TTI PRIVACY POLICY
Last Updated: 05 Apr 2024
Treatment Technologies & Insights, Inc. (“TTI”, “we” “us” or “our”) is committed to protecting your privacy, and this Privacy Policy is issued on behalf of all the Apps and Websites we own and operate (together, TTI “Services”). TTI Services includes chemoWave, Wave AS, Wave Health, and REPLACE TRIAL App (together, TTI “Apps”) as well as Wave Connect Portal (hosted at waveportal.ttisystems.cloud), www.tti.care, www.wavehealth.app, and chemoWave.com (together, TTI “Sites").
Any use of TTI Services is expressly subject to TTI’s Terms of Use. By engaging with our Services, you acknowledge you have read and understood TTI’s Terms of Use and this Privacy Policy which together explain how your personal data is managed when you use our Services and inform you about your privacy rights and how the law protects you. In summary, this Privacy Policy describes:
WHAT INFORMATION ABOUT YOU WE COLLECT
HOW WE COLLECT YOUR INFORMATION
HOW WE USE YOUR INFORMATION
WHAT INFORMATION WE SHARE OR DISCLOSE
HOW WE PROTECT YOUR INFORMATION
HOW LONG WE RETAIN YOUR INFORMATION
WHAT ARE YOUR RIGHTS?
DISPUTES AND AGREEMENT TO ARBITRATE
For the purposes of applicable data protection laws, the controller of data covered by this Privacy Policy is Treatment Technologies & Insights, Inc., located at 300 Continental Blvd. STE 420; El Segundo CA 90245 and our Data Protection Officer can be contacted at dpo@tti.care.
IF YOU ARE AN EEA or UK RESIDENT, you may address TTI’s authorised representative at CSS Assure with any issues or queries related to our processing of your personal data and this privacy policy. TTI’s EEA and UK-based representative can be contacted directly at authorisedrep@cssassure.com
Please read the following carefully to understand our stance and practices regarding your personal data and how we will protect and treat it.
WHAT INFORMATION ABOUT YOU WE COLLECT
We will only collect the personal data that is needed to provide our Services to you and in accordance with this Privacy Policy (which may be updated on occasion). The type and nature of the information we collect about you will depend on the Services we are providing to you and how you are using our Services.
It is important that your information and the personal data we collect and manage for you is accurate and up to date. If any of your details change, including if you change your Health Care Provider or if you move to a different location, please update this information via your account.
To provide our Services, we may collect the following personal information or data about you today or in the future:
Identity Data includes first name, last name, username, and image uploaded by you, or other information that could be used to identify you such as a unique number used for a research study or to distinguish you from a group or population. For Patients, this may include your date of birth (age) and information about your caregiver or other support contacts. For a Health Care Provider, or other Permitted Third Party this may include job information details such as place of work, department, title, role and your relationship to patients.
Contact Data includes email addresses, physical address and telephone numbers.
Transaction Data includes your username and password, preferred contact method and other TTI Services account details as well as payments to and from you and information about your purchases of our products and services.
Technical Data includes internet protocol (IP) address, your login data, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform, and other technology on the devices you use to access TTI Services.
Profile Data includes demographic information such as your marital status, age, gender, education, occupation, as well as interests, lifestyle characteristics, preferences, feedback and other survey responses.
Location Data includes information about your real time location (outlined below) as well as environmental information related to your location such as weather conditions, humidity levels, temperature, and other.
Usage Data includes information about how you use our Services, such as Uniform Resource Locators (URL), clickstream to, through and from TTI Sites (including date and time), information you viewed or searched for, page response times, download errors, length of visits to certain pages or screens, page interaction information (such as scrolling, clicks, and mouse-overs), methods used to browse away from the page, and a phone number used to call our customer service number or social media handle used to connect with our customer service team.
Marketing Data includes your communication preferences and preferences for receiving promotional or marketing material from TTI or third parties.
Activity Data includes information regarding sleep, water intake, mealtimes, food intake, physical activities, mindfulness activities, routine activities, bowel movements and urination.
Communication Data includes information you provide as supplemental information or context to information provided through TTI Services and can be provided in the form of survey responses or in the form of comments, notes or free-text entries.
If you interact with our Services as a patient ("Patient") (either directly or through a Healthcare Provider or other authorized third party), with your consent, we will also collect and use:
Health Data includes information about your health, including diagnosis, existing conditions, medical assessments and reports, scans, test and lab results, as well as your reported symptoms (including type, occurrence, severity, intensity, frequency or other relevant context), past or current treatment plan details including therapies, medications, medical appointments, responses to clinical or non-clinical surveys or questionnaires, and how you are feeling (overall condition and mood shifts) and associated thoughts. This may also include certain health metrics (if you specifically choose to import this information into our Services) such as heartrate, oxygen saturation, blood pressure, body temperature, weight and activity data.
Other Sensitive Data: When permitted, for a specified purpose in connection with research or a health care service project, we may obtain and process data you choose to provide such as racial or ethnic origin, religious, or philosophical beliefs, or sexual activity information (such as libido, satisfaction, or erectile function).
