REVIEW WAVE PRIVACY POLICY

(Last Updated December 21, 2020)

Review Wave, Inc., a California Corporation, (“Review Wave,” “we” or “us”) respects the privacy of every individual who visits the Review Wave web site, www.ReviewWave.com (the “Site”), and family of websites powered by Review Wave or utilizes its online Service including mobile applications (“App” or “Apps”), software, features, and programs hosted by or on behalf of Review Wave and its related services (together with the Site and the “Apps”, shall collectively be referred to as the “Service”). The terms “you” and “user” means all individuals and entities that access the Service.

This privacy policy outlines the information the Site may collect and how that information may be used. This privacy policy also describes the choices available to you regarding our use of your personal information and how you can access and update this information, and what information you provide that we will retain even if you decide to stop using the Review Wave Service.

Review Wave does not give, lease, sell or otherwise disclose your personal information. Any information you give to Review Wave will be held with the utmost care and will not be used in ways to which you have not consented.

You should also read our Terms of Service, available for Client Users at www.reviewwave.com/terms-of-service/ which contains important information about the scope and nature of the Service, and the rules that apply to your use of our Service.

Your use of the Service indicates that you consent to our collection, storage, use and disclosure of your personal information and other information as described in this privacy policy and the Review Wave Terms of Service. If you do not consent to the use of your personal information as described in this privacy policy or do not agree to the Terms of Service, do not use the Service.

If you have any questions at all about our privacy policy, please contact us at support@reviewwave.com For consumer requests, please see our section below titled “Submitting a Verifiable Consumer Request.

Types of Information We Collect

A. Personal Information. In order to access and utilize the Review Wave services, one is required to become a registered user. As part of the registration process and depending on the type of Service enrollment (provider based registration or patient based via our App(s)), one may be required to provide the following: (1) name; (2) email address; (3) age or date of birth (DOB); (4) username; (5) password; (6) phone number; (7) patient appointment dates and status; and (8) access information to hardware requirements in order to access and use the Service. All registration information provided to us must comply with the Review Wave Terms of Use Agreement.

As part of the user experience, you may also exchange information with us that would be part of the personal information we collect. Examples include but are not limited to the following: (1) information provided when you download or use applications from us; (2) information you enter into our system as part of using our services (e.g. patient name, email, phone number, address, date of birth, and appointment dates); (3) information you provide to us when contacting us for help; (4) profile information you provide for your personal user profile or information that is gathered as part of accessing your computer hardware and related devices (e.g. age, first and last name, picture, image or likeness, phone number, etc.); and (5) access to the data you provide to us in order to use our services.

  1. Specific Use of Personal Information. The information we collect allows us to provide you with a relevant user experience as well as a mechanism to keep you informed on Review Wave’s latest product announcements, software updates, and promotional information. If you so desire, you can remove yourself from our mailing list by opting out by updating your profile preferences.
    Other uses of personal information may be for validating a user account, fraud prevention, or other data safety precautions Review Wave may elect to implement. Additionally, we may use personal information for our internal purposes such as data analysis, auditing, and research to improve our Services to you.

B. Non-Personal Information. Review Wave collects information that in and of itself does not permit direct association with any specific person. In the case of non-personal information Review Wave has the right to collect, transfer, use, and disclose this information for any purpose. Examples of non-personal information and its intended use:

  1. Device related information. We may collect information such as the user device identifier (IDFA), type of mobile device, IP address of your mobile device, mobile operating system, and type of mobile Internet browsers. The device identifier itself may deliver the information to us directly or we may obtain this information via a third-party partner and/or affiliate. We use the information for the express purpose of better understanding customer behavior and improving our products and services.
  2. User activity with our Services. We may collect and store details on how you interact with our Services. This may help us improve our service offerings and to provide a better user experience.
  3. Metadata. Metadata is unique technical data that is generally associated with User Content. Metadata allows one to make their User Content more searchable when interacting with our Service. An example of metadata would be a hashtag or some form of geotag that would allow others to more readily find your submitted content and/or its given location.

