Privacy Policy
This Privacy Policy describes the types of personal information Retina Associates of Utah PLLC("RAU" or "we") may collect from you or that you may provide when you visit our websites, social media pages, and through other interactions by email, surveys or telephone (the “Service”) and our practices for collecting, using, maintaining, protecting, disclosing, and processing such personal information. Please read this policy carefully to understand our policies and practices regarding your personal information and how we will treat it. As used in this Privacy Policy, “personal information” means information that identifies, relates to, or describes an identified or identifiable natural person.
This Privacy Policy does not apply to the personal information, including health information, that we collect in the course of providing treatment services.
Information we collect and use
Through the Service and by Email and Telephone. We collect and store the following personal information and use it for typical business purposes (including security and anti-fraud purposes), as described more specifically below.
- Personal identifiers. We receive personal identifiers (such as your name, phone number, cell phone number, date of birth, e-mail address, mailing address, gender, and social media username) and use them to respond to your requests, and to communicate with you for appointments, marketing, surveys, and informational purposes. We may also collect and use this information to respond to feedback, complaints, and to provide information about our products and services.
- Message content. We receive messages you provide through email, by phone, or a contact us form on the Service, including in connection with customer service requests, appointment requests, surveys, and complaints. We use this information to respond to your requests and to improve the Service and our service. We may also use this information to post reviews on our Service.
- Appointment or curbside consult information. When you request to make an appointment or curbside consult online, the Practice will treat that information in accordance with the HIPAA Notice of Privacy Practices made available on those web pages and not under this Privacy Policy.
- Business-related information. We may receive business-related information when you refer a patient (such as the name of your practice). We use this information to respond to your requests.
- Geolocation information. We may use some of the information we collect, such as IP addresses, to estimate an approximate location of the device you are using to access our Service in order to enhance and personalize the features and functionality of the Service and service offerings.
- Survey information. We may receive survey responses that you submit to us. We use this information for research and other business purposes.
- Anonymous or aggregated information. We de-identify or aggregate data we receive and may use and disclose it for any business purpose.
- Inferences. We may draw inferences from the categories of information described above. This information may be used so that we can improve future user experiences with the Practice and to provide a more personalized experience.
From Referring Physicians. If you use the Service to refer a patient, we may submit information about your practice and relating to the patient, including personal identifiers (such as their name, date of birth, phone number, and address), gender, patient insurance number, a description of the reason for the referral (such as diagnosis and symptoms), and any other information you may provide. We process the patient information received from referrals in accordance with the Practice’s HIPAA Notice of Privacy Practices made available on the Practice web page and not under this Privacy Policy.
Social Media. If you post information on our social media pages, we may use the information to respond to your post, to promote our business and services, and in the normal course of our business operations. We may collect personal identifiers, such as your social media username, and other personal characteristics that you have made publicly available on the social media website. Note that the third-party operators of social media websites also receive such information and your posts, and their use of your personal information is governed by their own privacy policies.
Automatically Through the Service. When you visit our Service, we may collect information about your use of our Service by automated means. Such means include the use of cookies, web beacons, web server logs, and other similar technologies.
We may use such first-party technologies to collect personal identifiers (such as your IP address), information about your device (such as your browser characteristics, device IDs and characteristics, operating system version, and language preferences) and information concerning your usage of our Service (including the link you used to reach a given webpage). For example, we use this information to determine how many users have visited particular webpages, viewed particular content, or opened messages or alerts, and we may also use such information to improve the performance of the Service, to improve our marketing activities, and to enforce our website service terms, prevent malicious conduct, and for anti-fraud and security purposes.
In some cases, our third-party partners may process information collected by cookies and related technologies on our behalf that we permit them to use on the Service. Please see our Cookie Policy for more details. With respect to any social network pages that we may use, please see the privacy policies and any cookie policies of the applicable social network providers as to their automated data collection practices.
As indicated above, we, similar to many other website operators, currently use Google Analytics to collect and process certain Service usage data. To learn more about Google Analytics and how to opt out, please see our Cookie Policy.
