Privacy Policy

Labrix LLC collects information in different ways from visitors and customers who access the various parts of our services and the network of web sites accessible through our service. We use this information primarily to provide a customized experience as you use our services and, generally, do not share this information with third parties. However, we may disclose personal information collected if we have received your permission beforehand or in very special circumstances, such as when we believe that such disclosure is required by law or other special cases described below.

Customers are asked to provide certain personal information when they sign up for our services which may include name, address, telephone number, email address, billing information (such as a credit card number), and the type of personal computer being used to access the services. Additionally, health information subject to HIPAA and state privacy laws may be collected. This information and its special handling are dealt with below. The personal information collected from customers during the registration process is used to manage each customer's account (such as for billing purposes). This information is not shared with third parties, unless specifically stated otherwise or in special circumstances. Labrix LLC may also generate non-identifying and aggregate profiles from personal information customers provide during registration (such as the total number, but not the names, of customers).

When visitors or customers send email inquiries to Labrix LLC, the return email address is used to answer the email inquiry we receive. Labrix LLC does not use the return email address for any other purpose and does not share the return email address with any third party.

We may periodically conduct both business and individual customer surveys. We encourage our customers to participate in these surveys because they provide us with important information that helps us to improve the types of services we offer and how we provide them to you. Your personal information and responses will remain strictly confidential, even if the survey is conducted by a third party. Participation in our customer surveys is voluntary. We take the information we receive from individuals responding to our customer surveys and combine (or aggregate) it with the responses of other Labrix LLC customers to create broader, generic responses to the survey questions (such as gender, age, residence, hobbies, education, employment, industry sector, or other demographic information). We then use the aggregated information to improve the quality of our services to you, and to develop new services and products. This aggregated; non-personally identifying information may be shared with third parties.

It is Labrix LLC policy not to use or share the personal information about visitors or customers in ways unrelated to the ones described above without also providing you an opportunity to opt out or otherwise prohibit such unrelated uses. However, Labrix LLC may disclose personal information about visitors or customers, or information regarding your use of the Services or Web sites accessible through our services, for any reason if, in our sole discretion, we believe that it is reasonable to do so, including: to satisfy laws, such as the Electronic Communications Privacy Act, regulations, or governmental or legal requests for such information to disclose information that is necessary to identify, contact, or bring legal action against someone who may be violating our Acceptable Use Policy, Terms of Service, or other user policies to operate the services properly or to protect Labrix LLC and our customers.

A cookie is a small piece of information about an Internet session that may be created when a visitor accesses a web site. Labrix uses cookies for easier navigation within the site and to provide a higher level of convenience for the visitor. Cookies used by DDI do not retrieve any information from the visitor's personal computer.

We use different types of cookies: "session cookies" and "persistent cookies." Session cookies are temporary cookies that remain on your device until you leave the site. A persistent cookie remains on your device for much longer until you manually delete it (how long the cookie remains will depend on the duration or "lifetime" of the specific cookie and your browser settings).

Labrix uses session cookies that are necessary for us to provide the services you use, such as logging into the client account section of the site, You are able to disable placement of cookies by setting your browser to decline cookies, though this may worsen your user experience, and you may not be able to access certain sections of the site. Most browsers will tell you how to stop accepting new cookies, how to be notified when you receive a new cookie, and how to disable existing cookies. A useful resource for information about deleting and controlling cookies can be found at AboutCookies.org.

We also use Google Analytics, a popular web analytics service provided by Google, Inc. Google Analytics uses session and persistent cookies to help us to analyze how users use the site. It counts the number of visitors and tells us things such as length of stay on the site or the average number of pages a user views.

The information generated by the cookie about your use of our website (including your IP address) will be transmitted to and stored by Google on servers in the United States. Google will use this information for the purpose of evaluating your use of our website, compiling reports on website activity and providing other services relating to website activity and internet usage

Google may also transfer this information to third parties where required to do so by law, or where such third parties process the information on Google's behalf. Google undertakes not to associate your IP address with any other data held by Google.

You can opt out of tracking by Google Analytics and Google Analytics Demographics and Interest Reporting services by visiting Google Ads Settings or by downloading the Google Analytics Opt-Out Browser Add-on.