C. Location Based Information. Use of the Review Wave services, permits us to collect precise information about the location of your particular device. Location may include but is not limited to background location information between Users. We may use your location information to provide requested location services and to allow tagging of files.

D. Information from Other Sources. This may include:

  1. User feedback;
  2. Requesting services for or on your behalf;
  3. Users or others providing information in relation to any claim or dispute;
  4. Review Wave business partners including those with whom you may create or access your account, such as payment providers, social media users, or websites who use Review Wave’s APIs or whose API Review Wave uses;
  5. Publicly available sources; and
  6. Marketing service providers.

Review Wave may combine the information gathered from these other sources with other information in its possession.

Categories of Personal Data we may Process

Certain sections of this Privacy Policy will only apply to residents of the European Union (“EU”). Unless required by relevant law, these additional sections or requirements will not be applicable to all users of Review’s Site or to all those who engage Review Wave for Services.

Relevant definitions for this and other sections of this Privacy Policy are as follows:

“Personal Data” means information that is about any individual, or from which any individual is directly or indirectly identifiable, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that individual.

“Process”, “Processing” or “Processed” means anything that is done with any of your Personal Data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction. Review Wave Processes your Personal Data rather than utilizing a third-party processor to do so on our behalf.

“Controller” means the entity that decides how and why Personal Data is Processed. Accordingly, Review Wave is the Controller of your Personal Data in that we decide how and why your Personal Data is Processed.

We may Process the following categories of Personal Data about you:

Personal details: to include given name(s); preferred name; and photograph (if provided).

Demographic information: to include date of birth; salutation; title; and language preferences.

Contact details: to include address; telephone number; email address; and details of your public business networking profile(s) or online biographies.

Consent records: records of any consents you may have given, together with the date and time, means of consent and any related information (e.g., the subject matter of the consent).

Payment details: invoice records; payment records; billing address; payment method; bank account number; card or account security details; Banker’s Automated Clearing Services (“BACS”) details; Society for Worldwide Interbank Financial Telecommunication (“SWIFT”) details; International Bank Account Number (“IBAN”) details; payment amount; and payment date.

Data relating to our Site: device type; operating system; browser type; browser settings; IP address; language settings; dates and times of connecting to our Sites; username; password; security login details; usage data; aggregate statistical information; internet service provider (ISP) details; referring and exit pages; and clickstream data.

Employer details: where you interact with us in your capacity as an employee, the name, address, telephone number and email address of your employer, only to the extent relevant.

Views and opinions: any views and opinions that you choose to send to us, or publicly post about us on social media platforms.

Legal Bases for Processing Personal Data

We may Process your Personal Data where: you have given your prior, express consent; the Processing is necessary for a contract between you and us; the Processing is required by applicable law; the Processing is necessary to protect the vital interests of any individual; or where we have a valid legitimate interest in the Processing.

In Processing your Personal Data in connection with the purposes set out in this Privacy Policy, we may rely on one or more of the following legal bases, depending on the circumstances:

Consent: We may Process your Personal Data where we have obtained your prior, express consent to the Processing (this legal basis is only used in relation to Processing that is entirely voluntary by you);

Contractual necessity: We may Process your Personal Data where the Processing is necessary in connection with any contract that you may enter into with us;

Compliance with applicable law: We may Process your Personal Data where the Processing is required by applicable law, to include compliance with our legal and regulatory obligations under applicable law.

Legal proceedings: Establishing, exercising and defending legal rights.

Vital interests: We may Process your Personal Data where the Processing is necessary to protect the vital interests of any individual if permitted by law; or

Legitimate interests: We may Process your Personal Data where we have a legitimate interest in the Processing. The balancing test we have conducted in each case is as follows:

Additional Purposes for which we may Process your Personal Data

We may Process your Personal Data for the following purposes, subject to applicable law:

Provision of Services: Providing our Sites or Services; providing Services on request; and communicating with you in relation to those Services.

