0

Privacy Policy

Collection, Use and Security of Personal Information

Ambio Health (AH) values and respects an individual's right to keep certain Personal Information private.  Likewise, AH values the need to collect and use Personal Information which will enable AH to effectively deliver products and services leading to a healthier personal lifestyle.  This Privacy Policy applies to activities of AH and additionally to persons visiting AH Web sites or entering into transactions with AH, and covers the collection, use, storage and disclosure of information and data as described in this Privacy Policy. The Privacy Policy does not apply to information that AH collects on contractors, vendors or other entities with which AH does business, although AH will contractually require them to comply with relevant provisions of the Privacy Policy.

A.  AH Collection of Personal Information

1.  AH will collect Personal Information on an individual only if the individual provides the information to AH.  AH also may collect information about a person who has been referred to the website to send them emails regarding AH's efforts or a person to whom AH has been asked to send emails regarding AH's programs or efforts.  If a person purchases products provided by  AH, then AH may collect sensitive Personal Information such as the purchaser's credit card number, card type, expiration date and keep a record of the financial transaction.

AH may collect Aggregate and Transactional Information and add to its database every time a person visits an AH Web Site. Also, AH collects Aggregate Information for research purposes.

2.  Types of information: "Personal Information" is "Demographic Information" and/or "Transactional Information" which identifies a specific individual with a minimal degree of effort. Demographic Information includes name, address, city and other similar information. Medical Information includes Blood Glucose readings and  history, Blood Pressure readings and history, Pulse readings and history and Weight readings and history. Transactional Information is data collected on an individual based on the individuals' interactions with AH, which may include sensitive information such as credit card information and Medical Information. Aggregate Information is information presented  in summary or statistical form which does not contain data that would permit the identification of a specific individual without extraordinary effort.

B.  AH Use of Personal Information

1. When an individual provides Personal Information to AH,  AH may use the Personal Information for its programs and  research.

2. AH uses Transactional Information for research purposes for the development or implementation of its programs, products and services.  The presumption is that, since Transactional Information is highly proprietary, it will not be disclosed to third parties.

3. AH will disclose all information as required by law.

4. AH will make every effort to discontinue the use of an individual's Personal Information as soon as practicable if requested by that individual.  AH may need to retain Information in its archives and records to comply with law, resolve disputes, analyze problems, assist with any investigations, enforce AH's User Agreement and other policies, and take other actions otherwise permitted or required by law.

C.  Specific Requirements

1. Administrative

a. AH will take reasonable and appropriate measures to keep Personal Information confidential and in a secure environment, including taking appropriate action in the event of unauthorized disclosure.

b. Access to Personal Information will be restricted to only those personnel with a legitimate business purpose.

c. AH owns all Personal Information provided to it by individuals and collected in accordance with this Policy.  When an individual provides Medical Information to AH,  AH will ensure that the individual acknowledges their assignment of the right to use the data to AH.

2. Scientific Research

Any research funded by AH that involves human subjects (e.g., information collected on individuals) must be endorsed by the sponsoring institution's committee on clinical investigation or other appropriate body, and conform ethically to the guidelines prescribed by the National Institutes of Health, which includes obtaining informed consent from each individual.

3. Third Party Disclosure

Permission is required before AH discloses Personal Information to a third party.  No permission is necessary for Aggregate Information, since Aggregate Information does not identify a specific individual.

a. For disclosure of Medical Information, Informed Consent is required before AH discloses Medical Information to a third party.  Informed Consent occurs when an individual has sufficient facts about the disclosure, comprehends those facts, and voluntarily consents to the disclosure.  Where a third party such as the employer or healthcare provider of an individual requires the individual to participate in an AH program which collects Medical Information, AH will require the employer or healthcare provider to procure Informed Consent before AH will  release Medical Information to that employer or healthcare provider.

b. From time to time, there is a benefit in allowing a third party to use collected Personal Information on individuals.   However, unless an individual gives permission, AH will not disclose Personal Information collected by AH to any third party. AH sometimes engages third parties to provide certain operational services to AH or on its behalf.   AH may disclose Personal  Information to those third parties on a "need to know" basis under a written contract.

c. AH  uses and allows third parties to use Aggregate Information for research purposes for the development or implementation of its programs, products and service

Information Security

Ambio Health takes the security of your personal, financial and medical information that you provide to us very seriously and we take reasonable measures to safeguard your information consistent with our Privacy Policy.  We comply with the Payment Card Industry Data Security Standards ("PCI DSS") for financial transactions, and other laws and regulations applicable to the information we collect from you.

Our network is composed of access controlled measures, security monitoring tools, vulnerability management program, SSL encryption, scheduled network scans, and internal and external penetration tests.  When it is necessary for our service providers to have access to your information, we expect the same level of data security, integrity and confidentiality standards as  AH itself provides. Additionally, we conduct security awareness training for our staff and volunteers.

While AH uses its best efforts to maintain this level of security across all of our systems we cannot guarantee or warrant that our systems or our service providers are not vulnerable to viruses, hacking or other security threats. 

Use of Cookies

A cookie is a small text file stored on a user's computer by a web browser.  Cookies are used by web sites to authenticate users, to store user site preferences, to capture the contents of a shopping cart, for tracking a user's session, and/or for storing other essential textual information.

Ambio Health uses Cookies to enhance the user experience while visiting our web site.  Cookies are used for authentication primarily.  We do not store any personal information about a user in our cookies.  We do track your interests on the site so that we can provide you with additional content that might be of importance to you.  Most Web browsers accept cookies and you can use the "help" menu on your browser to assist you in preventing, accepting, or receiving notice of new cookies. However, please be aware that if you block cookies, Web site functionality may be lost.

We also use analytics for tracking and reporting web site activity.  Analytics uses cookies to define a user's session.  Aggregate information is collected so that we can report on how many visitors are coming to our sites and what content is visited the most.  We use this information so that we know how relevant the content is that we are providing.  Providing you with fresh and engaging content is important to us as we know it is important to you.

Contact Us

Review or request removal of your information
You may review or request removal of your personal information by providing us your name, address and e-mail address to one of the following:

  1. e-mailing Ambio Health at info@ambiohealth.com
  2. calling us at   (or)
  3. writing us at Soundview Plaza- Suite 700R, 1266E Main Street, Stamford, CT 06902

 

What people are saying about us