We do not collect or process genetic or biometric data for the purpose of uniquely identifying a natural person.
We do not collect or process any details about your political opinions, trade union membership or criminal convictions and offenses.
HOW WE COLLECT YOUR INFORMATION
INFORMATION YOU GIVE US:
Information about you that you can provide directly when you interact with our Services includes...
Identity Data and Contact Data where you register to create an account with us (via one or more of our Sites or Apps).
If you provide information via TTI Services or by corresponding with us by phone, email or otherwise you may provide us with Identity Data, Contact Data, Profile Data, Activity Data, Financial Data and Transaction Data in the course of subscribing to or using our Services, responding to a survey or searching for information on or via TTI Sites or Apps, , participating in a discussion board or other social media functions, submitting a query, providing feedback or reporting an issue with TTI Services.
If you upload an image or input comments or notes as journal entries or as added context to information you provide into our Services – all of which can be electronically shared with designated recipients, should you choose to do so.
IF YOU ARE A PATIENT, recording your Health Data via TTI Services (including where answering questionnaires about your health, how you are feeling, and various aspects regarding your quality of life, treatment experience, symptom experiences and other needs, or by directly importing medical information such as surgeries, appointments or procedures, test results, lab results, prescription or therapy information, or health metrics on aspects such as your heart rate, oxygen saturation, blood pressure, body temperature, weight changes and information about your activities before, during or after treatment either reported directly, from third party records, or via wearable devices). Please note that when using third party devices or websites, the privacy policies of those third parties will also apply.
IF YOU ARE A HEALTHCARE PROVIDER, Identity and Contact Data when you use our Services including information you input into TTI Services.
IF YOU ARE A CAREGIVER, Identity and Contact Data when you use our Services including inputting information into a TTI App or TTI Site.
INFORMATION WE COLLECT AUTOMATICALLY:
We will automatically collect information about you from your use of TTI Services, which includes Technical Data, Usage Data and Location Data.
In addition, if you accept an invitation you have received from a Caregiver or Healthcare Provider or other Patient to use our Services (this may be in the form of a code you receive, an SMS or email invitation, or other form of communication), we will be able to decipher which third party provided the invitation.
LOCATION DATA:
When requested or agreed to by you, we may collect information as to your real time location to deliver location services to provide content, or other information relevant to where you are located. Location services could involve a reference to one or more of the following: (a) your location coordinates (latitude/longitude measurements); or (b) look-up of your country location by reference to your IP address against public sources.
Location services may also be collected in combination with an anonymous device or browser-specific identifier that enables recognition of returning users to TTI Services.
INFORMATION WE GET FROM OTHERS:
Information we may receive about you could be obtained from various types of third parties including business partners, sub-contractors in technical, payment and/or delivery services, advertising networks, analytics providers, and search information providers. They different types of information about you we may receive from various third parties is explained below.
IF YOU ARE A PATIENT:
From anyone you give permission to enter information into TTI Services on your behalf (such as a Caregiver or a Healthcare Provider) ("Permitted Third Party/Parties"). If you allow your Permitted Third Parties permission to edit your information, then they will provide us Heath Data including information about your health, changes in your condition, symptoms, medication, treatment activities and other related information. You can revoke your permission at any time under your settings in your account and change data permissions which includes the permissions you’ve allocated to one or more Third Parties. Please note that, in certain situations, we may receive information about you when our Services are used simply as a platform by certain hospital networks or other healthcare organizations that have a relationship with you. In these circumstances, those organizations will be the controller of your personal data and their relevant Privacy Policy will apply.
If you accept an invitation from a Healthcare Provider to use our Services, we may receive your Health Data and information about or from your Healthcare Provider from the Healthcare Provider's records on you. This may be used to automatically populate or supplement your personal information or data in TTI Services.
If you decide to allow any third-party wearable devices to connect with our Services, we will receive Health Data (such as your exercise, steps and other activities, heart rate, temperature, oxygen saturation, weight, and blood pressure) from these devices directly via an automated or scheduled transfer of data via an API or data integration, or directly via Bluetooth or other similar protocol.
IF YOU ARE A PERMITTED THIRD PARTY:
If you are a Permitted Third Party and you accept an invitation from a Patient to use TTI Services, then we may receive Identity and Contact Data.
If you are a Healthcare Provider, or affiliated with a Healthcare Organization, we may receive Identity and Contact Data where a Patient inputs this information about you into a TTI App or TTI Site. We may also receive this information from a designated administrator or study coordinator at your organization when they onboard users or instruct a TTI account manager to set up accounts.
IF YOU ARE PATIENT OR A PERMITTED THIRD PARTY (or other user of our Sites or Apps): Other information (such as vital signs or medication information) from third parties we work closely with such as the platform providers whose devices or operating systems are compatible with TTI Sites or the App.