Our Sites: Operating and managing our Sites; providing content to you; displaying advertising and other information to you; communicating and interacting with you via our Sites; and notifying you of changes to our Sites, or our Services.

Communications: Communicating with you via methods including email, telephone, text message, social media, post or in person, regarding information in which you may be interested, subject to ensuring that such communications are provided to you in compliance with applicable law; maintaining and updating your contact information where appropriate; and obtaining your prior, opt-in consent where required.

Communications and IT operations: Management of our communications systems; operation of IT security systems; and IT security audits.

Financial management: Sales; finance; corporate audit; and vendor management.

Surveys: Engaging with you for the purposes of obtaining your views on our Services.

Security: Physical security of our premises (including records of visits to our premises; closed-circuit television (“CCTV”) recordings; and electronic security (including login records and access details).

Investigations: Detecting, investigating and preventing breaches of policy, fraud, and violations of law, in accordance with applicable law.

Improving our Sites, Services: Identifying issues with our Sites, or our Services; planning improvements to our Sites, or our Services; and creating new Sites or Services.

Recruitment and job applications: Recruitment activities; advertising of positions; interview activities; analysis of suitability for the relevant position; records of hiring decisions; offer details; and acceptance details.

Sensitive Personal Data

“Sensitive Personal Data” means Personal Data about race or ethnicity, political opinions, religious or philosophical beliefs, trade union membership, physical or mental health, sexual life, any actual or alleged criminal offences or penalties, national identification number (as applicable in the EU) or any other information that may be deemed to be sensitive under applicable law.

We do not seek to collect or otherwise Process your Sensitive Personal Data in the ordinary course of our business. Where we need to Process your Sensitive Personal Data for a legitimate purpose, we do so: (1) on a limited, small scale; and (2) we rely on one of the following legal bases:

Compliance with applicable law: We may Process your Sensitive Personal Data where the Processing is required or permitted by applicable law;

Detection and prevention of crime: We may Process your Sensitive Personal Data where the Processing is necessary for the detection or prevention of crime (including the prevention of fraud);

Establishment, exercise or defense of legal rights: We may Process your Sensitive Personal Data where the Processing is necessary for the establishment, exercise or defense of legal rights; or

Consent: We may Process your Sensitive Personal Data where we have, in accordance with applicable law, obtained your express consent prior to doing so.

If you provide Sensitive Personal Data to us, you must ensure that it is lawful for you to disclose such data to us, including ensuring that one of the legal bases set out above is available to us with respect to the Processing of such Sensitive Personal Data.

Your Rights; Restriction of Processing; Data Portability

Subject to applicable law, you may have a number of rights regarding your Personal Data that we Process and/or Control, including:

You may exercise one or more of these rights or ask a general question about these rights or any other provision of this Privacy Policy, or about our Processing of your Personal Data, free of charge via postal mail, telephone, or email through the contact information provided in the “Contact Information” section below. Please note that:

Cookies and Other Tracking Technologies

“Cookies” are small data files that are sent to your web browser when you access a website, and the files stored on your device’s hard drive. We use “session” cookies to keep you logged in while you use the Site, to track your preferences and to track trends and monitor usage and web traffic information on the Site. These are erased when you close your browser. We use “persistent” cookies to relate your use of our Service to other information about you and store information about your preferences to make your user experience consistent and customized. For example, we may create a persistent cookie that includes some basic information about you, like your favorite website locations and whether customer support responded to your inquiry. These cookies stay on your hard drive until you erase them or they expire and associate your information with your account even if you are logged out.

Most browsers automatically accept cookies, but you can change your settings on the browser settings to refuse cookies or prompt you before accepting cookies. You can also use your browser settings or other tools to delete cookies you already have. However, if you disable or refuse cookies, then certain features of the Site may be inaccessible or not function properly.

