WHAT WE DO

WHO WE ARE

OUR PRODUCTS

CONTACT US

Vistendo Privacy Policy

Last Updated:  April 4th, 2023

PRIVACY NOTICE OVERVIEW
Vistendo Inc. (“Vistendo,” “we” or “us”) provides a website and mobile application (collectively, the “Sites”) that provides information and tools to athletes, athletic trainers and coaches to manage and provide health, injury and training programs, assess performance, communicate and share data, provide educational information, and sell/purchase training content, and on the-field first aid response, our V-Aid Service (collectively, the “Services”).
If you use our Sites and Services, we collect and process various types of data from you. In some instances, the data will be considered “personally identifiable information (“PII”),” “personal information” or “personal data” under applicable laws. Generally, this type of data is information that relates to an identified or identifiable individual.
This Privacy Notice applies to both Personally Identifiable Information (“PII”) and Non-Personally Identifiable Information (“NPII”) that we obtain through the Sites and the Services. We will call PII and NPII “Personal Information.”
When you access the Sites or use our Services, you acknowledge that you have read this Notice and understand its contents. Your use of our Services and Site and any dispute over privacy is subject to this Privacy Notice and our Terms of Use (including any applicable disclaimers of warranties, limitations on damages, and the resolution of disputes).
YOUR PRIVACY IS IMPORTANT TO US. PLEASE READ THIS PRIVACY POLICY TO LEARN ABOUT THE INFORMATION THAT VISTENDO COLLECTS FROM YOU AND HOW VISTENDO USES THAT INFORMATION.
BY USING THE SERVICES, YOU CONSENT TO THE COLLECTION, USE AND TRANSFER OF YOUR PERSONAL DATA AS DESCRIBED IN THIS PRIVACY POLICY. IF YOU DO NOT AGREE WITH ANY PART OF THIS PRIVACY POLICY, THEN PLEASE DO NOT USE THE SERVICES.

SCOPE OF THIS POLICY
This Privacy Policy describes the information that Vistendo collects (directly or indirectly) and why we collect it, what we do with the information we collect and how you can manage your personal data. This Privacy Policy does not apply to any website or service that does not display or link to this Privacy Policy. We follow this privacy policy in accordance with applicable law in the places where we operate.

TYPES OF INFORMATION WE COLLECT
We collect two basic types of information – personal information (as defined in this policy as information that directly or indirectly identifies you) and anonymous information (as defined in this policy as information that does not directly or indirectly identify, and cannot reasonably to be used to identify, a specific individual) – and we may use personal and anonymous information to create a third type of information, aggregate information (as defined in this policy as information about groups or categories of users which does not identify and cannot reasonably be used to identify a specific individual).
In particular, Personal Information we may collect through the Services:
• Identifiers. Such as a real name, alias, postal address, unique personal identifier, online identifier, Internet Protocol address, email address, account name, telephone numbers, country of residence, date of birth, username, password, or other similar identifiers.
• Personal information categories listed in the California Customer Records statute (Cal. Civ. Code § 1798.80(e)). Such as name, signature, physical characteristics or description, address, telephone number, education, employment, employment history. Some personal information included in this category may overlap with other categories.
• Protected Classification Characteristics. Such as age (40 years or older), or sex (including gender, gender identity, gender expression).
• Biometric information. Such as behavioral, and biological characteristics, or activity patterns used to extract a template or other physical patterns, and sleep, health, or exercise data.
• Internet or other similar network activity. Such as Usage, viewing, technical, and device data when you visit our Sites, open emails we send, browsing history, search history, information on a consumer’s interaction with a website, application, or advertisement.
• Information you provide in public forums on our sites and applications, such as your public posts.
• Information sent either one-to-one or within a limited group using our message, chat, post, or similar functionality, where we are permitted by applicable law to collect this information.
• Geolocation data. Such as physical location or movements, including location information provided by a mobile or other device interacting with our Sites, and Services.
• Professional or employment-related information. Such as current or past job history.
• Inferences drawn from other personal information. Such as profile reflecting a person’s preferences, characteristics, psychological trends, predispositions, behavior, abilities, and aptitudes.
• Fitness and Wellness data. Such as information about your fitness level, sleep information, stress, fatigue, how you are feeling, and how you perform on tests provided in our Sites.
• Information we obtain from a third party, such as a site or platform provider, about use of our applications on third-party platforms or devices;
• Financial information, such as data related to your payment method (e.g. valid credit card number, card brand, expiration date) that we may collect when you purchase, order, return, exchange, or request information about our services from the Site.
We may link together different types of information or link information to Personal Data. If linked information directly or indirectly identifies an individual person, Vistendo treats the linked information as Personal Data.

