COLLEGIATE HEALTH SOLUTIONS WEBSITE PRIVACY POLICY
Last modified: February 13, 2023
Introduction
Collegiate Health Solutions, LLC (“We” or “CHS”) respect your privacy and are committed to protecting it through our compliance with this policy.
This policy describes the types of information we may collect from you or that you may provide when you visit our website found at www.collegiatehealthsolutions.com (our “Website“) and our practices for collecting, using, maintaining, protecting, and disclosing that information.
This policy applies to information we collect:
- On this Website.
- In email, text, and other electronic messages between you and this Website.
- When you interact with our advertising and applications on third-party websites and services, if those applications or advertising include links to this policy.
It does not apply to information collected by:
- Us offline or through any other means, including on any other website operated by us or any third party (including any of our affiliates and/or subsidiaries); or
- Any third party (including our affiliates and subsidiaries)], including through any application or content (including advertising) that may link to or be accessible from or through the Website.
Please read this policy carefully to understand our policies and practices regarding your information and how we will treat it. If you do not agree with our policies and practices, your choice is not to use our Website. By accessing or using this Website, you agree to this privacy policy. This policy may change from time to time (see Changes to Our Privacy Policy). Your continued use of this Website after we make changes is deemed to be acceptance of those changes, so please check the policy periodically for updates.
Children Under the Age of 13
Our Website is not intended for children under 13 years of age. No one under age 13 may provide any personal information to us on or through our Website. We do not knowingly collect personal information from children under 13. If you are under the age of 13, do not use our Website, contact us through our Website, or provide us with any information about yourself to us, including your name, address, telephone number, email address, or any screen name or user name you may use. If we learn we have collected or received personal information from a child under the age of 13 without verification of parental consent, we will delete that information. If you believe we might have any information from or about a child under the age of 13, please contact us at (800) 530-5006 or support@collegiatehealthsolutions.com.
Residents of California or other states or geographic areas under 16 years of age may have additional rights regarding the collection and sale of their personal information. Please see Your State Privacy Rights for more information.
Information We Collect About You and How We Collect It
We may collect several types of information from and about users of our Website, including information:
- By which you may be personally identified, such as name, postal address, email address, telephone number, any other identifier by which you may be contacted online or offline (“personal information“);
- That is about you but individually does not identify you, such as tracking information pertaining to your use of our site; and/or
- About your internet connection, the equipment you use to access our Website, and usage details.
We may collect this information:
- Directly from you when you provide it to us.
- Automatically as you navigate through the site. Information collected automatically may include usage details, IP addresses, and information collected through cookies, web beacons, and/or other tracking technologies.
- From third parties, for example, our business partners.
Information You Provide to Us
The information we collect on or through our Website may include:
- Information that you provide by filling in forms on our Website, such as a Contact form. This could include information that you provide to us in requesting that CHS contact you or provide you with information or services. We may also ask you for information if you report a problem with our Website.
- Records and copies of your correspondence (including email addresses), if you contact us.
- Your search queries on the Website.
Information We Collect Through Automatic Data Collection Technologies
As you navigate through and interact with our Website, we may use automatic data collection technologies to collect certain information about your equipment, browsing actions, and patterns, including:
- Details of your visits to our Website, including traffic data, location data, logs, and other communication data and the resources that you access and use on the Website.
- Information about your computer and internet connection, including your IP address, operating system, and browser type.
The information we collect automatically is only statistical data and does not include personal information, but we may maintain it or associate it with personal information we collect in other ways or receive from third parties. It helps us to improve our Website and to deliver a better and more personalized service, including by enabling us to:
- Estimate our audience size and usage patterns.
- Store information about your preferences, allowing us to customize our Website according to your individual interests.
- Speed up your searches.
- Recognize you when you return to our Website.
The technologies we use for this automatic data collection may include:
- Cookies (or browser cookies). A cookie is a small file placed on the hard drive of your computer. You may refuse to accept browser cookies by activating the appropriate setting on your browser. However, if you select this setting you may be unable to access certain parts of our Website. Unless you have adjusted your browser setting so that it will refuse cookies, our system will issue cookies when you direct your browser to our Website.
- Web Beacons. Pages of our Website and our emails may contain small electronic files known as web beacons (also referred to as clear gifs, pixel tags, and single-pixel gifs) that permit the Company, for example, to count users who have visited those pages or opened an email and for other related website statistics (for example, recording the popularity of certain website content and verifying system and server integrity).