As noted, however, we do use cookies to identify that your web browser has accessed aspects of the Service and may associate that information with your account if you have one. These cookies do not contain personally identifiable information; however, it may be possible for our third-party business partners to combine it with other information in order to identify your email address or other information about you. For example, the cookies may reflect de-identified demographic or other data linked to data you voluntarily have submitted to us, e.g., your email address, which we may share with a data provider solely in hashed, non-human readable form.  Visitors can also express their choices for display advertising, through the following platforms: Digital Advertising Alliance opt-out platform at optout.networkadvertising.org or the Network Advertising Initiative opt-out platform at www.aboutads.info/choices/.

Certain features of the Site may use local shared objects (or “flash cookies”). Flash cookies are small files similar to browser cookies that collect and store information about your preferences and where you browse and what you look at on the Site. Flash cookies are not managed by the same browser or device settings that are used for browser cookies. You may adjust your Adobe Flash Player settings to prevent flash cookies from being placed on your hard drive.

This privacy policy covers our use of cookies only and does not cover the use of cookies by third parties. We do not control when or how third parties place cookies on your computer. For example, third party websites to which a link points may set cookies on your computer.

We may use “clear GIFs” (aka “web beacons” or “pixel tags”) or similar technologies, on our Service or in our communications with you to enable us to know whether you have visited a part of our Service or received a message. A clear GIF is typically a one-pixel, transparent image (although it can be a visible image as well), located on a website or in an email or other type of message, which is retrieved from a remote website on the Internet enabling the verification of an individual’s viewing or receipt of a website or message.

We do not automatically collect personal information, but we may tie personal information with the automatically collected information using the above tools or information collected from other sources.

We may also log information using digital images called web beacons on our Service or in our emails. We may use web beacons to manage cookies, count visits, and to learn what marketing works and what does not. We may also use web beacons to tell if you open or act on our emails.

We and/or our partners may also use cookies for delivering personalized advertising emails. These cookies are used to identify the visitors of our advertisers’ websites and send personalized emails based on the visitors’ browsing experience.

We and/or our partners use cookies, pixels and other tracking technology to associate certain Internet-related information about you, such as your Internet Protocol address and what Web browser you are using, with certain of your online behaviors, such as opening emails or browsing websites. Such information is used to customize ads or content and may be shared with our partners.

We also use third party analytics services to collect usage data from our Site in order to help us understand how users are interacting with our Site. Third party analytic services are used to track general location information, and events that occur without our Services, such as how often you use our Services. This information, including your IP address, is transmitted and stored by 3rd parties as determined by us.

Internet Commerce Privacy Statement

Certain areas within the Review Wave site enable one to pay for products or services online. Review Wave values its customers and is committed to protecting your privacy. Your right to privacy and data security is a primary concern. We do not sell or rent the information you provide to us online to third parties. We include this Internet Commerce Privacy Statement to explain the way we handle the information you give us. Review Wave uses a secure server (SSL) to encrypt your account information that is transmitted to us. This logic encrypts the data being sent to the server from the browser using high-level encryption technology. Once the data is received it may be required that the data be maintained for a certain period of time inside our network. Encrypting the data means it cannot be viewed in plain text. We do not release credit card or other information for use by others. All information that you send us is stored on a secure server that is not lawfully accessible to anyone but Review Wave and its associates.

Review Wave uses Stripe as its third-party electronic payment processing provider for payment services (e.g. card acceptance, merchant settlement, and related services) (“Payment Services”) for payments related to the Service. By making use of some or all of these Payment Services on the Service, you agree to be bound by Stripe’s terms and conditions (available at https://stripe.com/us/legal) as well as its privacy policy (available at https://stripe.com/us/privacy/ and hereby consent and authorize us to delegate the authorizations and share the information you provide to us with our third party electronic payment processing provider(s) to the extent required to provide the Payment Services to you.

