Privacy Policy

This Privacy Policy includes important information about your personal data and we encourage you to read it carefully.

Privacy Statement of Interconnecting Circles and Communities, LLC

Effective Date: March 31. 2024

Introduction

This privacy notice for Interconnecting Circles and Communities, LLC describes how and why we may collect, store, use, and/or share your information when you use our services, such as visiting our website, downloading and using our mobile application, or engaging with us in other related ways.

Questions or concerns? Reading this privacy notice will help you understand your privacy rights and choices. If you do not agree with our policies and practices, please do not use our Services. For inquiries, contact us at info@connectingcirclesllc.com.

Information Collection

We collect information when you visit our website, register an account, make a purchase, interact with our services, or otherwise contact us. This includes:

• Personal Data: Name, email address, postal address, phone number, job history, military service history, username, password, and contact preferences.

• Sensitive Data: Health data, genetic data, racial or ethnic origins, social security numbers, and other government identifiers.

• Financial Data: Necessary for processing payments, including routing numbers, account numbers, credit card numbers, and security codes, processed and stored by Stripe.

Use and Disclosure of Protected Health Information

We will not use or disclose Protected Health Information other than as permitted or required by the Agreement you have with us or as required by law. We will make reasonable efforts to limit the use of, disclosure of, and requests for Protected Health Information to the minimum necessary to accomplish the intended purpose.

Safeguards for Protected Health Information

We have implemented appropriate administrative, physical, and technical safeguards to prevent unauthorized access, use, or disclosure of Protected Health Information. These safeguards are designed to maintain data privacy and protect Protected Health Information from accidental or unlawful destruction, loss, alteration, unauthorized disclosure, or access.

Reporting of Unauthorized Use or Disclosure

In the event of any use or disclosure of Protected Health Information that is not provided for by our Agreement, including breaches of unsecured Protected Health Information, we will promptly report such use or disclosure to you in compliance with the requirements of HIPAA.

Business Associate Agreement (BAA)

If we function as a business associate to a covered entity, we acknowledge our obligations under HIPAA and will execute a Business Associate Agreement (BAA) that outlines our responsibilities with respect to Protected Health Information.

Access to Protected Health Information

To the extent that we maintain Protected Health Information in a designated record set, we will make it available to you or, as directed by you, to an individual, in order to meet the requirements under HIPAA. We will also make any amendments to Protected Health Information as directed by you.

Regulatory Compliance

We will comply with all other applicable requirements of HIPAA and cooperate with you in your efforts to ensure compliance.

Collection of Sensitive Information

In addition to personal information, we may collect sensitive personal information including but not limited to social security numbers, dates of birth, and health information. This information is collected for the purpose of facilitating the connection between patients and healthcare providers and to provide related services.

Use of Sensitive Information

Sensitive personal information will be used exclusively for the following purposes:

• To verify the identity of users and ensure the accuracy of medical records.

• To assist healthcare providers in delivering relevant medical services.

• To process transactions and communicate effectively regarding healthcare services.

• For compliance with legal, regulatory, and medical requirements.

Protection of Sensitive Information

Given the sensitive nature of this information, we implement enhanced security measures, including encryption and secure data storage solutions, to protect against unauthorized access, alteration, disclosure, or destruction. Our security practices are designed to provide a level of security appropriate to the risk of processing sensitive personal information.

Sharing of Sensitive Information

Sensitive personal information will only be shared with healthcare providers and other authorized parties as necessary for the provision of healthcare services, or as required by law. All such sharing will be conducted in compliance with HIPAA regulations and other applicable privacy laws.

Consent for Collection and Use of Sensitive Information

By using Interconnecting Circles and Communities and Communities, LLC, users explicitly consent to the collection, use, and sharing of their sensitive personal information as described in this Privacy Statement. Users have the right to withdraw their consent at any time, with the understanding that this may affect their ability to use certain services on the website.

Global Operations

Interconnecting Circles and Communities and Communities, LLC operates on a global scale. As such, the information we collect, including personal and sensitive data, may be stored, processed, or transferred between and within countries outside of your country of residence. This includes countries where the data protection laws may differ from those in your country.

