Orthly, Inc. Privacy Policy

Last revised November 4th, 2018

Orthly, Inc. (collectively with its subsidiaries, “Orthly,” “the Company,” “we,” “us,” and “our,”) respects your privacy and is committed to protecting your privacy through our compliance with this privacy policy (the “Policy”). This Policy should be read in conjunction with our Terms of Use, into which this Policy is incorporated by reference.

This Policy describes:

  • The types of information we collect from you or that you may provide when you use the Orthly Mobile App (“the App”).
  • The types of information we collect from you or that you may provide when you visit our website available at: https://orthly.com as well as any websites and blogs directly owned by Orthly (the “Website”).
  • Our practices for collecting, using, maintaining, protecting, and disclosing that information. Please read this Policy carefully to understand our practices regarding your information and how we will treat it. If you do not agree with our policies and practices, then please do not use the App or visit the Website (collectively, “the Platforms”). By using the Platforms, you agree to the terms of this Policy. This Policy may change from time to time (see below, “Changes to this Policy”). Your continued use of the Platforms after we make changes is deemed to be acceptance of those changes, so please check the Policy periodically for updates.

What We Collect and How We Collect It

To ensure that we provide you with the best possible experience, we will store, use, and share information about you in accordance with this Policy.

Information You Provide to Us

Personal Information is any information that can be used to individually identify you from a larger group, such as data including, but not limited to, your:

  • first and last name
  • gender
  • mailing address
  • email address
  • telephone number
  • a photo of you or your teeth
  • dental treatments
  • orthodontic conditions
  • status as a dentist or orthodontist
  • credit card number
  • comments, messages, or answers to questions you provide

You may provide us Personal Information when you:

  • request information
  • submit your phone number to download the App or authenticate your identity
  • register to use the App or Website
  • apply to offer your dental services
  • schedule an appointment with a dental professional
  • upload pictures
  • subscribe to our emails

The information that you provide in each case and on each Platform will vary. In some cases, we may ask you to create a username and password that should only be known to you. Additionally, all credit card transactions are handled by a contracted third-party PCI-DSS compliant data processor, such as Stripe, which is responsible for processing and securing your credit card information. Important Notice about Your Health Information. You should also understand that much of the Personal Information you provide may be related to your health, diagnoses, x-rays, and dental conditions. Orthly is not a health provider. Orthly is a business that facilitates the provision of dental aligners to improve smiles. Unless otherwise established in an agreement between Orthly and a Covered Entity (i.e. a doctor, pharmacy, or insurer) as defined by the Health Insurance Portability and Accountability Act (“HIPAA”), Orthly does not collect “Protected Health Information” as defined under HIPAA. Therefore, your Personal Information is not entitled to the same regulated protections set forth under HIPAA. Regardless, your Personal Information will be handled in accordance with this Policy

Automated Information Collection

In addition to the information that you provide to us, we may also collect information about you during your use of the Platforms. We collect this information using automated technology. This technology may collect information about your behavior and your device, such as your internet address (IP Address), the screens you have viewed, and the actions you have taken while using the Platforms. Some of the tools we use to automatically collect information about you may include:

Cookies

A “cookie” is a small data file transmitted from a website to your computer's hard drive. Cookies are usually defined in one of two ways, and we may use both of them:

  1. session cookies, which do not stay on your computer after you close your browser, and
  2. persistent cookies, which remain on your computer until you delete them or they expire.

We may use cookies to monitor your interaction with our marketing campaigns. These cookies may be delivered by a trusted third-party, but will provide us with information when you use the Platforms.

Of course, if you do not wish to have cookies on your devices, you may turn them off at any time by modifying your internet browser's settings. However, by disabling cookies on your device, you may be prohibited from full use of the Platform's features or lose access to some functionality.

Google Analytics

One of our trusted third-party partners is Google Analytics. For example, the Website sends aggregated, non-Personal Information to Google Analytics for the purpose of providing us with the ability to conduct technical and statistical analysis on the Website's performance. For more information on how Google Analytics supports the Website and uses information sent from the Website, please review Google's privacy policy available at https://policies.google.com/technologies/partner-sites.

Web Beacons

A Web Beacon is an electronic image. Web Beacons can track certain things from your computer and can report activity back to a web server allowing us to understand some of your behavior. If you choose to receive emails from us, we may use Web Beacons to track your reaction to our emails. We may also use them to track if you click on the links and at what time and date you do so. Some of our third-party marketing partners may use Web Beacons to track your interaction with online advertising banners. This information is only collected in aggregate form and will not be linked to your Personal Information. Please note that any image file on a webpage can act as a Web Beacon.

Embedded Web Links

Links provided in our emails and, in some cases, on third-party websites may include tracking technology embedded in the link. The tracking is accomplished through a redirection system. The redirection system allows us to understand how the link is being used by email recipients. Some of these links will enable us to identify that you have personally clicked on the link and this may be attached to the Personal Information that we hold about you. This data is used to improve our service to you and to help us understand the performance of our marketing campaigns.

Third-Party Websites and Services

We work with a number of service providers of marketing communications technology. These service providers may use various data collection methods to improve the performance of the marketing campaigns we are contracting them to provide. The information collected can be gathered on the Platforms and also on the websites where our marketing communications are appearing. For example, we may collect data where our banner advertisements are displayed on third-party websites.

Do Not Track Disclosure

Other than as disclosed in this Policy, the Website does not track users over time and across third-party websites to provide targeted advertising. Therefore, the Website does not operate any differently when it receives Do Not Track (“DNT”) signals from your internet web browser.

Your Choices and Selecting Your Privacy Preferences

We want to provide you with relevant information that you have requested.

