Last Updated: May 27, 2020
PurpleLab, LLC and its authorized agents (“PurpleLab,” “we” or “us”) respect your preferences concerning the treatment of information we may collect about you through our Services (as defined below).
The Services may provide links to or the ability to connect with non-PurpleLab websites, services, or applications. Clicking on those links or enabling those connections may allow the third party to collect or share information about you. Those third-party websites or services are beyond our control, and this Policy does not apply to those third-party websites or services.
Additionally, this Policy does not apply to information that you ask us to share with third parties or is collected by Online Tool Providers (as further described below). You acknowledge and agree that PurpleLab is not responsible for the data collection or use practices of any third party utilized in providing the Services.
If you have subscribed to any of our Services through one of our white label or reseller partners with whom you have an arrangement to receive access to the Services along with other products and services (each, a “Product Partner”), we may, as provided by our agreement with the Product Partner, provide information to the Product Partner regarding your use of our Services. PurpleLab is not responsible for the data use practices of any Product Partner, and you should review your agreement with the relevant Product Partner for more information.
Finally, if you (or your company, if you are accessing and using certain Services for the benefit of a legal entity for whom you work) have entered into a Confidentiality and Non-Disclosure Agreement with PurpleLab that governs your use of certain Services and contains privacy or confidentiality terms that are more stringent than those in this Policy (“NDA”), then the applicable terms of such NDA will control over this Policy solely with respect to the Services covered by the NDA.
By accessing or using our Services, you consent to this Policy. If you do not agree with this Policy, please do not access or use the Services. Information gathered through the Services may be transferred, used, and stored in the United States or in other countries where our service providers or we are located. If you use the Services, you agree to the transfer, use, and storage of your Personal Information (as defined below) in those countries. The data protection and other laws of the United States and other countries might not be as comprehensive as those in your country. You agree that all transactions relating to the Services or PurpleLab are deemed to occur in the United States, where our servers are located.
Personal and Other Information We Collect
PurpleLab collects Personal Information provided to us through your interaction with, use of, and registration for the Services. “Personal Information” is information that can identify or reasonably be linked to an individual, such as name, physical address, telephone number, e-mail address, login information, company affiliation, and associated interests. “Personal Information” also includes device information that is automatically collected and logged by our systems when users interact with the Services, such as IP address, browser type and version, time zone setting, browser plug-in types and versions, and operating system and platform, to the extent that any such information can identify or reasonably be linked to an individual.
If you are a healthcare provider, “Personal Information” may also include your or your clinic’s National Provider Identifier number (“NPI Number”), which is made available by the Centers for Medicare & Medicaid Services of the U.S. Government (“CMS”) and other third parties in connection with healthcare insurance claim data that is published by CMS and such third parties. We may associate your NPI Number with data sets, insights, and/or reports that are available through the Services (collectively, “Insights”). However, Insights do not contain any other types of Personal Information.
We collect Personal Information that you voluntarily give us through your interaction with and use of the Services, including Personal Information contained in:
- Forms you fill out on our websites;
- Content of your electronic correspondence with us;
- Disclosures made by you during offline sales and marketing activities conducted by us in which you participate, which we associate with your activities on the Services;
- Reports of a problem or requests for support made by you for any of our Services; and
- Any other Personal Information you voluntarily send to us through our Services (or offline and that we associate with you as a user of the Services).
You may choose not to provide Personal Information (subject to the controls offered by your device’s operating system), but this may prevent you from receiving certain features of the Services.
We also collect certain types of non-Personal Information about your interaction with and use of the Services, that is, information that does not personally identify an individual. Examples of the non-Personal Information we collect are:
- Information about your visit to our Services, including the full URL clickstream to, through and from our site (including date and time); and pages you viewed or searched for; page response times, download errors, length of visits to certain pages, page interaction information (such as scrolling, clicks, and mouse-overs), and methods used to browse away from the page.
Information collected by the Services may be collected by us or one of our Service Providers or Online Tool Providers (as each are defined below).
We may also receive information about you from third parties who we partner with in order to build and operate our communities, including, for example, business partners, sub-contractors, and analytics providers, and may receive information about you from them. To the extent we associate this information with users of the Services, we will treat this as Personal Information.