If you have Adobe Flash installed on your computer (most computers do) and you use our audio or video players on our site, Google Analytics will try to store some additional data on your computer. This data is known as a Local Shared Object or Flash cookie. A useful resource for information about Adobe Flash player settings can be found by clicking here.

As a practical matter, Labrix LLC does not do business with customers under the age of 18. Nevertheless, protecting children's privacy is especially important to us. It is our policy to comply with the Children's Online Privacy Protection Act of 1998 and all other applicable laws.

While we make every effort to ensure that our web sites are appropriate for a younger audience, we believe that there is no substitute for proper parental supervision. For further information about tips, tools, age-appropriate, or kid-friendly websites and how to report online trouble, please visit www.getnetwise.org.

Finally, Labrix LLC recommends that children ask a parent for permission before sending personal information to Labrix LLC, or to anyone else online.

Services and web sites we sponsor have security measures in place to protect the loss, misuse, and alteration of the information under our control. While we make every effort to ensure the integrity and security of our network and systems, we cannot guarantee that our security measures will prevent third-party "hackers" from illegally obtaining this information.

Labrix LLC offers customers the opportunity to access or modify information provided during registration. To access or modify such information, log in to your secured account and edit account or contact our Customer Service Department at 877-656-9596.

If you have any questions about this Privacy Policy or the practices described herein, you may contact: Account Management at accountmanagement@labrix.com.

Changes to this Policy: From time to time, it may be necessary for us to revise our privacy policies or this Notice. You are hereby notified that this Privacy Policy may change from time to time, and any changes in this policy or revisions to this Notice shall be posted on this web page. If you are concerned about changes to this Privacy Policy or this Notice, you should revisit this web page and click "refresh" on your browser in order to ascertain the latest revision date of this Privacy Policy and this notice.

SPECIAL HEALTH INFORMATION NOTICE OF PRIVACY PRACTICES THIS NOTICE IS IN ADDITION TO THE PRECEEDING PRIVACY POLICY, AND GOVERNING GENERAL PERSONAL INFORMATION. THIS PORTION OF OUR PRIVACY POLICY GOVERNS THE SPECIAL CONSIDERATIONS SURROUNDING YOUR MEDICAL HEALTH INFORMATION. THIS NOTICE DESCRIBES HOW YOUR MEDICAL HEALTH INFORMATION MAY BE DISCLOSED AND USED AND HOW YOU CAN ATTAIN ACCESS TO THIS INFORMATION.

PLEASE READ IT CAREFULLY.

At Labrix LLC we value your patronage, and we want you to know that we respect the privacy of all our customers. We are committed to protecting all our customers' private personal health information, and we will only disclose and use your personal health information as deemed necessary to provide you with quality healthcare products and services. Protected health information (PHI) is any information in our possession, or that we use and disclose that will identify you and relate to your past, current, or future mental and physical health condition or illness and the quality healthcare products and services that we have provided to you. PHI includes, but is not limited to: name, address, birth date, gender, social security number, insurance member ID number, relationship to insured health plan information, healthcare provider information.

The purpose of this "Notice of Privacy Practices" (Notice) is to help increase your understanding relating to our legal duties to protect your PHI and how we may disclose and use your PHI in relation to your past, present and future mental and physical health condition and/or illness and its treatment. The use and disclosure of any PHI will primarily involve the quality health services that we provide.

Specifically, we will disclose and use your PHI as necessary in order for one of our affiliated Doctors to provide treatment to you, for obtaining payment for healthcare products and services which we or our affiliated Doctors and Pharmacies have provided to you, and other healthcare operations which will be described later in this Notice. Another purpose of this Notice is to describe your legal rights relating to your PHI in our possession. We take all of the obligations described in this Notice very seriously not only because we may be legally required to comply with this notice, but more importantly because we respect all of our customers and their right to privacy.

Your PHI will only be disclosed and used as described in this Notice. Should any situation requiring the disclosure and use of your PHI not described in this Notice occur, we will disclose and use your PHI once we obtain your written authorization.

The PHI may be disclosed to providers of healthcare, healthcare service plans, contractors, or other healthcare professionals of facilities for purposes of diagnosis or treatment of the patient.

The Health Insurance Portability and Accountability Act of 1996 (HIPAA), provides several rights to you relating to your PHI. See below for a summarization of those rights. If at any time you would like more information about your rights, please speak with Account Management using our contact information.