International Data Transfers and Compliance

In order to provide our services, we may transfer information internationally, including to countries that do not have the same data protection laws as the country where you initially provided the information. When we do so, we take steps to ensure that the data is processed according to this Privacy Statement and applicable laws. This may include:

• Utilizing standard contractual clauses approved by the European Commission or similar contractual clauses in other jurisdictions.

• Verifying that the recipient has implemented appropriate safeguards for data protection.

• Ensuring compliance with cross-border transfer requirements under applicable privacy laws, such as GDPR (General Data Protection Regulation) for European Union residents.

User Rights Under International Laws

Depending on your location, you may have certain rights under your local data protection laws (such as GDPR for European Union residents, CCPA for California residents, etc.). These rights may include access to your data, correction of errors in your data, deletion of your data, and the right to withdraw consent for data processing.

GDPR Compliance

For users within the European Union, we comply with the General Data Protection Regulation (GDPR). This includes, but is not limited to, adhering to user rights regarding the processing of personal data and implementing robust data protection measures.

Contact for International Users

Users from different jurisdictions can contact us at [Relevant Contact Information to be inserted here] for queries or concerns related to the use of their data or to exercise their rights under their local data protection laws.

User Portal for Data Management

Interconnecting Circles and Communities, LLC provides a user portal that allows users to upload, update, and manage their personal and sensitive information. This portal is designed to give users direct control over their data.

Uploading and Updating Data

Users can upload and update various types of data, including personal, sensitive, and health-related information. We encourage users to ensure that all data provided is accurate and up to date to receive the most effective service.

Data Integrity and Responsibility

While we strive to maintain the accuracy and integrity of the data stored on our platform, the responsibility for providing accurate and current information primarily rests with the user. We are not responsible for any outcomes resulting from inaccurate or outdated information provided by users.

Secure Data Transmission

All data uploaded or transmitted through the user portal is encrypted to ensure secure transmission. We employ industry-standard security measures to protect against unauthorized access to or interception of your personal information.

Access to Uploaded Data

Users have the right to access and review the data they have uploaded at any time. This includes the ability to modify, correct, or delete their information, subject to certain limitations as required by law or necessary for the integrity of our services.

Retention of Uploaded Data

Data uploaded by users will be retained as long as it is necessary for the provision of our services, or as required to comply with our legal obligations, resolve disputes, and enforce our agreements.

Data Portability

We support data portability, allowing users to request a copy of their personal data in a structured, commonly used, and machine-readable format, where technically feasible.

Cloud Data Storage

Interconnecting Circles and Communities, LLC utilizes cloud-based data storage solutions to store and manage the data collected through our website. Cloud storage provides enhanced scalability, reliability, and efficiency in data management.

Use of Multiple Servers

To ensure optimal performance and data redundancy, our data is stored across multiple servers in different geographic locations. This multi-server approach enhances data security and availability, ensuring that our services remain operational and data is not lost in case of a server failure.

Security of Cloud Storage and Servers

We take the security of our cloud storage and servers seriously. This includes:

• Implementing robust encryption protocols for data at rest and in transit.

• Regularly updating and patching our servers to protect against known vulnerabilities.

• Employing advanced firewall and intrusion detection systems to monitor and protect against unauthorized access and potential security threats.

Data Backup and Recovery

Regular backups of data are conducted to prevent data loss. In the event of a system failure or data compromise, we have a comprehensive data recovery plan to restore data from backups promptly and securely.

Compliance with Industry Standards

Our cloud storage and server management practices comply with industry-standard security certifications and regulations. We continuously evaluate and update our practices to align with evolving security standards and best practices.

Third-Party Service Providers

We engage reputable third-party service providers for cloud storage and server management. These providers are carefully selected and are contractually obligated to maintain high standards of security and confidentiality consistent with this Privacy Statement and applicable laws.

Right to Access Information

Users have the right to access the personal information they have uploaded or entered into Interconnecting Circles and Communities, LLC’s portal. Users can request a copy of their data to review its accuracy and completeness.

