Privacy policy

Privacy Notice

Thank you for visiting the easybreathe.com website and using our Online CPAP Store and related goods and services (collectively, the “Site”). Please read the following information. It tells you what information we collect from you, how we might use it, and how you have certain privacy rights. We are committed to the privacy of our visitors and hope you enjoy your visit!

This Privacy Notice covers the practices of Easy Breathe, Inc. (“Easy Breathe”) and will remain in effect until a new notice supersedes it. We may update this Notice, so you should check this page periodically as the terms may change from time to time. The most recent version of the Notice will be reflected by the “last updated” date noted at the bottom of the page. Your continued use of the Site will constitute your acknowledgment of the Notice in its current version and your understanding of the terms of the Notice. This Notice incorporates the below HIPAA Notice under the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”), such as for protected health information (“PHI”). Please also review our separate Terms of Use .

If you have a specific question, feel free to click to the appropriate section below:

1. What information is collected?

2. Why and how do we use this information?

3. How do we verify insurance coverage?

4. How does our Site interact with third party services and content?

5. What information is disclosed to third parties?

6. What choices do you have over how your information is used?

7. Does our Site respond to do-not-track signals?

8. What if I access the Site from my mobile phone?

9. How do we secure and retain your information?

10. What age do I have to be to use this Site?

11. What are my privacy rights?

12. What if I live outside of the United States?

13. Who should I contact with questions or concerns?

14. When was this notice last updated?

What information is collected?

We collect the following types of personal information for the reasons outlined below. Our purposes for collecting information include our business purposes, namely to provide and improve our Site, including by fulfilling your orders and requests, and where authorized, for commercial purposes to market our Site and relevant offers to you.

Contact and Order Information: When you interact with us to make a purchase, including by entering a transaction on our website or calling our phone number, we may collect personal information from you as necessary to provide you with the features of the Site, including your:

§ First and last name

§ Email address

§ Phone and fax numbers

§ Billing and shipping addresses

§ Payment information, such as your credit card number and debit card number

§ Date of birth

§ Order history, including history of products considered

§ Account name and password

§ Signature

§ Audio (recorded during some customer service calls

§ Communications (such as if you contact customer support or use our chat feature)

§ Inferences such as your purchasing or consuming tendencies

This information includes personal identifiers and information under California Civil Code §1798.80, such as your name and address, and commercial information, such as purchases.

Health and Insurance Information: We may also collect health information from you to provide certain products and services, including your:

§ Health insurance information (if needed)

§ Medical prescription (if needed)

§ Medical records (if needed)

For example, some of the items we sell are only available with a valid prescription, or if you request an insurance check, we collect your name, provider, email, and phone number. If you have us submit a claim through insurance, we collect your health insurance information, medical prescription, and medical records if necessary. This can be obtained through your doctor’s office. In some circumstances, you may also upload your records. Only customers choosing to utilize their health insurance benefits and/or purchase a prescription-only item will have to submit this information. Health information may constitute PHI and sensitive information.

Cookie and Device Data: We may also collect device, internet, and technical information related to your activity on the Site through cookies and other technologies for marketing purposes and providing and improving certain services. For example, we may collect data for analytics (e.g., through Google Analytics and Hotjar) on which pages visitors visit, how long visitors may stay on a particular page, and where visitors are located generally. We may also obtain information about what browser, network, or device is used to visit our Site. To learn more about Google Analytics and how to opt out, please visit their Privacy Policy and Google Analytics Opt-Out Browser Add-On Page. To learn more about Hotjar and how to opt out, please visit their page.

In particular, a cookie is a small string of information that a website transfers to your computer and can help remember your preferences and improve your experience. Cookies are also used for activities such as analytics and marketing. You can disable cookies in your browser and device settings. For more information, see AllAboutCookies.org or AboutAds.Info. Further, a web beacon is an invisible pixel-sized graphic image on a webpage or email. It helps us do things like understand when certain content is viewed and to deliver a more personalized experience.

