We are committed to the protection of Your privacy while using Our Website. Accordingly, We have developed this privacy policy, (hereinafter "Privacy Policy") to describe how We collect and process (in other words, use, store, or disclose in limited circumstances) information that We receive about You, as well as Your rights in relation to that information collection, when You visit https://www.cannabisdoctorsofnewyork.com (the “Website”).


We collect both Personal Data, as defined below, and non personal data, defined as “Informational Content”. We may also collect information which constitutes “Protected Health Information” under the Health Insurance Portability and Accountability Act of 1996, Public Law 104-191, together with any applicable regulations promulgated by the U.S. Department of Health and Human Services (collectively “HIPAA”). The Protected Health Information that We collect will always be stored and protected as required under HIPAA and will further be treated as discussed herein.

This Privacy Policy does not cover any information that We may receive about You through sources other than the use of the Website. Through Your use of the Website, You may find links out to other websites or mobile applications, but this Privacy Policy does not and will not apply to any of those linked websites or applications.

By continuing to use the Website, You acknowledge that You have had the chance to review and consider this Privacy Policy, and You acknowledge that You agree to it. This means that You also consent to the use of Your information and the method of disclosure as described in this Privacy Policy. If You do not understand the Privacy Policy or do not agree to it, then You agree to immediately cease Your use of the Website and any services thereon.
 

ARTICLE 1 - DEFINITIONS:

For the purposes of this Privacy Policy:

  1. “EFFECTIVE DATE” means the date this Privacy Policy comes into force and effect.

  2. “COMPANY” means the publisher, owner, and operator of the Website, i.e., the company NKO Medical Group PLLC d/b/a Cannabis Doctors of New York, having a principal place of business at 641 Lexington Avenue, New York, NY 10022, United States. The Company is responsible for the collection and processing of personal data described herein. The Company shall be referred to as NKO Medical Group, the Company, Owner or Operator. The Company’s property shall be referred to through first-person pronouns, such as “Us”, “We”, “Our”, and “Ours.”

  3. “PERSONAL DATA” means any information relating to a natural person who can be identified, directly or indirectly, by using such information.

  4. “PROTECTED HEALTH INFORMATION” means information about Your health, such as medical records and history, any conditions You have, and other sensitive medical information specific to Your health as defined under HIPAA. Personal Data may include Protected Health Information, where relevant.

  5. “INFORMATIONAL CONTENT” means information, content, photos, video, lifestyle preferences, and any other information We may obtain as a result of Your use of the Website that may not be personally identifying.

  6. “SERVICES” means any services that are made available by the Company on the Website, including the online registration and collection of information prior to the physician’s visit.

  7. “USER” and “YOU” means the user of the Website that agrees to this Privacy Policy and continues using the Website. You may also be referred to with pronouns such as “Your” and “Yours”, when second-person pronouns are required.

  8. “PARTIES” means the parties to this Privacy Policy, i.e., You and the Company. Hereinafter, the parties will individually be referred to as “Party” and collectively as “Parties.”
     

ARTICLE 2 - MODIFICATIONS AND REVISIONS:

We reserve the right to modify, revise, or otherwise amend this Privacy Policy at any time and in any manner. Unless We specifically obtain Your consent, any changes to the Privacy Policy will only impact the information collected on or after the date of the change. It is Your responsibility to periodically check this page for any such modification, revision or amendment. Any changes made are assumed to have been accepted by Your continued use of the Website.
 


ARTICLE 3 - INFORMATION COLLECTED & MANNER OF COLLECTION:

Through Your use of the Website, You will be subject to different types of information collected and different manners of collection. We always collect and process Your Personal Data in a lawful manner and We always collect and process Your Protected Health Information in accordance with HIPPA. We also comply with data minimization principles. In other words, through Your use of the Website, We collect and process only the minimal amount of Personal Data to deliver the Services to You. If We collect information about You through the Website other than as described in this Privacy Policy, We will seek Your explicit consent.

We collect the following types of data depending on Your level of use of Our Website and Services:

  1. CONSULTATION REQUEST: You, as a User of the Website, may wish to request a consultation from Us for Our Services. At this stage We collect Protected Health Information to screen You, prior to meeting with a practitioner, in accordance with the rules of the Compassionate Care Act and HIPAA. If You choose to request a consultation, You will be asked to provide certain information through a HIPAA-compliant web form. Such information will include Your email address, first name, last name, date of birth, qualifying medical condition, address, phone number, and New York State resident information. You will also be asked how You heard about the Website. You may optionally input Your current physician’s contact information, including name, address, and telephone number. Through this limited registration for consultation purposes, You authorize Us to receive and use this information exclusively to provide the Services to You.

