Privacy Policy

Introduction
This Privacy Policy applies to the collection, use, and disclosure of personal information by Elisa
C. Alvarado M.D. Inc. (“we,” “us,” or “our”) from individuals (“you” or “your”) who interact with us
or use our services, in accordance with the privacy laws of California. This policy outlines our
practices regarding the processing of your personal data and your rights concerning your
information.

Who We Are
This Privacy Policy is issued by Elisa C. Alvarado M.D. Inc. a company registered in California.
We are committed to protecting and respecting your privacy. This policy sets out the basis on
which any personal data we collect from you, or that you provide to us, will be processed by us.
Information We Collect
This Privacy Policy describes the types of information we, as Elisa C. Alvarado M.D. Inc., collect
from you, and how we use, maintain, protect, and disclose that information. This policy applies
to information we collect:
• In email, text, and other electronic messages between you and us.
• Through mobile and desktop applications you download from us, which provide
dedicated non-browser-based interaction between you and us.
• When you interact with our advertising and applications on third-party websites and
services if those applications or advertising include links to this policy.
• Directly from you when you provide it to us.
Information collected may include, but is not limited to, your name, address, email address,
phone number, age, and any other information you choose to provide. We may also collect
information about your internet connection, the equipment you use to access our services, and
usage details.
Collection, Use, and Disclosure of Protected Health Information
(PHI)
In the course of providing our services, Elisa C. Alvarado M.D. Inc. may collect, use, and
disclose Protected Health Information (PHI) as defined under the Health Insurance Portability
and Accountability Act (HIPAA) of 1996 and its implementing regulations. This section outlines
our practices regarding PHI to ensure compliance with HIPAA and protect the privacy and
security of your health information.
Collection of PHI
We may collect PHI directly from you, through our services, or from other healthcare providers
or entities as authorized by you or as permitted by law. PHI includes any information about your
health status, provision of health care, or payment for health care that can be linked to you. This
may include medical records, billing information, and any other information deemed as PHI
under HIPAA.
Use of PHI
We use your PHI to provide, coordinate, or manage your health care and any related services.
This includes the coordination or management of health care with a third party, consultation
between healthcare providers relating to your care, or the referral of you to another healthcare
provider. PHI may also be used for payment purposes, such as when we submit requests for
payment to health insurance providers, and for healthcare operations, including quality
assessments, employee review activities, training programs, accreditation, certification,
licensing, or credentialing activities.
Disclosure of PHI
We may disclose your PHI to third parties for the purposes of providing or coordinating your
health care, to third-party service providers that perform functions on our behalf, or as otherwise
permitted or required by law. Disclosures of PHI for the purposes of health care operations,
payment, or treatment may be made without your consent. However, we will obtain your written
authorization before using or disclosing your PHI for purposes not described in this policy, such
as marketing purposes or before selling your PHI.
We may also disclose PHI when required by law, such as in response to a court order or
subpoena. In the event of a merger or acquisition, your PHI may be transferred to another entity,
provided the entity agrees to be bound by the terms of this Privacy Policy and applicable HIPAA
regulations.
Your Rights Regarding PHI
Under HIPAA, you have certain rights regarding the PHI we maintain about you. These rights
include the right to request access to your PHI, request amendments to your PHI, request an
accounting of disclosures of your PHI, request restrictions on certain uses and disclosures of
your PHI, and the right to receive confidential communications of PHI.
Safeguards for PHI
We implement administrative, physical, and technical safeguards designed to protect your PHI
from unauthorized access, use, or disclosure. We regularly review our security policies and
procedures to ensure the protection of PHI.
How We Use Your Information
Your personal information is used by us in various ways to provide and improve our services.
Specifically, we use your information to:
• Communicate with you about our services, including updates, security alerts, and
support messages.
• Enhance and personalize your user experience.
• Conduct analytics and research to improve and innovate our services.
• Comply with legal obligations and enforce our terms and conditions.
• Protect against fraud, illegal activities, and any potential threats to our services or users.
We are committed to handling your personal information in accordance with this Privacy Policy
and applicable laws of California.
Information Sharing and Disclosure
Your privacy is critically important to us. In order to provide and improve our services, there are
certain circumstances under which we may need to share or disclose your personal information.
Below are the situations where your information may be shared:
• With service providers: We engage certain trusted third parties to perform functions
and provide services to us, including, without limitation, hosting and maintenance, error
monitoring, customer support, billing, and payment processing. We will share your
personal information with these third parties, but only to the extent necessary to perform
these services.
• For legal reasons: We may disclose your information if required to do so by law or in
the good faith belief that such action is necessary to (i) comply with a legal obligation, (ii)
protect and defend our rights or property, (iii) act in urgent circumstances to protect the
personal safety of users of the services or the public, or (iv) protect against legal liability.
• In the event of a business transfer: If we are involved in a merger, acquisition, or asset
sale, your personal information may be transferred. We will provide notice before your
personal information is transferred and becomes subject to a different privacy policy.
• With your consent: We may share your information with third parties when we have
your explicit consent to do so.
This clause is in compliance with the privacy laws and regulations of the jurisdiction of
California.