HOW WE USE YOUR INFORMATION
We will only use or process your personal data when there is a lawful basis for doing so. Most commonly, under the following circumstances:
CONTRACTUAL BASIS: When we need to perform the contract we are about to enter into or have entered into with you. Under this circumstance, our processing activities are conducted in order to fulfill our contractual obligations to you. Once you agree to use TTI Services and approve the Terms of Use, which is a contract, and this Privacy Policy, there is also a "contractual basis” which allows processing of personal data as necessary for the performance of our contract.
LEGITIMATE INTERESTS: When it is necessary for our legitimate interests (or those of a third party) and your interests and fundamental rights do not override those interests. For these circumstances, our processing activities are conducted for the legitimate purpose of operating our business which includes for the improvement and development of our Services, for fraud prevention, and to improve user experience. When we collect minimal personal data from you to establish an account for using TTI Services and so that we can communicate with you to provide customer service or technical support, we may also rely on the "legitimate interests" basis for such personal data processing.
CONSENT: When you have given your consent. TTI relies on your opt-in consent with respect to sensitive data (ie. health data), cookies that are not strictly necessary and for any direct marketing emails or purely promotional use of your personal data.
EXPLICIT CONSENT: We obtain your explicit consent before establishing your account and obtaining personal data to facilitate the doctor-patient interactions, information sharing and the tracking of any treatment, and to permit the access and transmission of your personal information from the United States. Your Health Data is classified as a special category or "sensitive" personal data, and we ensure that additional safeguarding measures are in place to protect this information. As outlined below, our lawful basis for processing this sensitive personal data is your “Explicit Consent.” You can withdraw your consent at any time - for more information please see "WHAT ARE YOUR RIGHTS".
Please note that if you are a Patient and you do not consent to our processing of your sensitive personal data or you withdraw your consent, it will not be possible for us to provide our Services to you, and you will not be able to fully engage with TTI Sites or TTI Apps.
If you are a Healthcare Provider or a Designated Third Party, we do not collect Health Data or other sensitive data about you.
We may use certain types of your personal data under specific circumstances for the purposes described below.
IF YOU ARE A PATIENT user of TTI Apps, we will process your personal data to:
allow you to log your treatment and information about your symptoms including severity and frequency
allow you to record activities and appointments
enable you to record notes or questions about your treatment, symptoms and how you are feeling
enable you to log your medication(s) and set reminders for medication(s) or other activities
enable you to update and show your health status
provide you with trends or relationships between your recorded activities and experiences
Type of Data: Health, Identity, Contact, Profile, Activity, Communication
Lawful Basis/Processing Conditions: Consent / Explicit Consent, Legitimate interests, Performance of a contract with you
IF YOU ARE A PATIENT user of TTI Services, and you choose to share information with a Health Care Provider or other Permitted Third Party, then we will process your personal data:
to show a Permitted Third Party your health status, information about your treatment, symptoms and medication (including severity and frequency of any symptoms and medication that you record). This information can be used to enable any Permitted Third Parties to contact you about the information you provide including your treatment, symptoms and medication. This information is not provided or accessed immediately, so if you feel unwell or have any concerns, you should never wait and always seek direct medical advice.
to enable you to assign a severity level to your health status (e.g. none, mild, moderate, severe, very severe) and share this with a Permitted Third Party if you have chosen to do so;
to let your Healthcare Provider or other Permitted Third Party know you are using TTI Services (if you choose to do so and have provided us with information about them);
to enable you to communicate with or receive communication from a Permitted Third Party; and
to share posts about how you are feeling with Permitted Third Parties, who can view these posts.
Type of Data: Health, Identity, Contact, Profile, Activity, Communication
Lawful Basis/Processing Conditions: Consent / Explicit Consent, Legitimate interests, Performance of a contract with you
IF YOU ARE A PATIENT user of our Services, we may also use your personal data to optimize your experience…
for analyzing your information and suggesting information or non-clinical products or services from our commercial and non-commercial partners that might be helpful or relevant to you. We will not share your personal data with these commercial and non-commercial partners; and
for de-identifying your information and then using this data for our own research purposes and to develop machine learning algorithms.
Type of Data: Health, Identity, Contact, Profile, Usage, Activity
Lawful Basis/Processing Conditions: Consent / Explicit Consent, Legitimate interests
IF YOU ARE A HEALTHCARE PROVIDER who is designated as a Permitted Third Party, we will use your personal data to enable users of TTI Services to share their Health Data with you, so that you may better understand or receive updates regarding their treatment experiences, medication activity, and symptoms in order to provide them with support.
Type of Data: Identity, Contact, Profile, Activity
Lawful Basis/Processing Conditions: Legitimate interests
IF YOU ARE A THIRD PARTY who is designated as a Permitted Third Party we will use your personal data to enable users of TTI Services to share their Health Data with you, so that you may better understand or receive updates regarding their treatment experiences, medication activity, and symptoms in order to provide them with support.