  2. DOCUMENT REQUEST: To schedule a physical appointment, You will be asked to upload additional Protected Health Information, such as certain medical and identifying documents in a HIPAA-compliant manner. Such documents include general medical records or a statement from Your current physician describing Your condition. You will also be asked to upload one of the following:

    1. A New York State Driver’s License or New York State Identification Card;

    2. A copy of a utility bill indicating Your current residency; or

    3. A copy of a current lease indicating Your residency within New York State. Please be advised that these documents will be used exclusively to provide medical services to You, should You be eligible for the services.

  3. SCHEDULING: If You are deemed eligible after being screened, You may be asked to schedule an appointment through Our website or through a third-party partner. Your name and requested appointment time may be collected here.

  4. REGISTRATION: If You so choose, You may register for an account with Us for the simplicity of future appointment scheduling. No additional information will be collected from You besides that which was collected from You during Your Consultation Request.

  5. BILLING: You will be asked certain billing information in order to participate in Our Services. Such billing information may include, but is not limited to, credit card number, verification information and billing address. This payment and billing information will be stored throughout the duration of Your relationship with Us via a third-party billing and scheduling software.

  6. AUTOMATIC INFORMATION COLLECTION: We may collect information from You through automatic tracking systems on Your device. Such information will not include Personal Data and is limited to general device information, IP address, referral source, and usage information, such as access times. We use this information for legitimate business needs, including the analysis of users coming to Our Website.

  7. COMBINED OR AGGREGATED INFORMATION: We may combine or aggregate some of Your Personal Data in order to better serve You.

 

ARTICLE 4 - HOW YOUR INFORMATION IS USED:

We primarily use Your Personal Data to provide the Website to You as well as any Services on it and We use Your Protected Health Information to provide medical services to You if You are eligible. We also use Personal Data to help Us provide the best experience possible for You and all of Our users. We always use Your Personal Data for legitimate business purposes online.

We may also use Personal Data and Informational Content for the following:

  1. Improving Your personal user experience;

  2. Communicating with You about Your account with Us;

  3. Communicating with You about appointments and follow-ups;

  4. Communicating with You about dispensary information;

  5. Providing information about new products or other specials;

  6. Providing telemedicine services, such as online consultations and appoints;

  7. Communicating with You about educational events that may be of interest to You;

  8. Analyzing Our aggregate user data;

  9. Providing customer service to You.
     

We use Your Protected Health Information only as permitted under HIPAA.

If We ask for, collect, or use information in any way not indicated by this Privacy Policy, You will be notified at the time of collection.
 

ARTICLE 5 - HOW INFORMATION IS STORED:

We use secure physical and digital systems to store Your Personal Data when appropriate. Specifically, we use encrypted systems and software to ensure that Your Protected Health Information is protected in a HIPAA-compliant manner and that and all other Personal Data is safe against unauthorized access, disclosure, or destructions, to the extent possible. Any staff or contractors that We may use are trained to understand HIPAA compliance.

We may store Your Personal Data for any applicable legal record-keeping or for legitimate business purposes such as providing the Services to You.

Please note, however, that no system involving the transmission of information via the internet, or the electronic storage of data, is completely secure. However, We take the protection and storage of information very seriously and We therefore take all reasonable steps to protect Your Personal Data and Protected Health Information.

 

ARTICLE 6 - HOW INFORMATION IS SHARED OR DISCLOSED:

We do not share, sell, or otherwise provide any Personal Data to any advertiser. We may utilize third-party advertising platforms, such as Facebook, Google, or other social media or informational websites and tools. If We do so, please be aware Your provision of any of Your Personal Data there is entirely voluntary and will be treated according to the data protection policies of that third-party platform.

We do not ever share or otherwise provide any Protected Health Information to anyone without Your explicit consent.

We may share Personal Data with third parties as described elsewhere in this Privacy Policy to help Us provide the Services to You. We may disclose Your Personal Data if We believe that it is reasonable to do so in certain cases, at Our sole and exclusive discretion. Such cases may include, but are not limited to:

  1. To satisfy any local, state, or Federal laws or regulations;

  2. To respond to requests, such as discovery, criminal, civil, or administrative process, subpoenas, court orders, or writs from law enforcement or other governmental or legal bodies;

  3. To bring legal action against a user who has violated the law;

  4. As may be necessary for the operation of the Website;

  5. To generally cooperate with any lawful investigation about Our Users; or

  6. If We suspect any fraudulent activity on the Website.
     

ARTICLE 7 - MARKETING COMMUNICATIONS:

From time to time, We may send You informational communications related to dispensaries, new products or specials that may be of interest to You, educational events, or other information which may be beneficial for Your use. Please note that such communication does not fall within the scope of direct marketing communication.