Customer Credit Card Information: Review Wave uses a Stripe to keep a protected copy of your credit card number. This billing data belongs to you, and by utilizing the Service, you grant Review Wave a license to use this data to bill you for services rendered.

If our Internet Commerce Privacy Statement changes in the future, we will post the updates to this Web site with or without notice to you, and you agree to be responsible for being familiar with any such updates.

IP Address Information and Other Information Collected Automatically

We automatically receive and record log file information from your web browser when you interact with the Site, including your IP address and cookie information. Generally, the Site automatically collects usage information, such as the number and frequency of visitors to the Site. We may use this data in aggregate form, that is, as a statistical measure, but not in a manner that would identify you personally. This type of aggregate data enables us and third parties authorized by us to figure out how often individuals use parts of the Service so that we can analyze and improve them.

Third-Party Sites and Services

Review Wave products, services, and application may contain links to third-party services (e.g. Facebook, Google etc.), products, and websites. Information collected by third parties is governed by their privacy policies and practices. We encourage you to read and learn about their specific privacy practices.

Information Sharing and Disclosures

From time-to-time, Review Wave may make certain personal information available to product and service partners. Specific ways Review Wave shares with third parties are described below:

A. Third-Party Service Providers. Review Wave may elect to outsource some of its technical and customer support, tracking and reporting functions, quality assurance testing, and other services that it may deem necessary. In these specific instances, we may share information about or from you in order for them to provide their services. Additional examples may include:

  1. Payment processors and facilitators.
  2. Cloud storage providers.
  3. Data analytics providers including Full Story and Google Analytics.
  4. Research partners.
  5. Consultants, accountants, lawyers, and other professional service providers.

In these specific instances, we may share information about or from you in order for them to provide their services.

B. Business Affiliates and Transfers. Review Wave may share information from or about you with its subsidiaries, joint ventures, or companies under common control, in which case we will require them to adhere to this Privacy Policy. In the event Review Wave, Inc. is acquired in total or by a substantial amount of its assets, we will make best efforts to ensure that the purchaser will assume the rights and obligations of this Privacy Policy. However, Review Wave cannot make any guarantees or promises with respect to a purchaser adopting the current rights and obligations of this Privacy Policy.

C. Investigations. As described in the Review Wave Terms and Conditions of Use, Review Wave reserves the right to provide and/or disclose necessary information for investigatory matters. Examples include but are not limited to: 1) compliance with law enforcement or the necessary legal process; 2) behavior and/or use violative of the Terms and Conditions of Use, and 3) instances whereby it is necessary to protect our rights and obligations.

D. User Request. This includes sharing your information with:

  1. Review Wave business partners. For example, we may share your location when you engage the services, we may make available to you through our business partners and their affiliates.

E. With your consent. Review Wave may share your information other than as we have described in this policy if we notify you and you consent to the sharing.

F. Aggregate/De-identified. We may disclose aggregate or de-identified information that we collect about you through our Service, for advertising, research and analytical services; however, we will strip out names, contact information and other personal identifiers before we do so.

We do not share information with third parties for their own direct marketing purposes. If we disclose any Protected Health Information (as that term is defined in 45 C.F.R. Part 160) to third parties, we will do so in accordance with the Health Insurance Portability and Accountability Act, as amended (“HIPAA”), the Health Information Technology for Economic and Clinical Health Act, as amended (“HITECH”), and any other applicable state and federal privacy and security laws, as they may be amended from time to time.

Storage of Your Information

The information you provide Review Wave may be collected through our services and processed in the United States or any other country in which Review Wave, its subsidiaries, affiliates, and/or service providers maintain facilities.

As a result, Review Wave its subsidiaries, affiliates, and/or service providers may transfer information we collect about you, including personal information, across borders and from your country or jurisdiction to other countries or jurisdictions around the world. For example, you may reside in another country or region with differing data protection and privacy laws than the United States. Consequently, when you register to use the Service you acknowledge and consent to Review Wave transmitting your information to the United States or to any country in which Review Wave and/or its subsidiaries, affiliates, and/or service providers maintain facilities and the use and disclosure of information about you as described in this Privacy Policy.