In addition, when you visit our Site, we may also log your anonymous IP addresses and unique identifier for your computer or other access device. This helps us diagnose problems with our server, to administer our Site, and to display the content according to your preferences.

Promotional Information. We collect information from you when you respond to a survey, sweepstakes, or promotion or sign up for our newsletter. This may include your name, phone number, email address, and any other necessary information, such as your insurance information if necessary to qualify for an offer. We use this information to provide the outlined parts of the Site, such as to notify you of selection for a sweepstakes or to email you our newsletter with helpful tips, and to market to you, such as through advertising emails.

Financial Incentive Data. From time to time, we may offer optional incentives related to the collection, retention, or sharing of information that may be deemed a “financial incentive” or “price or service difference.” If you opt in to such an offering pursuant to the terms described at the time of signup, we may collect information such as name and email address, commercial information and preferences, internet or other network activity, and device information. Any difference in price or rate, such as a discount, will be reasonably related to the value of the data. If you want to withdraw from the offering, please contact us.

Business Information. If you contact us as a business partner or for media or marketing inquiries, we collect the information you provide, such as to consider a potential business relationship.

Employment and Education Data. If you provide this information to us, such as if you apply for a job and forward your resume, we may collect your professional, employment, or education history for business purposes, such as reviewing job applications.

Public Data. If you publicize something about Easy Breathe or our Site, we may collect and use it for business purposes, such as reviewing and improving our Site, and commercial purposes, such as sharing a public review posted to social media.

Aggregate Data. We may collect and use aggregate data as authorized by applicable laws. For example, we may use aggregate group analytics to improve our Site without identifying you.

Why and how do we use this information?

We use the personal information about you for the reasons outlined above and below, which fulfills our business purposes, namely to provide and improve our Site, and specifically to:

§ Operate our business, including to provide goods and services through the Site;

§ Create and manage your account;

§ Process and fulfill your orders;

§ Personalize your user experience;

§ Provide customer service, such as responding to a request or order;

§ Obtain and respond to feedback and other communications;

§ Monitor and improve our Site and the interactions you have with our Site. For example, we may use data to troubleshoot, debug issues, and internal training;

§ Audit and respond to security incidents and protect against harmful activity; and

§ Comply with and enforce applicable legal requirements, relevant industry standards, and our policies.

We also use, if applicable, contact and order information, cookie and device data, promotional information, financial incentive data, business information, public data, and aggregate data for our commercial purposes to market to you. For example, we may use this data to:

§ Advertise products and services that may be of interest to you;

§ Add you to our email list and newsletter;

§ Provide and notify users of promotions and sweepstakes; and

§ Analyze user viewing and purchasing trends.

Further, we may use, if applicable, health and insurance information to:

§ Perform services as outlined in the HIPAA notice;

§ Respond to requests for insurance checks;

§ Conduct any required medical billing;

§ Communicate with you about care coordination and continuity of care; and

§ Market to you if and as authorized by you and applicable laws.

Note that we only use and disclose any “sensitive” data as necessary to provide the Site and which should be reasonably expected by you, such as verifying information, maintaining the quality or safety of the Site, performing services or providing goods reasonably expected (such as to fulfill your orders), for short-term use where there is no disclosure or profiling, or to resist malicious, fraudulent, or illegal actions or to ensure physical safety.

How do we verify insurance coverage?

If you request an optional insurance check, you may provide certain information, such as your first and last name, email address, phone number, zip code, and insurance carrier. You may be given the choice to complete your sign-up online, which prompts you to enter your Insurance Member ID and date of birth, or submit the form immediately, in which case you will be called to obtain that information.

Once we have your complete insurance information, it is verified by one of our team members. You will then receive an email and/or phone call letting you know that we have your coverage information and are ready to discuss it with you. If we do not receive a response, we may send your basic coverage summary to you via email.

How does our Site interact with third party services and content?

For your convenience, we may link to third party websites and services, or otherwise display third party content through our Site. Here are some potential examples:

§ Klayvio/or other Third Party Mail Service: We may automate our marketing and newsletters.

