from you. For example, from observing your actions on our website or interactions with our advertisers.
  • Other users of our services.
  • Affiliates.
  • Internet service providers.
  • Government entities.
  • Operating systems and platforms.
  • Business partners. For example, pharmacy benefit managers or providers.
  • Publicly accessible sources. For example, National Provider Identifier.

Use of Personal Information

We may use, or disclose the personal information we collect for one or more of the following business and commercial purposes:

  • Fulfilling or meeting the reason you provided the information. For example, if you share personal information in order to complete the Daily Covid-19 Check-In, we will use that personal information to communicate your assessment results to your participating company.
  • Providing you with information, products or services that you request from us.
  • Providing you with email alerts, event registrations and other notices concerning our services, or news that may be of interest to you.
  • Sending you text messages or push notifications.
  • Marketing purposes, such as developing and providing promotional and advertising materials that may be useful, relevant, valuable or otherwise of interest to you.
  • De-identifying and aggregating information collected through our services and using it for any lawful purpose.
  • Responding to trust and safety issues that may arise.
  • Carrying out our obligations and enforce our rights arising from any contracts or other terms entered into between you and CareMarket, including billing, or as may be required by applicable laws and regulations or requested by any judicial process or governmental agency.
  • Auditing related to a current interaction with you and concurrent transactions, including, but not limited to, counting ad impressions to unique visitors, verifying positioning and quality of ad impressions, and auditing compliance with this specification and other standards.
  • Personalizing your experience on our services, such as presenting tailored content.
  • Undertaking activities to verify or maintain the quality or safety of our services, and to improve, upgrade, or enhance our services.
  • For testing, research, analysis, and product development, including the development of data models and algorithms, and for demonstration purposes.
  • Auditing related to a current interaction with you and concurrent transactions, including, but not limited to, counting ad impressions to unique visitors, verifying positioning and quality of ad impressions, and auditing compliance with this specification and other standards.
  • Detecting security incidents, protecting against malicious, deceptive, fraudulent, or illegal activity, and prosecuting those responsible for that activity.
  • Debugging to identify and repair errors that impair existing intended functionality.
  • Short-term, transient use.
  • Contracting with service providers to perform services on our behalf or on their behalf, including maintaining or servicing accounts, providing customer service, processing or fulfilling orders and transactions, verifying customer information, processing payments, providing financing, providing advertising or marketing services, providing analytic services, or providing similar services on behalf of the business or service provider.
  • Otherwise enabling or effecting, directly or indirectly, a commercial transaction.
  • For other purposes for which we provide specific notice at the time the information is collected.
  • To respond to law enforcement requests and as required by applicable law, court order, or governmental regulations.
  • As described to you when collecting your personal information or as otherwise set forth in the CCPA.

Sharing Personal Information

We may disclose your personal information to a third party for a business or commercial purpose. When we disclose personal information for a business purpose, we enter a contract that describes the purpose and requires the recipient to both keep that personal information confidential and not use it for any purpose except performing the contract.

In the preceding twelve (12) months, we have disclosed the following categories of personal information for a business purpose:

Category A: Identifiers

Category B: California Customer Records

Category C: Protected classification characteristics under California or federal law.

Category E: Biometric information

Category F: Internet history

Category K: Inferences drawn from other personal information

In the preceding twelve (12) months, CareMarket has not disclosed personal information for a commercial purpose. However, for California residents, the California Consumer Privacy Act (CCPA) defines "selling" personal information to include providing it to a third party in exchange for money or valuable services. We may in the future disclose data in any of the categories above to certain third parties for commercial purposes, in our products and services or in exchange for valuable services, such as advertising or social media engagement services, which may constitute a "sale" under the CCPA." Pursuant to our Privacy Notice, we share your information with the following categories of third parties for a commercial purpose:

  • ISPs : Internet service providers.
  • Analytics Providers .
  • Government : Government entities.
  • OS/Platform Provider : Operating systems and platforms.
  • Affiliates .
  • Vendors : Vendors and service providers.
  • Integrated Third Parties : Third parties integrated into our services.
  • Third Parties as Legally Required : Third parties as required by law and similar disclosures.
  • Third Parties in Merger/Acquisition : Third parties in connection with a merger, sale, or asset transfer.
  • Third Parties with Consent : Other third parties for whom we have obtained your permission to disclose your Personal Information.

For avoidance of doubt, we do not sell health information subject to HIPAA without your express authorization. If you give us such an authorization, you may revoke it in writing at any time. Your revocation will not affect any use or disclosure permitted by your authorization while it was in effect.



Your Rights and Choices

The CCPA provides California residents with specific rights regarding their personal information. This section describes your CCPA rights and explains how to exercise those rights.

Right

To Exercise This Right

Time Frame and Response

If We Cannot Complete Your Request

Access to specific information (e.g. categories, sources, and business purposes for collection, use, and sale) in the last 12 months after verification of your identity.

Submit request and confirm your "verifiable consumer request" via the contact information below.

We will evaluate and respond to your request electronically or by mail (at your request) within 45 days. If we require more time, we will inform you of the reason and extension period in writing.