You may be able to change a web browser’s settings to block and delete cookies when you access the Service through that web browser. However, if you do that, the Service may not work properly; also, we will still receive basic information (such as last URL visited) when you navigate to the Service. The Service does not respond to browser do-not-track signals.
Information Disclosures
To Support Our Business. We may provide third parties with the personal information we collect (as described above) for our business purposes to assist us in providing products and services to you, including to put you into contact with a partner or to help us market.
To Provide, Protect, and Improve Our Service and Services. We disclose personal information as necessary to operate our business, such as with third-party providers, partner practices, and affiliates in connection with providing services to you. For example, we may provide your name, telephone and e-mail address information, to our partner practices. We require that third-party providers use personal information only for that purpose, and we also require assurances that they will appropriately protect personal information entrusted to them. We also may access, preserve, and disclose information if we believe that such action is necessary in our judgment to comply with a legal obligation or to protect and defend our rights or property, or those of others. For example, we may provide information, including IP address information, to our service providers to protect the Service, such as for fraud detection purposes.
To Comply with the Law and Legal Process. We may access, preserve, and disclose information concerning you if required to do so by law or if we believe that such action is necessary in our judgment to comply with a legal obligation.
Other Sharing. We may share information as described under “Information We Collect and Use” above and for other business purposes as otherwise explained in this Privacy Policy.
Sales, Mergers, and Acquisitions. In the event of a merger, acquisition, financing due diligence, reorganization, bankruptcy, receivership, sale of company assets, or transition of service to another entity (whether by private sale, through operation of law, as part of a divestiture plan, or otherwise), we will provide personal information and transaction history associated with each such business unit to the persons and/or entities assuming control of such business unit or as otherwise necessary to complete the transaction as permitted by law or contract.
Retention of Personal Information
As a general matter, we only keep information for as long as necessary to fulfill the purposes for which it was collected, as stated in our retention policies, and permitted or required by law, such as to comply with recordkeeping and other legal obligations. There may also be residual information that will remain within our backup files, databases, and other records, which will not be removed or changed, except in accordance with retention policies. The criteria used to determine our retention periods include:
- The length of time we have an ongoing relationship with you and provide services to you (for example, for as long as you are a patient with us or keep using our services) and the length of time thereafter during which we may have a legitimate need to reference your personal information to address issues that may arise;
- Whether there is a legal obligation to which we are subject (for example, certain laws require us to keep records for a certain period of time before we can delete them); or
- Whether retention is advisable in light of our legal position (such as in regard to applicable statutes of limitations, litigation or regulatory investigations).
Protection of Personal Information
We employ reasonable security measures to secure and protect the information we receive. No method of electronic transmission or storage is 100% secure.
Links to Third-Party Websites
The Service may contain links to other websites, and other websites may link to the Service. This Privacy Policy does not apply to personal information that you submit to the websites of our business partners, partner practices, or any other third-parties or that are collected by them from you, even if those third-party websites are linked to our Service or listed in our Cookie Policy. We are not responsible for the privacy practices of such other websites. When you visit another website – via a link from the Service or otherwise – you should review the privacy policy of that other website. This Privacy Policy applies solely to information provided or obtained on our Service.
No use by children under the age of 13
The Service is not intended for use by children under the age of 13. If you are under the age of 13, you may not use our Service. We do not knowingly collect, maintain, or use personal information from children under 13 years of age. If we believe that any information has been posted by a child under the age of 13, we will promptly delete that information. Parents may contact us using the methods set forth below to request that information concerning their child be removed from our Service.
How to contact us with questions
Customer questions, comments, and feedback are very important to us. If you have questions about this Privacy Policy please contact us at:
Retina Associates of Utah
5169 S Cottonwood Street Building 2 Suite 630
Salt Lake City, Utah 84107
or by e-mailing us at patientquestions@retinautah.com
State Privacy Rights
Your state may impose specific legal requirements and create privacy rights with respect to personal information, and we will comply with restrictions and any requests you submit as required by applicable law.