§ YouTube or Vimeo: We may embed content on our Site from other online services, such as a recorded video.

§ Social Media: We may facilitate easy access to third party sites and online services, like social networks and other services that host user-generated content such as Facebook, Twitter, and Pinterest.

§ Payment Processing: We work with third party vendors to process payments. These include, but are not limited to: Stripe, Authorize.net, and PayPal.

§ Delivery: We work with third party vendors to deliver our products. These include, but are not limited to: FedEx, UPS, and the United States Postal Service.

§ Content Delivery: We work with third party vendors to deliver web-content to our visitors. These include, but are not limited to: Outbrain and Tabloola.

§ Ads: We work with third party vendors to deliver targeted advertising to our visitors. These include, but are not limited to: Google AdSense, Bing, Yahoo, Facebook, and Twitter Ads.

§ Live chat: We work with Zendesk to provide live (people) chat technology to our users.

These links take you off our Site and are beyond our control. Please note that these other websites are not subject to this Privacy Notice and may send their own cookies to users, collect data, or solicit personal information. We urge you to review the equivalent data protection, privacy, and cookie policies of these third parties. We do not accept any responsibility or liability for third parties, and your use of third party websites or services is entirely at your own risk.

What information is disclosed to third parties?

We generally disclose information to provide and improve the Site and comply with legal and contractual obligations, including to fulfill your orders. Specifically, we disclose information to:

§ Service providers and contractors to provide and improve the Site, such as to help fulfill orders and process payments, store data, and provide customer service. These third parties agree to only use your information for contracted business purposes, rather than for their own data sales or marketin.

§ Related parties, including business partners or if there is a merger, acquisition, or sale, including to consider a potential contract and provide and improve the Site.

§ Legal parties and law enforcement to comply with legal obligations, such as to respond to subpoenas, court orders, or government or law enforcement requests. Likewise, we may disclose information to investigate, prevent, or respond to illegal, fraudulent, or injurious actions or security incidents that may cause imminent harm, or to investigate a violation of our terms, policies, or legal rights.

§ Third parties with your consent, such as to fulfill your requests, or if information is in the aggregate or de-identified form and does not identify you.

In addition, cookie, device, and related data may be shared with advertising partners and affiliates, as outlined above, to provide analytics and tailor marketing content to be relevant to you. For example, we may use custom audience functions, which shares “hashed” data with digital advertising platforms to target our marketing to provide you with the most helpful information and a more personalized experience. Once these custom audiences are created, we may also use the custom audience to create a “lookalike audience” to target ads to new people who share similar characteristics to individuals in the existing custom audience. Your privacy settings for advertising platforms, such as social media websites, are set and can be updated by the respective platform. You can also disable cookies and similar technologies as outlined above.

We do not “sell” your personal information for monetary consideration. However, the Site uses cookies and technologies, which may involve sharing of your device and technical information. This may be considered a data “sale” or data “sharing” under certain laws, depending on legal exceptions, which furthers our business purposes (e.g., providing the Site) and commercial purposes (e.g., other marketing). To opt out of these practices, contact us as outlined below.

What choices do you have over how your information is used?

You have choices regarding how your information is used. Some examples are below. For more information, please see the section below on your privacy rights.

§ Email: Those who wish to opt-out from receiving email offers will have their email address removed within 1-10 business days of receipt of their request to opt-out or to unsubscribe at info@easybreathe.com or by calling our customer service team at (866) 564-2252, subject to applicable laws. If you have multiple email addresses, you will need to opt-out for or identify each email address.

§ Accounts. By logging into your account, you may edit your billing and shipping address information, phone number, and email address. To permanently delete your account, you can email us at info@easybreathe.com. Please note, in certain circumstances, your name, order history, and insurance account information cannot be deleted from our system, subject to applicable laws.

§ Location information[ : You have the ability to turn location-based services on and off, if applicable, by adjusting the settings of your internet browser or device.

§ Cookies and web beacons: You can disable cookies, web beacons, and similar technologies through your browser or device, as outlined above.

Does our Site respond to do-not-track signals?

