Privacy Policy

Last Updated: May 23, 2018

Attune Functional Medicine ("we," "our," or "us") respects the privacy of our visitors, users and customers. This privacy policy outlines the type of information that we collect about you ("user(s)," "visitor(s)," "customer(s)") while you are using the www.attunemed.com website (the "site" or "website") and the ways in which we use this information. This privacy policy does not apply to any information you may provide to us or that we may collect from you offline (for example: on the telephone, in person or through the mail).

This Privacy Policy has been written to better serve those who are concerned with how their 'Personally Identifiable Information' (PII), and 'Personal Data' are being used online. PII, as described in US privacy law and information security, is information that can be used on its own or with other information to identify, contact or locate a single person, or to identify an individual in context. 'Personal Data,' as described in the GDPR (General Data Protection Regulation) set forth by the European Commission, is any information relating to an identifiable person who can be directly or indirectly identified by reference to an identifier such as name, identification number, location data or other online identifier.

For the purposes of this Privacy Policy, we use the terms 'Personally Identifiable Information,' 'PII,' 'Personal Data,' and 'personal information' interchangeably to refer to any information that we collect directly or indirectly from visitors who use this website. Please read this Privacy Policy carefully to get a clear understanding of how we collect, use, protect or otherwise handle your personal information and what your rights and choices are.

WHO MAY USE THE WEBSITE?

The website is not intended for or designed to attract users under the age of 18. If you are under 18, you may not send us any personal information. The website is intended only for users from the United States. We cannot guarantee that the same privacy protections of the United States will apply to users from other countries.

INTERNATIONAL PRIVACY LAWS

If you are visiting this site from outside the United States, please be aware that you are sending information, including Personal Data and Personally Identifiable Information, to the United States where our company is located. You may also be sending information, including Personal Data and Personally Identifiable Information, to Poland, Canada, Russia or Malaysia, where our third-party email marketing software company (GetResponse) is located. That information may then be transferred within the United States or back out of the United States to other countries outside of your country of residence or current geolocation, depending on the type of information and how it is stored. These countries, including the United States, may not necessarily have data protection laws as comprehensive or protective as those in your country of residence. However, our collection, storage and use of your personal information will at times continue to be governed by this Privacy Policy. For more information on how GetResponse may process, protect and use the data of our website visitors, please review their privacy policy here.

WHAT PERSONAL INFORMATION DO WE COLLECT FROM THE PEOPLE THAT VISIT OUR BLOG, WEBSITE OR SOCIAL MEDIA?

When we collect your Personal Data, we may acquire any of the following:


  • Behavior (pages visited on our site, search terms used to find our site, comments, etc.)
  • Username
  • Password
  • Email address
  • First and last name
  • Mailing address
  • Zip code
  • Country of residence
  • Geolocation
  • IP address
  • Device ID
  • Type of device (ie: smartphone, desktop, tablet)
  • Browser settings
  • Type of browser (ie: Firefox, Chrome, etc.)
  • Operating system (ie: iOS, Android, Windows, etc.)
  • Billing information such as a billing address, shipping or mailing address and credit card number
  • Tax ID number
  • Company name
  • Title
  • Education institution
  • Other company details
  • Other personal details

You can opt out of providing most of this Personal Data by not entering the data when asked. However, please be aware that if you choose to withhold any Personal Data requested by us, it may not be possible for you to gain access to certain parts of the site, or to receive, download, purchase or access services, products and information, or for us to respond to your query.

WHEN DO WE COLLECT INFORMATION?

Most of our online services do not require any form of registration, allowing you to visit our site without telling us specifically who you are or sharing any personal details. We collect information from you when you register on our site, subscribe to our newsletter or mailing list, click on an advertisement or link from a third party site, visit any page of our website, click on a link or button, download something, purchase a product, write a review of our goods or services, or enter any information on our site.

HOW DO WE USE THE PERSONAL INFORMATION WE COLLECT?


We may use the collected information in any of the following ways:


  • To provide us with an overview of how people are accessing and using this website
  • To understand and analyze usage trends and preferences of our visitors and users so that we can improve our service and develop new products, services, features and functionalities
  • To personalize your experience and to allow us to deliver the type of content and product offerings in which you are most interested
  • To administer a contest, promotion, survey or other site feature
  • To provide information, products or services to you that you request
  • To market and sell products and services that may be of interest to you
  • To operate, maintain, enhance and provide all features of the service
  • To respond to comments and questions and to provide support to users of the service
  • To process payments
  • To contact visitors for administrative purposes such as customer service, or to follow up with you after email or phone inquiries
  • To address intellectual property infringement, right of privacy violations or defamation issues related to the Personal Data posted on the site
  • To communicate updates for privacy practices, promotions, events, products and services offered by us and by third parties we work with
  • To ask for ratings, reviews, feedback and opinions of services or products

You have the ability to opt-out of receiving promotional email communications and newsletters by clicking on the "Unsubscribe" link found at the bottom of any emails we send to you, or by contacting us (see "How to Contact Us" section below).