- Flash Cookies. Certain features of our Website may use local stored objects (or Flash cookies) to collect and store information about your preferences and navigation to, from, and on our Website. Flash cookies are not managed by the same browser settings as are used for browser cookies. For information about managing your privacy and security settings for Flash cookies, see Choices About How We Use and Disclose Your Information.
We do not collect personal information automatically, but we may tie this information to personal information about you that we collect from other sources or you provide to us.
Third-Party Use of Cookies and Other Tracking Technologies
Some content or applications, including but not limited to advertisements, on the Website are served by third-parties, including advertisers, ad networks and servers, content providers, and application providers. These third parties may use cookies alone or in conjunction with web beacons or other tracking technologies to collect information about you when you use our website. The information they collect may be associated with your personal information or they may collect information, including personal information, about your online activities over time and across different websites and other online services. They may use this information to provide you with interest-based (behavioral) advertising or other targeted content.
We do not control third parties’ tracking technologies or how they may be used. If you have any questions about an advertisement or other targeted content, you should contact the responsible provider directly. For information about how you can opt out of receiving targeted advertising from many providers, see Choices About How We Use and Disclose Your Information.
How We Use Your Information
We may use information that we collect about you or that you provide to us, including any personal information:
- To present our Website and its contents to you.
- To provide you with information, products, or services that you request from us.
- To fulfill any other purpose for which you provide it.
- To carry out our obligations and enforce our rights arising from any contracts entered into between you and us, including for billing and collection.
- To notify you about changes to our Website or any products or services we offer or provide though it.
- In any other way we may describe when you provide the information.
- For any other purpose with your consent.
We may also use your information to contact you about our own and third-parties’ goods and services that may be of interest to you. If we do so and you do not want us to use your information in this way, please unsubscribe to any of our communications or notify us by contacting us via our Contact information provided in the policy.
We may use the information we have collected from you to enable us to display advertisements to our advertisers’ target audiences. Even though we do not disclose your personal information for these purposes without your consent, if you click on or otherwise interact with an advertisement, the advertiser may assume that you meet its target criteria.
Disclosure of Your Information
We may disclose aggregated information about our users, and information that does not identify any individual, without restriction.
We may disclose personal information that we collect or you provide as described in this Privacy Policy:
- To our subsidiaries and affiliates.
- To contractors, service providers, and other third parties we use to support our business and who are bound by contractual obligations to keep personal information confidential and use it only for the purposes for which we disclose it to them.
- To a buyer or other successor in the event of a merger, divestiture, restructuring, reorganization, dissolution, or other sale or transfer of some or all of CHS’s assets, whether as a going concern or as part of bankruptcy, liquidation, or similar proceeding, in which personal information held by CHS about our Website users is among the assets transferred.
- To third parties to market their products or services to you if you have consented to and/or not opted out of these disclosures. We contractually require these third parties to keep personal information confidential and use it only for the purposes for which we disclose it to them. For more information, see Choices About How We Use and Disclose Your Information.
- To fulfill the purpose for which you provide it.
- For any other purpose disclosed by us when you provide the information.
- With your consent.
We may also disclose your personal information:
- To comply with any court order, law, or legal process, including to respond to any government or regulatory request.
- To enforce or apply our Terms of Use and other agreements.
- If we believe disclosure is necessary or appropriate to protect the rights, property, or safety of CHS, our customers, or others. This may include exchanging information with other companies and organizations for the purposes of fraud protection and credit risk reduction.
Choices About How We Use and Disclose Your Information
We strive to provide you with choices regarding the personal information you provide to us. We have created mechanisms to provide you with the following control over your information:
- Tracking Technologies and Advertising. You can set your browser to refuse all or some browser cookies, or to alert you when cookies are being sent. To learn how you can manage your Flash cookie settings, visit the Flash player settings page on Adobe’s website. If you disable or refuse cookies, please note that some parts of this site may then be inaccessible or not function properly.
- Disclosure of Your Information for Third-Party Advertising. If you do not want us to share your personal information with unaffiliated or non-agent third parties for promotional purposes, you can opt-out by notifying us via our Contact information set forth in this Policy.
- Promotional Offers from the Company. If you do not wish to have your email address or other contact information used by the Company to promote our own or third parties’ products or services, you can opt-out by sending us an email stating your request to our Contact email set forth in this Policy. If we have sent you a promotional email, you may send us a return email or unsubscribe asking to be omitted from future email distributions.
- Targeted Advertising. We presently are not engaged in targeted advertising. But, if in the future, we do engage in targeted advertising and you do not want us to use information that we collect or that you provide to us to deliver advertisements according to our advertisers’ target-audience preferences, you can opt-out by emailing us at our Contact email set forth in this Policy.
