Digital Privacy

Digital Privacy Policy

This Digital Privacy Policy was last updated on May 13, 2020.

Welcome. Onco360 (“Onco360,” “we,” “us,” or “our”) values our relationship with you and takes your privacy seriously. The purpose of this Privacy Policy is to identify how we may process, collect, store, share and use the data that we collect from you in connection with your access to and use of our mobile application as downloaded on your smartphone and information management platform (collectively, the “Digital Platform”). This Privacy Policy also describes your rights with respect to your Personal Information, all as described in more detail below. 

Please review this Privacy Policy from time to time; by accessing and/or using the Digital Platform, you accept and agree to the terms of this Privacy Policy and the use of your data and Personal Information as described in this Privacy Policy. If you do not agree to the terms of this Privacy Policy or any subsequent modifications, you should not access or use the Digital Platform or provide any information or data to Onco360.

We may update or modify this Privacy Policy at any time, by posting the amended version including the effective date of the updated version. We will announce any material changes to this Privacy Policy through an alert on the Digital Platform.

For state-specific privacy rights or for California residents, click here for additional terms and protections.

1. How to Contact Us.

You can update your preferences and information by contacting us at the email address or phone number below. Additionally, if you have any questions or concerns about this Privacy Policy or our use of your Personal Information, please do not hesitate to contact us through any of the methods listed below.

Mail:    13410 Eastpoint Centre Drive, Louisville, KY 40223
Phone: (877) 662-6633
Email:  [email protected]

2. Personal Information

While using the Digital Platform, we may ask you to provide us with certain personally identifiable information (“Personal Information”).  Personal Information is information that identifies, relates to, describes, can reasonably be associated with, or can reasonably be linked to a particular individual or household.

We collect information from you both when you provide it voluntarily and also automatically when you access or use the Digital Platform, as described below. We collect Personal Information from you and any devices (including mobile devices) you use when you: register for an account with us, sign up for the Onco360 Mobile Text Program, update or add information to your account, make a payment, or otherwise correspond with us.

3. The Information We Collect.

We may collect the following categories of Personal Information from you, depending on your interactions with the Digital Platform and the choices you make, as further described in the table below:

  • Identifiers.  Your name, email address, postal address, unique personal identifier, and Internet Protocol (IP) address.
  • Interactions.  Records of products or services purchased, obtained, or considered, or other purchasing or consuming histories.
  • Internet or other electronic network activity information.  For example:   
    • Browse history.  Data about the webpages you visit.
    • Search history.  Data about the search terms you enter.
    • Device, connectivity, and configuration data.  Data about your device and nearby networks, including regional and language settings.
  • Geolocation data.  Data about your device’s location, which is inferred from your IP address and your postal address.
  • Protected Health Information. In order to provide the Digital Platform and products to you, the Digital Platform may access and process Protected Health Information (“PHI”) as defined by the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”). Our use of PHI is governed by separate terms and conditions between Onco360 and our customers. PHI should only be submitted through the Digital Platform as permitted or required for use of the Digital Platform and is subject to our Notice of Privacy Practices.
  • Demographic data. Data about you such as your age, country, preferred language and other data reflecting your consumer preferences, characteristics, psychological trends, preferences, predispositions, behavior, attitudes, intelligence, abilities, and aptitudes.
Table: Information collected through use of the Digital Platform 
Categories of Information: Account Registration Information
Description: This is the Personal Information that is provided by you or collected by us to enable you to log in and access your account and the Digital Platform. This includes your name, email address, phone number, date of birth, account number, and zip code.  

Some of the Personal Information we will ask you to provide is required in order to create your account. You also have the option to provide us with some additional Personal Information in order to make your account more personalized.  

To the extent you use the Onco360 Mobile Text Program (as further described below), we may collect your telephone number, your carrier’s name, and details of the message (date, time, and content).

