Privacy Statement
This Privacy Policy tells you how GetHarley (“we,” “our,” “us”) collects, uses and shares information we collect on our website us.getharley.com and client portal (collectively the “Site”) and our services provided through our Site (“Services”) effective as of the date posted above. By using the Site and submitting information you agree that we may use and disclose your information according to the terms of this Policy.
This Privacy Policy is addressed to visitors of the Site and to the users of our Services (collectively “you,” or “users”). If you do not agree with the terms of this Privacy Policy please do not access our Site or use our Services.
GetHarley does not provide medical services or clinical advice. Only your practitioner can do this. Your practitioner will collect and use your personal information in connection with your consultation. The information shared with and processed by GetHarley as described in this notice will be done in our capacity as a data controller. Your practitioner will also act as a data controller for this information and for any additional information they collect as part of providing their consultation and treatment services to you. Ask your practitioner for their privacy statement detailing how they use your personal information, which will include information we might provide to them when you book an online consultation directly through us as well as information, they may provide to us.
Information we collect
We collect information which includes statistical data as well as personal data. “Personal data” is information that, directly or indirectly, identifies you or another individual and which may include full name, email address, your practitioner’s name and address, information you choose to provide about your health and your photo, as well as browser and device information (including Internet Protocol (IP) address), and information collected through cookies and other similar technologies.
We automatically collect statistical information when you visit the Site including your device’s IP address, and statistics about how you use the Site. We also collect information using cookies and similar technologies described below (See, Cookies).
We collect information that you submit when visiting the Site and information about you that is provided by your practitioner. When you create a GetHarley Account directly at GetHarley or through your practitioner we will collect your name, phone number, email address, date of birth, information to help match you with a practitioner (such as the reason you provide why you are seeking a consultation, practitioner preference, availability times, and, at your option, whether you are using medication and a photo of your skin), and the name and contact information of a practitioner. When your practitioner develops a skincare plan through GetHarley we will collect from them the products they recommend for you and instructions on your skincare regimen as part of that plan.
If you contact us with an inquiry about our products or services or for customer service we may collect contact information (name, phone number, email) and information contained in your inquiry.
We may also collect, use, and disclose information about you in the course of performing a function, service, or activity for or on behalf of a HIPAA covered entity with which we have a business relationship. The terms under which we may use and disclose that information, which may include your protected health information, are governed by our business associate agreement with the covered entity and are described in the covered entity’s notice of privacy practices.
How we use your information
We use the collected information for our general commercial purposes such as to improve our Site, grow our business and to offer our own, our affiliates’ or third-party products or services that we think you may find of interest. We use your information to respond to your inquiries or to provide information on products or services to you, to operate your GetHarley account and to communicate with you in connection with your use of our services. In particular, we may process personal data for the following purposes, for example:
- For the performance of a contract between you and us or to answer questions or take steps at your request prior to entering into a contract;
- To administer or otherwise carry out our obligations in relation to any agreement to which we are a party;
- To assist you in completing a transaction or order;
- To prepare and process invoices;
- To respond to queries or requests and to provide the Services and associated support;
- To provide customer relationship management;
- To create and manage our accounts;
- To notify you about changes to our services;
- To send you routine customer service messages, or information on updates;
- To offer our services to you in a personalized way;
- To send you personalized marketing communications where your consent is not required;
- To allow you to participate in questionnaires, contests and surveys and benefit from personalized promotional offers;
- To monitor quality control and ensure compliance with any and all applicable laws, regulations, codes and ordinances, for example, in response to a request from a court or regulatory body, where such request is made in accordance with the law;
- To ensure compliance with any applicable laws, regulations, codes and ordinances, for example, in response to a binding request from a court or regulatory body, where such request is made in accordance with the law.
- As necessary for our compliance with legal obligations to which we are subject (such as tax reporting and accounting processes);
- To resolve any disputes and protect our and others’ rights safety and property;
- As part of our efforts to keep our Site, Services and premises safe and secure;
- To ensure the security of your account and our business and to prevent or detect malicious activity or abuses of our Site and Services, for example, by requesting verification information in order to reset your account password (if applicable);
- To prevent or detect fraud;
- To administer our Site and services, and for internal business administration and operations, including troubleshooting, data analysis, testing, research, statistical and survey purposes;
- To create or identify products or Services that may meet your needs;
- To develop and improve our products and Services;
We do not anticipate routinely processing special categories of personal data. However, we may do so in certain circumstances, for example where:
- You have included such information in any communications that you send us, in which case we will consider the provision of such information to constitute your express consent for us to process it; or
- Processing such personal data is strictly necessary in relation to a legal claim.
Cookies and similar technologies; Do Not Track
We use cookies and similar technology to collect aggregate (non-personal) information about Site usage by all of our visitors and to help us remember you and your preferences when you revisit the Site. These cookies may stay on your browser into the future until they expire or you delete them. We also use technology that is necessary for our Site to function, such as to remember your purchase selections. These cookies usually are erased when you close your browser window. Further general information about cookies and how they work is available at allaboutcookies.org.
We may allow selected third parties to place cookies, pixels, and similar technologies through the Site to provide us with better insights into the use of the Site or user demographics or to provide relevant advertising to you. These third parties may collect information about a consumer’s online activities over time and across different websites when he or she uses our website. We may also permit third party service providers to place cookies through our Site to perform analytic or marketing functions where you are notified of them and you have consented to the usage. We do not control the use of such third party cookies or the resulting information and we are not responsible for any actions or policies of such third parties.