When you make a request, we may require that you provide information (such as your name, email address and/or zip code) and follow procedures so that we can verify a request you make and your jurisdiction before responding to it. The verification steps we take may differ depending on your jurisdiction and the request you make. We will match the information that you provide in your request to information we already have on file to verify your identity. If we are able to verify your request, we will process it. If we cannot verify your request, we may ask you for additional information to help us verify your request.
We will respond to your request within the time period required by applicable law. However, we may not always be able to fully comply with your request, and we will notify you in that event when required.
Certain privacy laws permit consumers to use an authorized agent to make privacy rights requests. We require the authorized agent to provide us with proof of the consumer’s written permission (for example, a power of attorney) that shows the authorized agent has the authority to submit a request for the consumer. An authorized agent must follow the process described below to make a request, and we will additionally require the authorized agent to verify his/her own identity and we will confirm the agent’s authority with the consumer about whom the request was made.
You may have specific rights regarding your personal information. This section describes your rights and explains how to exercise those rights.
Right to Know and Data Portability Rights
In certain circumstances, you have the right to request that we disclose certain information to you about our collection and use of your personal information.
Right to Delete
You may have the right to request that we delete the personal information that we collected from you and retained, subject to certain exceptions.
Right to Correct
You may have the right to request that we correct any inaccurate personal information we may hold about you. We will use commercially reasonable efforts to correct inaccurate personal information, taking into account the nature of the personal information and the purpose for our processing.
Right to Appeal
You may have a right to appeal a refusal to take action on a request by contacting us by email at info@retinaconsultantsofamerica.com.
Non-Discrimination
We will not discriminate against you for exercising any of your rights.
Exercising Rights
You may be able to use the Service to access and update the information that you have provided to us through your use of the Service or otherwise. If you would like to request access to such information or that we update, correct, or delete any such information, you may call us at 801-312-2020, or email us at patientquestions@retinautah.com. We will comply with requests you submit as required by applicable law.
Sales/Sharing of Personal Information
We do not currently sell personal information for money or other consideration, nor do we share personal information for cross-context or targeted behavioral advertising. In the preceding 12 months, we used cookies and similar tracking technologies that enabled certain advertising networks, social media companies, analytics services, and other third-party businesses to collect and disclose your personal information directly from your browser or device when you visited or interacted with our Service or otherwise engaged with us online. In some cases, we may have uploaded certain Identifiers to certain partners for advertising or analytics purposes. These “sales” or “sharing” of personal information does not presently occur on our Service.
Notification of change to the privacy policy
We reserve the right to modify this Privacy Policy. Whenever we decide to change this Privacy Policy in a material manner, notice of the change will be posted on the Service for a reasonable period of time or provided to you using other means. Nevertheless, you should review the Privacy Policy from time to time to be sure you are aware of the most recent version. Please be assured that we will only use information in accordance with the Privacy Policy in effect at the time the information was collected, unless we receive your consent.
Effective: [January 31, 2020]
Last updated: [August 21, 2023]
Cookie Policy
Third-Party Links
We do not include or offer third-party products or services on our website. The
website contains links to other information websites belonging to other sites of
interest to our patients and users. We do not control the privacy practices of these
other sites.
Fair Information Practices
The Fair Information Practices Principles form the backbone of privacy law in the
United States and the concepts they include have played a significant role in the
development of data protection laws around the globe. Understanding the Fair
Information Practice Principles and how they should be implemented is critical to
comply with the various privacy laws that protect personal information. In order to
be in line with Fair Information Practices we will take the following responsive
action, should a data breach occur, and we will notify you via email or phone call
within 7 business days.
We are open to receiving comments and questions about this Policy. You may contact us any time by email or by calling us at any of our locations. This policy was updated January of 2021, and we may modify it from time to time. The new provisions become effective as soon as they are posted. Feel free to check this page on occasion to be aware of any changes.