We do not control third parties’ collection or use of your information to serve interest-based advertising. However these third parties may provide you with ways to choose not to have your information collected or used in this way. You can opt out of receiving targeted ads from members of the Network Advertising Initiative (“NAI“) on the NAI’s website.
Residents of certain states, such as California, Nevada, Colorado, Connecticut, Virginia, and Utah may have additional personal information rights and choices. Please see Your State Privacy Rights for more information.
Accessing and Correcting Your Information
We presently do not have any feature on our Website through which you create an account, and thus, we only collect contact information from Website users who contact us through the Website. If you wish to change or correct your contact information with us, you may also send us an email at our Contact email set forth in this Policy to request access to, correct or delete any personal information that you have provided to us. We may not accommodate a request to change information if we believe the change would violate any law or legal requirement or cause the information to be incorrect.
Residents of certain states, such as California, Nevada, Colorado, Virginia, and Utah may have additional personal information rights and choices. Please see Your State Privacy Rights for more information.
Your State Privacy Rights
State consumer privacy laws may provide their residents with additional rights regarding our use of their personal information. To learn more about California residents’ privacy rights, visit our COLLEGIATE HEALTH SOLUTIONS, LLC PRIVACY POLICY FOR CALIFORNIA RESIDENTS. California’s “Shine the Light” law (Civil Code Section § 1798.83) permits users of our Site that are California residents to request certain information regarding our disclosure of personal information to third parties for their direct marketing purposes. To make such a request, please us send an email or write us at our Contact information set forth in this Policy.
Colorado, Connecticut, Virginia, and Utah each provide their state residents with rights to:
- Confirm whether we process their personal information.
- Access and delete certain personal information.
- Data portability.
- Opt-out of personal data processing for targeted advertising and sales.
Colorado, Connecticut, and Virginia also provide their state residents with rights to:
- Correct inaccuracies in their personal information, taking into account the information’s nature processing purpose.
- Opt-out of profiling in furtherance of decisions that produce legal or similarly significant effects.
To exercise any of these rights please contact us at our Contact information set forth in this Policy.
Nevada provides its residents with a limited right to opt-out of certain personal information sales. Residents who wish to exercise this sale opt-out rights may submit a request to our designated address: support@collegiatehealthsolutions.com or (800) 530-5006. However, please know we do not currently sell data triggering that statute’s opt-out requirements.
Data Security
We have implemented measures designed to secure any personal information that is provided to us from accidental loss and from unauthorized access, use, alteration, and disclosure. Any information you provide to us is stored on our secure servers behind firewalls.
Unfortunately, the transmission of information via the internet is not completely secure. Although we do our best to protect your personal information, we cannot guarantee the security of your personal information transmitted to our Website. Any transmission of personal information is at your own risk. We are not responsible for circumvention of any privacy settings or security measures contained on the Website.
Changes to Our Privacy Policy
It is our policy to post any changes we make to our Privacy Policy on this page. If we make material changes to how we treat our users’ personal information, we will notify you through a notice on the Website home page. The date the Privacy Policy was last revised is identified at the top of the page. You are responsible for ensuring we have an up-to-date active and deliverable email address for you, and for periodically visiting our Website and this privacy policy to check for any changes.
Contact Information
To ask questions or comment about this privacy policy and our privacy practices, contact us at:
Collegiate Health Solutions, LLC
Attn: Website/Privacy Manager
600 Cleveland Street, Suite 260
Clearwater, FL 33755
support@collegiatehealthsolutions.com
To register a complaint or concern, please contact us via the Contact information set forth above and provide us with an explanation and summary of your complaint or concern.
COLLEGIATE HEALTH SOLUTIONS, LLC GDPR WEBSITE PRIVACY ADDENDUM
INTRODUCTION
This GDPR Website Privacy Addendum supplements the information in the Collegiate Health Solutions, LLC (“CHS”) Website Privacy Policy and applies to Personal Data about individuals located in the European Economic Area.
This GDPR Website Privacy Addendum (the “GDPR Website Privacy Addendum”) supplements the information contained in the CHS Website Privacy Notice and applies solely to all users of our Website who are located in the European Economic Area. We adopt this GDPR Website Privacy Addendum to comply with the General Data Protection Regulation (2016/679) and any implementing acts of the foregoing by any of the member states of the European Economic Area, the United Kingdom, or Switzerland (“GDPR”) and any terms defined in the GDPR or our Privacy Notice have the same meaning when used in this GDPR Website Privacy Addendum. This GDPR Website Privacy Addendum takes precedence over anything contradictory in our Privacy Notice.