HOW WE COLLECT INFORMATION
We collect Personal Information directly from you, as well as automatically through your use of our Services.
Personal Information that you give us during:
• Service Registration: When you register for the Services, we may collect your name, organization, email address, phone number, billing address, shipping address, country, and/or password. You decide how much information to share with us in most cases, but not sharing required information may limit your ability to take full advantage of certain Services.
• Using our Services: We may ask for contact information such as your name, address, telephone number, email address, contact preferences, employer/organization, and information related to our products and services. We collect this information so that we may: keep you informed about Vistendo, respond to your inquiries, provide you with information about our products and services, and offer you promotions.
We may ask for information related to your fitness level, height, weight, sleep patterns, stress level, injuries, and information related to how you are feeling. We may also ask for biometric information about you, such as heart rate, oximetry that are collected with your permission by third-party devices and applications. We may also ask you to complete a readiness questionnaire (how you feel prior to working out or injuries reporting).
Personal Information Collected Automatically:
• Subject to the exercise of your privacy choices, when you use or interact with our Sites and Services, we receive and store information generated by your activity, like usage data and other information automatically collected from your browser or mobile device. This information may include your IP address; browser type and version; preferred language; operating system and computer platform; the full Uniform Resource Locator (URL), clickstream to, through, and from our Site, including date and time; products or Services you viewed or searched for; and areas of our Site that you visited. We also may log the length of time of your visit and the number of times you visit
• In most cases, we use cookies, web beacons (also known as pixel tags and clear GIFs) and similar technology (“Data Collection Technology”) to automatically collect information (including Other Information) about you when you use the Services. Vistendo generally does not treat Other Information as Personal Data unless required by applicable law. Please see our Data Collection TECHNOLOGIES section in this Privacy Policy for more information about the cookies that we use.

DATA COLLECTION TECHNOLOGIES
Website cookies and web beacons: We may use cookies, web beacons, tracking pixels, and other tracking technologies on the Sites to help customize the Sites and improve your experience. Generally speaking, “cookies” are text files that are placed in your device’s browser, and that can be used to help recognize your browser across different Web pages, websites, and browsing sessions. User’s web browser places cookies on their hard drive for record-keeping purposes and sometimes to track information about them. User may choose to set their web browser to refuse cookies, or to alert you when cookies are being sent. If they do so, note that some parts of the Site may not function properly. You may not decline web beacons. However, they can be rendered ineffective by declining all cookies or by modifying your web browser’s settings to notify you each time a cookie is tendered, permitting you to accept or decline cookies on an individual basis.

Internet-based advertising: Additionally, we may use third-party software to serve ads on the Sites, implement email marketing campaigns, and manage other interactive marketing initiatives. This third-party software may use cookies or similar tracking technology to help manage and optimize your online experience with us.

Website analytics: We may also partner with selected third-party vendors to allow tracking technologies and remarketing services on the Sites through the use of first party cookies and third-party cookies, to, among other things, analyze and track users’ use of the Sites, determine the popularity of certain content and better understand online activity. By accessing the Sites, you consent to the collection and use of your information by these third-party vendors. You are encouraged to review their privacy policy and contact them directly for responses to your questions. We do not transfer personal information to these third-party vendors. However, if you do not want any information to be collected and used by tracking technologies, you can visit the third-party vendor.

You should be aware that getting a new computer, installing a new browser, upgrading an existing browser, or erasing or otherwise altering your browser’s cookies files may also clear certain opt-out cookies, plug-ins, or settings.

HOW WE USE PERSONAL DATA
We will only use your personal data when the law allows us to. Most commonly, we will use your personal data for the following lawful purposes:
• Where we need to perform the contract we are about to enter into or have entered into with you (“performance of a contract”).
• Where it is necessary for our legitimate interests (or those of a third party) and your interests and fundamental rights do not override those interests (“legitimate business interest”).
• Where we need to comply with a legal or regulatory obligation (“legal obligation”).
• Where you have provided consent (“consent”).
We will only use your personal data for the purposes for which we collected it, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose. If we need to use your personal data for an unrelated purpose, we will notify you and we will explain the legal basis which allows us to do so.
We use information that we collect from customers and visitors for the purposes of:
• providing our Services (performance of a contract);
• tailoring our Services to your training, wellness and fitness needs (consent);
• providing ongoing support (performance of a contract);
• communicating with you, including promotional communications and customer relationship management (“CRM”) (legitimate business interest);
• providing information about other Services (legitimate business interest);
• helping us run our company, for example to improve our Services or our security, train staff or perform marketing activities, including CRM (legitimate business interest);
• complying with our legal obligations (legal obligation); and
• accounting and other administrative purposes (legitimate business interest).

