Privacy Policy

Last Updated: September 18, 2024

Our Commitment to You

TWELFTH ONE, LLC, an Arizona limited liability company licensed by the State of Arizona Board of Pharmacy and doing business as “Aspen Infusion” and its subsidiaries are committed to safeguarding the use of your personal information. Aspen Infusion makes reasonable efforts to protect the security and confidentiality of the personal information we have and to ensure that such information is used for proper business purposes in connection with the management or servicing of your account. Our relationship with you is our most important asset. We understand that you have entrusted us with your private information, and we do everything we can to maintain that trust. Details of our approach to privacy and how your personal information is collected and used are set forth in this privacy policy.

When we refer to “personal data” or “personal information” in this notice, we mean any information, data, or data element, whether in electronic or other form, that, alone or in combination with other elements, can be used to distinguish, trace, or discover your identity. Certain data privacy laws include specific elements or defined terms for what they consider to be personal data. Where such data privacy laws apply to our processing of your personal data, then the terms “personal data” and “personal information” includes the specific elements and defined terms required by such laws.

We reserve the right to make changes to this “Privacy Policy” at any time and for any reason. Any changes will be reflected in a revised policy posted on the website “www.AspenInfusion.com”, and we will alert you that there has been a change by updating the “Revised” date displayed on the Privacy Policy. If Aspen Infusion determines that such changes materially affect your privacy rights, we will provide additional notice to you.

Collecting Your Information.

We may collect information about you in a variety of ways but generally speaking it is done either through (1) the information you provide to us, (2) the information we collect from you via automated means or (3) information we receive from third parties. The types of information we may collect include, but are not limited to:

Information You Provide To Us. This is personal information you choose to provide in connection with completing request for a consultation or creating an account such as your name, phone number, address, email, or other activities in which you participate on the Site or services:

  • Name, date of birth, mailing address, telephone number and email address;
  • Billing information, such as credit or debit card number, bank account and routing numbers, and identity verification information that is collected though our payment processors on our behalf;
  • Information about your medical conditions, family medical history, previous types of treatment, lab results and medical records or other related health information;
  • Log-in credentials;
  • Information about purchases or other transactions with Aspen Infusion
  • Information about your customer service and maintenance interactions with us;
  • User-generated content you post in public online forums on our Services;
  • Any other information you choose to directly provide to us in connection with you use of the Services.

Information We Collect About You. Information our servers automatically collect when you visit, use, or browse the Site, such as your IP address, your operating system, browser version, the address of a referring website, the pages you visit on the Site, the dates and times you visit the Site, device and usage information, such as language preferences, referring URLs, country, location, information about how and when you use our services and other technical information. If you access the Site from a mobile device, information about the type of mobile device you use. For more information about the types of cookies used and their purpose, please refer to the cookie policy section below.

Information Collected From Social Media and other Content Platforms. Aspen Infusion maintains a presence on a variety of social media platforms. When you “like” or “follow” us on Facebook, Instagram, Twitter, or other social media platforms, we may collect some information about you. This information includes your name, email address, any comments or content you post that is relevant to Aspen Infusion. We also collect your information if you sign up for a promotion and submit information to us through one of our social media accounts.

Information We Receive From Other Sources. Aspen Infusion works closely with third parties (including, for example, physicians, with whom we partner to provide you with the Services and their healthcare services, subcontractors in software engineering, advertising networks, analytics, and search information providers). These third-parties may provide Aspen Infusion with some additional information about you.

Understanding HIPAA and Your Protected Health Information.
The Health Insurance Portability and Accountability Act of 1996, and for the most part similar state laws (collectively “HIPAA”) applies to specific types of “covered entities.”

Covered Entities under HIPAA are healthcare providers (doctors, clinics, dentists etc.), health plans (e.g, insurance companies) and healthcare clearing houses (specialized entities within the healthcare payments supply chain). Aspen Infusion is a healthcare provider licensed by the State of Arizona Board of Pharmacy and a covered entity under HIPAA. As such, any protected heath information you provide to us as defined by HIPAA (“PHI”), is protected by this Privacy Policy and HIPAA. As part of our treatment, payment, and health care operations, we may receive and or transmit your PHI with laboratories, pharmacies and other licensed healthcare providers with whom we partner to help you make decisions about treatment options and to facilitate our treatment, payment, and health care operations, under HIPAA.

Using Your Information.

Over the past 12 months, the information we have collected from you and the information you have provided to us has been used for the following purposes:

Telehealth Services. Aspen Infusion will use your information as necessary to carry out and manage its telehealth services (“Services”). This includes, scheduling and conducting appointments with your healthcare provider, providing you with access to your medical records, communicating with you about your care, billing you for our services.