Except as otherwise required by applicable law, we do not use technology that recognizes a “do-not-track” signal from your web browser.
How to Control Cookies. When you first access our Site from certain jurisdictions, you will receive a message advising you that cookies and similar technologies are in use. By closing the message, or continuing to browse the Site, you signify that you understand and agree to the use of these technologies, as described in this Policy.
You do not have to accept cookies and consent can be withdrawn at any time, although you may not be able to use certain features on the Site. You can do this by activating the settings on your browser that allows you to refuse all or some cookies.
Children’s Privacy
This Site is not designed nor intended to be attractive to use by children under the age of 13. We do not knowingly collect information from children under the age of 13. If you are under 13 please do not submit any information to us.
Accessing your information and your choices
You can update, amend or delete your information at any time by logging into your GetHarley account.
You can choose not to receive promotional emails from us by “unsubscribing” using the instructions in any email you receive from us. This will not stop us from sending emails about your account or your transactions with us.
You can choose to delete or block cookies by setting your browser to either reject all cookies or to allow cookies only from selected sites. If you block cookies performance of the Site may be impaired and certain features may not function at all.
Disclosing your information
We may reveal information about you to unaffiliated third parties: (1) if you request or authorize it such as to your practitioner; (2) if the information is provided to help complete a transaction for you; (3) if the information is provided to comply with the law, applicable regulations, governmental and quasi-governmental requests, court orders or subpoenas, to enforce our Terms of Service or other agreements, or to protect our rights, property or safety or the rights, property or safety of our users or others (e.g., to a consumer reporting agency for fraud protection etc.); (4) if the disclosure is done as part of a purchase, transfer or sale of services or assets (e.g., in the event that substantially all of our assets are acquired by another party, customer information may be one of the transferred assets); (5) if the information is provided to our agents, outside vendors or service providers to perform functions on our behalf (e.g., analyzing data, providing marketing assistance, providing customer service, processing orders, etc.); or (6) as otherwise described in this Privacy Policy.
We may share your information with our affiliated companies.
We may share your information with third parties for their marketing purposes.
Security
We use reasonable technical, administrative and physical measures to protect information contained in our system against unauthorized access, destruction, misuse, loss or alteration. We may use standard encryption technology to protect information being transferred to our site, but no method of electronic transmission or storage is 100% secure. If we receive instructions using your log-in information we will consider that you have authorized the instructions.
Data Processing and Cross-Border Data Transfers
Our Site is maintained on servers located in the United States, and personal information submitted is stored on our servers in the United States. If you are visiting our Site from outside the United States, please be advised that your information is transferred to our U.S. servers. Disclosing your personal information to us pursuant to this Privacy Policy is at your own risk. We strive to comply with laws of jurisdictions in which we maintain operations but we make no representations that the practices described in this Privacy Policy are compliant with laws outside those jurisdictions that apply to the collection, security, use and disclosure of personal information.
State Specific Notices
Your California Privacy Rights.
California residents with an established business relationship with us are permitted by California law once a year to request information about the manner in which we shared certain categories of information with others for their marketing purposes during the prior calendar year.
We do not share your personal information with third parties for their direct marketing use unless we have your permission.
Notice to Nevada Residents
We may transfer personal information for monetary consideration. If you would like to tell us not to sell your information in the future please email us at hello@getharley.com with your name, postal address, telephone number and email address with “Nevada do not sell” in the subject line.
Notice to California, Colorado, Connecticut, Delaware, Indiana, Iowa, Montana, Nebraska, New Hampshire, New Jersey, Texas, Utah or Virginia Residents
We are currently not subject to the California Consumer Privacy Act of 2018/ Privacy Rights Act, the Colorado Privacy Act, the Connecticut Personal Data Privacy Act, the Delaware Personal Data Privacy Act, the Indiana Consumer Data Protection Act, the Iowa Consumer Data Protection Act, the Montana Consumer Data Privacy Act, the Nebraska Data Privacy Act , the New Hampshire Expectation of Privacy Act, the New Jersey Data Privacy Act, the Texas Data Privacy and Security Act, the Utah Consumer Privacy Act, and the Virginia Consumer Data Protection Act (collectively the “Privacy Laws”). (the “Privacy Laws”). If we become subject to any of these Privacy Laws in the future we will update this Privacy Policy accordingly.
Retention of your data
We retain your data for as long as it is necessary for the purpose for which it is collected. When determining the data retention period for each specific data category, we take into account various criteria such as the statutory requirements, your legitimate expectations, our business interests, and nature and sensitivity of the data.
Links to other sites
We may permit others to link to this Site or to post a link to their site on ours. We do not endorse these sites and are not responsible for other sites or their privacy practices. Please read their privacy policies before submitting information.
Changes to the Privacy Policy
From time to time we may amend this Privacy Policy. The Policy in effect at the time you use the Site governs how we may use your information. If we make material changes we will post the revised Policy and the revised effective date on this Site. Please check back here from time to time to review any changes.
Contacting us.
This Site is owned and operated by 16HarleyCo Ltd (trading as GetHarley)
You can write to us at: 379 West Broadway, New York City, New York, 10012, United States
You can also contact us using the Contact page on our Site.