Your personal information will be processed in the United States, where Labrix LLC is located, and may be processed in other countries outside the European Economic Area (“Third Countries”), that may not offer the same level of data protection as that afforded by the EU General Data Protection Regulation (“GDPR”). We will process personal data (or procure that it be processed) in the Third Countries in accordance with the requirements of applicable law, which will include having appropriate contractual undertakings in legal agreements with service providers who process personal information on our behalf in such Third Countries.

If you are a resident of the EEA, you have the following data protection rights under the GDPR:

If you wish to access, correct, update or request deletion of your personal information, you can do so at any time by contacting us using the contact details provided on the Contact Us page.

In addition, you can object to processing of your personal information, ask us to restrict processing of your personal information or request portability of your personal information. Again, you can exercise these rights by contacting us using the contact details provided on the Contact Us page.

You have the right to opt-out of marketing communications we send you at any time. You can exercise this right by clicking on the "unsubscribe" or "opt-out" link in the marketing emails we send you. Additionally you may opt-out by sending an email to: marketing@labrix.com, or you may contact us using the contact details provided on the Contact Us page.

Similarly, if we have collected and processed your personal information with your consent, then you can withdraw your consent at any time. Withdrawing your consent will not affect the lawfulness of any processing we conducted prior to your withdrawal, nor will it affect processing of your personal information conducted in reliance on lawful processing grounds other than consent.

You have the right to complain to a data protection authority about our collection and use of your personal information. For more information, please contact your local data protection authority.

Labrix has in place specific procedures in relation to any Subject Access Requests (“SAR”) that European data subjects might, and are entitled to, make. Put simply, a SAR is a request made by you which requires us to provide you with details of your personal data for an individual European data subject which we hold and process and a description of how we process it. If you have any questions, complaints, of wish to exercise your rights under the GDPR, you may contact us directly. We will consider and address your request in accordance with applicable laws.

Notwithstanding the foregoing, we reserve the right to keep any information in our archives that we deem necessary to comply with our legal obligations, resolve disputes and enforce our agreements.

You have the right to receive notice of Privacy Practices in writing, describing how we will assure the protection of your PHI and any rights related to PHI. You are entitled to request this Notice in writing at any time.

You have the right to request us to limit our use and disclosure of your PHI. Please be aware that we may not have the ability to agree to your requested limitationif as a result we are not able to provide quality healthcare products and services to you, and/or if we are required to disclose and use the PHI under federal or state law. Any requests for limitation on the disclosure and use of your PHI must be given to Account Management in writing, and must be submitted using a form that we will provide to you.

You have the right to receive and/or review photocopies of records that contain your PHI, to the extent that the records are part of a record set as defined by HIPAA. If you wish to obtain and/or review a copy of an immediate relative's PHI you will need to complete an "Access and Consent statement for Release of PHI to Patient's Authorized Representative." This is subject to any limitations on use and disclosure of PHI on file with us for that family member. We will be happy to allow you access in order to review such records, providing they meet the requirements of this Notice of Privacy Practices, without cost to you during normal business hours. We may, however, charge you a cost-based fee for photocopies of the records, along with any expenses for mailing, faxing, special courier, and/or supplies needed to complete your request.

If we are unable to allow you access to our records, we will provide you a letter explaining why we are unable to provide the requested records. Depending on the reason provided, you may submit a formal request in writing for us to reconsider. Any and all requests to receive and/or review photocopies of our records containing your PHI must be submitted in writing to Account Management using a form which we will be happy to provide to you.

You have the right to request an amendment as to the content of your PHI in our records where you have reason to believe the content is inaccurate, incomplete, or for some other reason needs to be amended. We may not, however, be able to agree to your requested amendment if we no longer have the records and/or if the requested amendment would cause your PHI to become inaccurate. If for any reason we are unable to agree to your requested amendment we will notify you in writing as to the reason we are unable to comply. You will then have the right to submit a formal statement in writing of disagreement. We may then elect to further respond in writing to you. Any and all requests for amendment to your PHI in our records must be submitted in writing to Account Management using a form which we will be happy to provide to you.

You have the right to request any communication between us and you about your PHI in a confidential manner and restrict us to locations (such as a post office box) and/or by means (such as personal cellular telephone) as specified by you. Any and all requests for confidential communications must be submitted in writing to Account Management using a form which we will be happy to provide to you upon written request.