In turn, Review Wave uses commercially reasonable standards, measures and/or protocol to keep the information collected through the Service secure and as a result we take cautionary steps to verify your identify before granting you Service access. Moreover, Review Wave cannot ensure the security of any information submitted or transmitted by you to Review Wave nor can we guarantee that said information may not be disclosed, destroyed, and/or altered.

Protection of Personal Information

Review Wave preserves the security of your personal information with the utmost caution. As such, we follow the generally accepted industry standards to protect all user information submitted to us. Although we implement accepted industry standards, we cannot guarantee absolute security with respect to your personal information. Given the fact that no one method of transmission over the Internet or via mobile device is 100% secure, we urge you to take the utmost care when transmitting personal information.

When you use some of the features of the Review Wave services, the personal information and content you share is visible to other users and can be read, collected, or used by them. You are responsible for the personal information you choose to share or submit in these instances. Please take care when using these features.

Data security / Data Breach

We have implemented appropriate technical and organizational security measures designed to protect against any data breach. If a data breach occurs, we will notify the appropriate regulatory body or data protection authority in your country/jurisdiction within seventy-two (72) hours of us becoming aware of such data beach.

Because the internet is an open system, the transmission of information via the internet is not completely secure. Although we will implement all reasonable measures to protect your Personal Data, we cannot guarantee the security of your data transmitted to us using the internet – any such transmission is at your own risk and you are responsible for ensuring that any Personal Data that you send to us are sent securely.

Data accuracy

We take every reasonable step to ensure that:

From time to time we may ask you to confirm the accuracy of your Personal Data.

Data minimization

We take every reasonable step to ensure that your Personal Data that we Process is limited to the Personal Data reasonably necessary in connection with the purposes set out in this Privacy Policy.

Data Retention

  1. We will retain copies of your Personal Data in a form that permits identification only for as long as:
    1. we maintain an ongoing relationship with you (e.g., where you are a user of our Services, you are lawfully included in our mailing list and have not unsubscribed; or
    2. your Personal Data is necessary in connection with the lawful purposes set out in this Privacy Policy, for which we have a valid legal basis (e.g., where we have a legitimate interest in Processing your data for the purposes of operating our business and fulfilling our obligations under a contract), plus:
  2. The duration of:
    1. any applicable limitation period under applicable law (i.e., any period during which any person could bring a legal claim against us in connection with your Personal Data, or to which your Personal Data may be relevant); and
    2. an additional two (2) month period following the end of such applicable limitation period (so that, if a person brings a claim at the end of the limitation period, we are still afforded a reasonable amount of time in which to identify any Personal Data that are relevant to that claim), and
  3. In addition, if any relevant legal claims are brought, we may continue to Process your Personal Data for such additional periods as are necessary in connection with that claim.

During the periods noted in paragraphs (2)(a) and (2)(b) above, we will restrict our Processing of your Personal Data to storage of, and maintaining the security of such data, except to the extent that the data needs to be reviewed in connection with any legal claim, or any obligation under applicable law.

Once the periods in paragraphs (1), (2) and (3) above, each to the extent applicable, have concluded, we will either: permanently delete or destroy the relevant Personal Data; or anonymize the relevant Personal Data.

Review Wave will retain your personal information for the minimum amount of time required by applicable law in connection with regulatory, tax, insurance or other requirements in the places in which it operates. Review Wave thereafter deletes or anonymizes such information in accordance with applicable laws.

Users may request deletion of their account at any time. Following such request, Review Wave deletes the information that it is not required to retain and restricts the use of any information it is required to retain. You may request deletion of your account by contacting us here at support@reviewwave.com

Review Wave may also retain certain information if necessary, for its legitimate business interests, such as fraud prevention and enhancing users’ safety and security. For example, if Review Wave shuts down a user’s account, Review Wave may retain certain information about that account to prevent that user from opening a new Review Wave account in the future.