We will explain the reasons we cannot comply with a request in our response.

Deletion of information.

You have the right to request that we delete your personal information, subject to certain exceptions after verification of your identity.

Submit request and confirm your "verifiable consumer request" via the contact information below.

We will evaluate and respond to your request electronically or by mail (at your request) within 45 days. If we require more time, we will inform you of the reason and extension period in writing.

Once we confirm your verifiable consumer request, we will delete (and direct our service providers to delete) your personal information from our records, unless an exception applies.

We will explain the reasons we cannot comply with a request in our response.

The law does not require us to honor requests to delete where it is necessary in certain circumstances for us or service provider to maintain personal information. These include:

- Provide a good or service, perform our contract or take action reasonably anticipated in the context of our ongoing relationship with you.
- Detect and protect against malicious, deceptive, fraudulent, or illegal activity, or prosecute those responsible for such activities.
- Debug products to identify and repair errors that impair existing intended functionality.
- Exercise and/or support free speech provided for by law.
- Comply with the California Electronic Communications Privacy Act (Cal. Penal Code § 1546 et. seq.).
- Engage in research for which you provided informed consented that complies with applicable laws when deletion will seriously impair the research.
- Use internally for purposes aligned with your expectations and our relationship.
- Comply with a legal obligation or make other lawful use compatible with the context in which information was provided.

Opt out of the "sale" of personal information in some circumstances.

Submit request and

confirm your "verifiable

consumer request" via the contact information

below.

We will evaluate and

respond to your request

electronically or by mail (at your request) within 45 days.

If we require more time, we will inform you of the reason and extension period in writing.

We will explain the reasons we cannot comply with a request in our response.



"Verifiable Consumer Request"

To exercise your rights to access or delete your personal information under the CCPA, you must submit a "verifiable consumer request." Only you, or a person registered with the California Secretary of State that you authorize to act on your behalf, may make a verifiable consumer request related to your personal information. You may also make a verifiable consumer request on behalf of your minor child.

A verifiable consumer request must:

  • Provide sufficient information that allows us to reasonably verify you are the person about whom we collected personal information or an authorized representative.
  • Describe your request with sufficient detail that allows us to properly understand, evaluate, and respond to it.

If we cannot verify your identity or authority to make the request, we will not be able to fulfill your request. The information provided for verification will only be used for that purpose.

Authorizing an Agent

To authorize an agent to make a request to know, delete or opt-out request on your behalf, please send a written authorization signed by you and the authorized agent to us via the contact information below.

Processing Fees

We do not charge a fee to process or respond to your verifiable consumer request unless it is excessive, repetitive, or manifestly unfounded. If we determine that the request warrants a fee, we will tell you why we made that decision and provide you with a cost estimate before completing your request.

Personal Information Sales Opt-Out and Opt-In Rights

In some circumstances, you may opt out of the sale of your Personal Information. If you are 16 years of age or older, you have the right to direct us to not sell your personal information at any time (the "right to opt-out"). We do not sell the personal information of consumers we actually know are less than 16 years of age, unless we receive affirmative authorization (the "right to opt-in") from either the consumer who is between 13 and 16 years of age, or the parent or guardian of a consumer less than 13 years of age. Consumers who opt-in to personal information sales may opt-out of future sales at any time. We may ask for information from you to verify your identity and help ensure your request does not infringe upon the rights of others, for example, an individual who has not opted out but has a similar name as you.

To exercise the right to opt-out, you (or your authorized representative) may submit a request by following the instruction under contact information below.

Once you make an opt-out request, we will wait at least twelve (12) months before asking you to reauthorize the sale of your personal information. However, you may change your mind and opt back in to personal information sales at any time by visiting our website and sending us a message.


We will only use personal information provided in an opt-out request to review and comply with the request.

Non-Discrimination

We will not discriminate against you for exercising any of your CCPA rights. Unless permitted by the CCPA, we will not:

We may offer you certain financial incentives such as discounted prices, rates, or quality levels. Any permitted financial incentive we offer will reasonably relate to your personal information's value and contain written terms that describe the program's material aspects. Participation in a financial incentive program requires your prior opt in consent, which you may revoke at any time.

"Shine the Light"

California's "Shine the Light" law (Civil Code Section § 1798.83) permits users of our Website that are California residents to request certain information regarding our disclosure of personal information to third parties for their direct marketing purposes. To make such a request, please send us an electronic message through our website or write us at our address listed below.

Changes to Our CA Privacy Notice

We reserve the right to amend this privacy notice at our discretion and at any time. When we make changes to this privacy notice, we will post the updated notice on the Website and update the notice's effective date. Your continued use of our Application following the posting of changes constitutes your acceptance of such changes.

Contact Information

You can contact CareMarket with your questions, comments, rights requests, and other CCPA-related inquiries by contacting your participating company, email us at to support@sydnecare.ai or call us at (833)306-9053.

If you believe your personal information was accessed without permission, please contact CareMarket by the means listed above.

Effective Date

This Privacy Notice for California Residents is effective 6/29/2020. Certain rights granted by the CCPA will not be effective until 1/1/2021.