Last updated: May 18, 2020
If you have any questions or comments about this Policy or the ways in which DiFranco uses the information we collect online, please do not hesitate to contact us using the information provided in the Contact Us section at the bottom of this statement.
Scope & Application
This Policy applies to information collected through the Site and also applies to information shared with us by our approved partners and other third-party sources.
This privacy statement does not apply to information collected from you offline or through websites and other online services that do not display or link to this Policy, including third-party websites to which our Site may link.
Collection and Use of Information
You can access and browse our Site at any time without providing any personally identifying information. We do not collect information that would personally identify you unless you choose to provide it.
We collect and combine information about you, how you engage with our Site, and the devices you use to view and interact with our Site for the legitimate purposes described below. This includes information you provide to us in connection with your use of the Site and information collected automatically when you view and interact with our Site.
Information You Provide to Us
We collect information you provide directly to us, such as when you create or modify your account or user preferences, submit a form requesting information or an appointment, sign up for a newsletter, contact us, respond to a survey, use the online content, or otherwise communicate with us. This information may include your name, email address, phone number, postal address, insurance information, personal health information (which, to the extent it is considered Protected Health Information under HIPAA, shall be subject to the terms in the Protected Health Information section below), survey responses, user content stored or entered into the forms found in our Site, and other information you choose to provide through use of our Site.
The information you provide to us will be used to (i) set up your account (if applicable); (ii) arrange or confirm an appointment with us (if applicable); (iii) if you elect to receive information from us, to provide you with such information; (iv) improve the Site; (v) respond to your inquiries; (vi) to fulfill any other purpose for which you provided it.
We may also use the information you provide to us for marketing and promotional activities. We want to keep you updated about our practice and our services and we may use your personal information to send you promotional products and information about DiFranco. We may engage with you through marketing and promotional activities, including sending you marketing communications; online surveys; alerting you about events, webinars, or other materials, and updating you about our relevant products and services. You can opt-out of our marketing activities at any time by using an unsubscribe link in any communication you receive or contacting us using the information provided herein.
We will not use your information for any purposes other than as described in this Policy or explained to you at the point at which the information was collected.
Information Collected Automatically
This website advertises with Google in order to show ads to its visitors. As such, it may collect content and/or information, and that information may be used to personalize ads to you. We abide by Google’s Terms of Service. For more information, please visit Google’s Privacy & Terms.
We may automatically collect additional information about your visit to our Site, including pages you visit, your geographic location based solely on your IP address unless otherwise approved by you, promotions with which you interacted, and other behaviors. This information is collected for the sole purpose of improving your overall visit to our Site by providing interest-based content. For example, we may collect information about your geographic location and a health interest, based on topics you have browsed in our Site so that we can promote a physician who may practice close to your location. This data is not shared with any third party. The data may also be used to provide interest-based content for communications for which you have opted in.
When interacting with our Site within social media, we may obtain information stored within social media or authorized by you to be collected by us within such social media. This information may include your contact information, email address, friend information, friends, and pages with whom you have an association and other information stored within social media.
We may also gather certain information automatically, including but not limited to, internet protocol (IP) addresses, browser type, internet service provider (ISP), operating system, date/time stamp, mobile location, and device type, and/or clickstream data. This information may be linked to other information we collect about you. Cookies, web beacons, flash cookies, and similar technologies serve many important functions that help us serve you better.
Your Control over Information
You have a variety of tools to manage cookies and similar technologies that collect information related to your use of the Site, including:
- Digital Advertising Alliance’s opt-out page to opt-out from receiving third-party advertiser cookies.
- Network Advertising Initiative opt-out page.
- Control Facebook’s use of interest-based ads through your Facebook account settings, or may visit the customer support page here.
- For instructions on how to opt-out of receiving targeted (personalized) advertising, click here. Please note you will still see ads even if you opt-out, but they will not be personalized by third parties.
To learn more about cookies and similar tracking technologies, and how they can affect your privacy, visit allaboutcookies.org.
For more information about the California Residents section of NextRoll’s Service Privacy Notice, click here.
Please note that because there is no consistent industry understanding of how to respond to “Do Not Track” signals, we do not alter our data collection and usage practices when we detect such a signal from your browser.