At this time, easybreathe.com does not recognize “do-not-track” instructions. However, you can change your privacy preferences regarding the use of cookies and similar technologies.

What if I access the Site from my mobile phone?

We collect and use information about you in the same way and for the same purposes if you access the Site from your mobile phone as we do when you use our website.

How do we secure and retain your information?

We have implemented various security measures to protect personal information and to treat your data securely, including by using secure managed servers to store information. Further, some of the items we sell are only available with a valid prescription. As such, we respect HIPAA where applicable. We may utilize the following vendors for different parts of the Site:

§ ZeroLag: Zerolag services are located in a dedicated HIPAA environment. You can read more about ZeroLag’s security protocols by visiting their security page.

§ Typeform: Typeform data is hosted on Amazon’s AWS service. You can read more about Typeform’s security protols here.

§ Salesforce: Salesforce provides Customer Relationship Management (CRM) software. You can read more about Salesforce’s security protocols here.

§ Zapier: Zapier can help move the information from Typeform to a Salesforce CRM. You can read more about Zapier’s security protocols here.

However, whenever you give out personal information online there are risks, including that third parties may intercept and use that information. While we strive to protect your personal information and privacy, we cannot guarantee the security of your information. By using this Site, you expressly acknowledge and agree that we cannot guarantee the security of any data provided to or received by us through this Site and that any personal information or data is provided at your own risk. To the extent allowable, we are not liable for any damages arising out of, or in any way connected with, a third party’s unauthorized access to your information. In other words, 100% security is not always possible. Whenever you give out personal information, including online, there is a risk that a third party may intercept and use that information. Data security also depends on you. For example, you should always keep your password and account information confidential and immediately alert us of any suspected breach relating to the Site.

We retain personal information for the length of time necessary to fulfill the purposes outlined in this Privacy Notice, unless a different retention period is requested by you or required by applicable laws. For example, we will retain your personal information for as long as it is needed to provide the Site features to you or fulfill a legal or contractual obligation. We may also aggregate, de-identify, or anonymize data as applicable for use in analytics, such as to track trends over time without identifying you. For requests to delete data, see below. We use the following criteria to determine how long we retain personal information: (a) our relationship with you, such as if there is a pending transaction or active account, (b) legal obligations to retain personal information for certain purposes, such as to maintain transaction records, including under HIPAA and state laws, and (c) other obligations or considerations relating to the retention of data, such as litigation holds, investigations, or statutes of limitation.

What age do I have to be to use this Site?

This Site is not intended for use by people under 13 years of age. We will not knowingly collect information from minors, and if we become aware of such data, we will delete it. We do not have knowledge of “selling or sharing” the personal information of consumers under the age of 16.

You may only order products if you are 18 years old or older. If you place an order, you warrant that you are 18 years old or older. If you are under the age of 18 and would like to purchase a product, your parent or guardian should place the order for you.

What are my privacy rights?

Different laws, such as the California Consumer Privacy Act (“CCPA”), govern your privacy rights and may depend on where you reside. To assert your rights, you may contact us as outlined below through your account, or with your full name and email address or phone number used in connection with the Site, for verification. If an authorized agent is making a request on your behalf, the agent should provide its name and contact information, such as an email address, in addition to your information. If you are requesting to access or change sensitive data, we may require additional verification. There may be situations where we cannot grant your request, for example, if you make a request and we cannot verify your identity, or if you request deletion of data that we have a legal obligation to keep. Where we deny your request, we will take steps to inform you of the denial and provide an explanation for our actions and reasons for the denial.

Generally, we adhere to the following set of privacy rights to the extent applicable and subject to any limitations authorized by law.

§ The right to know the categories of personal information we collect and use; the categories of the sources of data at issue; the business or commercial purposes for any collecting, selling, or sharing of data; the categories of third parties to whom data is disclosed; and the specific pieces of personal information collected;

§ The right to amend or correct your personal information;

§ The right to limit the processing of certain data;

§ The right to delete your personal information subject to legal limitations;

§ The right to opt-out of the sale of your information and certain data practices.