How We Use and Share Your Information
PurpleLab may use the Personal Information and other information it collects via the Services (unless otherwise restricted by law) to:
- Provide the Services to you
- Personalize your experience and allow us to deliver the type of content and product offerings in which you are most interested;
- Improve our Services and related services in order to better serve you;
- Allow us to better respond to your customer service requests;
- Quickly process your transactions;
- Ask you for ratings and reviews of our Services and related services; and
- Respond to your correspondence.
We may disclose Personal Information to provide the Services, or when you authorize or instruct us to do so, for example when you use the Services to submit content or profile information.
If you have subscribed to our Services through a Product Partner as described above, we may, as provided by our agreement with your Product Partner, provide your Personal Information to your Product Partner. If you have questions about how your Product Partner uses your Personal Information, please contact your Product Partner.
We may share your Personal Information with Service Providers. By “Service Providers”, we mean companies, agents, contractors, service provider, or others engaged to provide services on our behalf (such as processing of payments, provision of data storage, hosting of our website and other Services, marketing of our products and services, and conducting audits). These Service Providers have access to Personal Information and non-Personal Information needed to perform their services for us, but we require that such Service Providers may not use it for other purposes except as required by applicable law.
Additionally, we may share Insights with third parties for marketing purposes. As described above, if you are a healthcare provider, such Insights may contain your NPI Number. If you wish to opt-out from having your NPI Number included in any Insights that we share with third-parties for marketing purposes, please see the Transparency and Choice section below.
Except for NPI Numbers that may be contained in Insights, and our limited sharing of information with Product Partners as we have described it above, PurpleLab does not share your Personal Information with third parties for the third party’s own marketing purposes.
PurpleLab also may disclose your Personal Information to third parties when we believe, in good faith and in our sole discretion, that such disclosure if reasonably necessary to: (1) protect the legal rights, privacy or safety of PurpleLab or its employees, agents and contractors; (2) protect the rights, property, safety, and/or security of visitors to our websites or other properties, or of other third parties; (3) protect against fraud or other illegal activity or for risk management purposes; (4) respond to inquiries or requests from government or public authorities; (5) pursue available remedies or limit the damages that we may sustain and to enforce or apply the terms and conditions of the Services, including to investigate potential violations thereof; and/or (6) comply with the law or any judicial proceeding, court order, or other legal process served on us.
PurpleLab also may transfer any and all information that we collect about you (including your Personal Information) to third parties in the event of any merger, sale, joint venture, assignment, transfer, bankruptcy, or other disposition of all or any portion of PurpleLab’s assets or stock (including without limitation in connection with any bankruptcy or similar proceedings).
Lastly, we may also disclose non-Personal Information, aggregated with information about our other users, to our clients, business partners, merchants, advertisers, investors, potential buyers and other third parties if we deem such disclosure, in our sole discretion, to have sound business reasons or justifications.
How We Protect Your Information
We implement reasonable administrative, technical, and physical safeguards that are designed to protect your Personal Information from unauthorized access, use, or disclosure. For example, sensitive information that is transmitted over the Internet is encrypted via Secure Socket Layer (SSL) or similar technology. However, no data transmission over the Internet and no method of data storage can be guaranteed to be 100% secure. Therefore, while we strive to use commercially acceptable means to protect your Personal Information, we cannot guarantee its security.
All payment transactions occurring through the Services are processed through a third-party gateway provider and are not stored or processed on our servers
Transparency and Choice
You may request access to your Personal Information by sending an email to email@example.com. We will try to locate and provide you with your Personal Information and give you the opportunity to correct this data, if it is inaccurate, or to delete it, at your request. But, in either case, we may need to retain it for legal reasons or for legitimate business purposes. You may also remove any data that you upload to the Services using any deletion or removal options within the Services. However, we (and you) are not able to control information that you have already shared with other users or made available to third parties through the Services.
