Privacy Policy
CMI LLC. PRIVACY POLICY
This Privacy Policy is designed to inform users of the CMI LLC. (“CMI”) website, mobile application and services (collectively, the “Service”) about how we gather and use personal information collected by us in connection with use of the Service. You may have been invited to use, download or install the Service from a third party as part of a research or clinical care initiative (such third party, the “Institutional Client”), or you may have subscribed or downloaded and installed the Service for your personal use. This policy covers how CMI LLC. (“CMI”) treats your Personally Identifiable Information (“PII”) and Protected Health Information (“PHI”) (collectively hereafter “PHI”) that CMI collects, receives, maintains, stores or transmits, including information you transmit or submit to our website (the “Site”). Your PHI includes information that individually identifies you or is information about you that can be traced back to you, your IP address, and your location. It may also include, but is not limited to your name, address, employer, email address, phone number, and information about your health and/or other types of protected health information. CMI complies with the EU-US Privacy Shield framework set forth by the US Department of Commerce, regarding the collection, use and retention of personal information from European Union member countries. CMI has certified that it adheres to the Privacy Shield principles of notice, choice, accountability for onward transfer, security, data integrity and purpose limitation, access and recourse, enforcement and liability. If there is any conflict between the policies in CMI’s Privacy Policy, and the Privacy Shield principles, the Privacy Shield principles shall govern. To learn more about the Privacy Shield program, and to review our certification page, please visit https://www.privacyshield.gov.
Agreement
By using this Site, and/or CMI’s products or services, (collectively “Services”) you accept and hereby expressly consent to the terms of this Privacy Policy. This Privacy Policy may change from time to time, so please check back periodically to ensure that you are aware of any changes. Your continued use of the Site, CMI’s products or services signifies your acceptance of any such changes.
Information Collection and Use
CMI collects personal information when you register with CMI or through its Site, or when you use CMI’s products or services. When registering with CMI, we will ask you to provide us with your name, address, email address, phone number, sponsoring provider and monitored health data for which you are registering and other related information that CMI may ask of you from time to time, and you may submit additional information and comments through the Site. It is always your choice whether or not to provide us with such information. If you choose not to provide the requested information you may not be able to use certain features or functions of this Site, or CMI’s products or services. Whenever you visit our Site, CMI also receives and records information on our server logs from your browser, including your IP address, CMI’s cookie information, and the pages you request, and relates it to the PHI you provide. CMI collects and uses information you provide for the following purposes:
Registration — When you register for the Service, we may collect your information as part of the registration process, including but not limited to your name, address, location, sponsoring provider and program preferences.
Self-Reported Health-Related Information — We may collect the information that you enter during the course of using the Service, such as information regarding your health and/or medical condition and related behaviors.
Provider-Reported Health-Related Information — We may collect the information about you that is submitted with your permission by your healthcare provider during the course of using the Service, such as information regarding your health and/or medical condition, including information that is considered protected health information under the HIPAA privacy and security regulations.
Social Information — We collect information that you provide to us pertaining to the people with whom you consent to share your protected health information (such as a family member, another patient or doctor), as well as communications between you and such individuals.
Communications With a Health Professional — We collect communications that take place through the Service between you and your healthcare provider, health manager or health coach.
Public Forums — We collect information that you publicly post through the Service on message boards or other public forums.
Email — If you communicate with us via email, then we will collect your email address.
Automatically Tracked Health-Related Information — We may use automated tracking methods such as cookies, GPS data, and connected accelerometers, to collect information regarding your behaviors relative to the Service.
Demographic Information — We may also collect demographic information, such as age, gender, and geographic location, as part of your profile in the Service.
Surveys — From time to time, we may send you survey question to provide us with feedback on our Service. We collect any responses that you provide.
Mobile Devices — If you are accessing the Service through a program whereby you receive a sponsored CMI-enabled mobile device, we will collect and manage your data and other telephonic information as part of the device provision and maintenance.
CMI is committed to adhering to the Privacy Shield principles. CMI will not process your information in a way that is incompatible with the purposes for which it has been collected or subsequently authorized by you. To the extent necessary for those purposes, CMI will take reasonable steps to ensure that personal data is reliable for its intended use, accurate, complete, and current. CMI will adhere to the Privacy Shield principles for as long as it retains any information transmitted while a member of the Privacy Shield. You may affirmatively opt-out of receiving future messages and announcements and remove your name from our mailing lists. The opt-out provisions do not apply to information collected by cookies or used internally to recognize you and/or facilitate your visits to the Site, or information we may retain to comply with legal requirements. You may dis-enroll from the Service at any time by emailing CMI llc. customer service at info@CMI.com. Our Site uses a software technology called “cookies.” Cookies are small text files that we place in visitors’ computer browsers to store their preferences. Cookies themselves do not contain any PII. “Web beacons” are small pieces of code placed on a web page to monitor the behavior and collect data about the visitors viewing a web page. For example, web beacons can be used to count the users who visit a web page or to deliver a cookie to the browser of a visitor viewing that page. We may use web beacons on our Site from time to time for this purpose.