The information collected is not used for any additional purpose, and we do not profile those who access our website. We never buy, sell or loan any Personal Data.

WHO CONTROLS AND PROCESSES OUR WEBSITE USERS' DATA?

A data 'controller' determines the purposes for which and the manner in which Personal Data is processed. For users of this website, we (Attune Functional Medicine LLC) are a data controller.

A data 'processor' may hold or process Personal Data on behalf of a data controller. We may have multiple data processors at any given time, including, but not limited to:

  • Attune Functional Medicine
  • our email marketing and email management software service provider (currently GetResponse)
  • our website hosting service provider (currently SiteGround)
  • our blogging platform service provider (currently WordPress.com)
  • various payment merchants
  • Google
  • Facebook
  • Other social media sites

Note that, while the above entities act as data processors on our behalf, some or all of them may also act as data controllers in their own rights. For example, our payment merchants decide which information they need from our customers in order to process their payments correctly. The payment merchants or other data processing entities may also exercise control over the other purposes that a customer's data is used for, for example direct marketing of their products and services, which is not within our control. The payment merchants or other data processing entities also have legal requirements of their own to meet, such as regulations relating to the use and retention of payment card data or other Personal Data. And, finally, each data processor has its own terms and conditions and privacy policies that apply directly to our website users.

HOW LONG DO WE KEEP PERSONAL INFORMATION?

We collect only the data that we need for a specific processing purpose, and we delete the data as quickly as possible after the processing purpose has been completed. When you sign up for our email list or newsletter, we keep your information until (1) you unsubscribe; (2) you request that we delete your information; or (3) we cease this aspect of our business operations. The data that we collect through Google Analytics is kept for 26 days. Note that the third-parties associated with this website keep your Personal information according to their own privacy policies and terms of use.

HOW DO WE PROTECT OUR WEBSITE USERS' DATA?

Under data protection laws and regulations, Personal Data must be processed in accordance with certain data protection principles, under which Personal Data must:

  1. be processed fairly and lawfully and in a transparent manner;
  2. be obtained and processed only for one or more specified, explicit, and lawful purposes;
  3. be adequate, relevant and not excessive in relation to the purpose;
  4. be accurate and, where necessary, kept up to date;
  5. be kept for no longer than is necessary for the purpose;
  6. be processed in accordance with the rights of users and in a manner that ensures
appropriate security, integrity and confidentiality of the Personal Data

Attune Functional Medicine ensures that it employs appropriate technical and organizational measures to
adhere to these principles.

Additionally, we implement practices and procedures designed to ensure that Personal Data is processed only as instructed by the user, throughout the entire chain of processing activities by Attune Functional Medicine and its data processors. Additionally, our services undergo security assessments by internal personnel, which include infrastructure vulnerability assessments and application security assessments.

We regularly monitor the site for unauthorized intrusions, and we only permit authorized personnel to have access to password-protected secure areas. We have controls in place that are designed to prevent and detect the introduction of viruses to our web-based platforms and company-owned devices. We use a SSL (Secure Sockets Layer), which is the standard security technology for establishing an encrypted (secure) link between a web server and a browser. This secure link ensures that all data passed between our web server and our visitors' browsers remain private.

DOES THIS WEBSITE USE COOKIES?

Yes, this website uses cookies as do most other modern websites. A cookie is a small text file that a website saves on your computer or mobile device when you visit the site. It enables the website to remember your actions and preferences (such as login, language, font size and other display preferences) over a period of time, so you don't have to keep re-entering them whenever you come back to the site or browse from one page to another.

We may use cookies in order to:

  • Make our website work as you'd expect
  • Remember your settings during and between visits to the site
  • Improve the speed and security of the site
  • Allow you to share pages with social networks like Facebook
  • Continuously improve our website for you
  • Make our shopping basket and checkout work
  • Collect compensation from third-parties when you make a purchase through an affiliate link on our site or our social media platforms
  • Remember your search settings
  • Tailor content to your needs
  • Allow you to sign into your online shopping account
  • Remember if we have already asked you certain questions (e.g. prevent a pop-up inviting you to join our newsletter if you joined on a previous page)
  • And more

You can choose to have your computer warn you each time a cookie is being sent, or you can choose to turn off all cookies. You do this through your browser settings. Since every browser is different, look at your browser's Help Menu to learn the correct way to modify your cookies. If you turn cookies off, some features will be disabled. Please be aware that some of our third-party affiliates, whose links are found on this website, may also use cookies on their website. We do not control third-party cookie use or third-party privacy practices.

