HUMAN DESIGN MEDICAL, LLC and SPIRE DME, LLC

Privacy Statement

Updated: December 1, 2016

Human Design Medical, LLC, Spire DME, LLC, Breas Medical AB and their affiliates (the “Companies”) are strongly committed to protecting the privacy of your personal information. This privacy statement explains the Companies’ data collection and use practices with respect to their websites (the “Sites”). By using the pages in the Sites, you agree to the information collection and use practices described in this Privacy Statement. If you do not agree to the terms set forth herein, do not use the Sites.

Collection of Personal Information

We may ask you for information that personally identifies you or provides information about yourself (“personal information”) or allows us to contact you to provide a service or carry out a transaction that you have requested. The personal information we collect may include your name, your address, your credit card number, your email address and other contact information, and other information about products and/or services requested through the Sites. You are not required to provide the personal information that we have requested, but, if you chose not to do so, in many cases we will not be able to provide you with our products or services or respond to questions you may have.

The Sites may also collect certain non-personal information about your visit, such as the name of the Internet service provider and the Internet Protocol (IP) address through which you access the Internet; the date and time you access the Site(s); the pages that you access while at the Site(s) and the Internet address of the website from which you linked directly to the Site(s). This information is used, among other reasons, to help improve the Sites, analyze use trends and administer the Sites.

Use of Personal Information

Except as otherwise required by law, the personal information collected on the Sites will be used solely to operate the Sites and to provide the service(s) and/or product(s) or carry out the transaction(s) you have requested or authorized. In support of these purposes, the Companies may use personal information to provide you with more effective customer service, send promotional or advertising materials to you (see opt-out provisions below), to improve the Sites and any related Company products or services, and to make the Sites easier to use by eliminating the need for your repeated entry of the same information. In order to offer you a more consistent experience in your interactions with the Companies, information collected by each Site may be combined with information collected in connection with other Company products and services.

The Companies may occasionally hire other companies to provide limited services on our behalf, such as website hosting, packaging, mailing/shipping, answering customer questions about products and services, and sending information about our products, special offers, and other services. We will only provide those companies the personal information they need to deliver the service. They are required to maintain the confidentiality of the information and are prohibited from using that information for any other purpose.

The Companies may disclose personal information if required to do so by law or in the good faith belief that such action is necessary to (a) conform to the edicts of the law or comply with legal process served on the Companies or the Sites; or (b) protect and defend the rights or property of the Companies and the Sites. The Companies may also disclose personal information about you if we determine that disclosure is reasonably necessary to enforce our Terms and Conditions, or protect other users of the Sites.

Control of Personal Information

Except as otherwise described in this Privacy Statement, your personal information will not be shared outside of the Companies and their subsidiaries and affiliates without your permission.

For persons over the age of 13, registering yourself on the Site(s) is free and completely voluntary. If you choose to register with the Site(s) or purchase products through the Site(s), your unique user name will be the beginning of your email address before the URL and you will need to create a unique password. By using the user name and password, you will be able to access certain portions of the Site(s) that are unavailable to unregistered users and will be able to purchase new products without re-entering your personal information and credit card number. You are solely responsible for choosing the password and maintaining the confidentiality of the password that you choose. It is your responsibility to keep your registration data current and accurate as well as to protect against unauthorized access to your password and to your computer. Failure to protect the security of these items may permit unauthorized individuals to obtain your personal information and your credit card information. Be sure to sign off when finished using a shared computer. The Companies shall not be liable for any loss that you may incur as a result of someone else using your account, either with or without your knowledge.

You must be 13 years old or over to register an account on the Site(s). No information should be submitted to or posted to the Sites by any child under 13 years of age. The Companies do not knowingly collect information from children under 13. If you are under 13 years old, you may not attempt to register with the Site(s). If the Companies determine that an account has been registered by a person under age 13, such account will be terminated. If you are between the ages of 13 and 17, you may use the Site(s) only with your parent or guardian’s consent; the Companies reserve the right to request verification of such parent or guardian’s consent. Personal information of persons between ages 13 and 17 will be collected as described in this privacy statement. By registering an account on the Site(s), you represent that you are age 13 or over.