§ California residents also have the right under the “Shine the Light” law to request information about the sharing of information for direct marketing purposes; and

§ The right to not be discriminated against for exercising privacy rights.

For California residents, you can find a list of your rights, along with the categories of personal information we collect and use, the sources of personal information, our business and commercial purposes, and third parties to whom information is disclosed, as well as information about our retention of data, above. Please contact us with any privacy requests or questions.

To exercise your right to access, you may submit a verifiable consumer request by calling us toll free at (866)-564-2252, or by sending an email to privacy@easybreathe.com. Please include “Request for Access” in the subject line. You can also write to us at: 11859 Wilshire Blvd. Suite 110, Los Angeles, CA 90025. We strive to respond to you promptly within any legal time limits; and disclosures of information generally cover the 12-month period preceding your request, subject to applicable laws. Please note, certain laws like the CCPA do not apply to PHI that is collected by a covered entity or business associate governed by HIPAA. To learn more about your rights under HIPAA, visit the U.S. Department of Health & Human Services site at: https://www.hhs.gov/hipaa/for-professionals/privacy/guidance/access/index.html.

What if I live outside of the United States?

The Site is hosted and intended for users in the United States and is subject to United States laws. Please do not provide us with any information or attempt to purchase our products if you live outside of the United States.

Who should I contact with questions or concerns?

If you have any questions or comments relating to the Site or this Privacy Notice, send an email to info@easybreathe.com or call our customer service team at (866) 564-2252. You may also submit a contact form.

Easy Breathe, Incorporated offers programs, benefits, and other offerings to consumers that may involve or be related to the collection, retention, or sale of Personal Information that may be deemed a "financial incentive" or "price or service difference" under the California Consumer Privacy Act ("CCPA"). For purposes of this notice, "Personal Information" refers to information that identifies, relates to, describes, references, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer, household, or device.

These offerings may involve collecting the following categories of information from customers who participate: identifiers; customer records; commercial information and preferences; internet or other electronic network activity information and device information; geolocation data; audio, electronic, visual, or other sensory information; and inferences. We are providing you with this information so that you may make an informed decision on whether to opt into and participate in our programs. Examples of the programs we offer include:

CCPA Financial Incentive Notice

Surveys: We may also offer our customers opportunities to participate in surveys. In exchange for participation, you may be offered a financial incentive, such as a discount or a coupon. As part of these surveys, we may collect Personal Information such as your name, preferences, experiences, beliefs, opinions, and other responses to the survey questions. Participation in surveys is governed by the applicable terms and conditions for the survey, which will also describe any financial incentives associated with that survey and how to opt in and participate. You can terminate participation at any time as will be explained in the survey terms. Our good-faith estimate of the value of your Personal Information is the value of the benefit we offer to you. We have calculated such value by using the expense related to the benefit.
Limited-Time Promotions or Sweepstakes: From time to time, we may offer incentives limited to a specific time period, such as limited-time sweepstakes, contests and other promotions. In exchange for your participation in these promotions, you may be offered a financial incentive, such as a prize. As part of these limited-time promotions or sweepstakes, we may collect your Personal Information, such as your name, email address, and/or phone number. Participation in a limited-time offer or promotion is governed by the applicable terms and conditions for the program (e.g., Sweepstakes Rules), which will also describe any financial incentives associated with the promotion and how to opt in and participate. You can terminate participation at any time as will be explained in the program terms. The value of your Personal Information will be disclosed in the promotion’s terms. Our good-faith estimate of the value of your Personal Information is the value of the benefit we offer to you. We have calculated such value by using the expense related to the benefit.
One-Time Promotions: In addition to the programs identified above, we may also offer you one-time percentage off coupons, discounts, or other promotions from time to time, such as when you provide us your email address and agree to receive marketing emails in exchange for a one-time coupon. Such offers may not be available at all times. The amount and terms of such offers and how to participate will be presented to you at the time of the offer. You can terminate participation at any time by emailing privacy@easybreathe.com Our good-faith estimate of the value of your Personal Information is the value of the benefit we offer to you. We have calculated such value by using the expense related to the benefit.