Access to Personal Information

In order to ensure that your personal information is current and accurate, please log in to your account using the Review Wave Site and go to user profile.

Children

We do not knowingly solicit data from or market to children under the age of 13. In the event a child’s parent and/or legal guardian becomes aware that their child has provided us with information without their consent, please contact us immediately at support@reviewwave.com Once notified, we will delete the information as soon as reasonably possible.

Privacy of our email lists

We do not sell, rent, loan, trade, or lease the addresses on our list to anyone. Individuals must specifically request to join our mailing lists using the forms provided on our website or other means expressly sanctioned by Review Wave.

Unsubscribe Policy

Your privacy is important, and we strive to send e-mail only to those who want to receive it. If you would not like to receive future e-mails from us, reply to any email with UNSUBSCRIBE as the subject. Your unsubscribe request will be satisfied no later than 10 business days upon making your request.

Disclaimer for External Links

Review Wave websites may provide links to Internet websites that are maintained by third parties, over which Review Wave has no control. Review Wave does not represent that any particular link will be on-line and functional at any given time. When a user leaves the Review Wave web site and visits another site, the user is subject to the Privacy Policy of that third-party website. It is the responsibility of the User to evaluate the content and usefulness of information obtained from other third-party sites. Review Wave does not endorse the content, operators, products, or services of such sites, and the Review Wave shall not be responsible or liable, directly or indirectly, for any damage or loss caused by or in connection with use of or reliance on any such external content, products, or services available on or through such external sites.

Contact Information

If you have any general questions and/or concerns about our Privacy Policy, you may contact us in writing at:

Review Wave
Attn. Administrator,
16531 Scientific Way
Irvine, California 92618
Telephone Number: (800) 563-0469

For consumer requests, please follow the specific instructions below under the section titled “Submitting a Verifiable Consumer Request.” Consumer requests not complying with the factual requirements in our provided form may prevent us from evaluating and responding to your request.

Privacy Policy Modifications

Review Wave reserves the exclusive right to change, modify, or alter the terms of this privacy policy. The most current version of this policy will govern our use of your information. Continued access and use of the Review Wave services after changes to our Privacy Policy occur indicate that you agree to be bound by the revised privacy policy.

Consent

Your continued access and use of the Review Wave service, subject to the Terms of Use and Conditions, signifies your unequivocal consent to the terms of this privacy policy.

California Residents: Your Privacy Rights

Effective January 1, 2020, the California Consumer Privacy Act (CCPA) allows California residents, upon a verifiable consumer request, to request that a business that collects consumers’ personal information to give consumers access, in a portable and (if technically feasible) readily usable form, to the specific pieces and categories of personal information that the business has collected about the consumer, the categories of sources for that information, the business or commercial purposes for collecting the information, and the categories of third parties with which the information was shared. California residents also have the right to submit a request for deletion of information under certain circumstances. Consistent with California law, if you choose to exercise your rights, we won’t charge you different prices or provide different quality of services unless those differences are related to your information.

We do not sell your personal information.

We disclose personal information for business purposes. From businesses that disclose personal information for a business purpose, you have the right to request:

  1. The categories of personal information that the business collected about you; and
  2. The categories of personal information that the business disclosed about you for a business purpose.

The right to request the business to delete the personal information it has collected from you, subject to certain legal exceptions, for example, when the personal information is necessary to complete a transaction for which we collected it or to comply with a legal obligation.

The right to be protected from discrimination for exercising your CCPA rights. Businesses are prohibited from discriminating against you for exercising your rights under the statute, including by: (A) denying you goods or services; (B) charging you different prices or rates for goods or services, including through the use of discounts or other benefits or imposing penalties; (C) providing you with a different level or quality of goods or services; or (D) suggesting that you will receive a different price, rate, level, or quality of goods or services. Nothing prohibits a business from charging a different price or providing a different level or quality of service if the difference is reasonably related to the value provided to the consumer by the consumer’s data.