Here are some examples of the uses of information:
Account Data.
We may process your account data. The account data may include your name and email address. The source of the account data is you. The account data may be processed for the purposes of operating our website, providing our services, ensuring the security of our website and services, maintaining back-ups of our databases and communicating with you.
Service Data.
We may process your Personal Information that are gathered in the course of the use of our services. The source of the service data is you. The service data may be processed for the purposes of operating the Site, providing our services, ensuring the security of the Sites and Services, maintaining back-ups of our databases and communicating with you.
Usage Data.
We may process data about your use of our website and services. The usage data may include your IP address, geographical location, browser type and version, operating system, referral source, length of visit, page views and website navigation paths, as well as information about the timing, frequency and pattern of your service use. The source of the usage data is our analytics tracking system. This usage data may be processed for the purposes of analyzing the use of the website and services.
Legal Defense.
We may process any of your personal data identified in this notice where necessary for the establishment, exercise or defense of legal claims, whether in court proceedings or in an administrative or out-of-court procedure.
Legal Obligations and Vital Interests.
In addition to the specific purposes for which we may process your Personal Information set out in this Section, we may also process any of your Personal Information where such processing is necessary for compliance with a legal obligation to which we are subject, or in order to protect your vital interests, or the vital interests of another person.
Transaction Data.
We may process Personal Information relating to transactions, including purchases of goods and services, that you enter into with us and/or through the Site. The transaction data may include your contact details, your card details and the transaction details. The transaction data may be processed for the purpose of supplying the purchased goods and services and keeping proper records of those transactions.
Research and development.
We may create and use Aggregated Data, De-identified Data or other anonymous data from Personal Data we collect, for our business purpose, including to analyze the effectiveness of the Services, to improve and add features to the Services, and to analyze the general behavior and characteristics of users of the Services. We also use anonymous data for research purposes to help us and our research partners to understand better about human performance and behavior and create an even-better experience for our users by providing new features and products.
• AGGREGATED DATA is data that has undergone a process whereby the raw data is gathered and expressed in a summary form for statistical analysis. Raw data can be aggregated over a given time period, across individuals, or both, to provide statistics such as average, minimum, maximum, sum, and count. After the data is aggregated, analysis can be performed to gain insights about particular data sets. When data is aggregated across a number of individuals, the resulting aggregation is considered anonymized such that it is no longer Personal Data
• DE-IDENTIFIED DATA is data where all personally identifiable information has been removed, rendering the data anonymous by stripping out information that would allow an individual’s identity to be determined from the remaining data. De-identified Data is no longer Personal Data.

HOW WE SHARE INFORMATION
Vistendo may aggregate information collected though the Services and remove identifiers so that the information no longer identifies or can be used to identify an individual (“Anonymized Information”). Vistendo shares Anonymized Information with third parties and does not limit third parties’ use of the Anonymized Information because it is no longer Personal Data.
We may share information we have collected about you in certain situations. Your information may be disclosed as follows: The use of Personal Information by a third-party is generally governed by that entity’s privacy notice and its contract with Vistendo.
Merger or Acquisition
Vistendo may share Personal Data if Vistendo is involved in a merger, sale, acquisition, divestiture, restructuring, reorganization, dissolution, bankruptcy or other change of ownership or control (in whole or in part). Vistendo requires that the shared Personal Data remain subject to the promises made in the then-current Privacy Policy, unless and until you agree to a new privacy terms.
By Law or to Protect Rights
It is necessary to share information in order to investigate, prevent, or take action regarding illegal activities, suspected fraud, by lawful request of public authorities and national security or law enforcement requirements, situations involving potential threats to the physical safety of any person, violations of Terms of Service, or as otherwise required by law.
If we believe the release of information about you is necessary to respond to legal process, to investigate or remedy potential violations of our policies, or to protect the rights, property, and safety of others, we may share your information as permitted or required by any applicable law, rule, or regulation. This includes exchanging information with other entities for fraud protection and credit risk reduction.
Third-Party Service Providers
We may share your information with third parties that perform services for us or on our behalf, including payment processing. We may share Personal Information collected via the Services with service providers. Vistendo shares information with Vistendo’s other third-party service providers that perform services on our behalf, such as payment processing, web hosting, data storage, data analysis, email delivery, hosting services, customer service, and marketing assistance.
Marketing Communications
With your consent, or with an opportunity for you to withdraw consent, we may share your information with third parties for marketing purposes, as permitted by law.
Interactions with Other Users
If you interact with other users of the Sites, those users may see your name, profile photo, and descriptions of your activity, including sending invitations to other users, chatting with other users, liking posts, following blogs.
Online Postings
When you post comments, contributions or other content to the Site, your posts may be viewed by all users and may be publicly distributed outside the Sites in perpetuity.
Affiliates
We may share your information with our affiliates, in which case we will require those affiliates to honor this Privacy Policy. Affiliates include our parent company and any subsidiaries, joint venture partners or other companies that we control or that are under common control with us.
Business Partners
We may share your information with our business partners to offer you certain products, services or promotions.
Other Third Parties
We may share your information with advertisers and investors for the purpose of conducting general business analysis. We may also share your information with such third parties for marketing purposes, as permitted by law.

California Shine the Light Law:
California Civil Code Section 1798.83 permits users who are California residents to obtain from us once a year, free of charge, a list of third parties to whom we have disclosed personal information (if any) for direct marketing purposes in the preceding calendar year. If you are a California resident and you wish to make such a request, please send an e-mail with “California Privacy Rights” in the subject line to Privacy@vistendo.com or write us at: Vistendo Inc., Attn: Data Protection Officer, 148 E. Foothill Blvd. Ste#202, Arcadia, CA 91006 .