Security of Personal Information

The Companies are strongly committed to protecting the security of your personal information. When you submit personal information on any Site, the Companies will take all reasonable efforts in order to protect your personal information. The Companies use certain security technologies and procedures to help protect your personal information from unauthorized access, use, or disclosure once it is received. We use a trusted third party vendor for collection of prescription information. Our current vendor is MD Office and you can read about this vendor’s security measures here: https://mdofficemail.com/hipaa-email-features.html. Nevertheless, it is also your responsibility to protect the secrecy of your personal information, including your credit card information, username and password. If you believe that your username and/or password has been compromised, please contact Customer Support immediately. To do so, or if you have any other questions about the security of the Website, send an e-mail to hdmsupport@hdmusa.com or call 1-855-HDMUSA9 (1-855-436-8729).

Privacy Shield

The Companies comply with the EU-U.S. Privacy Shield Framework as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal information transferred from the European Union to the United States. The Companies within the United States have certified to the Department of Commerce that they adhere to the Privacy Shield Principles. If there is any conflict between the terms in this privacy statement and the Privacy Shield Principles, the Privacy Shield Principles shall govern. To learn more about the Privacy Shield program, and to view the Companies’ certification, please visit www.privacyshield.gov.

The Companies’ participation in the Privacy Shield applies to all personal data that is subject to this privacy statement and is received from countries within the European Union. The Companies will comply with the Privacy Shield Principles in respect of such personal data. The Companies’ accountability for personal data that it receives under the Privacy Shield and subsequently transfers to a third party is described in the Privacy Shield Principles. In particular, the Companies remain responsible and liable under the Privacy Shield Principles if third party agents that it engages to process the personal data on its behalf do so in a manner inconsistent with the Principles, unless the Companies prove that it is not responsible for the event giving rise to the damage.

We encourage you to contact us using the information set forth under the “Contact Information” section below if you have a Privacy Shield-related (or general privacy-related) complaint. For any complaints that cannot be resolved with the Companies directly, the Companies have chosen JAMS, an alternative dispute resolution provider located in the United States, as the independent resource mechanism for resolution of such disputes. If you do not receive timely acknowledgment of your complaint from the Companies, or if we have not addressed your complaint to your satisfaction, please contact or visit https://www.jamsadr.com/eu-us-privacy-shield for more information or to file a complaint. The services of JAMS are provided at no cost to you. You can also follow that link for a description of the range of potential remedies.

Under certain circumstances, if you do not find the proposed solution satisfactory, you may invoke binding arbitration before the Privacy Shield Panel for residual claims not otherwise resolved. The Companies will resolve the dispute under dispute resolution procedures of the panel established by the EU data protection authorities (“DPAs”) to resolve disputes pursuant to the Privacy Shield Principles. The EU DPAs may be contacted directly via the information provided at http://ec.europa.eu/justice/data-protection/bodies/index_en.htm.

The Companies within the United States are subject to the investigatory and enforcement powers of the U.S. Federal Trade Commission (FTC).

Required Disclosures

If required under applicable law, the Companies will comply with lawful requests for information (which may include personal data) from public authorities, law enforcement and national security agencies, including to meet national security or law enforcement requirements.

Credit Card Transactions

Some features of the Sites require credit card transactions. The Companies contract with trusted third party vendors to encrypt your information and prevent unauthorized access. Our current credit card processing vendor is Stripe, and you can read about its security and encryption methods here: https://stripe.com/docs/security/stripe. Shortly after an order is processed, you will receive a confirmation via e-mail. You are advised to print out and save a copy of the order confirmation for verification necessary to resolve any issues with your order.