DATA CONTROLLER, DATA PROTECTION OFFICER, AND REPRESENTATIVE
CHS is the data controller of the Personal Data you provide on the Website. CHS is not required to appoint a Data Protection Officer or a representative in the European Union, and has elected not to do so.
LAWFUL BASIS FOR PROCESSING YOUR PERSONAL DATA
We have a lawful basis for our processing of your Personal Data, including processing for our legitimate interests (when balanced against your rights and freedoms), to fulfill our obligations to you under a contract with you, and required by law, and with your consent.
If you are in the European Union, the processing of your Personal Data is lawful only if it is permitted under the applicable data protection laws. We have a lawful basis for each of our processing activities (except when an exception applies as described below):
By using our Site, you consent to our collection, use, and sharing of your Personal Data as described in this Privacy Notice. If you do not consent to this Privacy Notice, please do not use the Site.
Legitimate Interests. We will process your Personal Data as necessary for our legitimate interests. Our legitimate interests are balanced against your interests and rights and freedoms and we do not process your Personal Data if your interests or rights and freedoms outweigh our legitimate interests. Our legitimate interests are to: facilitate communication between CHS and you; detect and correct bugs and to improve our Site; safeguard our IT infrastructure and intellectual property; process your requests, purchases, transactions, and payments; detect and prevent fraud and other financial crime; and promote, support, and market our business.
To Fulfill Our Obligations to You under our Contract. We process your Personal Data in order to fulfill our obligations to you pursuant to our contract with you to deliver our goods and services to you.
As Required by Law. We may also process your Personal Data when we are required or permitted to by law; to comply with government inspections, audits, and other valid requests from government or other public authorities; to respond to legal process such as subpoenas; or as necessary for us to protect our interests or otherwise pursue our legal rights and remedies (for instance, when necessary to prevent or detect fraud, attacks against our network, or other criminal and tortious activities), defend litigation, and manage complaints or claims.
SPECIAL CATEGORIES OF INFORMATION
We may process some Personal Data considered sensitive when necessary to carry out our obligations under the law or to protect our legitimate interests.
Some Personal Data processed by CHS may be considered sensitive, including personal data that reveals your racial or ethnic origin or personal data concerning your health. CHS processes this information only to the extent necessary to carry out its obligations under the law or to the extent necessary to protect CHS’s legitimate interests.
AUTOMATED DECISION MAKING
We generally do not use your Personal Data with any automated decision making processes.
CHS does not use your Personal Data with any automated decision making process, including profiling, which may produce a legal effect concerning you or similarly significantly affect you.
YOUR RIGHTS REGARDING YOUR INFORMATION AND ACCESSING AND CORRECTING YOUR INFORMATION
You may have certain rights under applicable data protection laws, including the right to access and update your Personal Data, restrict how it is used, transfer certain Personal Data to another controller, withdraw your consent at any time, and the right to have us erase certain Personal Data about you. You also have the right to complain to a supervisory authority about our processing of your Personal Data.
Applicable data protection laws may provide you with certain rights with regards to our processing of your Personal Data.
Access and Update. You can review and change your Personal Data by contacting us through the Contact Information below or through our Site’s Contact Us form of any changes or errors in any Personal Data we have about you to ensure that it is complete, accurate, and as current as possible. We may also not be able to accommodate your request if we believe it would violate any law or legal requirement or cause the information to be incorrect.
Right to be Forgotten. You have the right to request that we delete all of your Personal Data. We will only delete your account when you request that we do so or after a final determination that your Personal Data was unlawfully processed. We may not accommodate a request to erase information if we believe the deletion would violate any law or legal requirement or cause the information to be incorrect. In all other cases, we will retain your Personal Data as set forth in this policy. In addition, we cannot completely delete your Personal Data as some data may rest in previous backups. These will be retained for the periods set forth in our disaster recovery policies.
You have the right to lodge a complaint with the applicable supervisory authority in the country you live in, the country you work in, or the country where you believe your rights under applicable data protection laws have been violated. However, before doing so, we request that you contact us directly in order to give us an opportunity to work directly with you to resolve any concerns about your privacy.
How You May Exercise Your Rights. You may exercise any of the above rights by contacting us through any of the methods listed under Contact Information below and through Contact Us form on our Site. If you contact us to exercise any of the foregoing rights, we may ask you for additional information to verify your identity. We reserve the right to limit or deny your request if you have failed to provide sufficient information to verify your identity or to satisfy our legal and business requirements. Please note that if you make unfounded, repetitive, or excessive requests (as determined in our reasonable discretion) to access your Personal Data, you may be charged a fee subject to a maximum set by applicable law.