You will have the right to obtain a detailed accounting of some of our disclosures relating to your PHI. By detailed accounting we are referring to a written record of requested disclosures. Some disclosures of your PHI are, by HIPAA, not required to be included in the detailed accounting. Including but not limited to disclosures for purposes of TPO. Any other disclosures of your PHI which are not required to be included in the detailed accounting are disclosures made directly to you or which you have authorized, made to friends, family, and others who assist with your care (caregivers) and for other purposes which are allowed by HIPAA. Please consult Account Management for more information regarding disclosures which are not required to be included in the detailed accounting.

We are required, however, to provide a detailed accounting of disclosures for the six year period immediately preceding the date of your request for the detailed accounting; however, your request for a detailed accounting can be for a shorter period of time per your request and cannot precede the HIPAA compliance date. You have the right to obtain from us, without charge, one detailed accounting during a twelve-month period. However, if you request additional detailed accountings during the same twelve month period we will charge you a cost-based fee for printing or photocopying of the detailed accounting, together with any and all expenses for mailing, special courier, faxing and/or supplies needed to fulfill your request for the detailed accounting. If it becomes necessary for us to charge you for a detailed accounting, we will notify you in advance, allowing you to withdraw and/or modify your request for the detailed accounting. All requests for a detailed accounting of our disclosures of your PHI must be, in writing, submitted to Account Management.

You have the right to file any complaints if you believe that we have violated the rights as described above, and not to fear any retaliation or adverse action by us for exercising this right. You may file the complaint with us directly, and/or with the U.S. Department of Health and Human Services (HHS). Be assured we will work with you to resolve any and all complaints, and we will be happy to provide you with the address for HHS in order to file a complaint. If you have a concern about our privacy practices and/or wish to file a complaint, you may contact Account Management at accountmanagement@labrix.com.

Please be advised: The Health Insurance Portability and Accountability Act of 1996, otherwise known as HIPAA, requires that this "Notice" describe the uses and disclosures of your protected health information (PHI). Please find these uses and disclosures summarized below. If you would like more information please contact Account Management. Nothing contained herein shall constitute an admission that HIPAA, or any other federal or state law pertaining to private information applies to our company, our business associates, agents, officers or employees. The posting of this Privacy Policy shall not be construed as a waiver of any right, argument, position or obligation.

HIPAA defines treatment as "the provision, coordination, or management of health care and related services by one or more healthcare providers, including the coordination or management of healthcare by a healthcare provider with a third party; consultation between healthcare providers relating to a patient; or the referral of a patient for healthcare from one healthcare provider to another." We will maintain any and all records that contain your PHI and we will only use and disclose your PHI as needed to allow our affiliated Doctors and Pharmacies to provide healthcare products and services to support and carry out your treatment. We will only use and disclose your PHI as needed to maintain your patient profile, including information about you, your condition, medications and/or any prescription devices that you use, any and all allergies that you may have and any other information, including but not limited to any health insurance that you have. It may be necessary for us and our affiliated Doctors and Pharmacists to discuss such problems with your other healthcare professionals, including but not limited to your physician or dentist, and during these discussions, we, or our affiliated Doctors and Pharmacists may use and disclose your PHI. We will use and disclose your PHI to you and/or your caregivers, with your consent, in discussions with you and your caregivers regarding your treatment.

HIPAA regulations define payment relating to healthcare providers (such as pharmacies), as any and all activities to obtain monetary reimbursement for the healthcare products and services which we provide to you. These activities are primarily billing you directly or billing someone who pays for your healthcare, including but not limited to a family member or a health insurance company, for healthcare products and services which we have provided to you. Activities related to billing include but are not limited to claims management, collections, and any related healthcare data processing. Depending on who pays for your healthcare products and services which we have provided to you, other activities may include but are not limited to eligibility determination, drug coverage determination, medical necessity under a health plan, appropriateness of care, and justification of charges, including prior authorization of drugs and services, prospective and retrospective drug utilization review services. A limited number of examples of PHI that may be used and disclosed in order to collect payment are: name, address, birth date, gender, social security number, insurance member ID number, relationship to insured health plan Information, healthcare Provider Information.