After We obtain Your explicit prior consent, We may use Your personal data for direct marketing purposes, such as:

  1. Sending You a newsletter or other marketing email;

  2. Offering You new products, services, and/or recommendations; and

  3. Delivering You targeted information regarding promotions.

Please note that You have the right to object receiving direct marketing communication at any time by:

  1. Noting Your preferences at the time You register Your user account with Us;

  2. Logging into Your account settings and updating Your marketing communication preferences; or

  3. Clicking on the “unsubscribe” link contained in each such marketing email sent to You.

If You no longer wish to receive correspondence, emails, or other communications from third parties, You are responsible for contacting the third parties directly.
 

ARTICLE 8 - THIRD PARTIES:

We may utilize third party service providers ("Third Party Service Providers"), from time to time or all the time, to help Us with the Website, and to help serve You. Such Third Party Service Providers may include website hosting companies, information storage companies (such as cloud storage), billing companies (such as third-parties billers and schedulers), and user information logistics providers (such as Google Analytics or other analytics company which helps Us track general user information and usage). We may use the collected analytics information to understand patterns of usage of, and to improve, the Website.

We may also generally use other Third Party Service Providers to help Us with the operation of the Website.

Your Personal Data will not be sold or otherwise transferred to other third parties without Your approval. Your Protected Health Information will never be transferred to Third Party Services Providers, unless the Third Party Service Provider is being used for information storage in a HIPAA-compliant manner.

Notwithstanding the other provisions of this Privacy Policy, We may provide Your Personal Data to a third party or to third parties in order to protect the rights, property or safety, of Us, Our users or third parties, or as otherwise required by law.

We will not knowingly share Your Personal Data with any third parties other than in accordance with this Privacy Policy. If Your Personal Data might be provided to a third party in a manner which is other than as explained in this Privacy Policy, You will be notified. You will also have the opportunity to request that We not share that information.

 

ARTICLE 9 - COOKIES:

The Website uses cookies, which are small files stored on Your computer or mobile device which collect information about Your browsing behavior. These cookies do not access information which is stored on Your computer.

There are two types of cookies, namely, persistent cookies (i.e., cookies that remain valid until their expiration date, unless deleted by the user before that date) and session cookies (i.e., cookies that are stored on a web browser and remain valid until the moment when the browser is closed). We may use both persistent cookies and session cookies.

We use cookies to help Us compile aggregate data about Our traffic and interaction so that We can continue to offer better User experiences.

Most Internet browsers accept cookies automatically, although You are able to change Your browser settings to control cookies, including whether or not You accept them, and how to remove them. You may also be able to set Your browser to advise You if You receive a cookie, or to block or delete cookies.

If You would like to set Your browser to refuse cookies, check Your browser’s help information or visit http://www.whatarecookies.com for further information.


ARTICLE 10 - TRANSMITTALS FROM US:

From time to time, We may send You informational communications related to the Website, such as announcements or other information. You may also receive information from Us that is specifically about Your use of the Website or about Your account with Us, including information about security breaches or other privacy-related matters.
 

By providing any Personal Data to us, or by using the Website in any manner, You have created a commercial relationship with Us. As such, You agree that any email sent from Us or third-party affiliates, even unsolicited email, shall specifically not be considered SPAM, as that term is legally defined.


ARTICLE 11 - YOUR RIGHTS:

You may choose to forego the provision of Personal Data or Protected Health Information to Us, but You may then be prohibited from using the Website or forming a relationship with Us. We collect the information We do to maintain the integrity of Our Website and Services and to help to ensure the information security of the Parties. If You do not agree to any of the sections or subsections within this Privacy Policy, You must cease Your use of the Website.

 

ARTICLE 12 - MODIFYING YOUR INFORMATION:

If You wish to modify any information We may have about You, or You wish to simply access any information We have about You, You may do so by contacting Us at the following email: Info@cdony.com.

 

ARTICLE 13 - MINOR PRIVACY:

We do not allow use of the Website by users under the age of 18. We do not provide medical services to anyone under the age of 18 without parental or guardian consent. As such, We do not collect, store, or otherwise use any Personal Data from any minors on the Website.



ARTICLE 14 - LINKS:

Through Your use of Website, You may find links out to other websites or mobile applications or You may have arrived to the Website from a link or mobile application. This Privacy Policy does not and will not apply to any of those linked websites or applications, including advertisements that may be displaced on third-party websites. We are not responsible in any manner for the content or privacy and security practices and policies of any third parties, including other websites, services or applications that may be linked to or from Our Website.

Before visiting and providing any information to any such third-party websites and applications, You should familiarize Yourself with the applicable privacy practices and take reasonable steps necessary to protect Your personal data.



ARTICLE 15 - PRIORITIZATION:

Please be advised that while this Privacy Policy covers Our collection and processing of Your Personal Data, Informational Content, and certain Protected Health Information, the terms of this Policy are subordinate to any express agreement between You and Us for the provision of medical services.


 

ARTICLE 16 - CUSTOMER SERVICE CONTACT INFORMATION:

If You have any questions about this Privacy Policy or the way We collect information from You, You may contact Us at the following email address: Info@cdony.com.