CONSENT TO PROCESSING OF PERSONAL DATA IN THE UNITED STATES / IN OTHER COUNTRIES OUTSIDE THE EUROPEAN ECONOMIC AREA
We may process your Personal Data outside of your home country, including to the United States. We only do this when we are legally permitted to do so and when we have appropriate safeguards in place to protect your Personal Data.
If you are a resident of the European Economic Area (“EEA”), in order to provide our Site, products, and services to you, we may send and store your Personal Data outside of the EEA, including to the United States. Accordingly, your Personal Data may be transferred outside the country where you reside or are located, including to countries that may not or do not provide an equivalent level of protection for your Personal Data. Your information may be processed and stored in the United States and United States federal, state, and local governments, courts, or law enforcement or regulatory agencies may be able to obtain disclosure of your information through the laws of the United States. By using our Site, you represent that you have read and understood the above and hereby consent to the storage and processing of Personal Data outside the country where you reside or are located, including in the United States.
Your Personal Data is transferred by CHS to another country only if it is required or permitted under applicable data protection law and provided that there are appropriate safeguards in place to protect your Personal Data. To ensure your Personal Data is treated in accordance with this Privacy Notice when we transfer it to a third party, CHS uses Data Protection Agreements between CHSand all other recipients of your data that include, where applicable, the Standard Contractual Clauses adopted by the European Commission (the “Standard Contractual Clauses”). The European Commission has determined that the transfer of Personal Data pursuant to the Standard Contractual Clauses provides for an adequate level of protection of your Personal Data, but may need to be supplemented with additional measures on a case-by-case basis after an analysis that such supplemental measures can provide you with an essentially equivalent level of protection as afforded in the EU. When, as a result of this analysis, we believe this to be appropriate and necessary, these Standard Contractual Clauses have been supplemented in this way. Under these Standard Contractual Clauses, you have the same rights as if your data was not transferred to such third country. You may request a copy of the Data Protection Agreement by contacting us through the Contact Information below.
DATA RETENTION PERIODS
We retain your Personal Data for as long as you keep your account open. In some instances, we may keep it after you close your account, for example we may keep it:
- on our backup and disaster recovery systems;
- for as long as necessary to protect our legal interests; and
- and to comply with other legal requirements.
CHS will retain your Personal Data for the entire time that you keep your account open. After you close your account, we retain your Personal Data until you request that we remove it. However, Personal Health Information is retained for 7 years, or until you request that we remove it, whichever is longer.
CHANGES TO THIS GDPR WEBSITE PRIVACY ADDENDUM
CHS reserves the right to amend this GDPR Website Privacy Addendum at our discretion and at any time and at any time and as described in our Website Privacy Notice. When we make changes to this GDPR Website Privacy Addendum, we will post the updated notice on the Site and update the notice’s effective date. Your continued use of our Site following the posting of changes constitutes your acceptance of such changes.
CONTACT INFORMATION
You may contact us through the contact information below. If you wish to contact us, you may contact us through the contact information below or through the Contact Us form on our Site.
If you have any questions, concerns, complaints or suggestions regarding our Privacy Notice, have any requests related to your Personal Data pursuant to applicable laws, or otherwise need to contact us, you may contact us at the contact information below or through the Contact Us form on our Site.
Contact Us:
Collegiate Health Solutions, LLC
Attn: Website/Privacy Manager
600 Cleveland Street, Suite 260
Clearwater, FL 33755
COLLEGIATE HEALTH SOLUTIONS, LLC PRIVACY POLICY FOR CALIFORNIA RESIDENTS
Effective Date: February 13, 2023
Last Updated/Reviewed on: February 13, 2023
This Privacy Policy for California Residents supplements the information contained in the general Privacy Policy of Collegiate Health Solutions, LLC (“CHS”) and applies solely to all visitors, users, and others who reside in the State of California (“consumers” or “you”). We adopt this notice to comply with the California Consumer Privacy Act of 2018 (CCPA) and any terms defined in the CCPA have the same meaning when used in this Policy.
This Policy does not apply to workforce-related personal information collected from California-based employees, job applicants, contractors, or similar individuals.
Where noted in this Policy, the CCPA temporarily exempts personal information reflecting a written or verbal business-to-business communication (“B2B personal information“) from some of its requirements.