We ask individual users to identify themselves and the information requested to be accessed, corrected, or removed before processing such requests, and we may decline to process requests that are unreasonably repetitive or systematic, require disproportionate technical effort, jeopardize the privacy of others, would be extremely impractical (for instance, requests concerning information residing on backups), or relate to information that is not associated with your Personal Information. In any case, where we provide information access and correction, we perform this service free of charge, except if doing so would require a disproportionate effort.
Please be aware that if you request us to delete your Personal Information, you may not be able to continue to use the Services. Also, even if you request that we delete your Personal Information, we may need to retain certain information for a limited period of time to satisfy our legal, audit and/or dispute resolution requirements.
We support the development and implementation of a standard “do not track” browser feature that provides customers with control over the collection and use of information about their web-browsing activities. Once a standardized “do not track” feature is released, we intend to adhere to the browser settings accordingly.
You can opt out of receiving marketing e-mails from us by clicking on the “unsubscribe” link in the e-mails. Please note that it may take up to ten (10) business days for your opt-out request to be processed. Also, even if you opt out of marketing e-mails, we may continue to send you certain account-related e-mails, such as notices about your account and confirmations of transactions you have requested.
If you are a healthcare provider, you can opt out from having your NPI Number included in the Insights that we share with third parties for marketing purposes. You can opt out by sending an email to firstname.lastname@example.org with “NPI Number – Opt Out” in the subject line. Please note that it may take up to ten (10) business days for your opt-out request to be processed, and we are not able to remove your NPI Number from any such Insights that we distributed prior to our processing of your opt-out request. Additionally, even if you opt out from having your NPI Number included in the Insights that we share with third parties for marketing purposes, your NPI Number will remain associated with Insights that other users may access, use, and export using the Services.
You may have heard of the California Consumer Privacy Act (“CCPA”) which provides certain rights to California residents in connection with their Personal Information. Our Services are not currently subject to the CCPA. However, we do provide notice and transparency about our collection and use of Personal Information as described in this Policy.
Cookies and Other Automatic Information Gathering Technologies
Cookies are small files that a website operator (or its service provider) or a third party whose content is embedded in that website, transfers to your web browser (if you allow) that enables the website operator or, as applicable, the third party to recognize your browser and capture and remember certain information when you visit the Services.
A cookie may also refer to web-browser-based storage provided by Adobe’s Flash plugin. A web beacon, pixel or tag is a small, usually-transparent image placed on a web page that allows the operator of that image, which may be the operator of the website you visit or a third party, to read or write a cookie.
Your operating system and web browser may allow you to erase information stored in cookies, flash cookies, and local browser storage. But if you do so, you may be forced to login to the Services again and you may lose some preferences or settings. You may also be able to set your browser to refuse all website storage or to indicate when it is permitted, but some features of our Services may not function properly without it. More information about managing cookies is available here. Cookie management tools provided by your browser may not affect flash cookies. More information about managing flash cookies is available here. To learn how to manage privacy and storage settings for your local browser storage, please refer to the end user documentation for your browser.
Our Services are not intended for use by children under 13 years of age and are not targeted to children. PurpleLab does not knowingly collect personal information from children under 13 years of age, and we do not authorize users under 13 years of age to use the Services. However, if you believe that your child under 13 years of age has submitted information to us through interaction or use of any of our Services without your permission, you may contact us at email@example.com and we will use commercially reasonable efforts delete the information as quickly as possible.
We reserve the right to amend this Policy at any time, with or without prior notice. We will post the revised Policy on this page or announce the change on the home page of our Services. You can determine when the Policy was revised by referring to the “Last Updated” date on the top of this Policy. Any changes will become effective upon the posting of the revised Policy on the Services. If we make any material changes to this Policy, we will notify you by reasonable means, which may be by e-mail or posting a notice of the changes on our Services prior to the changes becoming effective.
By continuing to use any of our Services following such changes, you will be deemed to have agreed to such changes. If you do not agree with the terms of this Policy, in whole or part, you MUST stop using or interacting with any Service after the effective date of such changes (which is the “Last Updated” date of this Policy).
If you would like to contact us for any reason regarding our privacy practices or this Policy, please write or e-mail us at the following address:
3503 York Road, Suite 7
Furlong PA 18925