You may opt out of a third-party's use of cookies by visiting the Network Advertising Initiative opt-out page at http://www.networkadvertising.org/choices.

THIRD-PARTY DISCLOSURE

We do not sell, trade, or otherwise transfer to outside parties your Personally Data unless we provide users with advance notice. This does not include website hosting partners, email marketing software services, payment merchants, and other parties who assist us in operating our website, conducting our business, or serving our users, so long as those parties agree to keep this information confidential. We may also release information when its release is appropriate to comply with the law, enforce our site policies, or protect ours or others' rights, property or safety.

THIRD-PARTY LINKS

We may include or offer third-party links, products or services on our website. These third-party sites have separate and independent privacy policies. We therefore have no control, responsibility or liability for the content and activities of these linked sites. If you have any concerns about the privacy policies of third-parties, you should visit that party's website and review its privacy policy.

FACEBOOK CONVERSION TRACKING PIXEL

Our website may utilize the Conversion Tracking Pixel service of Facebook Inc. ("Facebook"). This tracking pixel is a small piece of Java script code that we have embedded into each of our web pages. This piece of code allows us to follow the actions of users after they are redirected to a provider's website by clicking on a Facebook advertisement. We use these pixels to record information about the way visitors use our website. This pixel records information about the user's browser session, which it sends to Facebook, along with a hashed version of the Facebook ID and the URL viewed.

Every Facebook user has a unique, device-independent Facebook ID that allows us to address and recognize users across a range of devices using the Facebook social network, so that we can address our visitors for commercial purposes using Facebook ads. The user information will be deleted after 180 days, until the user visits our website again. The collected data remain anonymous. This means that we cannot see the personal data of any individual user, and we will not be able to discover the identity of any individual user. However, the collected data are saved and processed by Facebook. We use the anonymous data from visitors to monitor and record the effectiveness of Facebook advertisements for our market research and advertising purposes.

We are informing you on this matter based on the information available to us at this time. Facebook is able to connect the data with your Facebook account and use the data for their own advertising purposes, in accordance with Facebook's Data Use Policy found here: https://www.facebook.com/about/privacy. Facebook Conversion Tracking also allows Facebook and its partners to show you advertisements on and outside of Facebook. Also, a cookie will be saved onto your computer for these purposes. Only users over 13 years of age may give their permission. If you are younger than this age, please consult your parent(s) or legal guardian(s) on this matter.

SOCIAL MEDIA WIDGETS


The website and its blog include Social Media Features, such as the Facebook 'Like' button and Widgets, such as the 'Share This' button. These Features may collect your IP address, which page you are visiting on the website, and may set a cookie in your browser to enable the feature to function properly. Social Media Features and Widgets are either hosted by a third party or hosted directly on the website. Your interactions with these features are governed by the privacy policy of the company providing it.

GOOGLE

Google's advertising requirements can be summed up by Google's Advertising Principles. They are put in place to provide a positive experience for users. 
See more at: https://support.google.com/adwordspolicy/answer/1316548?hl=en. 
We have not enabled Google AdSense on our site but we may do so in the future.

We use Google Analytics to monitor how visitors are using this website so that we can understand and analyze the usage trends and preferences of visitors in order to improve our service and develop new features and functionalities. To learn more about Google Analytics and how they may collect and use your data, please visit: "How Google uses data when you use our partners' sites or apps," located at https://policies.google.com/technologies/partner-sites. You can opt out of Google's use of cookies by visiting Google's ad settings.

In addition to standard Google Analytics, we have enabled Google Analytics' Advertising features. These features include the following:

  • Remarketing with Google Analytics
  • Google Display Network Impression Reporting
  • Google Analytics Demographics and Interest Reporting
  • Integrated services that require Google Analytics to collect data for advertising purposes, including the collection of data via advertising cookies and identifiers

We will use the advertising cookies and identifiers to collect information about your personal demographics, which may include your age and gender. You can opt out of Google Analytics by installing the Google Analytics Opt-out Browser Add-on available here: https://tools.google.com/dlpage/gaoptout/.

CALIFORNIA ONLINE PRIVACY PROTECTION ACT

CalOPPA is the first state law in the nation to require commercial websites and online services to post a privacy policy. The law's reach stretches well beyond California to require any person or company in the United States (and conceivably the world) that operates websites collecting Personally Identifiable Information from California consumers to post a conspicuous privacy policy on its website stating exactly the information being collected and those individuals or companies with whom it is being shared. 
See more at: https://consumercal.org/california-online-privacy-protection-act-caloppa/#sthash.0FdRbT51.dpuf

According to CalOPPA, we agree to the following:

  • Users can visit our site anonymously.
  • Once this privacy policy is created, we will add a link to it on our home page or as a minimum, on the first significant page after entering our website.
  • Our Privacy Policy link includes the word 'Privacy' and can be easily be found on the page specified above.