Information We Collect
Our Website may collect information that identifies, relates to, describes, references, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer, household, or device (“personal information“). Personal information does not include:
- Publicly available information from government records.
- Deidentified or aggregated consumer information.
- Information excluded from the CCPA’s scope, like:
- health or medical information covered by the Health Insurance Portability and Accountability Act of 1996 (HIPAA) and the California Confidentiality of Medical Information Act (CMIA), clinical trial data, or other qualifying research data;
- personal information covered by certain sector-specific privacy laws, including the Fair Credit Reporting Act (FCRA), the Gramm-Leach-Bliley Act (GLBA) or California Financial Information Privacy Act (FIPA), and the Driver’s Privacy Protection Act of 1994.
In particular, our Website has collected the following categories of personal information from consumers within the last twelve (12) months:
Category |
Examples |
Collected |
A. Identifiers. |
A real name, alias, postal address, unique personal identifier, online identifier, Internet Protocol address, email address, account name, Social Security number, driver’s license number, passport number, or other similar identifiers. |
Yes. Only names (real or alias) and email address |
B. Personal information categories listed in the California Customer Records statute (Cal. Civ. Code § 1798.80(e)). |
A name, signature, Social Security number, physical characteristics or description, address, telephone number, passport number, driver’s license or state identification card number, insurance policy number, education, employment, employment history, bank account number, credit card number, debit card number, or any other financial information, medical information, or health insurance information. Some personal information included in this category may overlap with other categories. |
NO |
C. Protected classification characteristics under California or federal law. |
Age (40 years or older), race, color, ancestry, national origin, citizenship, religion or creed, marital status, medical condition, physical or mental disability, sex (including gender, gender identity, gender expression, pregnancy or childbirth and related medical conditions), sexual orientation, veteran or military status, genetic information (including familial genetic information). |
NO |
D. Commercial information. |
Records of personal property, products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies. |
NO |
E. Biometric information. |
Genetic, physiological, behavioral, and biological characteristics, or activity patterns used to extract a template or other identifier or identifying information, such as, fingerprints, faceprints, and voiceprints, iris or retina scans, keystroke, gait, or other physical patterns, and sleep, health, or exercise data. |
NO |
F. Internet or other similar network activity. |
Browsing history, search history, information on a consumer’s interaction with a website, application, or advertisement. |
NO |
G. Geolocation data. |
Physical location or movements. |
NO |
H. Sensory data. |
Audio, electronic, visual, thermal, olfactory, or similar information. |
NO |
I. Professional or employment-related information. |
Current or past job history or performance evaluations. |
NO |
J. Non-public education information (per the Family Educational Rights and Privacy Act (20 U.S.C. Section 1232g, 34 C.F.R. Part 99)). |
Education records directly related to a student maintained by an educational institution or party acting on its behalf, such as grades, transcripts, class lists, student schedules, student identification codes, student financial information, or student disciplinary records. |
NO |
K. Inferences drawn from other personal information. |
Profile reflecting a person’s preferences, characteristics, psychological trends, predispositions, behavior, attitudes, intelligence, abilities, and aptitudes. |
NO |
Our Website obtains the categories of personal information listed above from the following categories of sources:
- Directly from you. For example, from forms you complete or products and services you purchase.
- Indirectly from you. For example, from observing your actions on our Website.
Use of Personal Information
We may use or disclose the personal information we collect for one or more of the following purposes:
- To fulfill or meet the reason you provided the information. For example, if you share your name and contact information to request a price quote or ask a question about our products or services, we may use that personal information to respond to your inquiry. If you provide your personal information to purchase a product or service, we may use that information to process your payment and facilitate delivery. We may also save your information to facilitate new product orders or process returns.
- To provide, support, personalize, and develop our Website, products, and services.
- To create, maintain, customize, and secure your account with us, if one has been created.
- To process your requests, purchases, transactions, and payments and prevent transactional fraud.
- To provide you with support and to respond to your inquiries, including to investigate and address your concerns and monitor and improve our responses.
- To personalize your Website experience and to deliver content and product and service offerings relevant to your interests, including targeted offers and ads through our Website, third-party sites, and via email or text message (with your consent, where required by law).
- To help maintain the safety, security, and integrity of our Website, products and services, databases and other technology assets, and business.
- For testing, research, analysis, and product development, including to develop and improve our Website, products, and services.
- To respond to law enforcement requests and as required by applicable law, court order, or governmental regulations.
- As described to you when collecting your personal information or as otherwise set forth in the CCPA.