General Use. Aspen Infusion will use your information as necessary to carry out and manage its Services. This includes, using your information to verify and administer your account, including processing payments and fulfilling orders (if applicable). We will use your information to communicate with you about Aspen Infusion’s Services, your use of the Services or your inquiries related to the Services. Aspen Infusion will use your information to ensure that content from our Services is presented in the most effective manner for you and for your computer or device, allow you to participate in interactive features of our Services (when you choose to do so), and as part of our efforts to keep our Services safe and secure.

Improve Aspen Infusion’s Services. Aspen Infusion continuously seeks to improve its Services. To do so, in the interest of health care quality improvement, we conduct research to understand the effectiveness of our Services, improve our Services, and to better understand the Aspen Infusion community. If we publish the results of our research to others, such research will be presented in a de-identified and aggregate form such that individual users cannot be identified.

Combined Information. For the purposes discussed in this Privacy Policy, we may combine the information that we collect through the Services with information that we receive from other sources, both online and offline, and use and share such combined information in accordance with this Privacy Policy.

Aggregate/De-Identified Data. We may aggregate and/or de-identify any information collected through the Services so that such information can no longer be linked to you or your device (“Aggregate/De-Identified Information”). We may use Aggregate/De-Identified Information for any purpose, including for research and quality improvement purposes, and may also share such data for health care quality improvement.

Sharing Your Information.

We may share your information with third parties that perform services for or on our behalf for business purposes that include:

Healthcare Providers. We may share your information with healthcare providers in order to schedule and fulfill appointments so that the healthcare providers may provide medical evaluations or personalized consultations. This includes Consultants, Insurance Companies, Pharmacies, and Other healthcare providers involved in your care.

Affiliates & Related Business Entities. We may share the information we collect with our affiliates or related business entities for the purposes of delivering products or services to you, ensuring a consistent level of service, and to enhance our products, services, and your customer experience.

Security and Fraud. We allow third parties to receive personal information from our users to provide both security and fraud protection to Aspen Infusion.

Required By Law. We may share your information as permitted or required by any applicable law in response to a subpoena or other legal process or as we deem necessary to investigate or remedy any actual or potential violation of our policies or to protect the rights, property, and safety of the Aspen Infusion or others, as we deem appropriate.

How We Use Cookies.

The Site may use cookies, web beacons, and other tracking technology, depending on the features offered. Tracking technology is useful for gathering information such as browser type and operating system, tracking the number of visitors to the Site, and understanding how visitors use the Site. Cookies can also help us customize the Site and improve your experience.

If you previously provided personally identifiable information to us, a unique identifier in the cookie may tie the information collected via the cookie to such information. Do Not Track (“DNT”) is a privacy preference that users can set to have their Internet browser automatically send a signal to our online and mobile resources to request we not track browsing activity across different sites. There is, however, currently no universal standard for sending and receiving DNT signals. As such, we cannot promise that we respond to all DNT signals, but we do recognize and respond to them when required by applicable privacy laws, such as when HTTP header fields or Java objects are used. Most web browsers are set to accept cookies by default. You can usually choose to set your browser to disable or reject cookies. Be aware that disabling or rejecting cookies could affect the availability and functionality of the Site or certain portions of the Site. Also, please note that we may still use information we’ve collected from cookies prior to your disabling them; however, we will not collect any further information from the disabled cookies. We use cookies for the following purposes:

Necessary for Performance. These cookies are utilized to operate our website and to recognize and avert potential security threats.

Name Provider Purpose Expiration
_ga Google Analytics This cookie name is associated with Google Universal Analytics – which is a significant update to Google’s more commonly used analytics service. This cookie is used to distinguish unique users by assigning a randomly generated number as a client identifier. It is included in each page request in a site and used to calculate visitor, session and campaign data for the sites analytics reports. 1 year 1 month

Performance & Analytics. These cookies are utilized to gather data regarding your website usage, track website performance, and enhance our website’s performance, services, as well as your overall experience.

Name Provider Purpose Expiration
_ga Google Analytics This cookie name is associated with Google Universal Analytics – which is a significant update to Google’s more commonly used analytics service. This cookie is used to distinguish unique users by assigning a randomly generated number as a client identifier. It is included in each page request in a site and used to calculate visitor, session and campaign data for the sites analytics reports. 1 year 1 month
_ga_D2QR1VPPBM Google Analytics This cookie is used by Google Analytics to persist session state. 1 year 1 month

Security of Your Information.

We have adopted, implemented and maintain an enterprise-wide corporate information security and privacy program that includes technical, organizational, administrative, and other security measures designed to protect, as required by applicable law, against reasonably anticipated or actual threats to the security of your personal information (the “Security Program”). Our Security Program was created with reference to the obligations set forth under the Health Insurance Portability and Accountability Act (“HIPAA”). It includes, among many other things, procedures for assessing the need for, and as appropriate, either employing encryption and multi-factor authentication or using equivalent compensating controls. We therefore have every reason to believe our Security Program is reasonable and appropriate for our business and the nature of foreseeable risks to the personal information we collect. We further periodically review and update our Security Program, including as required by applicable law.

