LIMITED TIME OFFER: Get 25% off with code BLACKFRIDAY

Privacy Policy

Last updated: September 6, 2024 Hard Candy Inc (“Hard Candy Inc,” “we,” “us,” or “our”) respects your privacy and is committed to protecting it through compliance with this Privacy Policy. This Policy describes the types of information we may collect from you or that you may provide when you visit our Site or use our Services, and our practices for collecting, using, maintaining, protecting, and disclosing that information. We also describe the measures we take to protect the security of the information and how to contact us about our privacy practices. This Privacy Policy is part of and incorporated into the Terms and Conditions, found at Terms and Conditions which is a legally binding agreement between you and Hard Candy Inc. Please review this Privacy Policy carefully. If you do not agree with our policies and practices, you may choose not to use our Site or our Services. By accessing and using the Site or our Services, you accept and agree to this Privacy Policy, whether or not you register for an account through the Site.

Personal Information We Collect

“Personal Information” is any information relating to a natural person who is, or can be, identified either directly or indirectly from such information and includes information such as a user’s name, address, telephone number, email address, Internet activity (such as browsing history), or other information directly linked to that person. We collect Personal Information when you register on our Site, use our Services, and when you choose to provide information through our Site. The types of Personal Information you may provide include:
  • Contact information (name, postal address, email address, phone number)
  • Demographic information (date of birth, gender)
  • Physical attributes (height, weight)
  • Medical history
  • Lifestyle information (smoking and drug use)
  • Payment information (payment card number, expiration date, billing address)
  • Photographic images for identification or non-diagnostic purposes, including driver’s license or passport photos
  • Username and password
When you visit our Site, we may also collect Personal Information automatically through cookies, web beacons, and similar technologies, including:
  • IP address
  • Browser and device characteristics
  • Operating system
  • Referring URLs
  • Geographic location
  • Website interaction data
  • Dates and times of visits
A cookie is a text file placed on your device to uniquely identify your browser. A web beacon (also known as a pixel tag or clear GIF) communicates with web servers to track browsing activity. These tools allow us to understand user behavior and improve our Services. Your browser may allow you to block or limit cookies, but doing so may limit your ability to use certain features of our Site. Some business partners may use their own cookies on our Site. While we do not control those cookies, this Privacy Policy governs how we and our partners operate on our Site. We may also allow social media companies to embed widgets on our Site. These third parties may track your activity across websites. We encourage you to review their privacy practices independently. Some browsers provide a “Do Not Track” setting. We do not currently respond to DNT signals.

HIPAA and Protected Health Information

The Medical Practices with whom we partner are regulated as “covered entities” under the Health Insurance Portability and Accountability Act (“HIPAA”). Please be aware that this Privacy Policy is distinct from the Medical Practices’ Notice of Privacy Practices, which describes in detail how your protected health information (“PHI”) is used and disclosed. If you would like to review a copy of the Medical Practices’ Notice of Privacy Practices, please request a copy directly from your Provider.

Protected Health Information (PHI) and HIPAA Compliance

(NEW SECTION ADDED) Protected Health Information (“PHI”) refers to individually identifiable health information relating to your past, present, or future health, the provision of health care to you, or payment for such health care. Hard Candy partners with independent licensed medical providers and Professional Corporations (“Medical Practice”) to deliver clinical care. The Medical Practice, not Hard Candy, is responsible for medical evaluation, diagnosis, prescribing, and maintaining clinical records. As such, the Medical Practice is considered a HIPAA-covered entity.

How PHI Is Handled

When you use our Services to obtain medical care:
  • Any PHI you provide is governed by HIPAA and handled in accordance with the Medical Practice’s Notice of Privacy Practices.
  • Hard Candy may receive, store, or process PHI solely as a HIPAA Business Associate to support treatment, payment, or health care operations.
  • We follow administrative, technical, and physical safeguards required by HIPAA.
  • We do not use PHI for marketing unless you give express written authorization.
  • We do not sell PHI.

Notice of Privacy Practices

The Medical Practice maintains a HIPAA-required Notice of Privacy Practices (NPP) that explains:
  • how PHI may be used and disclosed
  • your rights over your PHI
  • how you may access or request amendments to your medical record
This Privacy Policy does not replace the NPP. To review that Notice, please request a copy directly from your Provider.

How We Use the Personal Information We Collect

Hard Candy Inc may use Personal Information to:
  • Create and manage accounts
  • Offer and provide information and Services
  • Display content
  • Facilitate telehealth and related services
  • Communicate about surveys, events, programs, promotions, and Site features
  • Respond to inquiries and fulfill requests
  • Send marketing and administrative emails
  • Improve and evaluate our business
  • Conduct data analyses and market research
  • Detect and prevent fraud
  • Comply with legal and regulatory obligations
We may use automatically collected information to customize users’ Site experience, tailor content, diagnose technical problems, and understand engagement trends. We may use third-party analytics providers who collect information through cookies or web beacons to evaluate Site usage.

Personal Information We Share

We do not sell, trade, or share Personal Information except as described in this Policy. We may share Personal Information with:
  • Third-party health care providers for treatment, payment, or operations
  • Pharmacies and health care organizations assisting in providing care
  • Affiliates, subsidiaries, and partners
  • Service providers performing functions on our behalf
We may disclose Personal Information:
  • As required by law
  • To law enforcement or government agencies
  • To prevent harm, fraud, or illegal activity
  • With your explicit authorization
  • During business transfers or mergers

Aggregate and De-identified Information

We may aggregate or de-identify Personal Information to understand user trends, improve the Services, and develop products. Aggregate or de-identified information does not identify individuals and may be commercialized without compensation to you.

Retention of Personal Information

We retain Personal Information as long as necessary to comply with legal obligations, meet regulatory requirements, resolve disputes, maintain security, or honor opt-out requests. Third-party partners may retain information as required by their obligations.

How We Protect Your Personal Information

We implement reasonable physical, administrative, and technical safeguards. No method of transmission or storage is completely secure, and we cannot guarantee absolute security. You are responsible for maintaining the confidentiality of your password and account.

Links to Other Websites

Our Site may link to third-party sites. We are not responsible for their privacy practices.

Age and Geographic Restrictions

The Site is intended for users 18+. We comply with COPPA and do not knowingly collect data from children under 13. Parents may request deletion of inadvertently collected information. Our Site is designed for use in the United States.

Consent to Communications

By using the Services, you consent to receiving communications about your care and account. You may opt out of marketing emails or text messages at any time.

Your Choices

You may update preferences, correct Personal Information, or deactivate your account by contacting customercare@HARDCANDY.com.

California Privacy Rights (CCPA)

(Full section retained as originally drafted.)

Submitting Data Privacy Requests

(Full section retained as originally drafted.)

Changes to This Privacy Policy

We may update this Policy at any time. Changes take effect immediately upon posting.

Questions and Contact Information

Hard Candy Inc
30 N Gould Street
Sheridan, WY 82801
info@hardcandy.com