- To evaluate or conduct a merger, divestiture, restructuring, reorganization, dissolution, or other sale or transfer of some or all of our assets, whether as a going concern or as part of bankruptcy, liquidation, or similar proceeding, in which personal information held by us about our Website users is among the assets transferred.
We will not collect additional categories of personal information or use the personal information we collected for materially different, unrelated, or incompatible purposes without providing you notice.
Sharing Personal Information
We may share your personal information by disclosing it to a third party for a business purpose. We only make these business purpose disclosures under written contracts that describe the purposes, require the recipient to keep the personal information confidential, and prohibit using the disclosed information for any purpose except performing the contract. In the preceding twelve (12) months, Company has not disclosed personal information for a business purpose.
We do not sell personal information. In the preceding twelve (12) months, Company has not sold personal information to the categories of third parties indicated in the chart below. For more on your personal information sale rights, see Personal Information Sales Opt-Out and Opt-In Rights.
Personal Information Category |
Category of Third-Party Recipients |
|
Business Purpose Disclosures |
Sales |
|
A: Identifiers. |
None |
None |
B: California Customer Records personal information categories. |
None |
None |
C: Protected classification characteristics under California or federal law. |
None |
None |
D: Commercial information. |
None |
None |
E: Biometric information. |
None |
None |
F: Internet or other similar network activity. |
None |
None |
G: Geolocation data. |
None |
None |
H: Sensory data. |
None |
None |
I: Professional or employment-related information. |
None |
None |
J: Non-public education information. |
None |
None |
K: Inferences drawn from other personal information. |
None |
None |
Your Rights and Choices
The CCPA provides consumers (California residents) with specific rights regarding their personal information. This section describes your CCPA rights and explains how to exercise those rights.
Right to Know and Data Portability
You have the right to request that we disclose certain information to you about our collection and use of your personal information over the past 12 months (the “right to know”). Once we receive your request and confirm your identity (see Exercising Your Rights to Know or Delete), we will disclose to you:
- The categories of personal information we collected about you.
- The categories of sources for the personal information we collected about you.
- Our business or commercial purpose for collecting or selling that personal information.
- The categories of third parties with whom we share that personal information.
- If we sold or disclosed your personal information for a business purpose, two separate lists disclosing:
- sales, identifying the personal information categories that each category of recipient purchased; and
- disclosures for a business purpose, identifying the personal information categories that each category of recipient obtained.
- The specific pieces of personal information we collected about you (also called a data portability request).
We do not provide a right to know or data portability disclosure for B2B personal information.
Right to Delete
You have the right to request that we delete any of your personal information that we collected from you and retained, subject to certain exceptions (the “right to delete”). Once we receive your request and confirm your identity (see Exercising Your Rights to Know or Delete), we will review your request to see if an exception allowing us to retain the information applies. We may deny your deletion request if retaining the information is necessary for us or our service provider(s) to:
- Complete the transaction for which we collected the personal information, provide a good or service that you requested, take actions reasonably anticipated within the context of our ongoing business relationship with you, fulfill the terms of a written warranty or product recall conducted in accordance with federal law, or otherwise perform our contract with you.
- Detect security incidents, protect against malicious, deceptive, fraudulent, or illegal activity, or prosecute those responsible for such activities.
- Debug products to identify and repair errors that impair existing intended functionality.
- Exercise free speech, ensure the right of another consumer to exercise their free speech rights, or exercise another right provided for by law.
- Comply with the California Electronic Communications Privacy Act (Cal. Penal Code § 1546 et. seq.).
- Engage in public or peer-reviewed scientific, historical, or statistical research in the public interest that adheres to all other applicable ethics and privacy laws, when the information’s deletion may likely render impossible or seriously impair the research’s achievement, if you previously provided informed consent.
- Enable solely internal uses that are reasonably aligned with consumer expectations based on your relationship with us.
- Comply with a legal obligation.
- Make other internal and lawful uses of that information that are compatible with the context in which you provided it.
We will delete or deidentify personal information not subject to one of these exceptions from our records and will direct our service providers to take similar action.
We do not provide these deletion rights for B2B personal information.
Exercising Your Rights to Know or Delete
To exercise your rights to know or delete described above, please submit a request by either:
- Calling us at 800-530-5006.
- Emailing us at support@collegiatehealthsolutions.com.
- Sending your request to us via mail at the address set forth in this Policy.
Only you, or someone legally authorized to act on your behalf, may make a request to know or delete related to your personal information. To designate an authorized agent, you may send us notice of your designated authorized agent in writing.
You may also make a request to know or delete on behalf of your child by sending us notice of your request in writing.