CHILDREN’S PRIVACY
The Services are not directed to or intended for use by minors under the age of 13. Consistent with the requirements of applicable law, if we learn that a child under the age of 13 has provided Personal Information, we will delete the child’s personal information as quickly as possible.
California Minors: The Service is not intended for anyone under the age of 13.
If you are a California resident under the age of 18, and a registered user of any site where this policy is posted, California Business and Professions Code Section 22581 permits you to request and obtain removal of content or information you have publicly posted.
• To make such a request, please send an email with a detailed description of the specific content or information to Privacy@vistendo.com. Please be aware that such a request does not ensure complete or comprehensive removal of the content or information you have posted and that there may be circumstances in which the law does not require or allow removal even if requested.
• When requesting removal, you must be specific about the information you want removed and provide us with specific information, such as the URL for each page where the information was entered, so that we can find it. We are not required to remove any content or information that: (1) federal or state law requires us or a third party to maintain; (2) was not posted by you; (3) is anonymized so that you cannot be identified; (4) you don’t follow our instructions for removing or requesting removal; or (5) you received compensation or other consideration for providing the Content or information. Removal of your content or information from the Service does not ensure complete or comprehensive removal of that content or information from our systems or the systems of our service providers. We are not required to delete the content or information posted by you; our obligations under California law are satisfied so long as we anonymize the content or information or render it invisible to other users and the public.

SECURITY OF PERSONAL DATA
The security, integrity, and confidentiality of your information are extremely important to us. Vistendo takes precautions intended to help protect information that we process but no system or electronic data transmission is completely secure. We have implemented technical, administrative, and physical security measures that are designed to protect guest information from unauthorized access, disclosure, use, and modification. We adopt appropriate data collection, storage and processing practices and security measures to protect against unauthorized access, alteration, disclosure or destruction of your personal information, username, password, transaction information and data stored on our Sites. Sensitive and private data exchange between the Site and its Users happens over a SSL secured communication channel and is encrypted and protected with digital signatures. We regularly review our security procedures to consider appropriate new technology and methods. Please be aware that, despite our best efforts, no security measures are perfect or impenetrable, and we cannot guarantee the security of your Personal Data.
We will retain your personal information for the length of time needed to fulfill the purposes outlined in this Privacy Policy unless a longer retention period is required or permitted by law.
Any transmission of your Personal Information is at your own risk and we expect that you will use appropriate security measures to protect your Personal Information. However, any information disclosed online is vulnerable to interception and misuse by unauthorized parties. Therefore, we cannot guarantee complete security if you provide personal information. You are responsible for maintaining the security of your account credentials for the Services. Vistendo will treat access to the Services through your account credentials as authorized by you.
If we become aware of a breach that affects the security of your Personal Data, we will provide you with notice as required by applicable law. To the extent permitted by applicable law, Vistendo will provide any such notice that Vistendo must provide to you at your account’s email address. By using the Services, you agree to accept notice electronically.

DATA RETENTION
Vistendo will keep your Personal Information for as long as we have a legitimate and lawful purpose to do so. The time periods for which we retain your PII depend on the purposes for which we use it.

OTHER RIGHTS
• Access or Disclosure: A right to request disclosure of your Personal Information, and to receive additional details regarding the Personal Information we collect and its use purposes, including any third parties with which we share information.
o Request this by emailing us at Privacy@vistendo.com.

• Rectification: The right to correct inaccurate personal data and complete incomplete Personal Information.
o The Site allows you to edit your profile. If you need additional assistance, email your request to Privacy@vistendo.com.

• Erasure: The right to deletion of Personal Information that we have collected, subject to certain exceptions.
o Request this by emailing us at Privacy@vistendo.com.

• Data Portability: In response to a request for disclosure, the right to receive your Personal Information in a readily useable format.
o Request this by emailing us at Privacy@vistendo.com.

• Objection to Processing: The right to object to processing for profiling, direct marketing, and statistical, scientific, or historical research purposes.
o Request this by emailing us at Privacy@vistendo.com.
o You can also set your cookie preferences to decline placing targeting cookies on your computer or device. You can also Unsubscribe to marketing emails from us.

• Objection to Commercial Sale: The right to object to the sharing or sale of your Personal Information, subject to certain exceptions.
o Instruct us not to transfer your Personal Information in return for anything of value by emailing us at Privacy@vistendo.com.

• Controls for Do-No-Track features: Most web browsers and some mobile operating systems include a Do-Not-Track (“DNT”) feature or setting you can activate to signal your privacy preference not to have data about your online browsing activities monitored and collected. No uniform technology standard for recognizing and implementing DNT signals has been finalized. As such, we do not currently respond to DNT browser signals or any other mechanism that automatically communicates your choice not to be tracked online. If a standard for online tracking is adopted that we must follow in the future, we will inform you about that practice in a revised version of this Privacy Policy. Most web browsers and some mobile operating systems [and our mobile applications] include a Do-Not-Track (“DNT”) feature or setting you can activate to signal your privacy preference not to have data about your online browsing activities monitored and collected. If you set the DNT signal on your browser, we will respond to such DNT browser signals.

