Effective Date: June 1, 2021
The Information We Collect
When you visit our Online Services, we will automatically capture your domain name, the IP address of the web page from which you access our Online Service, your browser type, the pages you visit, the amount of time you spend here and other relevant information about your visit. Although we do not collect any information that is intended to reveal your personal identity, we may retain such information if you voluntarily provide it when you register to use interactive features of the Service (e.g., the appointment request or scheduling form), or you request to receive information from us via our email newsletter. The information we collect is not intended to become part of any “designated record set” (i.e., health and health-related information defined under HIPAA).
If you use the features on this website, CSI landing pages or on the websites of our business partners, you are agreeing to our collection of information as described above. If you do not wish us to receive information that reveals your personal identity, please do not use the interactive features, such as the appointment request, appointment scheduling, newsletter sign up form or any other similar intake form on our website.
Use of the Information this Service Gathers/Tracks
If you share any personally identifiable information with us, it will be used only as permitted by law, including to provide the service/treatment or information you have requested, such as a call back from our front desk staff to schedule or remind you about your appointment and/or send you more information about your request, or to send an email newsletter for which you registered. CSI will never sell, rent, or license your personally identifiable information, including your e-mail address, to the third parties. CSI may share your personally identifiable information with CSI business partners/vendors as appropriate as part of necessary business operations (appointment reminders and scheduling).
The non-personally identifiable information we gather in aggregate form may be used to improve our Service, and we may share that information with business partners and third-party vendors working on our behalf.
Information that you voluntarily provide will be maintained as long as CSI deems appropriate to fulfill the purpose for which you provided the information, either until you request us to remove it, or for as long as permitted under applicable law.
We may hold events, sweepstakes, contests, and other promotions (any, a “Promotion”) through our Online Services that may require registration. By participating in a Promotion, you are agreeing to the official rules governing that Promotion, which may contain specific requirements that you must follow, including allowing the sponsor of the Promotion to use your name, voice and/or likeness in advertising or marketing associated with the Promotion. If you choose to enter a Promotion, personal information may be disclosed to third parties or the public in connection with the administration of such Promotion, including, in connection with winner selection, prize fulfillment, and as required by law or permitted by the Promotion’s official rules, such as on a winners list.
To the fullest extent permitted by applicable law, we may also disclose your information if we believe in good faith that doing so is necessary or appropriate to: (i) protect the rights, safety, or property of CSI or third parties; or (ii) comply with legal and regulatory obligations (e.g., pursuant to law enforcement inquiries, subpoenas, or court orders). To the fullest extent permitted by applicable law, we have complete discretion in electing to make or not make such disclosures, and to contest or not contest requests for such disclosures, all without notice to you.
Third party analytics providers and ad servers
We may use third-party vendors to perform certain services on behalf of us or our Online Services, such as hosting the Online Services, designing and/or operating the Online Services’ features, tracking the Online Services’ activities, utilization of sharing technology that allows users to share content on this Site through social media, and analytics. We may provide these vendors with access to user information, or they may directly collect your information to carry out the services they are performing for you or for us. Third-party analytics and other service providers may set and access their own tracking technologies on your device, and they may otherwise collect or have access to information about you, potentially including personal information, about you. We are not responsible for those third-party technologies or activities that result from them.
We may also engage with certain third parties to provide us with information regarding traffic on our Online Services to serve advertisements elsewhere online, and to provide us with information regarding the use of our website or services and the effectiveness of our advertisements. These third parties may automatically collect information about you using their own cookies or other technologies or may otherwise collect or have access to information about your visits to this and other websites, your IP address, your ISP, the browser you use to visit our website and other usage information. Information collected may be used, among other things, to deliver advertising targeted to your interests and to better understand the usage and visitation of our website and the other sites tracked by these third parties.
If you would like more information about this practice and to know your choices about not having this information used by these companies, you may visit: http://www.aboutads.info/choices (for website users), http://www.networkadvertising.org/managing/opt_out.asp (for website users), or http://youradchoices.com/appchoices (for mobile app users).