You may only submit a request to know twice within a 12-month period. Your request to know or delete must:
- Provide sufficient information that allows us to reasonably verify you are the person about whom we collected personal information or an authorized representative, which may include:
- Your full legal name, mailing address, email address, and other contact information, and at least one document verifying your identity.
- In the case of a parent or guardian of a minor child, you provide your and your child’s full legal names, mailing address, email address, and other contact information, and at least one document verifying your identity and evidencing that you are the parent or guardian of the minor child about whom you are contacting us.
- Describe your request with sufficient detail that allows us to properly understand, evaluate, and respond to it.
We cannot respond to your request or provide you with personal information if we cannot verify your identity or authority to make the request and confirm the personal information relates to you.
We will only use personal information provided in the request to verify the requestor’s identity or authority to make it.
For instructions on exercising your sale opt-out or opt-in rights, see Personal Information Sales Opt-Out and Opt-In Rights.
Response Timing and Format
We will confirm receipt of your request within ten (10) business days. If you do not receive confirmation within the 10-day timeframe, please contact us via email or phone (see our Contact information set forth in this Policy).
We endeavor to substantively respond to a verifiable consumer request within forty-five (45) days of its receipt. If we require more time (up to another 45 days), we will inform you of the reason and extension period in writing.
If you have an account with us, we will deliver our written response to that account. If you do not have an account with us, we will deliver our written response by mail or electronically, at your option.
Any disclosures we provide will only cover the 12-month period preceding our receipt of your request. The response we provide will also explain the reasons we cannot comply with a request, if applicable. For data portability requests, we will select a format to provide your personal information that is readily useable and should allow you to transmit the information from one entity to another entity without hindrance.
We do not charge a fee to process or respond to your verifiable consumer request unless it is excessive, repetitive, or manifestly unfounded. If we determine that the request warrants a fee, we will tell you why we made that decision and provide you with a cost estimate before completing your request.
Personal Information Sales Opt-Out and Opt-In Rights
If you are age 16 or older, you have the right to direct us to not sell your personal information at any time (the “right to opt-out”). We presently do not sell the personal information of consumers regardless of age.
Non-Discrimination
We will not discriminate against you for exercising any of your CCPA rights. Unless permitted by the CCPA, we will not:
- Deny you goods or services.
- Charge you different prices or rates for goods or services, including through granting discounts or other benefits, or imposing penalties.
- Provide you a different level or quality of goods or services.
- Suggest that you may receive a different price or rate for goods or services or a different level or quality of goods or services.
However, we may offer you certain financial incentives permitted by the CCPA that can result in different prices, rates, or quality levels. Any CCPA-permitted financial incentive we offer will reasonably relate to your personal information’s value and contain written terms that describe the program’s material aspects. Participation in a financial incentive program requires your prior opt-in consent, which you may revoke at any time.
CCPA Rights Request Metrics
Metrics regarding the consumer rights requests we received from California residents from January 1, 2023 to December 31, 2023 appear in the following chart:
Request Type |
Received |
Granted (in whole or in part) |
Denied |
[Median/Mean] Days to Respond |
Requests to Know |
0 |
0 |
N/A |
N/A |
Requests to Delete |
0 |
0 |
N/A |
N/A |
Requests to Opt-Out of Personal Information Sales |
0 |
0 |
N/A |
N/A |
[Other California Privacy Rights]
California’s “Shine the Light” law (Civil Code Section § 1798.83) permits users of our Website that are California residents to request certain information regarding our disclosure of personal information to third parties for their direct marketing purposes. To make such a request, please send an email to support@collegiatehealthsolutions.com.
Changes to Our Privacy Policy
We reserve the right to amend this privacy policy at our discretion and at any time. When we make changes to this privacy policy, we will post the updated notice on the Website and update the notice’s effective date. Your continued use of our Website following the posting of changes constitutes your acceptance of such changes.
Contact Information
If you have any questions or comments about this notice, the ways in which CHS collects and uses your information described here and in the Privacy Policy, your choices and rights regarding such use, or wish to exercise your rights under California law, please do not hesitate to contact us at:
Phone: (800) 530-5006
Email: support@collegiatehealthsolutions.com
Postal Address:
Collegiate Health Solutions, LLC
Attn: Website/Privacy Manager
600 Cleveland Street, Suite 260
Clearwater, FL 33755
If you need to access this Policy in an alternative format due to having a disability, please contact Collegiate Health Solutions, LLC at support@collegiatehealthsolutions.com and/or call us at (800) 530-5006.