Please note, disabling, removing or blocking cookies may turn off some of the features of our Site that make your experience more efficient, and some portions of the Site may not function properly.
Sharing of Information
We may share the information described above as set forth in this Policy or as otherwise described at the time such information is collected from you.
Information Shared by Us
- Affiliates. We may share information with a parent, subsidiary, or affiliate entity in common control with us. Any organization to which we provide such information is required to keep it confidential and to only use such information in accordance with this privacy statement.
- Service Providers. In the course of doing business, we employ other companies and individuals to perform a variety of functions on our behalf. For example, we may provide information as necessary (or those companies may collect this information directly on our behalf) to companies that host our Site, manage our appointments and information requests, or send communications on our behalf. These service providers may have access to information about you if it is needed to perform their functions for us, but they are not authorized by us to use or disclose such information except as necessary to perform services on our behalf or to comply with legal requirements, and they are required to maintain the information in confidence.
- Legally Required. We reserve the right to disclose information if required to do so by law or by a regulatory authority. We may also disclose information as part of an investigation or enforcement action relating to improper or illegal conduct in connection with our Site or other services, including, without limitation, any situations that may potentially involve threats to the safety or privacy of any person or misuse of our Site.
- Sale or Bankruptcy. During the normal course of our business, we may sell or purchase assets. If another entity acquires us or any of our assets, the information described in this Policy may be transferred to such entity. In addition, if any bankruptcy or reorganization proceeding is brought by or against us, such information may be considered an asset of ours and may be sold or transferred to third parties. Should such a sale or transfer occur, we will use reasonable efforts to try to require that the transferee use such information in a manner that is consistent with this privacy statement.
- Aggregated and Non-Identified Data. We may maintain and use aggregate data or other non-identified information (i.e., data that does not identify a specific individual), such as usage statistics, device data, online traffic patterns, and user feedback. In addition to using this information for the purposes discussed in this Policy, we may disclose such aggregated or non-identified data to third parties without restriction.
- Business Partners. We may share your information with our business partners. These business partners may use the information received by them to contact you to offer you certain opportunities, products, services, or promotions. Please note that once your information has been shared with a business partner, it is no longer subject to the control of DiFranco or subject to this Policy.
Protected Health Information
To the extent any personal information you provide to us via the Site (by making an appointment, by submitting a contact request form, or any other method) is considered Protected Health Information (“PHI”) under HIPAA, we will adhere to the following practices for use and disclosure of PHI. Note that this Policy DOES NOT apply to any PHI we may collect from you by any means other than your submitting it via this Site.
The privacy practices described in this Policy will be followed by all employees of DiFranco and any third-party service providers that process your PHI on our behalf. DiFranco is the Covered Entity that controls your PHI, and any third party service provider is considered a Business Associate. Whenever PHI is shared with a Business Associate, prior to such sharing DiFranco will obtain a Business Associates Agreement that contractually obliges the third party of abiding by all applicable HIPAA rules and regulations.
We typically use the information collected from you via the Sites to answer your questions and otherwise provide the information you request, to connect you with one of our providers, to schedule appointments with one of our providers, and to record any services provided to you. We may also disclose your PHI to courts and attorneys when we get a court order, subpoena, or other lawful instructions from those courts or public bodies or to defend ourselves against a lawsuit brought against us or to law enforcement officials as authorized or required by law.
You have the right to request a copy of any PHI we hold about you, to make corrections to this PHI, and to request that we delete your information. You also have the right to be notified in the event of a breach; and we will notify you if your medical information has been “breached,” which means that your medical information has been used or disclosed in a way that is inconsistent with law and results in it being compromised.
You are cautioned not to include any PHI in forms you submit via the sites, or to use unsecure electronic communications for any messaging including PHI. If you choose to communicate with us or any of your DiFranco providers via unsecure electronic communication, such as regular e-mail or text message, we may respond to you in the same manner in which the communication was received and to the same e-mail address or account from which you sent your original communication. Before using any unsecure electronic communication to correspond with us, note that there are certain risks, such as interception by others, misaddressed/misdirected messages, shared accounts, messages forwarded to others, or messages stored on unsecured, portable electronic devices. By choosing to correspond with us via unsecure electronic communication, you are acknowledging and agreeing to accept these risks.
