Some elements of our sites or mobile applications may ask you to submit Personal Information in order for you to benefit from the specified features or participate in a certain activity, such as newsletter subscriptions, processing of online purchases, completion of surveys, or account registration.  For example:

• Account Registration: If you register for an account, we may request Personal Information such as your name and contact information, such as your email address, telephone number, billing address, and delivery address.
• Sharing with Health Care Providers: If you agree to share information with your healthcare practitioner about our products or services via our sites or mobile applications, we may have access to any such information that you provide.
• Searches: if you are searching within our sites, we may record information identifying you or linking you to the search performed and recording information related to the search request.
• Customer Research and Surveys: if you submit Personal Information in response to a survey or customer research questionnaire in which we invite you to participate.
• Product Purchases: If you purchase an item through our sites, we will collect your name, your billing address, your shipping address, and your credit or debit card, or other financial account information.
• Subscription to Email Communications: if you subscribe to receive email communications from us, including newsletters and promotional emails.
• Communication with Us: we collect any information you provide when you communicate with us via phone, email, web chat, fax, or through any online “contact us” form.
• Comments: if any of our sites allow you to post comments or other content to sections of our sites.  Please be aware that, upon submission, all content approved for publication on our sites will be available to other registered users of that sites, and that your content may be collected, used, and shared outside of our control.

We may combine information you submit through our sites and mobile applications with other information we have collected from you, whether on-line or off-line.  We treat the combined information in accordance with this Privacy Statement.

We only use the Personal Information for the purposes for which you have agreed to and/or expressly consented.

We use Personal Information submitted by you or collected through our sites, mobile applications and through other sources, for the purposes described in this Privacy Policy. Generally, we use the information you provide to use for the reason for which it was provided and as described to you at the point of collection.  For example, if you sign up to receive email notifications, we will contact you by email.  If you provide us with information to purchase a product, we will use the information to process your transaction.  Specifically, we may use Personal Information from or about you:

• to respond to your inquiries and fulfill your requests;
• to send you important information regarding our relationship with you or regarding our sites and mobile applications (such as changes to our terms, conditions, and policies, and other administrative information);
• to provide you with access to our sites or mobile applications, as requested by you;
• if you choose to complete a survey or questionnaire, we may use the information to evaluate your feedback from the survey or questionnaire;
• if you purchase goods or services via our sites, we may use your Personal Information to process your transaction and send you the item(s) that you purchased. We may also use your information to process returns and to collect any amounts owed to us.
• if you subscribe to receive promotional communications, we may use Personal Information to promote our products and services;
• for our business purposes, such as data analysis, audits, recordkeeping, developing new products or services, enhancing, or improving our services, identifying usage trends, personalising your experience on our sites or mobile applications, and determining the effectiveness of our promotional campaigns;
• if necessary or appropriate: (a) under applicable law, including laws outside your country of residence; (b) to comply with legal process; (c) to respond to requests from public and government authorities, including public and government authorities outside your country of residence; (d) to enforce our terms and conditions; (e) to protect our operations; (f) to protect our rights, privacy, safety or property, and/or that of our affiliates, you, or others; and (g) to allow us to pursue available remedies or limit the damages that we may sustain; and
• if we intend to collect and use Personal Information for another purpose, we may seek your permission at the time the information is collected.

We may use any information that does not personally identify you, your computer, or your device, for any purpose.

Your Personal Information may be disclosed for the following purposes:

• to our agents, representatives, contractors, and service providers so they can provide us with support services.
• if you choose to allow your healthcare provider to access your Personal Information through our mobile applications.
• as we believe to be necessary or appropriate: (a) under applicable law, including laws outside your country of residence; (b) to comply with legal process; (c) to respond to requests from public and government authorities, including public and government authorities outside your country of residence; (d) to enforce our terms and conditions; (e) to protect our operations; (f) to protect our rights, privacy, safety, or property, and/or that of our affiliates, you, or others; and (g) to allow us to pursue available remedies or limit the damages that we may sustain.
• As described in Section 5 below, “Disclosure to Our Partners.”
• otherwise, with your consent.

There are also other circumstances in which we may collect your Personal Information indirectly.  For example, we may occasionally collect Personal Information from third party companies, healthcare professionals and information service providers with whom we have a relationship (referred to collectively in this Privacy Policy as “our partners”).  In such circumstances, we take all reasonable steps to ensure that our partners have obtained your consent to disclose your Personal Information to us.

Some of the SFI mobile applications and services may be offered to you by your healthcare provider.  Your healthcare professional may ask you to expressly consent to them collecting, using, and sharing your Personal Information.  You should therefore also review your healthcare provider’s privacy policy.