Cookies Policy and Statement
When you visit our Online Services, we may place a temporary “session” or a permanent cookie on your device (desktop computer or mobile phone) that will enable us to personalize your experience at the Online Services, make improvements to our Online Services, or to report activity on our Online Services. Our session cookies are not permanently stored on your computer and expire when you leave. Permanent cookies are issued to visitors who link to the Online Services from a search engine and are used only to permit CSI to attract qualified users to our Online Services. Our cookies are not used to send spam. We store cookie information in aggregate form and use the aggregate information to make improvements to the Service or in internal reports on Service activity. You may opt out of allowing cookies to be placed on your computer. Refusing cookies disables our ability to include information about your visit in our regular monitoring of traffic to our Online Services and may render some of the functions of our Online Services unavailable to you, as disclosed below.
Cookies and Similar Technology Policy
What are cookies?
Cookies are text files with small pieces of data sent from a web server to your browser and stored on your computer or mobile device’s hard drive while you are viewing the website. We may use both session cookies (which expire once you close your web browser) and persistent cookies (which stay on your computer until you delete them) to provide you with a more personal and interactive experience on our website. This type of information may be collected to make the Service more useful to you and to tailor your experience with us to meet your special interests and needs. We use and store this information to provide you with more personalized and customized online services and to make our site more convenient, useful, valuable, and appealing to you.
We use two main categories of cookies: (1) first party cookies, served directly by us to your computer or mobile device, which we use to identify your computer or mobile device when it revisits our website; and (2) third party cookies, which are served by service providers on our website, and can be used by such service providers to recognize your computer or mobile device when it visits other websites.
Should you decide at any time that you no longer wish to accept cookies from our services for any of the purposes described above, then you can typically instruct your browser, by changing its settings, to remove or stop accepting cookies or to prompt you before accepting a cookie from the websites you visit. In order to do this, consult your browser’s technical information (instructions are usually located within the “settings,” “help” “tools” or “edit” facility). Many browsers are set to accept cookies by default until you change your settings.
For more information about cookies, including how to see what cookies have been set on your computer or mobile device and how to manage and delete them, visit www.allaboutcookies.org.
If you do not accept our cookies, you may experience some inconvenience or not be able to use all of the services or all functionality of the services.
In addition, we may use pixel tags (also referred to as container tags, signal tags or clear GIFs) on the Service to track the actions of users on website. Pixel tags are tiny graphic images with a unique identifier, similar in function to cookies, which are used to track web users online. In contrast to cookies, which are stored on a user’s computer hard drive, pixel tags are embedded invisibly in web pages. Pixel tags also allow us to send email messages in a format users can read, and they tell us whether emails have been opened, for example, to ensure that we are sending messages that are of interest to our users. We may use this information to reduce or eliminate messages sent to a user.
Do not track signals
Some internet browsers may be configured to send “Do Not Track” signals to the online services that you visit. We currently do not respond to do not track signals. To find out more about “Do Not Track,” please visit http://www.allaboutdnt.com.
Sites We Link To
If you choose to use any of the links we provide to any other third-party resources, you will be leaving our Online Services and going to a new web site. Protection of your privacy at those other sites will be governed by the privacy policies in effect at each of those respective sites. We’ve taken special care selecting the companies that are accessible through californiaskininstitute.com to try to ensure that they respect your privacy as we do, but please take the time to read the privacy policies at their sites.
What Should Parents Know About Children?
We understand the importance of protecting children’s privacy in the interactive world. We do not knowingly use our Online Services to collect personal information from children under the age of thirteen (13) without parental consent. If you are a child under 13 years of age, you are not permitted to use any interactive functions of our Online Service and should not send any information about yourself to us through the Service.
In the event that we become aware that we have collected personal information from any child, we will dispose of that information in accordance with the Children’s Online Privacy Protection Act and other applicable laws and regulations. If you are a parent or guardian and you believe that your child under the age of 13 has provided us with information without your consent, please contact us at firstname.lastname@example.org, and we will take reasonable steps to ensure that such information is removed from our files.
For California Residents
The CCPA provides consumers (California residents) with specific rights regarding their personal information. This section describes your CCPA rights and explains how to exercise those rights.
