Consumer Health Data Privacy Policy

MPRBRANDS CONSUMER HEALTH DATA PRIVACY POLICY

Effective Date: August 1, 2024

MPRBrands, LLC and its affiliates, brands, franchisees, and locations (collectively “Company,” “We,” “Us,” or “Our”) is committed to respecting your privacy. This Consumer Health Data Privacy Policy (the “Policy”) supplements our Privacy Policy and applies only to “consumer health data” and “consumer” as the terms are defined under applicable laws, including the Washington My Health My Data Act, Nevada’s Consumer Health Data Privacy Law, Connecticut’s Data Privacy Act, or Illinois Biometric Information Privacy Act or New Jersey Privacy Act or New York’s Stop Hacks and Improve Electronic Data Security Act or Vermont Data Privacy Act or Texas’ Data Privacy and Security Act or Oregon’s Consumer Privacy Act and other U.S. health privacy laws, as each are amended and as and when they become effective including any regulations thereunder (“U.S. Health Privacy Laws”). If you are not a “consumer” of these States, this Policy does not apply to you. 

What Consumer Health Data We Collect

We may collect the following categories of consumer health data if you choose to provide such information to us:

  • Individual health conditions, history, treatment, diseases, or diagnosis;
  • Social, psychological, behavioral, and medical interventions;
  • Health-related surgeries or procedures;
  • Use or purchase of prescribed medication;
  • Bodily functions, vital signs, symptoms, or measurements of the health information;
  • Diagnoses or diagnostic testing, treatment, or medication;
  • Biometric data;
  • Genetic data;
  • Data that identifies a consumer seeking health care services;
  • Any inference of the categories of health data listed above derived or extrapolated from non-health information.

How We Collect Your Consumer Health Data

We may collect consumer health data from different sources, including:

  • Directly from you, such as when you use our Online Services or complete a form online or in our physical locations;
  • Our affiliates and brands;
  • From other third parties, such as vendors or service providers, marketing, or digital advertising vendors.

Purposes for Collecting and Using Consumer Health Data

We may collect and use your consumer health data for the following purposes:

  • Products/Services, including performing services for you and sending you certain products or samples you have requested.
  • Consumer Management, such as:
    • Identifying and authenticating you to our different marketing programs, websites, and mobile apps.
    • Administering and maintaining accounts and preferences.
  • Consumer Service/Communications, such as:
    • Responding to your questions or requests for information
    • Sending transactional messages (such as account statements or confirmations).
    • Sending marketing communications about our products or services (or the products or services of our partners), surveys, and invitations.
  • Payment/Financial, such as processing your payment for the certain products you buy from us.
  • Quality and Safety, including:
    • Quality control, training, and analytics.
    • Safety maintenance and verification.
    • System administration and technology management, including optimizing our websites and applications.
  • Security, including detecting threats and protecting against malicious or fraudulent activity.
  • Recordkeeping and Auditing, including recordkeeping and auditing interactions with consumers.
  • Legal/Compliance, including risk management, audit, investigations, reporting and other legal and compliance reasons.
  • Research & Development (“R&D”), such as
    • Internal research
    • Designing and developing new products, services, and programs.

How We Share and Third Parties with Whom We Share Consumer Health Data

We do not sell your Consumer Health Data. We also do not share your Consumer Health Data with any Third Parties. We may share the categories of consumer health data listed in “What Consumer Health Data We Collect” with the following categories of third parties:

  • Business partners
  • Vendors, data processors, or service providers
  • Our affiliates, brands, and franchisees: Good Feet, Stretch*d, Compression Health, OS1st.
  • As permitted by law, such as (i) with your consent, (ii) if needed to protect your vital interests, such as in the event of a medical emergency or natural disaster, (iii) to an acquiring organization if we are involved in a sale or a transfer of our business, (iv) as needed to prevent, detect, protect against, or respond to security incidents, identity theft, fraud, harassment, malicious or deceptive activities, (v) as needed to preserve the integrity or security of our systems, or (iv) to investigate, report, or prosecute those responsible for any action that is illegal under applicable state or Federal law.

Your Rights Regarding Consumer Health Data

Depending on applicable laws or the jurisdiction you reside in, and subject to certain limitations which may apply under applicable laws, you have certain rights regarding your consumer health data, which may include the right to:

  • Confirm whether we collect, share, or sell your consumer health data and access such data;
  • Receive a list of third parties with whom we have shared or sold consumer health data;
  • Withdraw consent regarding collection and sharing of your consumer health data;
  • Delete your consumer health data;
  • Appeal, if your request has been denied.

To exercise your privacy rights, please submit a request by:

When you submit a request, we may need to authenticate your identity, and if we are not able to authenticate your request, we may need to request additional information or not be able to process your request. If your request is denied without the opportunity to appeal, you can file a complaint with the relevant government body in your state, including:

If for any reason you are required to give express consent or written consent under your state’s privacy laws, we may require your additional affirmative express consent by signing your name digitally through our Website or application. We will only use your Consumer Health Data to the extent necessary to provide you a consumer requested product or service and you may withdraw your consent at any time. By providing your name and date, you voluntarily understand, acknowledge, and agree to the collection, disclosure, processing, and maintenance of your Consumer Health Data. By typing your full name or signing with a touch screen or using a mouse you are agreeing to consent to be legally bound and that all electronic signatures are the legal equivalent of your manual/handwritten signature in accordance with the Uniform Electronic Transactions Act (“UETA”) and the federal ESIGN Act, and any other applicable law.

Changes To This Policy

We may revise or update this Policy from time to time, including as required under applicable laws. We reserve the right to amend this Health Privacy Policy at our discretion and at any time. Updates to this Privacy Policy will be reflected in the “last updated” date, above.