• Options regarding your information: You may at any time review or change the information in your account or terminate your account by:
o Logging into your account settings and updating your account
o Contacting us using the contact information provided below
o Upon your request to terminate your account, we will deactivate or delete your account and information from our active databases. However, some information may be retained in our files to prevent fraud, troubleshoot problems, assist with any investigations, enforce our Terms of Use and/or comply with legal requirements.

• Emails and communications: If you no longer wish to receive correspondence, emails, or other communications from us, you may opt-out by:
o Noting your preferences at the time you register your account with the Site.
o Logging into your account settings and updating your preferences.
o Contacting us using the contact information provided below.

If you no longer wish to receive correspondence, emails, or other communications from third parties, you are responsible for contacting the third party directly.

CALIFORNIA CONSUMER PRIVACY ACT PRIVACY NOTICE
This Privacy Notice addresses California consumers’ rights under the California Consumer Privacy Act of 2018 (the “CCPA”).
• Information We Collect: Our Sites and Services collect information that identifies, relates to, describes, references, is capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer or device (“personal information”). In particular, the Sites and Services collect or may have collected the following categories of personal information in the last twelve (12) months. The categories of personal information are set forth in the “TYPES OF INFORMATION WE COLLECT” section of the Privacy Policy.
• Use of Personal Information: We may use or disclose the personal information we collect for one or more of the business purposes indicated in the “HOW WE USE PERSONAL INFORMATION” section of this Privacy Policy. We will not collect additional categories of personal information or use the personal information we collected for materially different, unrelated, or incompatible purposes without providing you notice.
• Sharing Personal Information: We may disclose your personal information to a third party for a business purpose. When we disclose personal information for a business purpose, we enter a contract that describes the purpose and requires the recipient to both keep that personal information confidential and not use it for any purpose except performing the contract. We share your personal information with the categories of third parties listed in the “HOW WE SHARE INFORMATION” section of this Privacy Policy.
In the preceding twelve (12) months, we have disclosed the following categories of personal information for a business purpose:
• Identifiers
• California Customer Records personal information categories
• Protected classification characteristics
• Biometric information
• Internet or similar network activity
• Geolocation data
• Professional or employment-related information
• Inferences drawn from other personal information
• Fitness and wellness data
We do not sell personal information. In the event that we do sell any personal information, we will update this Privacy Notice to list the categories of consumers’ personal information sold.
• Your Rights and Choices: The CCPA provides California consumers with specific rights regarding their personal information. This section describes your CCPA rights and explains how to exercise those rights.
• Right to Access Specific Information and Data Portability Right: If you are a California resident, you have the right to request that we disclose certain information to you about our collection and use of your personal information over the past twelve (12) months. Once we receive and confirm your verifiable consumer request, we will disclose to you:
 The categories of personal information we collected about you.
 The categories of sources for the personal information we collected about you.
 Our business or commercial purpose for collecting or selling that personal information.
 The categories of third parties with whom we share that personal information.
 The specific pieces of personal information we collected about you (also called a data portability request).
 If we disclosed your personal information for a business purpose, the business purpose for which personal information was disclosed, and the personal information categories that each category of recipient obtained.
By using the Vistendo App, you have the ability to download the disclosure information.

• Right to Delete: If you are a California resident, you have the right to request that we delete personal information that we collect from you, subject to applicable legal exceptions.
By using the Vistendo App, you have the ability to delete your personal information.

• Right to Opt Out of Sale of Personal Information: If you are a California resident, you have the right to “opt out” of the “sale” of your “personal information” to “third parties” (as those terms are defined in the CCPA). To submit a request to opt out of the sale of your personal information, please submit a completed Verifiable Consumer Request Form to us by:
Email: Privacy@vistendo.com with the subject line “do not sell info.”
Mail: Vistendo, Inc.
Attn: Privacy Officer
148 E. Foothill Blvd., Ste#202
Arcadia, CA 91006

• Authorization and Request:
If you are a California resident, you have the right to request, up to two times each year, access to categories and specific pieces of personal information about you that we collect, use, disclose, and sell. You can access the information from the Vistendo App.
• You may also make a verifiable consumer request on behalf of your minor child. The verifiable consumer request on behalf of your minor child must provide sufficient information that allows us to reasonably verify you are the person about whom we collected personal information or an authorized representative, and describe your request with sufficient detail that allows us to properly understand, evaluate and respond to it.

• Non-Discrimination: We will not discriminate against you for exercising any of your CCPA rights.