How We Use This Information
To communicate with you through the Digital Platform, including with respect to order information.
To respond to your questions and requests.
To create, maintain, and personalize your account with us.
To provide customer support.
To notify you about changes to the Digital Platform.
To allow you to participate in interactive features of the Digital Platform when you choose to do so.
To contact you with newsletters, marketing or promotional materials and other information that may be of interest to you.
To perform other duties as required by law.
Categories of Information: Payment Information
Description: We may provide a location to input your Personal Information if you make a payment through the Digital Platform. This Personal Information is not collected by Onco360 but is directly input into a third party interface. The exact Personal Information collected will vary depending on the payment method but will include information such as:
– Name;
– Credit or debit card type, expiration date, and certain digits of your card number;
– Billing and shipping addresses;
– Postal code; and
– Phone number.

How We Use This Information
– To process payments and provide you with the products purchased.
– To respond to your questions and requests.
– To provide customer support.
Categories of Information: Usage Information
Description: This can be Personal Information and non-Personal Information that is collected about you when you are using the Digital Platform, and this may include:
– Information about your interactions with the Digital Platform, which includes the data and time of any information you enter into the Digital Platform and your interactions with other users of the Digital Platform.
– User content you post to the Digital Platform including messages you send and/or receive and your interactions with our customer service team.
– Technical data which may include URL information, cookie data, the types of devices you are using to access or connect to the Digital Platform, unique device IDs, device attributes, network connection type (e.g., WiFi, 3G, LTE, Bluetooth) and provider, network and device performance, browser type, language, and operating system. Further details about the technical data that is processed by us can be found below.  

The Digital Platform uses cookies, unique identifiers and similar technologies to collect information over time when you use or access the Digital Platform. We or our third-party partners use common tracking tools to collect information about the pages you view, the Digital Platform functions that you access, the buttons and icons you click, and to remember your login information and settings to make it easier and more efficient for you to use the Digital Platform.

Cookies. Cookies are small data files that are downloaded onto your computer or mobile device when you use the Digital Platform, which are unique to your device or account. Cookies make it easier for you to use the Digital Platform by saving your preferences so that we can use these to improve your next and subsequent visits to the Digital Platform – for example, remembering your login information. Cookies help us learn which areas of the Digital Platform are useful and which areas need improvement.

Cookies may be either persistent or temporary (or session) cookies. A persistent cookie retains user preferences for a particular website, app, or service, allowing those preferences to be used in future use sessions and remains valid until its set expiry date (unless deleted by the user before the expiry date). A temporary cookie, on the other hand, will expire at the end of the user session, when the web browser or app is closed.

You can choose whether to accept cookies by changing the settings on your browser or device. For more information regarding your choices with respect to cookies and other tracking technologies, please see “Your Rights and Options Regarding Your Personal Information” below. However, if you choose to disable this function, your experience with the Digital Platform may be impaired and some features may not work as they were intended. When we use cookies or other similar technologies, we may set the cookies ourselves or ask third parties to do so to help us.

How We Use This Information
– To optimize the display of the Digital Platform on your device.
– To create, maintain and personalize your account with us.
– To provide, maintain, personalize and improve the Digital Platform.
– To provide customer support.
– To monitor the usage of the Digital Platform.
– To allow you to participate in interactive features of the Digital Platform when you choose to do so.
– To gather analysis and assess trends and interests.
– To detect, prevent, and address technical issues.
– To help maintain the safety, security and integrity of the Digital Platform.
Categories of Information: Anonymized Information
Description: We use anonymized and aggregated information that may be created or derived from your Personal Information or usage of the Digital Platform for purposes that include data analysis, improving the Digital Platform, and developing new features and functionality within the Digital Platform.

How We Use This Information 
– To provide, maintain, personalize, and improve the Digital Platform.
– To monitor the usage of the Digital Platform.
– To gather analysis and assess trends and interests.
– To detect, prevent, and address technical issues.
– To help maintain the safety, security and integrity of the Digital Platform.