Type of Data: Identity, Contact, Profile, Activity
Lawful Basis/Processing Conditions: Legitimate interests
ANY USERS, we will use your personal data to identify you and enable you to use our Services.
Type of Data, Identity, Contact
Lawful Basis/Processing Conditions: Legitimate interests, Performance of a contact with you
ANY USERS, we will use your personal data for setting up and administering your account with us.
Type of Data, Identity, Contact
Lawful Basis/Processing Conditions: Legitimate interests, Performance of a contact with you
ANY USERS, we will use your personal data for verifying and carrying out financial transactions in relation to payment you make online or through the App.
Type of Data: Identity, Contact, Financial, Transaction
Lawful Basis/Processing Conditions: Legitimate interests, Performance of a contact with you
ANY USERS, we will use your personal data for notifying you about changes to our Services.
Type of Data: Identity, Contact
Lawful Basis/Processing Conditions: Legitimate interests, Performance of a contact with you
ANY USERS, we will use your personal data to improve TTI Apps and Sites and ensure content is presented in the most effective manner for you and for your computer or mobile device.
Type of Data: Identity, Contact, Profile, Technical, Usage, Location, Activity
Lawful Basis/Processing Conditions: Legitimate interests
ANY USERS, we will use your personal data for providing you with the information, products, and services that you request from us.
Type of Data: Identity, Contact, Profile
Lawful Basis/Processing Conditions: Legitimate interests
ANY USERS, we will use your personal data for the effective running of TTI Sites and TTI Apps and:
to administer TTI Sites and TTI Apps and for internal operations, including troubleshooting, data analysis, testing, research, statistical and survey purposes;
to keep TTI Sites and TTI Apps safe and secure and provide technical support;
for measuring or understanding the effectiveness of advertising we service to you and others, and to deliver relevant advertising to you;
to allow you to participate in interactive features of our Services when you choose to do so.
Type of Data: Identity, Contact, Profile, Technical, Usage, Location, Health, Marketing, Communication
Lawful Basis/Processing Conditions: Consent / Explicit Consent, Legitimate interests
AUTOMATED DECISION MAKING
We do not carry out or deliver any automated decision making using your personal data that would have a legal or similarly significant effect on you.
CHANGE OF PURPOSE
We will only use your personal data for the purposes for which we collected it, unless we reasonably consider that we need to use it for another reason, and that reason is compatible with the original purpose. If you wish to get an explanation as to how the processing for the new purpose is compatible with the original purpose, please contact us.
If we need to use your personal data for an unrelated purpose, we will notify you and we will explain the legal basis which allows us to do so.
Please note that we may process your personal data without your knowledge or consent, in compliance with the above rules, where this is required or permitted by law.
If you have any queries or objections about any of the ways we use your personal data, please contact our data protection officer at dpo@tti.care.
TTI PROMOTIONAL UPDATES & COMMUNICATIONS
We may use your personal information to send you communications by email, SMS/iMessage and messages or notifications in TTI Apps or though TTI Sites with suggestions for non-clinical products or services of our commercial or non-commercial partners. These communications will include information about potentially relevant products and services, as well as non-clinical content in the form of tips, insights, syndicated articles, and research or survey results based on your usage of our Services or reported activities or experiences. In many cases, these communications will include hyper-links labelled "Learn More", or other similar wording. If you select a hyper-link, you will either be directed to content provided in or on TTI Services, or to an external website operated by or on behalf of our commercial and non-commercial partners.
Where permitted in our legitimate interest or with your prior consent if required by law, we will use your personal information for marketing analysis and to provide you with promotional updates and communications by email, SMS/iMessage or in-app messages about our products and services. Any information gathered will be used solely for marketing in connection with TTI’s business and our commercial partners' products or services and will not be shared with any other third parties.
You can object to further communications or marketing at any time by selecting the "unsubscribe" link at the end of all our marketing and promotional update communications to you, or by sending us an email to dpo@tti.care.
COOKIE POLICY
A cookie is a small file of letters and numbers that we transferred and stored on your browser or the hard drive of your device if you agree. We use the following cookies:
ESSENTIAL COOKIES: These are cookies that are required for the operation of our websites and cannot be switched off in our systems. They include, for example, cookies that enable you to log into your account.
FUNCTIONALITY COOKIES: These cookies allow TTI Apps and Sites to provide enhanced functionality and personalization and are used to recognize you when you return to our websites. This enables us to personalize our content for you, greet you by name and remember your preferences (for example, your choice of language or region).
TARGETING COOKIES: These cookies record your visit to our Sites, the pages you have visited and the links you have followed. We will use this information to make our websites and the information displayed on them more relevant to your interests. We may also share this information with third parties for this purpose.
ANALYTICAL OR PERFORMANCE COOKIES: These cookies enable TTI Services to provide enhanced functionality and personalization, such as allowing us to recognize and count the number of visitors and to see how users move around TTI Apps when they are using it. This helps us to improve the way our Apps and Websites work, for example, by ensuring that users are finding what they are looking for easily.