You will be notified of any Privacy Policy changes:

  • On the Privacy Policy page of this website

You can change your personal information:

  • By emailing us or mailing a letter to us (see the "How to Contact Us" section below)
DOES OUR SITE ALLOW THIRD-PARTY BEHAVIORAL TRACKING?

We currently allow third-party behavioral tracking through Google Analytics and Facebook Conversion Tracking Pixel service.

COPPA (CHILDREN ONLINE PRIVACY PROTECTION ACT)

When it comes to the collection of Personal information from children under the age of 13 years old, the Children's Online Privacy Protection Act (COPPA) puts parents in control. The Federal Trade Commission, United States' consumer protection agency, enforces the COPPA Rule, which spells out what operators of websites and online services must do to protect children's privacy and safety online. 
We do not specifically market to children under the age of 13 years old. We do not knowingly collect Personal information from any person under the age of 18.

CAN SPAM ACT

The CAN-SPAM Act is a law that sets the rules for commercial email, establishes requirements for commercial messages, gives recipients the right to have emails stopped from being sent to them, and spells out tough penalties for violations.

We may collect your email address in order to:

  • Send you information and goods that you have requested
  • Respond to your inquiries and requests
  • Market to our mailing list or continue to send emails to our clients after the original transaction or registration has occurred

To be in accordance with CANSPAM, we agree to the following:

  • Not use false or misleading subjects or email addresses.
  • Identify the message as an advertisement in some reasonable way.
  • Include the physical address of our business or site headquarters.
  • Monitor third-party email marketing services for compliance, if one is used.
  • Honor opt-out/unsubscribe requests quickly.
  • Allow users to unsubscribe by using the link at the bottom of each email.

If at any time you would like to unsubscribe from receiving future emails, you can email us and we will promptly delete your information and remove you from all correspondence. You may also unsubscribe at any time by clicking on the "Unsubscribe" link found at the bottom of any emails that we send to you.

YOUR RIGHTS AND CHOICES: ACCESS, CORRECTION AND DELETION OF YOUR PERSONAL INFORMATION

We respect your privacy rights and provide you with reasonable access to the Personal Data that you may have provided to us through your use of this site. If you wish to access or amend any other Personal Data we hold about you, or to request that we delete any information about you that we have obtained from an Integrated Service, you may contact us as set forth in the "How to Contact Us" section below. At your request, we will have any reference to you deleted or blocked from our database.

You may update, correct, or delete your information and preferences at any time by contacting us (see the "How to Contact Us" section below). You may also unsubscribe from our services by clicking the "Unsubscribe" link at the bottom of any emails that we send to you. Please note that while any changes you make will be reflected in active user databases instantly or within a reasonable period of time, we may retain some or all of the information you submit for backups, archiving, prevention of fraud and abuse, analytics, satisfaction of legal obligations, or where we otherwise reasonably believe that we have a legitimate reason to do so.

You may also decline to share certain personal information with us, in which case we may not be able to provide you with some of the features and functionality of our services. At any time, you may object to the processing of your personal information, on legitimate grounds, except if otherwise permitted by applicable law.

When you place an order through the site, we will maintain your order information for our records unless and until you ask us to delete this information. We are required to keep some basic information about our customers including transaction data for tax and legal purposes and therefore there is some information that cannot be deleted.

If you are located in the EU or EEA and fall under the rules of GDPR, you have the right to access any personal information we hold about you and to ask that your personal information be corrected, updated, or deleted. Under GDPR you have the right to erasure (or the right to be forgotten), meaning you can request that we delete all of your personal data from our systems. This is an additional step beyond unsubscribing from our email list. If your concern is wanting to stop receiving email, then unsubscribing should be adequate and full erasure might not be necessary. Please contact us if you have questions.

You will not have to pay a fee to access your personal data or to exercise any of the other rights. However, we may charge a reasonable fee if your request is clearly unfounded, repetitive or excessive. Alternatively, we may refuse to comply with your request in these circumstances.

We may need to request specific information from you to help us confirm your identity and ensure your right to access your personal data or to exercise any of your other rights. This is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it. We may also contact you to ask you for further information in relation to your request to speed up our response.

HOW TO CONTACT US


If you have any questions regarding this privacy policy, you may contact us using the information below. You can contact us at any time to:

  • Request access to information that we have about you
  • Correct or modify any information that we have about you
  • Delete information that we have about you


If you have any additional questions about our collection, storage and use of personal information, please contact us:

  • by email at info@attunemed.com, or
  • by postal mail at: Attune Functional Medicine, 13654 Xavier Lane, Suite 202, Broomfield, CO 80023
DISCLAIMER

This policy may be changed at any time at our discretion. If this policy is updated, we will post the updated version on this page of the website.