Right to Correct Information

If a user finds that the information they have provided is inaccurate or incomplete, they have the right to correct or update this information. Interconnecting Circles and Communities, LLC is committed to maintaining accurate records and encourages users to regularly update their information to ensure it reflects their current situation.

Right to Delete Information

Users have the right to request the deletion of their personal information from our database. Upon receiving a deletion request, Interconnecting Circles and Communities, LLC will take steps to remove the user’s information from our active databases and, where applicable, inform our third-party service providers to do the same. However, some information may be retained in our files to prevent fraud, troubleshoot problems, assist with any investigations, enforce our Terms of Service, and comply with legal requirements.

Exceptions to Deletion

There are instances where we may not be able to delete user data completely, for reasons such as:

• Compliance with legal obligations or resolving legal disputes.

• Maintaining records related to medical information where retention is necessary for patient care or required by law.

• Information that has been anonymized or aggregated so that it can no longer be used to identify a specific individual.

How to Exercise These Rights

Users can exercise their rights of access, correction, and deletion through the user portal or by contacting Interconnecting Circles and Communities, LLC directly at [Relevant Contact Information to be inserted here]. We will respond to such requests in accordance with applicable laws.

Commitment to Data Deletion Requests

Interconnecting Circles and Communities, LLC is committed to honoring requests for data deletion promptly and efficiently. We understand the importance of allowing users to exert control over their personal information.

Data Deletion Protocols

Upon receiving a request for data deletion, the following protocols are initiated:

• Verification of Requestor Identity: To protect user data from unauthorized access, we first verify the identity of the individual making the request to ensure they are authorized to delete the information.

• Assessment of Request: We assess each request to determine the scope of data to be deleted and identify any legal or regulatory requirements that may require retaining certain data.

• Execution of Deletion: Once verified and assessed, we proceed with the deletion of the relevant data from our active systems. This includes directing any third-party service providers who may have access to the data to delete it as well.

Confirmation of Deletion

After the data deletion process is complete, we provide a confirmation to the user, acknowledging the completion of their request.

Timeframe for Deletion

We aim to complete all data deletion requests within a reasonable timeframe, subject to our operational capabilities and any legal or regulatory obligations that may require a longer retention period.

Retention for Legal Compliance

In certain instances, Interconnecting Circles and Communities, LLC may be required to retain specific data for legal compliance, such as for compliance with tax, audit, or healthcare-related legal requirements. In such cases, the data will be retained in accordance with legal obligations and securely deleted once these obligations are fulfilled.

Data Anonymization

Where appropriate and feasible, we may choose to anonymize data rather than delete it entirely. This process involves removing any personal identifiers so that the data can no longer be linked to an individual.

Children’s Privacy

Our services are not directed to individuals under the age of [Specify Age, typically 18 or 13 in many jurisdictions]. We do not knowingly collect personal information from children without parental consent. If we become aware that a child has provided us with personal information, we will take steps to remove such information and terminate the child’s account.

Data Breach Notification

In the event of a data breach that is likely to result in a risk to the rights and freedoms of individuals, Interconnecting Circles and Communities, LLC will notify the affected individuals and relevant authorities as required by law, within the timeframe stipulated by applicable data protection regulations.

Cookies and Tracking Technologies

Our website uses cookies and similar tracking technologies to enhance user experience and analyze website traffic. Users can manage their cookie preferences through their browser settings. Our Cookie Policy, accessible on our website, provides detailed information about how we use cookies and other tracking technologies.

User Consent

By using our website, users consent to the collection, use, and sharing of their personal and sensitive information as outlined in this Privacy Statement. Users are advised to read this Privacy Statement thoroughly to understand our practices regarding data handling.

Contact Information for Privacy Concerns

For any privacy-related concerns or inquiries, users can contact us at [Relevant Contact Information to be inserted here]. We are committed to addressing your concerns and resolving any issues related to your privacy and data protection.

Legal Jurisdiction and Compliance

Our data processing activities are subject to the laws of North Carolina where Interconnecting Circles and Communities, LLC is registered. We comply with local and international data protection laws applicable to our operations.