Information Sharing and Disclosure
CMI does not rent, sell, or share your information with other people or nonaffiliated companies, except to provide products or services you have requested, when we have your authorization to share such information, or when we provide the information to companies or consultants working on behalf of or with us under confidentiality agreements. These companies and consultants may use your PHI to help us communicate with you about offers from CMI and our marketing partners. However, these companies and consultants do not have any independent right to share this information. If CMI ever transfers your information to a third-party, CMI is responsible for the processing of personal information it receives under the Privacy Shield and subsequently transfers to a third party acting as an agent on its behalf. CMI will remain liable under the Privacy Shield principles if its agent processes your personal information in a manner inconsistent with the Privacy Shield principles, unless the third-party organization can prove that it is not responsible for the event giving rise to the damage. We may also be required to disclose your information in response to a legal process, for example, in response to a court order or a subpoena to comply with its applicable legal and regulatory reporting requirements. We also may disclose your information in response to a law enforcement agency’s request, or where we believe it is necessary to investigate, prevent, or take action regarding illegal activities, suspected fraud, situations involving potential threats to the physical safety of any person, violations of our End User License Agreement, or to verify or enforce compliance with the policies governing our products and services and with applicable laws, or as otherwise required or permitted by law or consistent with legal requirements. In addition, we may transfer your information to an entity or individual that acquires, buys, or merges with CMI, or our other business units.
Confidentiality and Security
We have taken reasonable and necessary steps to ensure that all information collected will remain secure and in its original form, i.e., free from any alteration. We have put in place appropriate physical, electronic, and administrative procedures in an effort to safeguard and help prevent unauthorized access, maintain data security, and correctly use the information we collect online. CMI is not responsible for and will not be a party to any transactions between you and a third-party provider of products, information or services. CMI does not monitor such interactions to ensure the confidentiality of your PHI and PII, including credit card information. Any separate charges, data records or obligations you incur in your dealings with third parties linked to or in conjunction with CMI’s Service are solely your responsibility.
Accessing Your Information
You may request access to your PHI and request information about our collection, use and disclosure of such information by contacting us at info@CMI.com. We use best efforts to keep our records as accurate and complete as possible. You can help us maintain the accuracy of your information by notifying us of any changes to your personal information. Your rights to access your personal information are not absolute. We may deny you access when required by law or if disclosure would likely reveal personal information about a third party. Disclosure for Marketing and Business Purposes We may also license, sell or otherwise share aggregated, de-identified versions of your PHI and other data (“Aggregated Information”) with institutional clients, partners, investors and contractors for any purposes related to our business practices.
General Information
Links — The CMI Service may contain links or deep links to other websites, open search results, public feeds, or curated channels. CMI generally reviews the content of health news articles or publications linked through third party websites, but is not responsible for such content, the privacy practices, or any advertisements on third party websites. Users should be aware of this when they leave our Service and are encouraged to review the privacy statements of each third-party website. Moreover, CMI is not responsible for any disclosures to third parties to whom you may disclose your PHI directly, including family members and/or friends. This Privacy Policy applies solely to information collected by CMI in relation to the Service. Amendments — CMI may modify or amend this Privacy Policy from time to time. If we make any material changes, as determined by CMI, in the way in which Personal Information is collected, used or transferred, we will notify you of these changes by modification of this Privacy Policy, which will be available for review by you at the Service. Termination — CMI reserves the right to decide, at its sole discretion, to no longer offer you the Service. If CMI decides to terminate your account, CMI will either return or permanently destroy any copies it maintains of your PHI in accordance with its obligations under federal or state law. Children — CMI does not knowingly collect PHI from children under the age of 13, and our Service is not directed at users under the age of 13. If we find that PHI has inadvertently been collected for an individual under the age of 13, we will immediately delete it.
Independent Recourse Mechanism
In compliance with the Privacy Shield principles, CMI commits to resolve complaints about your privacy and our collection or use of your personal information. CMI will respond to the inquiry or complaint within forty-five (45) days. European Union individuals with inquiries or complaints regarding our Privacy Shield policy should first contact CMI at: info@CMI.com. CMI has further committed to refer unresolved privacy complaints under the EU-US Privacy Shield principles to the JAMS EU-US Privacy Shield program, an alternative dispute resolution provider located in the United States. If you do not receive timely acknowledgment of your complaint, or your complaint is not satisfactorily addressed by CMI, please visit the JAMS website at: https://www.jamsadr.com/eu-us-privacy-shield for more information or to file complaint. The services of JAMS are provided at no cost to you. Please note that if your complaint is not resolved through these channels, as a last resort and under limited circumstances, a binding arbitration option may be available before a Privacy Shield panel. The Federal Trade Commission (“FTC”) has jurisdiction over CMI’s compliance with the Privacy Shield. CMI is subject to the investigatory and enforcement powers of the FTC.
Questions and Suggestions
If you have questions or suggestions, or wish to correct your profile information, please email CMI at info@CMI.com or write to us at CMI LLC., 3401 Wilshire Boulevard, 12th Floor Santa Monica, CA 90401. This Privacy Policy was last updated on 2 January, 2023. Copyright © 2022-2023 CMI LLC. All rights reserved.