• Request Response: We endeavor to respond to a verifiable consumer request within forty-five (45) days of its receipt. If we require more time (up to 90 days), we will inform you of the reason and extension period in writing. We will deliver our written response electronically. Any disclosures we provide will only cover the 12-month period preceding the receipt of the verifiable consumer request. The response we provide will also explain the reasons we cannot comply with a request, if applicable. For data portability requests, we will select a format to provide your personal information that is readily useable and should allow you to transmit the information from one entity to another entity without hindrance.

• Fee: We do not charge a fee to process or respond to your verifiable consumer request unless it is excessive, repetitive, or manifestly unfounded. If we determine that the request warrants a fee, we will tell you why we made that decision and provide you with a cost estimate before completing your request.

CHANGES TO PRIVACY POLICY
Vistendo has the discretion to update this privacy policy at any time. When we do, we will revise the updated date at the bottom of this page.

 

CONTACT US
If you have questions or concerns regarding this Privacy Notice, or would like to update information we have about you or your preferences, please contact us at: Vistendo Inc., 148 E. Foothill Blvd., STE#202, Arcadia, Ca 91006

Vistendo Notice of Privacy Practices

This Notice Describes How Medical Information About You May Be Used And Disclosed

And How You May Receive Access To This Information.

Please Review It Carefully.

  

  1. Our Commitment To You

Vistendo is committed to maintaining the privacy of your health information. During your treatment with us, our employees or other Business Associates may collect information about your health history and your current health status. This Notice explains how that information, called “Protected Health Information” may be used and disclosed to others. The terms of this Notice apply to health information produced or obtained by Vistendo.

  1. Our Legal Duties

The HIPAA Privacy Law requires us to provide this Notice to you regarding our privacy practices, our legal duties to protect your private information and your rights concerning health information about you. We are required to follow the privacy practices described in this Notice whenever we use or disclose your protected health information (PHI). Other companies or persons that perform services on our behalf, called Business Associates, must also protect the privacy of your information. Business Associates are not allowed to release your information to anyone else unless specifically permitted by law. There may be other state and federal laws, which provide additional protections related to communicable disease, mental health, substance or alcohol abuse, or other health conditions.

  • Your Health Information May Be Used And Disclosed

The HIPAA Privacy Law permits Vistendo to make uses and disclosures of your health information for purposes of treatment, payment and health care operations.