- Access to Specific Information and Data Portability Rights – You have the right to request that we disclose certain information to you about our collection and use of your personal information over the past 12 months. Once we receive and confirm your verifiable consumer request (see Exercising Access, Data Portability, and Deletion Rights), we will disclose to you:
- The categories of personal information we collected about you.
- The categories of sources for the personal information we collected about you.
- Our business purpose for collecting that personal information.
- The categories of third parties with whom we share that personal information.
- The specific pieces of personal information we collected about you (also called a data portability request).
- Deletion Request Rights – You have the right to request that we delete any of your Personal Information that we collected from you and retained, subject to certain exceptions. Once we receive and confirm your verifiable consumer request, we will delete (and direct our service providers to delete) your Personal Information from our records, unless an exception applies.
We may deny your deletion request if retaining the information is necessary for us or our service providers to:
- Complete the transaction for which we collected the Personal Information, provide a good or service that you requested, take actions reasonably anticipated within the context of our ongoing business relationship with you, or otherwise perform our contract with you.
- Detect security incidents, protect against malicious, deceptive, fraudulent, or illegal activity, or prosecute those responsible for such activities.
- Debug products to identify and repair errors that impair existing intended functionality.
- Exercise free speech, ensure the right of another consumer to exercise their free speech rights, or exercise another right provided for by law.
- Comply with the California Electronic Communications Privacy Act (Cal. Penal Code § 1546 seq.).
- Engage in public or peer-reviewed scientific, historical, or statistical research in the public interest that adheres to all other applicable ethics and privacy laws, when the information’s deletion may likely render impossible or seriously impair the research’s achievement, if you previously provided informed consent.
- Enable solely internal uses that are reasonably aligned with consumer expectations based on your relationship with us.
- Comply with a legal obligation.
- Make other internal and lawful uses of that information that are compatible with the context in which you provided it.
- Exercising Access, Data Portability, and Deletion Rights – If you are a resident of CA, only you or a person registered with the California Secretary of State that you authorize to act on your behalf, may make a verifiable consumer request related to your Personal Information. You may also make a verifiable consumer request on behalf of your minor child.
To exercise the access, data portability, and deletion rights described above, please submit a verifiable consumer request to us by either:
- Mailing Address: Attention: CSI Compliance Officer, California Skin Institute, 6399 San Ignacio Ave #120 San Jose, CA 95119
- Email us at: Team_Privacy@caskin.com
You may only make a verifiable consumer request for access or data portability twice within a 12-month period. The verifiable consumer request must:
- Provide sufficient information that allows us to reasonably verify you are the person about whom we collected Personal Information or an authorized representative.
- Describe your request with sufficient detail that allows us to properly understand, evaluate, and respond to it.
We cannot respond to your request or provide you with Personal Information if we cannot verify your identity or authority to make the request and confirm the Personal Information relates to you. Making a verifiable consumer request does not require you to create an account with us. We will only use Personal Information provided in a verifiable consumer request to verify the requestor’s identity or authority to make the request.
- Response Timing and Format – We endeavor to respond to a verifiable consumer request within 45 days of its receipt. If we require more time (up to 90 days), we will inform you of the reason and extension period in writing. If you have an account with us, we will deliver our written response to that account. If you do not have an account with us, we will deliver our written response by mail or electronically, at your option. Any disclosures we provide will only cover the 12-month period preceding the verifiable consumer request’s receipt. The response we provide will also explain the reasons we cannot comply with a request, if applicable. For data portability requests, we will select a format to provide your Personal Information that is readily useable and should allow you to transmit the information from one entity to another entity without hindrance.
We do not charge a fee to process or respond to your verifiable consumer request unless it is excessive, repetitive, or manifestly unfounded. If we determine that the request warrants a fee, we will tell you why we made that decision and provide you with a cost estimate before completing your request.
Where you have given us consent to use your information for a limited purpose, you can contact us to withdraw that consent, but this will not affect any processing that has already taken place at the time. You can also opt-out of our use of your information for marketing purposes by contacting us, as provided herein. When you make such requests, we may need time to investigate and facilitate your request. If there is delay or dispute as to whether we have the right to continue using your information, we will restrict any further use of your information until the request is honored or the dispute is resolved, provided your administrator does not object (where applicable).
Changes to this Policy