Changes to Privacy Statement

We reserve the right to modify this Privacy Statement at any time. All changes will be posted on our website and will be effective immediately upon posting. We encourage users to regularly review our Privacy Statement for any updates.

Collection of IP Addresses and Device Data

When you visit Interconnecting Circles and Communities, LLC we automatically collect certain information from your device, including information about your web browser, IP address, time zone, and some of the cookies that are installed on your device. Additionally, as you browse the website, we collect information about the individual web pages or products that you view, what websites or search terms referred you to the website, and information about how you interact with the website.

Use of Collected Information

The information collected through IP addresses and device data is used to:

• Analyze and monitor website usage trends and preferences.

• Improve and optimize our website (for example, by generating analytics about how our customers browse and interact with the website, and to assess the success of our marketing and advertising campaigns).

• Enhance website security and fraud detection capabilities.

• Provide personalized website experiences and targeted advertising based on user preferences and browsing behavior.

Non-Personal Identification Information

It’s important to note that this type of information is generally non-personally identifying, but it may be combined with other information to identify a user. We treat combined information as personal information in accordance with this Privacy Statement.

Third-Party Use of Cookies and Other Tracking Technologies

We may also use selected third-party service providers, such as Google Analytics, to track and analyze statistical usage and volume information from our site users. These third parties may use cookies, web beacons, and other tracking technologies to collect similar information about your browsing activities over time and across different websites following your visit to our site.

California Consumer Privacy Act (CCPA) Provision

Rights of California Residents

If you are a California resident, the California Consumer Privacy Act (CCPA) grants you specific rights regarding your personal information. This section describes your CCPA rights and explains how to exercise those rights.

Right to Know and Data Portability

As a California resident, you have the right to request that Interconnecting Circles and Communities, LLC disclose certain information to you about our collection and use of your personal information over the past 12 months. Once we receive and confirm your verifiable consumer request, we will disclose to you:

• The categories of personal information we collected about you.

• The categories of sources for the personal information we collected about you.

• Our business or commercial purpose for collecting or selling that personal information.

• The categories of third parties with whom we share that personal information.

• The specific pieces of personal information we collected about you (also called a data portability request).

Right to Delete

You have the right to request that Interconnecting Circles and Communities, LLC delete any of your personal information that we collected from you and retained, subject to certain exceptions. Once we receive and confirm your verifiable consumer request, we will delete (and direct our service providers to delete) your personal information from our records, unless an exception applies.

Right to Non-Discrimination

We will not discriminate against you for exercising any of your CCPA rights. Unless permitted by the CCPA, we will not:

• Deny you goods or services.

• Charge you different prices or rates for goods or services, including through granting discounts or other benefits, or imposing penalties.

• Provide you with a different level or quality of goods or services.

• Suggest that you may receive a different price or rate for goods or services or a different level or quality of goods or services.

Exercising Your CCPA Rights

To exercise your rights under the CCPA, please submit a verifiable consumer request to us by contacting us at [Relevant Contact Information to be inserted here]. Only you, or a person authorized to act on your behalf, may make a verifiable consumer request related to your personal information.

Colorado Privacy Act (CPA) Provision for Colorado Residents

Rights of Colorado Residents

If you are a resident of Colorado, the Colorado Privacy Act (CPA) grants you certain rights regarding your personal information. This section describes your CPA rights and explains how to exercise those rights.

Right to Access and Data Portability

As a Colorado resident, you have the right to access your personal information that Interconnecting Circles and Communities, LLC has collected, processed, or disclosed. Upon a verifiable request, we will provide you with a copy of your personal data in a portable and, to the extent technically feasible, readily usable format.

Right to Correct Inaccuracies

You have the right to correct inaccuracies in your personal information, taking into account the nature of the personal information and the purposes of the processing of your personal information.

Right to Delete Personal Information

You have the right to delete personal information that we have collected or maintained about you.

Right to Opt-Out of Processing

Colorado residents have the right to opt out of the processing of personal data for purposes of targeted advertising, the sale of personal data, or profiling in furtherance of decisions that produce legal or similarly significant effects concerning you.