Additionally, you should understand that the use of email is not intended to be a substitute for professional medical advice, diagnosis, or treatment. Email communications should never be used in a medical emergency.
The security of your information is important to us. We take precautions to protect your information by implementing safeguards to protect the information we collect. But you should keep in mind that no website or Internet transmission is ever completely secure or error-free. PLEASE NOTE: The safety and security of your information also depend on you. We urge you to take steps to keep your personal information safe, such as choosing strong passwords and never sharing your password with anyone else. If you create or receive a password in connection with Site access, please notify us promptly if you believe your password security has been breached, and remember to log off the online service before you leave your computer or mobile device.
The Site may offer opportunities to communicate through email. Because normal email is not encrypted, the possibility exists that unauthorized individuals may intercept email messages. DiFranco its service providers, parents, and affiliates are not responsible for the privacy of email messages except those stored in our system.
Occasionally, at our discretion, we may include or offer third-party products or services on or linked to our Site. These third-party sites have separate and independent privacy policies. We, therefore, have no responsibility or liability for the content and activities of these linked sites. Nonetheless, we seek to protect the integrity of our site and welcome any feedback about these sites.
COPPA (Children’s Online Privacy Protection Act)
We do not knowingly collect or use any personal information from children (we define “children” as minors younger than 13) on our Site. We do not knowingly allow children to communicate with us or use any of our Site features. If you are a parent and become aware that your child has provided us with information, please contact us using one of the methods specified herein, and we will work with you to address this issue.
California Privacy Rights
This section only applies to users of our Site that are residents of the State of California at the time of data collection.
Consumer Information collected through the Site is collected for DiFranco’s use and is not transferred to any third party for valuable consideration. However, if you are a California resident, you may send us specific instructions not to sell your personal information now or in the future. Such requests can be made via email at firstname.lastname@example.org, or in writing at the address below.
California residents may also request and obtain from us a list of what personal information (if any) we disclosed to third parties for direct marketing purposes in the preceding calendar year and the names and addresses of those third parties. California law provides that you have the right to receive the following information: (a) the categories of information we disclosed to third parties for the third parties’ direct marketing purposes during the preceding calendar year; and (b) the names and addresses of third parties that received such information, or if the nature of their business cannot be determined from the name, then examples of the products or services marketed. You are entitled to receive a copy of this information in a standardized format and the information will not be specific to you individually. You may make such a request by emailing us at email@example.com.
Further, California residents may:
- Request that we provide you with a copy of your personal information in our files without undue delay and free of charge, unless we are permitted by law to charge a fee. Your access may be limited to the extent it would adversely affect the rights and freedoms of other individuals.
- Request to correct or update any of your personal information in our files.
- Request that we erase any of your personal information in our files that: is no longer necessary in relation to the purposes for which it was collected or otherwise processed; was collected in relation to processing that you previously consented to, but later withdrew such consent; or was collected in relation to processing activities to which you object, and there are no overriding legitimate grounds for our processing.
Visiting The Site From Outside The United States
DiFranco is located in the United States. The medical services described within the Site are directed only at customers in the United States. If you are visiting the Site, or any part thereof, from outside the United States of America, please be aware that your information may be transferred to, stored or processed in the United States and maintained on computers or servers located outside your state, province, country or other governmental jurisdiction where the privacy laws may not be as protective as those in your jurisdiction. By using any portion of our Site, you understand and consent to the transfer of your information to the United States and those third parties with whom we share it as described in this privacy statement.
Acceptance of these terms
Each time that you use or visit our Site, you signify that you have read, understood, and agree to be bound by the terms of this Policy. If you do not agree to the terms of this Policy or the use of your information as set forth in this Policy, please do not use or visit our Site. Your continued use of our Site subsequent to changes in this privacy statement will signify your acceptance of the changes.
Reservation of Rights
By using our Site, you consent, and we reserve the right, to use the data we collect from you as described in this Policy. Additionally, you consent, and we reserve the right, to use the data we collect from you in ways that are consistent with the then-current disclosed Policy regardless of when your data was collected (i.e., we can use your data in ways that are consistent with the current disclosed practice but which may not be entirely consistent with the previously disclosed practices when your information was originally collected).
If you feel that we are not abiding by this Policy or if you have any questions, you should contact us immediately.
401 W. Talcott Rd.
Park Ridge, IL 60068