If you do not give your healthcare provider consent to use your Personal Information you can still view or use the SFI mobile applications or services, but many of the features and functionalities will not be available to you.

SFI will not have any access to any Personal Information you share with your healthcare provider via the SFI mobile applications or services unless you have also expressly given us consent.

If you are a healthcare professional and you are using an SFI mobile application or service in the provision of medical or professional healthcare services, it is your sole responsibility to:

• obtain express consent from your patients to use their Personal Information
• ensure that patients using the SFI mobile applications or services are at least 16 years and, if not, that you have express consent to collect and/or use the Personal Information from their parents or guardians

An IP address is a unique identifier that certain electronic devices used to identify and communicate with each other on the Internet. When you visit our sites, we may view the IP address of the device you use to connect to the Internet. We use this information to determine the general physical location of the device and understand from what geographic regions our website visitors come. We also may use this information to enhance our sites or mobile applications.

Certain information is collected by most browsers, such as your Media Access Control (MAC) address, computer type and operating system type and version screen resolution, and Internet browser type and version.

Our sites may include social media tools, including social media widgets or plug-ins, to connect you to our social media pages. These features may set a cookie or use other automatic collection and tracking technologies to collect information about you and your use of the social media features through and in connection with our sites. These social media tools may be hosted by a third party. Your interactions with these tools and the corresponding social media platforms are governed by the privacy policies of the companies that provide such platforms.

When you visit our websites, non-personally identifiable information in the form of a “cookie” may be stored on your computer enabling automatic user recognition for when you next visit our sites or mobile applications.  Cookies allow us, for example, to adapt a website to your interests or to store your location, to save you from having to re-enter the information each time you visit.

Some cookies are essential whilst others help us improve your experience. Essential cookies help make our sites and mobile applications usable by enabling basic functions like page navigation and access to secure areas. Our sites and mobile applications may not function properly without these cookies. Some other cookies may help us to comply with legal requirements like the EU’s GDPR (privacy) such as managing your consents, requests, and company data.

We also cookies to understand your browsing and buying activities to measure the success of online advertising campaigns we run on our sites and mobile applications. We also use:

• session, persistent and third-party “cookies” that store a small piece of data on your computers and collect certain information about your visit to our sites and mobile applications
• web beacons (either directly or from our partners), along with cookies, to determine you have visited a particular website. These beacons assist us to provide you with more relevant advertising, but we do not use data collected by cookies to identify who you are.

The cookies and web beacons we use collect non-personally identifiable information about you including: IP address, browser used to access the site, date and time, the URL of the page being loaded, users who have visited a particular website(s), any previously assigned cookie identification (a unique identifier assigned to a user to identify repeat visitors), browser window size, your geographic location, device, and operating system used to access our sites or mobile applications.  The information we collect from these cookies and web beacons is used to:

• Determine information about your visit to our sites or mobile applications, including the number of visits, average time spent, pages viewed, navigation history and other statistics. We use this information to enhance your experience while visiting our sites and mobile applications; and to improve their performance by, among other things, allowing us to monitor performance, making them easier to use, measuring the effectiveness of promotional placements, and tailoring them (including the ads and offers you receive) to better match your interests and preferences.
• Select which of our advertisements or offers are most likely to appeal to you and display them while you are on the sites and on other websites, applications, and online services that you use; and
• Track consumer responses to online advertisements.

If you do not wish your computer to be recognised, please select browser settings to delete cookies from your hard drive; or block all cookies; or prompt you before a cookie is stored. Each Internet browser has a different procedure for disabling the use of cookies. The Help function within your browser should tell you how. Alternatively, visit http://www.aboutcookies.org where you can find information on how to control cookies on a variety of browsers.

You will also find details of how to delete cookies from your computer and other general information about cookies.  You should note, however, that turning off cookies (or not consenting to the collection or use of your Personal Information) may prevent some of our websites or mobile application features from working properly.

Necessary cookies

Necessary cookies allow us to offer you the best possible experience when accessing and navigating through our website and using its features. For example, these cookies let us recognize that you have created an account and have logged into that account.

Functionality cookies

Functionality cookies let us operate the site in accordance with the choices you make. For example, we will recognize your username and remember how you customized the site during future visits.

Analytical cookies

These cookies enable us and third-party services to collect aggregated data for statistical purposes on how our visitors use the website. These cookies do not contain personal information such as names and email addresses and are used to help us improve your user experience of the website.

How to delete cookies?

If you want to restrict or block the cookies that are set by our website, you can do so through your browser setting. Alternatively, you can visit www.internetcookies.org, which contains comprehensive information on how to do this on a wide variety of browsers and devices. You will find general information about cookies and details on how to delete cookies from your device.