4. Sharing Your Information.

We share non-Personal Information with third parties at our discretion.  We do not sell your Personal Information. In connection with the Digital Platform, we may share your Personal Information with certain third parties who we engage to help us run our business and perform the services, including under the following circumstances:

  • Software and service providers we use to manage and process your information, for example, providers of payment processing software.
  • Healthcare-related service providers, such as pharmacies, physicians, and other healthcare providers.
  • Product-related service providers, such as our vendors and manufacturers.
  • Business partners, including those who provide a product or service in partnership or collaboration with us.
  • Other third parties that you expressly request us to share your Personal Information with.

Additionally, we will share your Personal Information with third parties where required by law, where it is necessary in connection with the Digital Platform, or where we have another legitimate interest in doing so.

Most of the third parties with whom we share your Personal Information are located and store your information in the United States, although some may be located or store your information outside of the United States.

If we are subject to a merger or acquisition with/by another company, we may share information with them in connection with the transaction.

5. HIPAA Acknowledgement.

To the extent that you provide or transmit any information, including, but not limited to, any Personal Information, any information that identifies any other individual (including without limitation name, email address and/or telephone number) and/or PHI, to Onco360 or its third-party service or data providers, licensors, or distributors (“Representatives”) through the Digital Platform, you warrant that (a) you are providing or obtaining only your own information or the information of others which you are authorized to provide to third parties and/or obtain from third parties on their behalf; and (b) the use of such information by Onco360 and its Representatives will not infringe upon or misappropriate the intellectual property rights or otherwise violate the rights of any third parties.

6. How We Safeguard Your Personal Information.

We have put in place commercially reasonable security measures to reduce the risks of loss, misuse, unauthorized access, disclosure and alteration of your Personal Information. Third parties we engage who may have access to your Personal Information as provided for above will only process your Personal Information on our instructions, and they are required to only use your data as necessary to perform their contract with us.

While we are committed to protecting your Personal Information, please understand that information communicated over the Internet is never 100% safe and secure. While we strive to use commercially acceptable means to protect your Personal Information, we cannot guarantee its absolute security. Any transmission of Personal Information is at your own risk.

7. How Long We Store Your Personal Information.

We will retain your Personal Information only for as long as is necessary for the legitimate business purposes set out in this Privacy Policy. We will retain and use your Personal Information to the extent necessary to comply with our legal, accounting, or reporting obligations (for example, if we are required to retain your data to comply with applicable laws), resolve disputes and enforce our legal agreements and policies. Additionally, we may continue to store your Personal Information contained in our standard back-ups.

8. Your Rights and Options Regarding Your Personal Information.

Onco360 Mobile Text Program. By providing your telephone number to Onco360 or your physician and agreeing to participate in the Onco360 Mobile Text Program, you consent to receive text messages and/or push notifications from or on behalf of us and/or our partners and suppliers. You may opt-out at any time by texting STOP to 70144 or contacting us through one of the methods listed under “How to Contact Us ” above. For more information about the Onco360 Mobile Text Program, please click here.

Marketing Preferences. You can opt out from receiving future marketing communications from us at any time by using the unsubscribe function in the email you receive from us, or contacting us as set forth under “How to Contact Us ” above. Please allow sufficient time for your preferences to be processed. Even if you opt out of receiving marketing messages, we may still contact you for transactional purposes like confirming or following up on an order or service request, asking you to review a product or service you have ordered, or notifying you of product recalls. If you later opt back into getting marketing communications from us, we will remove your information from our opt-out databases.

Cookies. As noted above in “The Information We Collect” above, you can choose whether to accept cookies by changing the settings on your browser or device. However, if you choose to disable cookies, your experience with the Digital Platform may be impaired and some features may not work as they were intended.

Additionally, Do Not Track is a preference you can set in your web browser to inform websites that you do not want to be tracked. You can enable or disable Do Not Track by visiting the preferences or settings page of your web browser. However, these features are not yet uniform, so we do not currently respond to such features or signals. Therefore, if you select or turn on a “do not track” feature in your web browser, we and our third-party providers may continue collecting information about your online activities as described in this Privacy Policy.