The General Data Protection Regulation (GDPR), The Data Protection Act of 2018 (UK) and common Data Privacy Laws in the USA do not require your consent to place essential/necessary cookies on your device if they are required for the operation of TTI Services, or where the cookie is strictly necessary to perform our Services as requested by the user. Other types of cookies are there to improve your experience and to collect analytics data about how our Services are used.
We will ask for your consent to store any non-essential cookies on your device, provided that if you are logged into your account, the cookies that enable you to share information deemed necessary for your ability to use our Services, do not require your consent unless they also enable tracking.
Please note that third parties may use cookies, over which we have no control. These named third parties may include, for example, advertising networks and providers of external services like web traffic analysis services. These third-party cookies are likely to be analytical or performance cookies or targeting cookies.
You can update your browser settings to manage your preferences about third party cookies. However, if you use your browser settings to block all cookies (including essential cookies) you may not be able to access all or parts of our Apps or Sites. You can, at any time, change or withdraw your consent from these by updating your browser settings to manage your preferences related to these third-party cookies.
WHAT INFORMATION WE SHARE OR DISCLOSE
ANONYMIZED INFORMATION
In addition to serving your individual needs as best we can, we are dedicated to better understanding patient experiences to inform the optimization of treatment options and outcomes for patients in the future. To help us achieve this objective, we may anonymize your data such that it no longer includes information that could be used to identify you, and combined with other users’ anonymized data for the purposes of analyzing trends to identify things like common risk factors for a treatment among different groups of patients that share similar characteristics, or to calculate the most valuable or popular features of TTI Services among various groups of TTI customers. Where your data has been aggregated for any purpose, this aggregated data could be derived from your personal data but is not considered personal data in law as this data will never directly or indirectly reveal your identity. Aggregated data is never combined with your personal data so that it can be used to identify you directly or indirectly.
By using TTI Services, you understand and agree that TTI may use your anonymized data for any and all lawful purposes on a worldwide, royalty-free, perpetual, irrevocable, fully transferable and fully sublicensable basis.
PERSONAL INFORMATION
We will not disclose your personal data to third parties, except in the following circumstances and in accordance with applicable laws:
With your explicit consent. For example, you may direct us to share your personal information with your Health Care Provider or another designated Third party. You may also consent to sharing your personal information with third parties for their marketing uses. Those uses will be subject to the privacy policies of these third parties.
Pursuant to contractual or legal agreements with you or for other legitimate purposes.
As required by applicable law or lawful requests by public authorities, including, without limitation, in response to any government or regulatory agency request, to cooperate with law enforcement requirements and/or investigations, to meet national security requirements or upon receipt of any court order.
To courts and public authorities to protect you, TTI or third parties from harm, including fraud or instances where somebody's physical safety is at risk.
To a prospective or actual purchaser or seller with respect to TTI's business in the context of a merger, acquisition or other reorganization or sale of TTI's business or assets or a line of business. TTI would seek appropriate protection for information in these types of transactions. TTI will attempt to notify you by email and/or a prominent notice on TTI Services of any change in ownership and the choices you may have regarding your personal information, once it is legally permissible to do so.
To third-party service providers, agents or independent contractors who help maintain TTI Services, or provide other administrative services to us. These third parties are subject to appropriate nondisclosure agreements to ensure confidentiality.
HOW WE PROTECT YOUR INFORMATION
We are concerned about safeguarding your personal information and have put in place appropriate security measures to protect your personal data from accidental loss, theft, and misuse, as well as against unauthorized or unlawful access, disclosure, alteration, and destruction.
ENCRYPTION
For extra measures of security, we protect your personal information and sensitive data with methods of encryption at-rest (while being stored) and in-transit (when being sent or transferred). Any electronic transfer of your personal data or sensitive information will take place via an encrypted channel.
WHERE YOUR INFORMATION IS STORED
In general, "personal data" and "personal information" as defined by applicable law, based on your explicit consent (and sometimes other legal bases) will reside in: (a) the United States, (b) the EEA, or (c) the UK.
To provide an adequate level of data protection in accordance with applicable laws, your data is stored and protected on cloud-based servers hosted by Amazon Web Services (AWS) in a manner that supports the requirements of HITRUST CSF (Health Information Trust Alliance Common Security Framework), a high security standard appropriate to protect your personal information and data processed health and medical information that you will be submitting to TTI Services. For the sake of clarity, all personal data collected…
…from users who reside in the EEA, is stored and processed on AWS servers located in the EEA
…from users who reside in the UK is stored and processed in servers located in the UK
…from users who reside in the USA and countries not listed about, is stored and processed on servers located in the USA.
INTERNATIONAL TRANSFERS
Our main center of operations are based in the United States of America, and when you log personal data into TTI Services, such data is transferred to secure AWS servers located as explained above in: (a) the United States, (b) the EEA, or (c) the UK and accessed from or transferred to and from the USA when necessary to provide TTI Services.