The SFI website uses Google Analytics, a web analytics service provided by Google Inc. (“Google”). This tool helps us understand how visitors engage with our website. SFI as a Google Analytics customer can view various reports on how visitors interact with our website.  This allows us to make improvements based on the information generated by the tool.

You can prevent transmission of the data generated by the cookie and relating to your use of the website to Google (including your IP address) as well as processing of the data by Google by downloading and installing the browser plug-in available: http://tools.google.com/dlpage/gaoptout?hl=en

When you are using SFI websites or mobile applications, your location information may be used to tailor our products or service offerings to your current location. Your mobile device’s ‘background location’ may be used to provide the services, including to send you notifications.  If you have ‘background location’ turned on, we may gather information about your device’s location even if you are not directly interacting with the application.  This information is not shared with others.

If you do not wish for your location to be accessed, please ensure you turn the ‘background location’ off on your mobile device.

We work with third-party advertising companies and networks to display ads online or on mobile applications. These ads are tailored to your individual interests based on how you use our sites, and the other websites and online services that you use. Note that these advertisements may be delivered to you on our sites, on third party websites and applications, and on a computer or device other than the device from which the information was collected.

This is called “Interest-Based Advertising” or “Online Behavioural Advertising.”

To learn more about Interest-Based Advertising, you can visit any of these sites:

www.networkadvertising.org/choices

https://www.datalogix.com/privacy

www.aboutads.com.

For mobile advertising, you may also use your phone operating system’s opt-out setting (For instructions on how to “Limit Ad Tracking” on iOS, please visit this Apple Support Document; For instructions on how to opt out of interest-based ads on Android, please visit these instructions); and

If you would like, you can discontinue using our sites and delete our applications from your devices. To uninstall our applications from your devices, such as smartphone applications, tablet applications, connected TV applications, and desktop, you can use the standard uninstall processes available as part of your device or via the application marketplace or network.

If you use more than one device, you should renew your opt-out choices on each such device.

If you reside in the EU, you may request to:

• have your data permanently deleted (the right to be forgotten) or ported (the right of data portability)
• that we provide you with a copy of your data in a format that will enable you to provide it to another company.

1. Additional Rights Under the CCPA

In this Section, “Personal Information” means information that identifies, relates to, describes, is reasonably capable of being associated with, or could be linked (directly or indirectly) with an individual, including without limitation information that is subject to data protection laws under the California Consumer Privacy Act, California Civil Code section 1798.100 as amended (CCPA).

1. No sale of personal information: SFI does not sell Personal Information.
2. Access to specific information and data portability rights: Subject to the CCPA, you can request that companies disclose certain information to you about their collection of Personal Information over the past 12 months.
3. Deletion request rights: You have the right to request the deletion of Personal Information that has been collected, subject to the CCPA.
4. Access, data portability and deletion rights: To exercise these rights, please submit a Verifiable Consumer Request with us by email.

We cannot respond to your request or verify your identity or authority to make the request unless you provide us with sufficient information.  For this purpose, please ensure your Verifiable Consumer Request has the following:

1. Sufficient information so we can verify (to a reasonably high degree of certainty) that you the Personal Information we have collected is about you. This could include your providing us with two pieces of Personal Information to match against that which has been collected by us, or other form of identification which is reliable for the purpose of verification; and
2. A full description of your request so that we can properly understand, evaluate and respond to it.

Note: Submitting a Verifiable Consumer Request does not require you to create an account with us. The information provided by you will only be used for us to action your request.

You can submit a Verifiable Consumer Request for access or data portability twice (2) within any 12-month period.

Authorised Agent: This can be a person that you have designated to be your authorised agent in writing, or if they are registered with the California Secretary of State to act on your behalf, or if you have given them a power of attorney under the California Probate Code s4000-4465 (Authorised Agent). They will need to provide us with evidence that they are your Authorised Agent and that the Personal Information is relating to you. You can also make a Verifiable Consumer Request on behalf of your child who is a minor.

Non-discrimination: We will not discriminate against your for exercising any of your rights under the CCPA.

1. California “Shine the Light” Law

The California Civil Code section 1798.83 (known as the “Shine the Light” Law) permits any California resident to request and obtain from us once a year and free of charge, information about the categories of Personal Information (if any) we have disclosed in the preceding calendar year to third parties for those third parties’ direct marketing purposes. Our disclosure requirements apply only if we share Personal Information with third parties to directly market their own products or services to consumers and not for assisting us with our own business. If you are a California resident and want to make such a request, please send an email request to our Data Protection Officer below.

These requests must made to SFI in writing to the Data Protection Officer at privacy@sfihealth.com , together with proof of identification so that we can verify your request.  Please allow us 2-4 weeks to process your request. SFI reserves the right to refuse your request if it is manifestly unfounded or excessive, and we will notify you in writing if this is the case.