Non-Discrimination and Right to Appeal

We will not discriminate against you for exercising any of your CPA rights. If you are not satisfied with our response, you have the right to appeal our decision. The appeal process will be made available to you upon request.

Exercising Your CPA Rights

To exercise your rights under the CPA, please submit a verifiable consumer request to us by contacting us at [Relevant Contact Information to be inserted here]. You may also authorize an agent to act on your behalf to exercise these rights.

Connecticut Data Privacy Act (CTDPA) Provision for Connecticut Residents

Rights of Connecticut Residents

Under the Connecticut Data Privacy Act (CTDPA), if you are a resident of Connecticut, you have specific rights regarding the collection, use, and processing of your personal information. This section aims to inform you of these rights and how you can exercise them.

Right to Access and Data Portability

Connecticut residents have the right to access the personal information that Interconnecting Circles and Communities, LLC has collected about them. Upon a verifiable request, we will provide you with a copy of your personal data in a portable and, to the extent technically feasible, easily accessible format.

Right to Correct Personal Information

You have the right to request the correction of any inaccurate personal information that we hold about you, considering the nature of the personal data and the purposes for which we process it.

Right to Delete Personal Information

You can request the deletion of your personal information that we have collected or maintain.

Right to Opt-Out of Certain Processing of Personal Data

As a Connecticut resident, you have the right to opt-out of the processing of your personal data for targeted advertising, the sale of personal data, or profiling in furtherance of decisions that produce legal or similarly significant effects concerning you.

Non-Discrimination

We will not discriminate against you for exercising any of your rights under the CTDPA. This includes not denying goods or services, charging different prices, providing a different level or quality of goods or services, or suggesting that you might receive a different price or rate for goods or services or a different level or quality of goods or services.

Exercising Your Rights

To exercise the rights outlined under the CTDPA, please submit a verifiable consumer request to us by contacting us at [Relevant Contact Information to be inserted here]. You may also designate an authorized agent to make requests on your behalf.

Utah Consumer Privacy Act (UCPA) Provision for Utah Residents

Rights of Utah Residents

In compliance with the Utah Consumer Privacy Act (UCPA), if you are a resident of Utah, you are afforded certain rights regarding your personal information. This section outlines your UCPA rights and the steps to exercise them.

Right to Access Personal Information

Utah residents have the right to access the personal information that Interconnecting Circles and Communities, LLC has collected about them. This includes the right to confirm whether we are processing your personal information and to access such data.

Right to Data Portability

Upon your request, and where technically feasible, we will provide your personal information in a portable and readily usable format, allowing you to transmit the information to another entity without hindrance.

Right to Delete Personal Information

You can request the deletion of your personal information that we have collected or maintained. We will take steps to delete your personal information from our records and direct any service providers to do the same.

Right to Opt-Out of Certain Data Processing

Utah residents have the right to opt out of the processing of personal data for purposes of targeted advertising or the sale of personal data.

Non-Discrimination for Exercising Privacy Rights

We will not discriminate against you for exercising any of your rights under the UCPA. This includes not denying you services, charging you different prices, providing a different level or quality of services, or suggesting that you might receive a different price or rate for services or a different level or quality of services.

Exercising Your Rights Under UCPA

To exercise your rights as outlined in the UCPA, please submit a request to us at [Relevant Contact Information to be inserted here]. You may also designate an authorized agent to act on your behalf in exercising these rights.

Virginia Consumer Data Protection Act (VCDPA) Provision for Virginia Residents

Rights of Virginia Residents

In accordance with the Virginia Consumer Data Protection Act (VCDPA), if you are a resident of Virginia, you are granted specific rights regarding your personal data. This section explains your VCDPA rights and how to exercise them.

Right to Access Personal Data

Virginia residents have the right to access the personal data that Interconnecting Circles and Communities LLC, has collected about them. This includes the right to confirm whether we are processing your personal data and to access such data.

Right to Correct Inaccuracies

You have the right to correct inaccuracies in your personal data, taking into account the nature of the personal data and the purposes for which we process it.