  • Treatment: We will use and may share health information about you for your health care and treatments. For example, a nurse, medical assistant or athletic trainer or designated Vistendo personnel will obtain treatment information about you and record it in a medical record. Alternatively, one of our athletic trainer may use information about you for a consultation with, or a referral to, a physician to diagnose your illness or injury and determine which treatment option will best address your health needs. Except in emergency circumstances, we will make a “good faith effort” to get your permission prior to making disclosures outside Vistendo for treatment purposes.
  • Payment: We may use and disclose health information about you to obtain payment for the care and services that we have provided to you. For example, we may need to provide your health plan provider with information about you, your diagnosis, and the treatment provided to you by Vistendo’s professionals so that your health insurer will pay us, or reimburse you, for the treatment. We may also contact your health insurance to obtain prior approval about a potential treatment.  
  • Health Care Operations: We may use and share health information about you Vistendo’s health care operations, which include planning, management, quality assessment, and improvement activities for the treatments that we deliver. For example, we may use your health information to evaluate the skills of our athletic trainers, nurses, and other health care providers in caring for you. We also may use your information to review quality and health outcomes. We will obtain your written permission before making disclosures to others outside Vistendo for health care operations purposes.
  • Appointment Reminders: We may use and disclose PHI to contact you for appointment reminders and to communicate necessary information about your appointment.
  • Health-Related Benefits, Services and Treatment Alternatives: We may also contact you about new or alternative treatments or other health care services.  For example, we may offer to mail to you newsletters, coupons, or announcements.
  • Fundraising Communications: We may contact you as part of a fundraising effort. For example, we may use your information to contact you in an effort to raise money for Vistendo and its operations. We would only release your name, address and phone number, and the dates you received services at Vistendo. If you do not want us to contact you for fundraising efforts, you must notify Vistendo in writing.
  • People Assisting in Your Care: In certain limited situations, Vistendo may disclose essential health information to people such as family members, relatives, or close friends who are helping care for you or helping you pay your health care bills. We will disclose information to them only if these people need to know the information to help you. Generally, we will ask you prior to making disclosures if you agree to such disclosures. If you are unable to make health-related decisions or it is an emergency, Vistendo will determine if it would be in your best interest to disclose pertinent health information about you to the people assisting in your care.
  • Research: Federal law permits Vistendo to use or disclose health information about you for research purposes, if the research is reviewed and approved by an Institutional Review Board to protect the privacy of your health information before the study begins. We may disclose your information if we have your written authorization to do so. In some instances, researchers may be allowed to use information about you in a restricted way to determine whether the potential study participants are appropriate. We will make a “good faith effort” to acquire your permission or rejection to participate in any research study prior to releasing any protected information about you.
  • As Required by Law: We must disclose health information about you if federal, state, or local law requires us.
  • Serious Threat to Health or Safety: Consistent with applicable laws, we may disclose your PHI if disclosure is necessary to prevent or lessen a serious and imminent threat to the health or safety of a person or the public. We also may disclose protected health information if it is necessary for law enforcement authorities to identify or apprehend an individual.
  • Public Health Risks: As authorized by law, we may disclose health information about you to public health or legal authorities whose official responsibilities generally include the following:
  • To prevent or control disease, injury or disability;
  • To report births and deaths;
  • To report child abuse or neglect;
  • To report reactions to medications or problems with products;
  • To notify people of recalls of products they may be using;
  • To notify a person who may have been exposed to a disease or may be at risk for contracting or spreading a disease or condition; and
  • To notify the appropriate government authority if we believe a patient has been the victim of abuse, neglect or domestic violence. We will only make this disclosure if you agree or when required or authorized by law.
  • Organ and Tissue Donation: Consistent with applicable law, we may release your health information to organ procurement organizations or others engaged in the transplantation of organs to enable a possible transplant.
  • Specialized Government Functions: If you are a member of the military or a veteran, we will disclose health information about you as required by command authorities; or if you give us your written permission. We may also disclose your health information for other specialized government functions such as national security or intelligence activities.
  • Workers Compensation: If you are seeking compensation due to a work-related injury, we may release health information about you to the extent necessary to comply with laws relating to Workers Compensation claims.
  • Employers: We may release health information to your employer if we provide health treatment to you at the request of your employer, and the health care services are provided either to conduct an evaluation relating to medical surveillance of the workplace or to evaluate whether you have a work-related illness or injury. In such circumstances, we will provide you with written notice of such information disclosure.  Any other disclosures to your employer will be made only if you sign a specific authorization for the release of that information.
  • Health Oversight Activities: We must disclose health information to a health oversight agency for activities that are required by federal, state or local law. Oversight activities include investigations, inspections, industry licensures, and government audits. These activities are necessary to enable government agencies to monitor various health care systems, government programs, and industry compliance with civil rights laws. Most states require that identifying information about you, such as your social security number, be removed from information releases for health oversight purposes, unless you have provided written permission for the disclosure.
  • Lawsuits and Disputes: If you are involved in a lawsuit, dispute, or other judicial proceeding, we may disclose health information about you in response to a court order or subpoena, other lawful process, but only if efforts have been made to tell you about the request or to obtain an order protecting the information requested.
  • Law Enforcement: We may disclose your health information to a law enforcement official if required or allowed by law, such as for gunshot wounds and some burns. We may also disclose information about you to law enforcement that is not a part of your health record for the following reasons:
  • To identify or locate a suspect, fugitive, material witness, victim of a crime, or missing person
  • About a death we believe may be the result of criminal conduct
  • About criminal conduct at our location
  • In emergency circumstances to report a crime; the location of the crime or victims; or the identity, description or location of the person who committed the crime.
  • Correctional Facilities: If you are an inmate of a correctional institution or under the custody of a law enforcement official, we may disclose health information about you to the correctional institution or law enforcement official only as required by law or with your written permission. We may release your health information for your health and safety, for the health and safety of others, or for the safety and security of the correctional institution.
  • Coroners, Medical Examiners, and Funeral Directors: We may release your PHI to a coroner or medical examiner. This may be necessary, for example, to identify a deceased person or to determine the cause of death. We may also release your PHI to a funeral director, as necessary, to carry out his/her duties.
  • Required by HIPAA Law: The Secretary of the Department of Health and Human Services (HHS) may investigate privacy violations. If your health information is requested as part of an investigation, we must share your information with HHS.  
  1. Situations In Which Your Health Information May Be Disclosed With Your Written Consent

For any purpose other than the ones described above, we may only use or share your health information when you give us your written authorization to do so. For example, you will need to sign an authorization form before we can send your health information to your life insurance company. You may revoke an authorization at any time.

  • Marketing: We must also obtain your written authorization before using your health information to send you any marketing materials. The only exceptions to this requirement are that:
    • We can provide you with marketing materials in a face-to-face encounter or a promotional gift of very small value, if we so choose
    • We may communicate with you about products or services relating to your treatment, to coordinate or manage your care, or provide you with information about different treatments, providers or care settings.
    • We will not directly or indirectly receive remuneration in exchange for any protected health information of an individual unless the remuneration meets an exception in accordance with HIPAA requirements, a valid authorization that includes a specification of whether the protected health information can be further exchanged for remuneration by the entity receiving protected health information of that individual. 
    • The foregoing limitation shall not apply when the remuneration is exchanged for protected health information for certain purposes specifically permitted by HIPAA, such as for certain public health activities, research, and treatment, in accordance with HIPAA requirements.  In addition, the prohibition does not apply to remuneration that is provided by a covered entity to us for activities involving the exchange of protected health information that we undertake on behalf of and at the specific request of the covered entity pursuant to a business associate agreement, or to a subcontractor for activities that the subcontractor undertakes on behalf of and at the specific request of the Corporation pursuant to a business associate agreement; to an individual, when such individual requests access or an accounting of disclosures; required by law as permitted under HIPAA; or for any other purpose permitted by HIPAA, where the only remuneration received by the covered entity or the business associate (as applicable) is a reasonable, cost-based fee to cover the cost to prepare and transmit the protected health information for such purpose or a fee otherwise expressly permitted by other law.
  • Highly Confidential Information: Federal and state law requires special privacy protections for certain “Highly Confidential Information” about you, including any part of your health information that is about:
    • Child abuse and neglect
    • Domestic abuse of an adult with a disability
    • Mental illness or developmental disability treatment or services
    • Alcohol or drug dependency diagnosis, treatment, or referral
    • HIV/AIDS testing, diagnosis, or treatment
    • Sexually transmitted disease
    • Sexual assault
    • Genetic testing
    • In Vitro Fertilization (IVF)
    • Information maintained in psychotherapy notes