9. State Specific Rights.

Depending on where you live, you may have certain rights with respect to Personal Information that we have collected and used under certain circumstances, which may include the following:*

  • The right to request the following information regarding our use of your Personal Information:
    • The categories of your Personal Information that we have collected
    • The purposes for which we have collected or used such Personal Information
    • The categories of sources for the Personal Information we have collected about you
    • The categories of third parties with whom we have disclosed your Personal Information
    • If we have disclosed your Personal Information for a business purpose, a list identifying the Personal Information categories that each category of recipient obtained
  • The right to receive a copy of your Personal Information.
  • The right to request us to erase your Personal Information when we no longer need such data in connection with the Digital Platform (subject to certain exceptions that may apply under applicable law).
  • The right to opt-out of sales of your Personal Information. However, as stated above, we do not sell your Personal Information. 

* If you are a resident of a jurisdiction where one or more of these rights are granted to you under applicable law, and you wish to exercise any such rights listed above, please contact us by either:

Only you, or someone legally authorized to act on your behalf, may make a verifiable consumer request related to your Personal Information. Please understand that we are required to verify your request and may require you to provide some information to enable us to carry out such verification. We cannot respond to your request or provide you with Personal Information if we cannot verify your identity or authority to make the request and confirm the Personal Information relates to you.

Making a verifiable consumer request does not require you to create an account with us. We will only use Personal Information provided in a verifiable consumer request to verify the requestor’s identity or authority to make the request.

10. Transfer of Data; Special Notice to Non-U.S. Users.

Your information, including Personal Information, may be transferred to – and maintained on – computers located outside of your state, province, country or other governmental jurisdiction where the data protection laws may differ from those of your jurisdiction. If you are located outside the United States and choose to provide information to us, please note that we transfer the data, including Personal Information, to the United States and process it there. Your consent to this Privacy Policy followed by your submission of such information represents your agreement to such transfer.

We will take all the steps reasonably necessary to ensure that your data is treated securely and in accordance with this Privacy Policy and that no transfer of your Personal Information will take place to an organization or a country unless there are adequate controls in place including the security of your data and other Personal Information.

If you are located in a country outside the U.S. and submit Personal Information to us, you consent to the general use and disclosure of such information as provided in this Privacy Policy and to the transfer and/or storage of that information to the U.S. and other countries outside your home country.

11. Sensitive Personal Information.

Subject to the following paragraph, we ask that you not send us, and you not disclose, any sensitive Personal Information as this term is defined under applicable data protection and privacy laws (for example, social security numbers, information related to racial or ethnic origin, political opinions, religion or other beliefs, health, biometrics or genetic characteristics, criminal background or trade union membership) on or through the Digital Platform or otherwise to us.

If you send or disclose any sensitive Personal Information to us, you consent to our processing and use of such sensitive personal data in accordance with this Privacy Policy. If you do not consent to our processing and use of such sensitive Personal Information, you must not submit such content to the Digital Platform.

12. Children’s Information.

The Digital Platform is not intended for use by children under the age of 13. By using the Digital Platform, you represent that you are at least 13. If you do not meet this age requirement, please do not access or use the Digital Platform.

If we learn that we have collected Personal Information from a child under the age of 13, we will take reasonable steps to delete it, unless we are legally obligated to retain such information. If you believe that we have collected information from a child under the age of 13, please contact us through one of the methods listed under “How to Contact Us” above.

13. Links to Other Websites.

The Digital Platform may contain links to third-party websites. We have no control over how these websites collect your information and are not responsible for the content, privacy policies, actions, or security of these websites. Please make sure to read the privacy statements of these other websites that collect your Personal Information.

14. Governing Law and Jurisdiction.

This Privacy Policy shall be construed and governed under the laws of the United States and State of Kentucky (without regard to rules governing conflicts of laws provisions). You agree that venue for all actions, arising out of or relating in any way to your use of the Digital Platform, shall be in federal or state court of competent jurisdiction located in Jefferson County, Kentucky, within one (1) year after the claim arises. Each party waives any objections based on forum non conveniens and waives any objection to venue of any action instituted hereunder to the extent that an action is brought in the courts identified above. Each party consents to personal jurisdiction in the courts identified above.