What Personal Information Do We Collect?
Personal information is information about an identifiable individual, as defined in applicable Privacy Laws. Generally speaking, personal information does not include:
- anonymous or aggregated information that does not allow an individual to be identified;
- information regarding companies and other “legal persons”; or
- business contact information such as your name, title or position, business address, telephone number, fax number or email address.
The types of personal information that Mendability may collect from you from time to time include: your name, your home address, telephone number, personal email address, billing and account information (such as credit card, or bank account number), your mailing preferences, delivery instructions, and customer service preferences. Mendability also may collect certain health information to customize your program. Mendability will also collect the personal information you provide in order to access our services, including any information provided through our online chat functionality. Additionally, from time to time, we may ask you to provide us with more detailed information regarding your interests, occupation and background. For example, we sometimes ask our customers to complete surveys in order to get a better sense of who they are and what issues, products or services may be of interest to our clients.
The Privacy Principles Mendability Follows
Mendability collects, uses and discloses your personal information by employing “fair information practices” as described in the following ten privacy principles and embodied in Privacy Laws:
- Accountability: Mendability is responsible for personal information under its control and as a result has designated an individual as the person who is accountable for Mendability’s compliance with the ten principles (“Privacy Officer”). As such:
- accountability for Mendability’s compliance with the principles rests with the Privacy Officer, even though other individuals within Mendability may be responsible for the day-to-day collection and processing of personal information. In addition, other individuals within Mendability may be delegated to act on behalf of the Privacy Officer;
- the identity of the Privacy Officer designated by Mendability to oversee Mendability’s compliance with the principles shall be made known upon request; and
- Mendability is responsible for personal information in its possession or custody, including information that has been transferred to a third party for processing. Mendability shall use contractual or other means to provide a comparable level of protection while the information is being processed by a third party.
- Identifying Purposes: In general, Mendability collects, uses and discloses personal information about you in order to provide our customers with business forms development and processing services. More specifically, Mendability collects, uses and discloses your personal information for the following purposes:
- to establish and maintain commercial relationships with clients, suppliers and other third parties, including to issue invoices, administer accounts, collect and process payments, and to fulfill contractual and legal obligations;
- to prepare customized service to you as a client, occasionally in an automated manner with the results visible to your own account and anyone with whom you have granted access to view your account. For example, therapy worksheets may be generated based on the age of your child and the answers to the questionnaires.
- to develop and manage our business and operations. This may include the sharing of personal information by and between Mendability personnel and affiliated companies, and with third party service providers and agents, for such purposes;
- to detect and protect Mendability and other third parties against error, fraud, theft and other illegal activity, and to audit compliance with Mendability’s policies and contractual and legal obligations;
- to distribute our newsletters and other material to individuals on our mail and e-mail lists, including via third party mailing houses and e-mail service providers;
- to engage in business transactions, including the purchase, sale, lease, merger, amalgamation or any other type of acquisition, disposal, securitization or financing involving Mendability;
- to understand and respond to client, supplier and other third party needs and preferences, including to contact and communicate with such parties and to conduct surveys, research and evaluations;
- to develop, enhance, market, sell or otherwise provide Mendability’s products and services;
- to market, sell or otherwise provide products and services of third parties with whom Mendability has a commercial relationship;
- as permitted by, and to comply with, any legal or regulatory requirements or provisions; and
- for any purpose to which you consent.
- Third Party Disclosure: Mendability information is stored on our own servers which are maintained by Hostwinds. Mendability newsletter and contact lists are stored on Zoho Campaigns and Active Campaign. Mendability stores some files which may have personally identifiable information on Zoho Workdrive. Email is handled through Zoho Mail. Video storage and streaming is provided by DaCast. Where appropriate, Mendability has a HIPAA Business Associate Agreement with third party providers. The nature of the business relationships with these third parties is not one in which the data is used by the third party for their gain, except as per the fees they obtain from Mendability for data usage and storage, meaning for example that they do not advertise to the people, communicate with the people, use the information to make any decisions or take any actions. Mendability allows for the creation of Professional accounts. Your information will be visible to the professional who supervises your account and who has your permission given when you accept an invitation or request on behalf of the professional. Mendability does not disclose any personally identifiable information to any third party who may use the information for their own purposes without your permission and without disclosing the identity of the third party. Mendability has invited some users to actively submit their own information to Autism Digest magazine in order for them to receive a free subscription. Mendability does share information on a need to know basis within its own system of companies and its own company structures. Those companies and company structures are not considered Third Parties.