We will use and disclose your PHI in order for us to carry out the above activities as necessary and/or required to obtain payment for any and all healthcare products and services that we will provide to you. Public and private healthcare insurance programs that provide and/or pay for your healthcare are able to conduct audits, inspections and/or investigations of us related to our activities as well as your activities. It may be required for us to disclose your PHI to these programs for those purposes.

HIPAA defines healthcare operations as any and all activities necessary and/or related to the providing of healthcare products and services to you. These activities include but are not be limited to the following:

• Conducting quality assessment and quality improvement activities, case management, coordination of disease management and care, contacting healthcare providers and patients regarding treatment alternatives and any related functions that do not include treatment.
• Conducting or arranging for a comprehensive medical review, legal services and auditing functions, including but not limited to fraud and abuse detection and/or compliance programs.
• Pharmacy management and general administrative activities, including but not limited to activities in relation to implementation of and compliance with all requirements of HIPAA.

We will only use and disclose your PHI in order to permit our affiliated Doctors and Pharmacists to carry out the above activities as needed and/or required, and specifically to monitor and improve the quality of our healthcare products and services which are provided to you. Along with the treatment, payment and health care operations which have been described above, we may use and disclose your PHI for the following:

Business associates: The healthcare system is a very complex system and as such it may not be possible for us or our agents, employees, or independent contractors, to be able to provide healthcare products and services unless we involve other businesses or persons. These other businesses or persons may become "business associates" as defined by HIPAA. It will be necessary at times for us to disclose your PHI to these "business associates" so that they may carry out the activities which are needed to be performed, allowing us to facilitate our affiliates with the provision of healthcare products and services to you. For patients that possess health insurance including a pharmacy benefit, one of the most common "business associates" is a health insurance company and/or a pharmacy benefits company which processes claims once we submit a request on your behalf for payment for health care products and services we have provided. We have written contracts on file with all of our business associates with whom we provide your PHI so they may carry out their activities on our behalf. For your comfort, please be advised these contracts require business associates to give us their assurance that they will protect the privacy of your PHI.

Federal and state government agencies: Federal and/or state government health care insurance programs: If you receive benefits from a federal and/or state health care program, such as Medicare or Medicaid, we may disclose your PHI to the agency granting benefits. If you are employed by a business which is required to carry workers' compensation insurance, and if you are injured and your injury is covered by the workers' compensation plan, it may be necessary to disclose your PHI to the workers' compensation provider. Such providers have the right to conduct audits, inspections and/or investigations of our activities as well as your activities, and when required, we will disclose your PHI for these activities.

Legal disputes and lawsuits: Legal disputes and other lawsuits are common today and may involve the PHI that we possess. If you are involved in a lawsuit or other legal proceeding, without regard to the basis for the lawsuit and whether as a plaintiff or a defendant we will disclose your PHI as required complying with the court order, subpoena, discovery proceeding, or other legal mandate served to us. We will attempt to notify you before the disclosure if you are not the party requesting your PHI so that you and/or your attorney may determine whether you want to take actions to legally prevent disclosure of your PHI.

If you have any questions about any of the uses and disclosures of your PHI as described above, please contact our Privacy. We will obtain your written authorization if a use and disclosure of your PHI is not contained in this Notice before such use and disclosure. You have the right to refuse authorization. If you grant the authorization, you have the right to revoke authorization at any time. If we request such an authorization, we will provide you with a written form that describes in detail the proposed use and disclosure and your rights as they relate to the requested authorization.

We may be required by HIPAA to give you this "Notice of Privacy Practices" and make a good faith effort to obtain your written or electronic acknowledgement that you were given this notice.

We appreciate your effort in reviewing this notice and your cooperation in giving us your written or electronic acknowledgment.

At a minimum, HIPAA also requires that this Notice cover the following three areas:

• How we will use and disclose your protected health information.
• Your rights in regards to your personally identifiable health information.
• Our duties, legally, to protect the confidentiality of the personally identifiable health information.

While preparing this Notice, we took great strides and made every effort to comply with this HIPAA requirement. You should be aware that HIPAA, the Federal regulation, does not take precedence over a stricter State Law. You may have additional protection under State Law. If you have any questions or would like more information concerning your healthcare and/or privacy rights under HIPAA or our privacy practices, please consult Account Management at accountmanagement@labrix.com.

You should also consult Account Management if you would like to file a complaint about these privacy practices and/or if you believe we have violated your rights as described above in this notice.