With respect to onward transfer of personal data from TTI to third parties…
Whenever your personal data is transferred outside of your local jurisdiction, we ensure a similar degree of protection is afforded to it by ensuring appropriate safeguards are implemented.
We are obligated to ensure adequate protection of such personal data in any onward transfer, and therefore has entered into and will continue to enter into appropriate data processing and data transfer agreements, which are available upon request at dpo@tti.care.
We implement appropriate physical, technical and organizational security measures to protect personal data against accidental or unlawful destruction, accidental loss or alteration, unauthorized disclosure or access, and against all other unlawful forms of processing.
Implement specific measures to provide an adequate level of data protection in accordance with applicable law.
LIMITED ACCESS
Additionally, access to your personal data is limited to TTI employees, agents, contractors and other third parties who have a business need to know, and all of which are contractually obligated to a duty of confidentiality, and responsible for adhering to TTI’s administrative, technical, and physical security measures for the processing of personal data.
DISCLAIMER
Please be aware that, although we endeavor to provide reasonable security for information we process and maintain, no security system can prevent all potential data privacy and security breaches. It is your responsibility to protect and maintain the security of your account credentials and you need to immediately notify us of any unauthorized use of your account. When you choose or are given a password or access code which enables you to access certain parts of TTI Sites or Apps, you are responsible for keeping this password confidential. We ask you not to share a password with anyone.
HOW LONG WE RETAIN YOUR INFORMATION
To determine the appropriate retention period for personal data, we consider the amount, nature and sensitivity of the data, the potential risk of harm from unauthorized use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means.
We will retain your personal information for as long as you use TTI Services, and then for as long as we believe it is necessary and appropriate to comply with applicable laws, discharge our contractual obligations to you, our partners, or defend our legal interests in connection with any claim or defense we could face before any formal dispute resolution body in respect to our relationship with you.
We take reasonable measures to ensure that personal data is deleted, erased or de-identified/ anonymized once the purposes for which personal data was collected have been fulfilled, and that we keep such data for no longer than is necessary for the purposes for which the personal data is processed.
IF YOU ARE A TTI APP USER, you can keep your information updated within TTI Services, including deleting out of date information, or editing information that is not correct. We archive your personal data one year from the date of your last login to TTI Sites or the App, but you will still be able to reactivate your account. If you do not reactivate your account within 5 years of it being archived, all of the personal information that we hold about you will be deleted. We may also retain de-identified or anonymous information beyond this time for research purposes and to help us develop and improve our Services. You cannot be identified from anonymized or aggregated information retained or used for these purposes.
IF YOU ARE A HEALTHCARE PROVIDER, we retain personal data about you for two years after our last contact with you. We may also retain aggregate or de-identified information beyond this time for research purposes and to help us develop and improve our Services. You cannot be identified from aggregate information retained or used for these purposes.
We encourage you to communicate with us should you wish to know what personal information we store about you, or should any of your personal information need modification, or in the event that you wish it to be removed, email our Data Protection Officer at dpo@tti.care and we will respond within a reasonable time and in accordance with applicable law. Please note that some or all of the data you provided may be required in order for TTI Services to function properly.
WHAT ARE YOUR RIGHTS?
You may have rights regarding your personal information. This section describes your rights and explains how to exercise those rights. You do not need to create an account with us to exercise your rights.
YOUR RIGHT TO WITHDRAW CONSENT:
Where the processing of your personal information by us is based on consent, you have the right to withdraw that consent without detriment at any time by contacting us at dpo@tti.care.
YOUR RIGHTS UNDER CERTAIN CIRCUMSTANCES…
to be provided with a copy of your personal data held by us (commonly known as a “data subject access request”). This enables you to receive a copy of the personal data we hold about you and to check that we are lawfully processing it.
to request the rectification of your personal data held by us. This enables you to have any incomplete or inaccurate data we hold about you corrected, though we may need to verify the accuracy of the new data you provide to us.
to request the erasure of your personal data held by us. This enables you to ask us to delete or remove personal data where there is no good reason for us continuing to process it. You also have the right to ask us to delete or remove your personal data where you have successfully exercised your right to object to processing (see below), where we may have processed your information unlawfully or where we are required to erase your personal data to comply with local law. Note, however, that we may not always be able to comply with your request of erasure for specific legal reasons which will be notified to you, if applicable, at the time of your request.
to request that we restrict the processing of your personal data (while we verify or investigate your concerns with this information, for example). This enables you to ask us to suspend the processing of your personal data in the following scenarios:
If you want us to establish the data’s accuracy.
Where our use of the data is unlawful but you do not want us to erase it.
Where you need us to hold the data even if we no longer require it as you need it to establish, exercise or defend legal claims.