If we provide subscription-based services, such as email newsletters, we will allow you to make choices about what information you provide at the point of information collection or at any time after you have received a communication from us while you are subscribed. Any transactional or service-oriented messages are usually excluded from such preferences, as such messages are required to respond to your requests or to provide goods and services, and are not intended for the purposes of marketing.

We will not intentionally send you email newsletters and marketing emails unless you consent to receive such marketing information. After you request to receive these emails, you may opt out of them at any time by selecting the “unsubscribe” link at the bottom of each email. Please note that by opting out or unsubscribing you may affect other services you have requested we provide to you, in which email communication is a requirement of the service provided.

Likewise, should you opt in to receiving text messages from Orthly or its affiliates, you can also opt out at any time by following the instructions or contacting us. For more information on text messaging, please review Orthly's Terms of Use.

Any such communications you receive from us will be administered in accordance with your preferences and this Policy.

Accuracy and Access to Your Personal Information

We strive to maintain and process your information accurately. We have processes in place to maintain all of our information in accordance with relevant data governance frameworks and legal requirements. We employ technologies designed to help us maintain information accuracy on input and processing. Where we can provide you access to your Personal Information in our possession, we will always ask you for a username and password to help protect your privacy and security. We recommend that you keep your password safe, that you change it periodically, and that you do not disclose it to any other person or allow any other person to use it.

To view and change the Personal Information that you have provided to us, you can log in to your account and follow the instructions in the App or Website, or contact us directly at [email protected] for assistance.

Information of Minors

We do not intentionally gather information from individuals under the age of thirteen. We do not target the Website or the App to individuals under the age of thirteen, and would not expect them to be engaging with the Platforms or our services. We encourage parents and guardians to provide adequate protection measures to prevent minors under the age of thirteen from providing information unwillingly on the internet. If we are aware of any Personal Information that we have collected about minors under the age of thirteen, we will take steps to securely remove it from our systems.

How We Use Your Information

The information we gather and that you provide is collected to provide you with the information and services you request, in addition to various other purposes, including, but not limited to:

  • Facilitating communication between the parties responsible for delivering our products and services to you, including manufacturers and healthcare providers.
  • Assisting you with items such as personalized experiences, facilitation of product usage, and enforcement of Terms of Use.
  • Preventing malicious activity and providing you with a secure experience.
  • Providing service and support for services you request.
  • Providing marketing communications that are effective and optimized for you.
  • Keeping you up-to-date with the latest benefits available from us.
  • Preventing unwanted messages or content.
  • Measuring the performance of our marketing programs.
  • Contacting you about services and offers that are relevant to you.

How We Share Your Information

We do not sell or lease your information to any third party. We may disclose your Personal Information to our trusted third-party business partners in accordance with this Policy. We work with a number of partners that help us process your requests, deliver customer service and support, send email marketing communications, and provide experiences that you have come to expect from us. We will share your Personal Information with these third parties in order to fulfill the service that they provide to us. For example, we may share your name and email with trusted third parties to better market our services to you. These third-party partners are under contract to keep your Personal Information secure and not to use it for any reason other than to fulfill the service we have requested from them. For example, one trusted third-party is Twilio, Inc. Should you opt-in to receiving text messages, we share mobile phone numbers that you provide to us with Twilio in order to send automated SMS messages containing a link to download the App, or authorization codes to login to the App. These authorization codes allow you to authenticate your identity with Orthly and login to the App.

To provide you with our services, we may store, process, and transmit information in the United States and other locations around the world, including countries that may not have the same privacy and security laws as yours. Regardless of the country in which such information is stored, we will process your Personal Information in accordance with this Policy. California Residents. We will not disclose or share your Personal Information with third parties for the purposes of third-party marketing to you without your prior consent.

Except as described in this Policy, we will not share your information with third parties without your notice and consent, unless it is under one of the following circumstances:

  • Responding to duly authorized information requests from law enforcement or other governmental authorities.
  • Complying with any law, regulations, subpoena, or court order.
  • Investigating and helping prevent security threats, fraud, or other malicious activity.
  • Enforcing or protecting the rights and properties of Orthly or its subsidiaries.
  • Protecting the rights or personal safety of Orthly's employees. There are circumstances where Orthly may decide to buy, sell, or reorganize its business in selected countries. Under these circumstances, it may be necessary to share or receive Personal Information with prospective or actual partners or affiliates. In such circumstances, Orthly will ensure your information is used in accordance with this Policy.

Third-party Websites and Applications

This Policy does not apply to websites, applications, or other domains that are maintained or operated by third parties or our affiliates. The Platforms may link to third-party websites and services, but these links are not endorsements of these sites, and this Policy does not extend to them. Because this Policy is not enforced on these third-party websites or applications, we encourage you to read any posted privacy policy of the third-party website before using the service or site and providing any information.

For Website Visitors Outside of the United States

Many visitors to and users of the Platforms may be located outside of the United States. To provide you with our services, we may store, process, and transmit information in the United States, which may not have the same privacy and security laws as yours. Regardless of the country in which such information is stored, we will process your Personal Information in accordance with this Policy.

Safeguarding the Information We Collect

We take reasonable technical, administrative, and physical safeguards in order to protect your Personal Information against accidental loss and from unauthorized access, use, alteration, and disclosure. However, we can never promise 100% security. You have a responsibility, as well, to safeguard your information through the proper use and security of any online credentials used to access your Personal Information, such as a username and password. If you believe your credentials have been compromised, please change your password. Please also notify us of any unauthorized use, or if you believe your information was wrongly provided to us.

Changes to this Policy

If we make any changes to this Policy, a revised Policy will be posted on this screen and the date of the change will be reported in the “Last Revised” block above.

How to Contact Us

We value your opinions and welcome your feedback. To contact us about this Policy or your Personal Information, please contact us at [email protected]