Cookies

We may use cookies on the Sites to ensure the integrity of the registration process and to personalize the Sites. A cookie is a small text file that is placed on your hard disk by a web page server and that helps the Sites to recall your specific information on subsequent visits. You have the ability to accept or decline cookies. Most web browsers automatically accept cookies, but you can usually modify your browser setting to decline cookies if you prefer.

The use of cookies simplifies the process of delivering relevant content, eases Site navigation, and provides other similar benefits to users of the Sites. When you return to the Sites, the information you previously provided can be retrieved, so you can easily use the Sites’ features. If you choose to decline cookies, you may not be able to fully experience the features of the Sites.

Choice/Opt-Out

The Sites provide you with the opportunity to choose to receive updates about the Companies and any information of specials we may want you to know about. You are automatically added to the Companies’ mailing lists and signed up for certain services from the Companies when you place an order. If you would like to be removed from this list and/or opt out of these services, please call or write us at the address and telephone number listed below. Please allow five (5) business days for processing of your opt-out request.

If you need to correct or update your account information, or you no longer desire our services, you can do so by sending an e-mail to hdmsupport@hdmusa.com or via phone at 1-855-HDMUSA9 (1-855-436-8729).

Links to Other Sites

The Sites may contain links to other sites which are not affiliated with the Companies. Any such link is not, and is not intended to be, an endorsement of such other website or its content and you should review the terms of use and privacy policy of such other website. These websites operate independently of the Companies and the Companies are not responsible for the privacy practices or the content of such websites.

Message Boards; User Forums

The Companies may provide message boards or related user forums on the Sites where you and other registered users may exchange information and deliver messages directly to each other. Any content or materials whatsoever that you post on the Sites will be available for any registered user to read, collect, or use for their own purposes. Thus, such content and materials will not be private or confidential in any way and may be disclosed by any third party. The Companies are not responsible for and disclaims all liability for such use.

Changes to this Privacy Statement

We reserve the right to update this privacy statement from time to time and without notice to you. All such updates shall be effective immediately unless otherwise stated. We encourage you to periodically review this privacy statement to stay informed about how we are helping to protect the personal information we collect. Your continued use of the Sites constitutes your agreement to this privacy statement, as amended from time to time.

Coordination With Terms and Conditions

This privacy statement is intended solely to clarify the Companies’ practices with respect to personal information and shall not in any way modify or limit the legal effect of the Terms and Conditions to the use of the Sites. In the event of any conflict between this privacy statement and the Terms and Conditions, the Terms and Conditions shall control. In particular, the Companies will not be liable for any damages or injury (including, without limitation, incidental and consequential damages, personal injury/wrongful death, lost profits, or damages resulting from lost data or business interruption) that result from your use of the Sites or your submission of personal information to the Sites, even if there is negligence on the part of the Companies or their employees. In addition, you agree to defend, indemnify, and hold the Companies, their officers, directors, employees, agents, licensors, and suppliers, harmless from and against any claims, actions or demands, liabilities and settlements including without limitation, reasonable attorneys’ fees, resulting from, or alleged to result from, your submission of personal information to the Sites or your unlawful collection of personal information of others through use of the Sites.

Limitations of Privacy Statement

This privacy statement explains only data collection and use practices related to the Companies’ websites; it does not apply to other products or services of the Companies. Please be aware that this privacy statement and any choices you make on the Sites will not necessarily apply to personal information you may have provided to the Companies in the context of other, separately provided, products or services.

Contact Information

The Companies welcome your comments regarding this privacy statement. If you believe that the Companies have not adhered to this privacy statement, please contact us electronically or via postal mail at the following address, and we will use commercially reasonable efforts to promptly determine and remedy the problem:

Human Design Medical, LLC / Spire DME, LLC
Attention: Corporate Counsel
200 Garrett Street, Suite S
Charlottesville, VA  22902
Phone: 1-855-HDMUSA9 (1-855-436-8729)
E-mail: hdmsupport@hdmusa.com