By opting in and participating in any of the above promotional programs, you agree that the benefits are reasonably related to the value of the Personal Information collected and retained.

Participation in our promotional programs is always optional, and you can terminate program participation at any time as explained in the applicable program terms. You can also contact us at privacy@easybreathe.com to cancel your participation in any program.

Accessability:
We are committed to ensuring that this policy is accessable to individuals with disabilities. If you would like to access this policy in another format, please contact us using one of the ways outlined in the above section.

When was this notice last updated?

June 28, 2024

HIPAA Notice

Summary

This HIPAA Notice is a summary of privacy rights and practices under HIPAA. This HIPAA Notice is incorporated by reference into our Privacy Notice, which contains certain definitions.

Use and Disclosure of PHI

Generally, we use and disclose PHI to provide the Site and related goods and services, including to provide you with CPAP offers, fulfill your transactions of CPAP masks, machines, parts, and accessories as applicable, assist with continuity of care, and respond to your requests. We also use information, including any insurance information, for insurance checks and billing purposes if applicable. To the extent permitted under HIPAA, we may use PHI to improve the Site, to train staff, and for customer support and internal authorized business purposes.

We may also use or disclose your PHI as outlined in our Privacy Policy, such as to comply with legal obligations, such as responding to subpoenas, court orders, and law enforcement requests, or to prevent serious threats, subject to applicable laws; to communicate with insurers and other individuals authorized to be included in your care; to communicate within our company to provide the Site to you; to provide information to our service providers and vendors as necessary to perform the Site; and to fulfil your requests or otherwise with your lawful consent as required under applicable privacy laws. Further, we may use information for marketing purposes, or aggregate or de-identified data, subject to the legal requirements under applicable laws.

We keep records of PHI that you provide through the Site, which may include your health insurance information, medical prescription, and medical records if necessary, for as long as required or allowed under applicable laws, subject to any instructions from you and your insurer. Your insurer may also collect other information, such as your insurance plan information.

Responsibilities with Respect to PHI

HIPAA requires covered entities and business associates to:

· Maintain the privacy and security of your PHI

· Provide this HIPAA Notice about our duties and privacy practices regarding PHI

· Abide by the effective HIPAA Notice

· Notify you of any covered security breach of PHI

HIPAA Rights for PHI

If we have your PHI, you have the following rights, in addition to those in our Privacy Policy. We will respond to requests within the authorized time required. We may charge a reasonable fee if allowed by law. Your medical power of attorney or legal guardian may exercise your rights.

· Inspect and Amend. You may inspect, copy, and amend certain portions of your PHI. We will provide a copy or a summary. We will inform you of any denial of a request.

· Disclosures. You may request an accounting of the disclosures of your PHI, subject to certain limitations. You may also request restrictions on how we use or disclose your PHI. We will inform you of any denial of a request.

· Communications. You may request that we communicate with you in a specific way, such as by email, and we will comply with reasonable requests.

· Paper copies. You have the right to obtain a paper copy of this HIPAA Notice.

HIPAA Notice Changes

We may update the HIPAA Notice as outlined in our Privacy Policy, and we reserve the right to do so. Your continued use of the Site constitutes your acceptance of the terms of the effective HIPAA Notice. The effective date of this HIPAA Notice is the same as our Privacy Policy.

Complaints

If you believe there has been a HIPAA violation, you may start a complaint by contacting us as outlined below. To file a complaint with the Secretary of Health and Human Site, you can contact them at (877) 696-6775, 200 Independence Avenue SW, Washington, DC 20201, www.hhs.gov/ocr/privacy/hipaa/complaints. We will not retaliate against you or penalize you for asserting your privacy rights, such as filing a HIPAA complaint.

Contact Us

Please contact us with any questions or to assert your rights. We can be reached at:

Easy Breathe, Inc.

11859 Wilshire Blvd. Suite 110

Los Angeles, CA 90025