Right to Delete Personal Data

You can request the deletion of your personal data that we have collected or maintained.

Right to Data Portability

Upon your request, we will provide your personal data in a portable and, to the extent technically feasible, readily usable format that allows you to transmit the information to another controller.

Right to Opt-Out of Certain Processing

Virginia residents have the right to opt out of the processing of personal data for purposes of targeted advertising, the sale of personal data, or profiling in furtherance of decisions that produce legal or similarly significant effects concerning you.

Non-Discrimination

We will not discriminate against you for exercising any of your rights under the VCDPA, including by denying goods or services, charging different prices or rates, providing a different level or quality of goods or services, or suggesting that you will receive a different price or rate for goods or services or a different level or quality of goods or services.

Exercising Your Rights Under the VCDPA

To exercise your rights as outlined in the VCDPA, please submit a verifiable consumer request to us by contacting us at [Relevant Contact Information to be inserted here]. You may also designate an authorized agent to make these requests on your behalf.

Provide, maintain, and improve our services

Process transactions, applications and send related information

Respond to inquiries and customer support requests

Send promotional messages, updates, and other information related to the website

Monitor and analyze trends, usage, and activities in connection with our services

Information Sharing:

We do not sell, trade, or otherwise transfer your personally identifiable information to outside parties except as outlined in this Privacy Statement. This does not include trusted third parties who assist us in operating our website, conducting our business, or servicing you, so long as those parties agree to keep this information confidential. We may collect data from public databases, marketing partners, business partners, medical providers, and other sources.

Data Security:

We implement a variety of security measures to maintain the safety of your personal information. However, no method of transmission over the Internet or method of electronic storage is 100% secure, and we cannot guarantee its absolute security.

User Rights:

You have the right to:

• Access the personal information we hold about you

• Request the correction of inaccurate information

• Request the deletion of your personal information

• Object to the processing of your personal information

• Request the restriction of processing your personal information

• Withdraw your consent for data processing at any time

Third-Party Links:

Our website may contain links to third-party websites. These websites have their own privacy policies, and we are not responsible for their content or privacy practices.

Changes to Our Privacy Statement:

We may update this Privacy Statement from time to time. We will notify you of any changes by posting the new Privacy Statement on this page. You are advised to review this Privacy Statement periodically for any changes.

Contact Information:

If you have any questions about this Privacy Statement, please contact us at info@connectingcirclesllc.com

Compliance with HIPAA:

If you are a covered entity or a business associate as defined in the Health Insurance Portability and Accountability Act (HIPAA), Interconnecting Circles and Communities, LLC complies with all applicable requirements of HIPAA. We are committed to ensuring the confidentiality, integrity, and security of protected health information (PHI) that we may receive, maintain, or transmit.

Use and Disclosure of PHI:

We will not use or disclose PHI other than as permitted or required by the Agreement you have with us or as required by law. We will make reasonable efforts to limit the use of, disclosure of, and requests for PHI to the minimum necessary to accomplish the intended purpose.

Safeguards for PHI:

We have implemented appropriate administrative, physical, and technical safeguards to prevent unauthorized access, use, or disclosure of PHI. These safeguards are designed to maintain data privacy and protect PHI from accidental or unlawful destruction, loss, alteration, unauthorized disclosure, or access.

Reporting of Unauthorized Use or Disclosure:

In the event of any use or disclosure of PHI that is not provided for by our Agreement, including breaches of unsecured PHI, we will promptly report such use or disclosure to you in compliance with the requirements of HIPAA.

Business Associate Agreement (BAA):

If we function as a business associate to a covered entity, we acknowledge our obligations under HIPAA and will execute a Business Associate Agreement (BAA) that outlines our responsibilities with respect to PHI.

Access to PHI:

To the extent that we maintain PHI in a designated record set, we will make it available to you or, as directed by you, to an individual, in order to meet the requirements under HIPAA. We will also make any amendments to PHI as directed by you.

Regulatory Compliance:

We will comply with all other applicable requirements of HIPAA and cooperate with you in your efforts to ensure compliance.