Despite the significant investment we’ve made in, and our commitment to, the Security Program we cannot guarantee that your personal information, whether during transmission or while stored on our systems, otherwise in our care, or the care of our third-party vendors and service providers, will be free from either failed or successful attempts at unauthorized access or that loss or accidental destruction will never occur. Except for our duty under applicable law to maintain the Security Program, we necessarily disclaim, to the maximum extent the law allows, any other liability for any such theft or loss of, unauthorized access or damage to, or interception of any data or communications including personal information.

All that said, as part of our Security Program, we have specific incident response and management procedures that are activated whenever we become aware that your personal information was likely to have been compromised. Those procedures include mechanisms to provide, when circumstances and/or our legal obligations warrant, notice to all affected data subjects within the timeframes required by law, as well as to give them such other mitigation and protection services (such as the credit monitoring and ID theft insurance) as may be required by applicable law. We further require in the contracts with our vendors and business partners that they notify us immediately if they have any reason to believe that an incident adversely affecting personal information we provided to them has occurred.

Policy for Children.

We do not use the Site to solicit information from or contact children under the age of 18. By using the Site, you represent that you are at least 18 years of age. We encourage parents and legal guardians to monitor their children’s internet usage and to instruct their children never to provide personal information through the Site or any other website without parental consent. If you believe a child has provided personal information to us via the Site, please contact us and we will use reasonable efforts to locate and delete the information.

Links to Other Websites and Third Party Practices.

The Site may contain links to third party websites. It is our intent to provide links only to other quality websites. However, we have no control over these linked websites or, for that matter, any third parties. Any information collected by websites, other than the Site, is not covered by this Privacy Policy. We are not responsible for the content or privacy and security practices and policies of any third parties, including other websites that may be linked to or from the Site. We encourage you to read the provisions of privacy policies on other websites before providing them with your personal information.

Submitting Information From Outside The United States

We control and operate the online and mobile resources from within the United States of America (the “U.S.”). Information collected through the Site may be stored and processed in the United States or any other country in which our vendors or we maintain facilities. Although we do not actively block or monitor visitors from other countries, the Site is directed only at visitors from the U.S. As such, this Privacy Policy is consistent with U.S. law and practice and is not adapted to other laws (including European data security and privacy laws). Aspen Infusion will apply the applicable laws of the U.S., including as embodied in this Privacy Policy in place of data protections under your home country’s law. That is, you freely and unambiguously acknowledge that this Privacy Policy, not your home country’s laws, controls how we will collect, store, process, and transfer your personal information. Similarly, the English language version of this Privacy Policy is the controlling version regardless of any translation you may attempt.

Exercise Your Privacy Rights

Aspen Infusion takes privacy seriously. Where applicable, data subjects have certain rights which they can request for Aspen Infusion to fulfill. These requests can be made by either the data subject or an authorized agent. These rights include:

  • The Right to Know. You have the right to request that Aspen Infusion disclose the personal data that Aspen Infusion has collected about you;
  • The Right to Amend. You have the right to correct any information that Aspen Infusion stores about you;
  • The Right to Delete. You have the right to request that Aspen Infusion delete information that it maintains about you, subject to certain exceptions;
  • Any other rights afforded to you under HIPAA and any applicable state privacy law. In order to exercise any of the rights detailed above, please contact us at Info@AspenInfusion.com. We will use your email as proof of verification unless otherwise prohibited. Exercising your rights under this section will not result in any discrimination by Aspen Infusion. We will treat you the same as any other user. If you disagree or dispute a decision that has been made on the scope or application of the rights described in this clause, you may appeal this decision by contacting Info@AspenInfusion.com.

We will respond to your request to exercise any of the above rights in writing (including via email), or orally if requested, as soon as practicable and in any event not more than within one month after receipt of your request. In exceptional cases, we may extend this period by up to two months and we will tell you why. If you would like to exercise any of these rights, please contact us using the contact details provided above.

Retention Period.

Aspen Infusion shall only store personal information for as long as it is required. This is determined by considering the purposes for which it was obtained in accordance with applicable laws. Our retention period is based on (1) the nature of our relationship with the data subject and (2) any legal obligations we are bound to fulfill.

Contact Us.

If you have questions or comments about this Privacy Policy, please contact us at:

COMPANY
Email: Info@AspenInfusion.com
Phone: 480-739-6040
Mail: Aspen Infusion, 2095 S Cooper Rd, Chandler, AZ 85286