You have objected to our use of your data but we need to verify whether we have overriding legitimate grounds to use it. You may object to processing of your personal data where we are relying on a legitimate interest (or those of a third party) and there is something about your particular situation which makes you want to object to processing on this ground as you feel it impacts on your fundamental rights and freedoms.
to object to the further processing of your personal data, including the right to object to marketing (as mentioned in the TTI Promotional Updates & Communications section. You may object where we are processing your personal data for direct marketing purposes. In some cases, we may demonstrate that we have compelling legitimate grounds to process your information which override your rights and freedoms.
to request that your provided personal data be moved to a third party. You may request the transfer of your personal data to you. We will provide to you your personal data in a structured, commonly used, machine-readable format. Note that this right only applies to automated information which you initially provided consent for us to use or where we used the information to perform a contract with you.
YOUR INFORMATION CHOICES AND CHANGES
You are not required to provide or consent to providing any personal data to TTI Services, but if you do not provide any personal data to TTI Services manually, automatically or via a Permitted Third Party, you will not be able to fully utilize our Services which includes but is not limited to...
receiving insights and information in connection with your condition or treatment;
helping your Health Care Provider determine if you are a candidate for a treatment or intervention;
providing updates to or facilitating better communication with your Health Care Provider or another Permitted Third Party.
You can stop all collection of information by TTI Services easily by not using and uninstalling TTI Services. You may use the standard uninstall processes as may be available as part of your mobile device or via the mobile application marketplace or network. You may also request to opt-out via email, at dpo@tti.care.
You may have the right to opt-out from the sharing of your digital activity information with a third party in order to receive information about marketing campaigns and usage statistics related to our services. We have not sold or shared personal information to advertising service providers such as Facebook and Google.
Our marketing emails tell you how you can “opt-out.” If you opt out, we may still send you non-marketing emails. Non-marketing emails include emails about your accounts and our business dealings with you. Notifications can be disabled through your mobile device operating system.
You can request to change contact preferences, opt-out of our sharing your information with others, and update your personal information. You may also send requests about personal information to dpo@tti.care.
If you wish to exercise any of the rights set out above, please contact us.
No fee usually required. You will not have to pay a fee to access your personal data (or to exercise any of the other rights). However, we may charge a reasonable fee if your request is clearly unfounded, repetitive, or excessive. Alternatively, we could refuse to comply with your request in these circumstances.
What we may need from you. We may need to request specific information from you to help us confirm your identity and ensure your right to access your personal data (or to exercise any of your other rights). This is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it. We may also contact you to ask you for further information in relation to your request to speed up our response.
Time limit to respond. We try to respond to all legitimate requests within one month. Occasionally it could take us longer than a month if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated.
EXERCISING RIGHTS
To exercise the rights described above, please submit a verifiable consumer request to us by either:
Visiting www.tti.care and submitting the request online.
Emailing us at dpo@tti.care
Writing us at Treatment Technologies & Insights, Inc 300 Continental Blvd, STE 420; El Segundo CA 90245
If you are an EEA resident, emailing our EEA-based representative at ukdataprotection@cssassure.com.
Only you, or someone legally authorized to act on your behalf, may make a verifiable consumer request related to your personal information. To designate an authorized agent, please contact TTI Support to provide us with a power of attorney or other legally binding written document signed by you and identifying your agent. We may also verify the identity of your designated agent.
You may only make a verifiable consumer request for access or data portability twice within a 12-month period. The verifiable consumer request must:
Provide sufficient information that allows us to reasonably verify you are the person about whom we collected personal information or an authorized representative.
Describe your request with sufficient detail that allows us to understand, evaluate, and respond to it.
We cannot respond to your request or provide you with personal information if we cannot verify your identity or authority to make the request and confirm the personal information relates to you. Making a verifiable consumer request does not require you to create an account with us. However, we do consider requests made from your account email sufficiently verified when the request relates to personal information associated with that specific account.
We will only use personal information provided in a verifiable consumer request to verify the requestor’s identity or authority to make the request.
We will not discriminate against you for exercising any of your rights.
If you have an established business relationship with us to request certain information regarding our disclosure of certain types of personal information to third parties for their direct marketing purposes during the immediately preceding calendar year.
If you have any questions or comments about this notice, the ways in which TTI collects and uses your information described below and in the Privacy Policy, your choices and rights regarding such use, or wish to exercise your rights under California law, please do not hesitate to contact us.
You may have the right to appeal a refusal to take action on a request by contacting us at the email address below.
To make any of the requests listed above, please send an email to dpo@tti.care.
DISPUTES AND AGREEMENT TO ARBITRATE
Except where and to the extent prohibited by law, by using TTI Services, you and we agree that, if there is any controversy, claim, action, or dispute arising out of or related to your use of TTI Services, or the breach, enforcement, interpretation, or validity of this Privacy Policy or any part of it (“Dispute”), both parties shall first try in good faith to settle such Dispute by providing written notice to the other party describing the facts and circumstances of the Dispute and allowing the receiving party thirty (30) days in which to respond to or settle the Dispute. Notice shall be sent to:
Us, at Treatment Technologies & Insights, Inc., 300 North Continental Boulevard, Suite 420, El Segundo CA 90245, or
You, at the address we have on file for you.