Submitting a Verifiable Consumer Request

To exercise the access, data portability, and deletion rights described above or in an appropriate jurisdiction, please submit a verifiable consumer request to us by either:

Review Wave, Inc.
Attn: Privacy Policy Issues
16531 Scientific Way
Irvine, California 92618
Telephone Number: (800) 563-0469

For submissions via email please use the downloadable Verifiable Consumer Request Form: Downloadable Form. In order to eliminate fraudulent requests and to protect your personal information, we will not accept correspondence via any third-party applications and/or autogenerated template requests emailed to us.

For requests under the CCPA, only you, or a person registered with the California Secretary of State that you authorize to act on your behalf, may make a verifiable consumer request related to your personal information.

You may only make such a request for access or data portability twice within a 12-month period. The verifiable consumer request must provide sufficient information that allows us to reasonably verify you have had any connection to our services, you are the person about whom we collected personal information while using our services, or that you are an authorized representative making these representations on a consumer’s behalf. As it is important to guard against fraudulent claims and protect personal information, we require that your request provides us with sufficient detail to allows us to properly understand, evaluate, and respond to it.

We cannot respond to your request or provide you with personal information if we cannot verify your identity or authority to make the request and confirm that the personal information relates to you. Making a verifiable consumer request does not require you to create an account with us. We will only use personal information provided in a verifiable consumer request to verify the requestor’s identity or authority to make the request.

We endeavor to respond to a verifiable consumer request within forty-five (45) days of its receipt. If we require more time (up to 90 days), we will inform you of the reason and extension period in writing. We will deliver our written response electronically or in writing if deemed appropriate by our legal counsel. Any disclosures we provide will only cover the 12-month period preceding the verifiable consumer request’s receipt. The response we provide will also explain the reasons we cannot comply with a request, if applicable. For data portability requests, we will select a format to provide your personal information that is readily useable and should allow you to transmit the information from one entity to another entity without hindrance.

We do not charge a fee to process or respond to your verifiable consumer request unless it is excessive, repetitive, or manifestly unfounded. If we determine that the request warrants a fee, we will tell you why we made that decision and provide you with a cost estimate before completing your request.

Please note that Review Wave may claim legal exemptions for certain types of personal information from all or certain parts of the CCPA pursuant to various CCPA exemptions.

Additional Disclosures Under the CCPA

Review Wave does not sell your personal information to third parties (as those terms are defined under the CCPA). However, as outlined in this policy, we do allow third parties to collect personal information through our Services and share personal information with third parties for the business purposes we’ve described here. For more information, please refer to the “Types of Information We Collect” and “Information Sharing and Disclosures” sections of the Privacy Policy above.

List of categories of personal information collected about consumers and disclosed for a business purpose*:

Information you provide to us. This includes the information you provide when you register, such as your date of birth and identifiers including first name, last name, and email address, information you provide when you complete an application for Services on our Site, and information you provide when you submit information in forms or through other features of our Services, from which we may make inferences. If you are a Review Wave customer, this includes the information you provided regarding your patient practice e.g. patient name, email, phone number, address, date of birth, and appointment dates.

Information we automatically collect. We also collect information about how you access and interact with our Services. This includes device information, log information, geolocation information, and Internet or other electronic network activity information collected through technologies like cookies, web beacons, and browser web storage.

Information third parties provide about you. In order to provide our Services, we may collect information about you from third parties. This includes things such as electronic health records software, google, Facebook, Yelp and similar sites.

*Business purposes can include such things as: providing our Services, maintaining and servicing accounts, providing customer service, processing or fulfilling orders and transactions, performing analytics and quality control, auditing transactions, researching and testing features and improvements, detecting and preventing fraud and security incidents, debugging or repairing technical errors, and marketing our Services.