Mendability will collect, use and disclose only that personal information necessary for the purposes that have been identified.
NOTE: In certain circumstances under Privacy Laws, personal information can be collected, used, or disclosed without the knowledge and consent of the individual. For example, legal, medical, or security reasons may make it impossible or impractical to seek consent. When information is being collected for the detection and prevention of fraud or for law enforcement, seeking the consent of the individual might defeat the purpose of collecting the information.
- Limiting Collection: The collection of personal information shall be limited to that which is necessary for the purposes identified by Mendability. Information shall be collected by fair and lawful means and may be collected from other sources including but not limited to credit bureaus or other third parties who represent that they have the right to disclose the information. In most cases, collection shall be pursuant to appropriate contractual arrangements.
- Limiting Use, Disclosure, and Retention: Personal information shall not be used or disclosed for purposes other than those for which is was collected, except with the consent of the individual or as required or permitted by Privacy Laws. Personal information shall be retained only as long as necessary for the fulfillment of those purposes or as required by law.
Mendability may collect from and/or disclose your personal information to:
- a person who, in the reasonable judgment of Mendability, is providing or seeking the information as your agent;
- any of the companies and business entities that form part of Mendability;
- an organization or individual retained by Mendability to perform functions on its behalf, such as contractors, consultants, auditors, software developers (including web-site developers and hosts), data processing, document management and office services;
- an organization or individual retained by Mendability to evaluate your creditworthiness or to collect debts outstanding on an account;
- a financial institution, on a confidential basis and solely in connection with the assignment of a right to receive payment, the provision of security or other financing arrangements;
- our auditors and professional advisors;
- another person or corporation as part of conducting business together or pursuant to the sale of all or substantially all of Mendability’s assets related to one or more specific lines of business, subject to the other person or corporation agreeing to manage personal information in accordance with Privacy Laws;
- another company or person for the development, enhancement, marketing or provision of any of Mendability’s products or services;
- an agent or third party retained by Mendability in connection with Mendability ‘s administration or the provision of Mendability ‘s products or services;
- credit grantors and reporting agencies; and
- a public authority or agent of a public authority, if in the reasonable judgment of Mendability, it appears that there is imminent danger to life or property which could be avoided or minimized by disclosure of this information.
Except as permitted in this principle, Mendability does not provide or sell its customer lists to any outside company for use in marketing or solicitation.
- Accuracy: Personal information shall be as accurate, complete, and up-to-date as is possible. Mendability will update personal information as and when necessary to fulfill the identified purposes or upon notification from you. Mendability will not routinely update personal information, unless such process is necessary to fulfill the identified purposes. If ever your contact and/or other personal information changes, please feel free to contact us so that we can update our records.
- Safeguards: Personal information shall be protected by security safeguards appropriate to the sensitivity of the information. The security safeguards are designed to protect personal information against loss or theft, as well as unauthorized access, disclosure, copying, use, or modification. The nature of the safeguards will vary depending on the sensitivity of the information that has been collected, the amount, distribution, and format of the information, and the method of storage. The methods of protection include:
- physical measures, such as locked filing cabinets and restricted access to offices;
- organizational measures, such as security clearances and limiting access on a “need-to-know” basis; and
- technological measures, such as the use of passwords, firewalls and encryption.
- the information made available shall include:
- the name or title, and the address, of the Privacy Officer to whom complaints or inquiries can be forwarded;
- the means of gaining access to personal information held by Mendability;
- a description of the type of personal information held by Mendability, including a general account of its use;
- a copy of any brochures or other information that explain Mendability’s policies, standards, or codes; and
- what personal information is made available to related organizations, i.e.: affiliated companies; and
- Individual Access: Upon request, subject to certain exceptions under Privacy Laws, you shall be informed of the existence, use, and disclosure of your personal information and shall be given access to that information. You have the right to request that otherwise permitted uses and disclosures of PHI be restricted. You may wish to challenge the accuracy and completeness of the personal information and have it amended as appropriate. Filing a request for amendment is not necessary to correct clerical errors. This includes rights under GDPR to Subject Access Request (SAR) to know
- What personal information pertaining to the user is being processed
- Why this information is being processed
- Who has access to this personal information about the user
- How this personal information is being used in automated decisions
- What processes are using this information
NOTE: In certain situations, under Privacy Laws, Mendability may not be able to provide access to all of your personal information it holds. The reasons for denying access will be provided to you upon request. Exceptions may include information that is prohibitively costly to provide, information that contains references to other individuals, information that cannot be disclosed for legal, security, or commercial proprietary reasons, and information that is subject to solicitor-client or litigation privilege.