Both you and we agree that this dispute resolution procedure is a condition precedent that must be satisfied before initiating any litigation or filing any claim against the other party. IF ANY DISPUTE CANNOT BE RESOLVED BY THE ABOVE DISPUTE RESOLUTION PROCEDURE, YOU AGREE THAT THE SOLE AND EXCLUSIVE JURISDICTION FOR SUCH DISPUTE WILL BE DECIDED BY BINDING ARBITRATION ON AN INDIVIDUAL BASIS. EXCEPT WHERE AND TO THE EXTENT PROHIBITED BY LAW, ARBITRATION ON AN INDIVIDUAL BASIS MEANS THAT YOU WILL NOT HAVE, AND YOU WAIVE, THE RIGHT FOR A JUDGE OR JURY TO DECIDE YOUR CLAIMS, AND THAT YOU MAY NOT PROCEED IN A CLASS, CONSOLIDATED, OR REPRESENTATIVE CAPACITY. Other rights that you and we would otherwise have in court will not be available or will be more limited in arbitration, including discovery and appeal rights. All such dispute shall be exclusively submitted to JAMS (www.jamsadr.com) for binding arbitration under its rules then in effect, before one arbitrator to be mutually agreed upon by both parties.
The arbitrator, and not any federal, state, or local court or agency, shall have exclusive authority to resolve any dispute arising under or relating to the interpretation, applicability, enforceability, or formation of this Privacy Policy, including any claim that all or any part of this Privacy Policy is void or voidable.
COMPLAINTS AND DISPUTE RESOLUTION FOR NON-USA RESIDENTS
If you are not a resident of the USA and have any complaint or concern regarding your personal data under this Privacy Policy, or arising under the Privacy Policy, please contact us at dpo@tti.care. We suggest that you put in the subject line of any email or communication "Privacy Policy" or "Privacy Complaint." We will respond within 30 days. If this does not resolve your concern, you have the following option: If you have an unresolved privacy or data use dispute or concern that we have not addressed satisfactorily, you can raise the issue with your local Data Protection Authority.
You can exercise the rights listed above at any time by contacting us at dpo@tti.care. We strive to respond to your requests within 30 days and will let you know if we are unable to meet this timeframe. If your request or concern is not satisfactorily resolved by us, you may approach your local data protection authority,
European Data Authorities: see http://ec.europa.eu/justice/data-protection/bodies/authorities/index_en.html - which will then be taken up by the relevant EU Data Protection Authority.
UK Data Authority - The Information Commissioner is the supervisory authority in the UK and can provide further information about your rights and our obligations in relation to your personal data, as well as deal with any complaints that you have about our processing of your personal data.
USA Data Authority - To file an inquiry or complaint contact the US Department of Commerce or the Department of Health and Human Services.
You also agree that, in the event any dispute or claim arising out of or relating to your use of TTI Services or this Privacy Policy that does not relate to your personal data (personal data), or that is not covered by the previous paragraph, you and TTI will attempt in good faith to negotiate a written resolution of the matter directly between the parties. You agree that if the matter remains unresolved for forty-five (45) days after notification (via certified mail or personal delivery) that a dispute exists, all parties shall join in mediation services in Los Angeles, California with a mutually agreed mediator in an attempt to resolve the dispute. Should you file any arbitration claims, or any administrative or legal actions without first having attempted to resolve the matter by mediation, then you agree that to the maximum extent permitted by applicable law, you will not be entitled to recover attorneys' fees, even if you would otherwise be entitled to them.
CHILD SAFETY
Protecting the safety of children when they use the Internet is important to us. TTI Sites and App is intended for use only by persons who are at least 18 years of age. To our knowledge, we do not share or provide any information about individuals we know are under age 18. By using our Services, you confirm to us that you meet this requirement. If you suspect that a child under 18 is accessing our Services and providing personal data without their parent or guardian's consent, please contact us at dpo@tti.care so that we can investigate and remove/delete the data where necessary.
If you are under the age of 18, permission must be confirmed from a legal parent or guardian before using our Services or sending us personal information.
PAYMENT PROCESSING
We may process your payment details if you sign up to use the TTI premium or Professional service. Payment details you provide will be encrypted using secure sockets layer (SSL) technology before they are submitted to us over the internet. Payments made on the site or App are made through our payment gateway provider.
You will be providing credit or debit card information directly to our payment gateway provider which operates a secure server to process payment details, encrypting your credit/debit card information and authorizing payment. Information which you supply to our payment gateway provider is not within our control and is subject to our payment gateway provider’s own Privacy Policy and terms and conditions.
CHANGES TO THIS POLICY
Any changes we make to our Privacy Policy in future will be posted on this page and, in relation to substantive changes, will be notified to you by email.
CONTACT US
Questions, comments and requests regarding this Privacy Policy are welcome and should be addressed to:
Visiting www.TTI.care and submitting the request online.
Emailing us at dpo@tti.care
Writing us at Treatment Technologies & Insights, Inc 300 Continental Blvd, STE 420; El Segundo CA 90245