Before we share your Highly Confidential Information for a purpose other than those permitted by law, we must obtain your written permission.

  1. Your Rights Regarding Health Information We Maintain About You
  • Right to Inspect and Copy: You have the right to inspect and receive a copy of your PHI. A request to inspect your records may be made to Vistendo. For PHI in a designated record set that is maintained in an electronic format, you can request an electronic copy of such information. There may be a charge for copies of your PHI.
  • Right to Request Amendment: If you believe that any health information we have about you is incorrect or incomplete, you have the right to ask us to change the information, for as long as Vistendo maintains the information. To request an amendment to your health information, your request must be in writing, signed, and submitted to Vistendo or through Vistendo App. If we deny your request, we will provide you a written explanation. You may respond with a statement of disagreement that will be maintained with your records. If we accept your request to amend the information, we will make reasonable efforts to inform others, including people you name, of the amendment and to include the changes in any future disclosures of that information.
  • Right to Request Restrictions on Use and Disclosure: You have the right to request a restriction or limitation on certain uses and disclosures of your health information.

To request restrictions, you must make your request in writing to Vistendo.  In your request, you must tell us:

  • What information you wish to limit
  • Whether you wish to limit our use, disclosure, or both
  • To whom you want the limits to apply – for example, if you want to prohibit disclosures for insurance payment, health care operations, for disaster relief purposes, to persons involved in your care, or to your spouse.

You or your personal representative must sign it.

We are not required to agree to your request, but we will attempt to accommodate reasonable requests when appropriate. We retain the right to terminate an agreed-to restriction if we believe such termination is appropriate. In the event of a termination by us, we will notify you of such termination. You also have the right to terminate, in writing or orally, any agreed-to restriction.

  • Right to an Accounting of Disclosures: With some exceptions, you have the right to receive an accounting of certain disclosures of your PHI. Your accounting request must be in writing and signed by you or your personal representative, and submitted to Vistendo or you may submit your request through Vistendo’s App. Your request must specify the time in which the disclosures were made. These disclosures may not go back further than six years from the date of the request. You may receive one free accounting in any 12-month period. We will charge you for additional requests.
  • Right to Request Alternate Communications: You have the right to request that we communicate with you about medical matters in a confidential manner or at a specific location. For example, you may ask that we only contact you via mail to a post office box. You must submit your request in writing to Vistendo. We will not ask you the reason for your request. Your request must specify how or where you wish to be contacted. We will accommodate all reasonable requests.
  • Right to Receive a Copy of this Notice: You have the right to a paper copy of this Notice of Privacy Practices even if you have agreed to receive the Notice electronically. You may ask us to give you a copy of this Notice at any time.
  • Right to Cancel Authorization to Use or Disclose: Other uses and disclosures of your health information not covered by this Notice or the laws that govern us will be made only with your written authorization. You have the right to revoke your authorization in writing at any time, and we will discontinue future uses and disclosures of your health information for the reasons covered by your authorization. We are unable to take back any disclosures that were already made with your authorization, and we are required to retain the records of the care that we provided to you.
  1. Breach Notification
    • If there is breach of security of PHI incident, then we shall provide notice of the Breach of Security to whom whose PHI was breached or is reasonably believed to have been breached in adherence to State and Fed regulations.

For further information: If you have questions, or would like additional information, you may contact the Security Officer at privacy@vistendo.com

To File a Complaint: You may submit any complaints with respect to violations of your privacy rights to Vistendo.  You may also file a complaint with the Secretary of the U.S. Department of Health and Human Services, Office for Civil Rights if you feel that your rights have been violated. There will be no retaliation from Vistendo for making a complaint.

Changes to this Notice: We reserve the right to change this Notice. If we make a material change to this Notice, we will provide a revised Notice available at our office or on our website at www.vistendo.com

Contact Information: Unless otherwise specified, to exercise any of the rights described in this Notice, for more information, or to file a complaint, please contact the Privacy Officer at privacy@vistendo.com

Effective Date: This Notice is effective as of April 15th, 2021