Mendability respects the rights of individuals we work with. These include:
- The right to receive information in a manner he or she understands
- The right to collaborate in decisions about the care and therapy or services
- The right to give or withhold informed consent
- The right to give or withhold informed consent to produce or use recordings, films, or other images of the individual served for purposes other than his or her care
- The right to receive information about the staff responsible for his or her care, therapy, or services
- The right to be free from neglect; exploitation; and verbal, mental, physical, and sexual abuse
- The right to an environment that preserves dignity and contributes to a positive self-image
- The right to have complaints reviewed by the organization.
- The right to access protective and advocacy services
- The right to complain to the U.S. Department of Health and Human Services if you feel your privacy rights have been violated
A client has the right to request that otherwise permitted uses and disclosures of Personal Health Information (PHI) be restricted. Specifically, the patient may request restrictions on:
- The use and disclosure of PHI for treatment, payment or health care operations
- The disclosures to family, friends or others for involvement in care and notification purposes
The Facility is not required to comply with such requests for restriction, but will consider and may agree to a restriction. The Facility will consider the need for access to PHI for treatment purposes when considering a request for a restriction. A request for restriction must be made in writing. The Facility HIPAA Compliance Officer (“Privacy Officer”) will notify the patient of its determination with respect to the request.
Privacy and our Website
Google Analytics – This cookie allows us to see information on user website activities including, but not limited to page views, source and time spent on the website. The information is depersonalized and is displayed as numbers, meaning it cannot be tracked back to individuals. This will help to protect your privacy. Using Google Analytics we can see what content is popular on our website, and strive to give you more of the things you enjoy reading and watching.
Google Adwords – Using Google Adwords code we are able to see which pages helped lead to contact form submissions. This allows us to make better use of our paid search budget.
DoubleClick – We use re-marketing code to log when users view specific pages, allowing us to provide ads that mean something to the users.
Facebook ads – Facebook will use the Event Data received to provide Mendability with insights about the effectiveness of our ads and the use of our website/app or to create a custom audience (as applicable, depending on the specific features Mendability chooses to use), and in accordance with Facebook’s Data Policy (https://www.facebook.com/about/privacy/). Event Data will also enable Facebook to better target ads and to optimize their systems. In connection with such targeting and optimization, Facebook will: (i) use Event Data collected from Mendability’s website or mobile app for ads optimization only after such Event Data has been aggregated with other data collected from other advertisers or otherwise collected on Facebook and (ii) not allow other advertisers or third parties to target advertising solely on the basis of Event Data collected from Mendability’s website or mobile app. Event Data will not be disclosed to other advertisers or to third parties, unless Facebook has Mendability’s permission or are required to do so by law. Facebook will maintain the confidentiality and security of Event Data, including by maintaining technical and physical safeguards that are designed to (a) protect the security and integrity of data while it is within Facebook’s systems and (b) guard against the accidental or unauthorized access, use, alteration or disclosure of data within Facebook’s systems.
E-mail Communications – Members and prospects may use E-mail to communicate with Mendability. Our email service is secure and protects against breach of privacy. You are responsible for all security and privacy while sending emails to us, and after having received emails from us. Occasionally, we may send marketing or promotional e-mail communications to you with information that may be useful, including information about the services of Mendability and other third parties with whom we have a relationship. We will include instructions on how to unsubscribe and inform us of preferences if you decide you do not want to receive any future marketing or promotional e-mails from Mendability.
Links – Our website may contain links to other websites which are provided as a convenience only. Visitors are advised that other third party websites may have different privacy policies and practices than Mendability, and Mendability has no responsibility for such third party websites regarding its privacy policies on its content generally.
Opt out of collection and use of information for ad targeting
Visitors can opt-out of Google Analytics for Display Advertising and customize Google Display Network ads using the Ads Preferences Manager.
Visitors can customize their preferences and opt-out of Facebook Ads using the Ads Preferences Manager: https://www.facebook.com/settings?tab=ads
To opt out of all data collection, visitors may also visit: www.aboutads.info/choices
This privacy notice became effective 31 January 2022.
- e-mail: [email protected]
- phone: (888) 579-7002