Your Rights
This Privacy Policy outlines the rights of Yours under the jurisdiction of California, including but
not limited to the right to access, the right to deletion, the right to data portability, and the right to
non-discrimination in the treatment of their personal information.
• Right to Access: Yours have the right to request access to their personal information
held by Elisa C. Alvarado M.D. Inc.. This includes the right to know the categories of
personal information collected, the sources from which it was collected, the purpose for
the collection, and the categories of third parties with whom the information is shared.
• Right to Deletion: Yours have the right to request the deletion of their personal
information held by Elisa C. Alvarado M.D. Inc., subject to certain exceptions as provided
by law.
• Right to Data Portability: Upon request, Yours have the right to receive their personal
information in a structured, commonly used, and machine-readable format, and have the
right to transmit that information to another entity without hindrance from Elisa C.
Alvarado M.D. Inc..
• Right to Non-Discrimination: Yours have the right to not be discriminated against for
exercising any of their rights under California law, including but not limited to denial of
goods or services, charging different prices or rates for goods or services, providing a
different level or quality of goods or services, or suggesting that the Your will receive a
different price or rate for goods or services or a different level or quality of goods or
services.
Data Retention
In compliance with applicable data protection laws and regulations within the jurisdiction of
California, including but not limited to the California Consumer Privacy Act (CCPA), Elisa C.
Alvarado M.D. Inc. shall retain personal data collected from Yours for no longer than is
necessary for the purposes for which the personal data are processed. The retention period for
personal data will be determined based on the following criteria:
1. The length of time necessary to fulfill the purposes for which the personal data was
collected, including for the provision of services or compliance with legal obligations.
2. Any statutory or legal obligations requiring the retention of personal data for a specific
period of time.
3. The necessity to retain personal data for the establishment, exercise, or defense of legal
claims.
Upon the expiration of the retention period, Elisa C. Alvarado M.D. Inc. will take appropriate
measures to delete or anonymize personal data in a manner that complies with the applicable
legal and regulatory requirements.
Security Measures
In compliance with applicable data protection laws, including but not limited to the California
Consumer Privacy Act (CCPA), Elisa C. Alvarado M.D. Inc. implements and maintains
reasonable security procedures and practices appropriate to the nature of the information to
protect the personal information from unauthorized access, destruction, use, modification, or
disclosure.
These security measures include, but are not limited to, physical, technical, and administrative
safeguards designed to maintain the confidentiality, integrity, and availability of personal
information. Elisa C. Alvarado M.D. Inc. regularly reviews and updates its security practices to
ensure the ongoing protection of personal information.
Yours have the right to inquire about the security measures in place for the protection of their
personal information. Requests for such information can be directed to Elisa C. Alvarado M.D.
Inc.’s designated contact point for privacy matters.
Third-Party Service Providers
In the course of providing our services, we may engage third-party service providers to perform
functions and provide services to us. These third-party service providers may have access to
personal information needed to perform their functions but are restricted from using it for
purposes other than providing services to us.
We take reasonable steps to ensure that these third-party service providers are obligated to
protect personal information on our behalf. However, we are not liable for the acts and
omissions of these third-party service providers, except as provided by law.
International Data Transfers
This Privacy Policy outlines the practices of Elisa C. Alvarado M.D. Inc. (“we”, “us”, or “our”)
regarding the transfer of personal data from the European Economic Area (EEA), the United
Kingdom (UK), or Switzerland to countries outside of those territories, which may not offer the
same level of data protection. We are committed to protecting your personal data and ensuring
that any transfer of such data outside of the EEA, UK, or Switzerland is conducted in
compliance with applicable data protection laws.
To ensure the lawful transfer of personal data to countries outside of the EEA, UK, or
Switzerland, we rely on a variety of legal mechanisms, including but not limited to:
1. Standard Contractual Clauses approved by the European Commission;
2. Binding Corporate Rules;
3. Consent of the individual to whom the personal data pertains;
4. Other mechanisms as permitted under applicable data protection laws.
We take all reasonable precautions to ensure that your personal data is treated securely and in
accordance with this Privacy Policy and the applicable data protection laws when it is
transferred internationally. This may include implementing appropriate safeguards such as data
processing agreements that include standard contractual clauses, or ensuring that the recipients
of your personal data are certified under appropriate frameworks such as the Privacy Shield
framework for transfers to the United States.
If you have any questions or concerns about our practices regarding international data transfers,
please contact us at [contact information].
Children’s Privacy
This Privacy Policy reflects our commitment to protecting the privacy of children who interact
with our services. We do not knowingly collect, use, or disclose personal information from
children under the age of 13 without verifiable parental consent. If we become aware that we
have collected personal information from a child under 13 without verification of parental
consent, we will take steps to remove that information from our servers.
Furthermore, if you believe that we might have any information from or about a child under 13,
please contact us immediately. We encourage parents and guardians to observe, participate in,
and/or monitor and guide their online activity.
Changes to This Privacy Policy
We reserve the right to update or change our Privacy Policy at any time and you should check
this Privacy Policy periodically. Your continued use of the Service after we post any
modifications to the Privacy Policy on this page will constitute your acknowledgment of the
modifications and your consent to abide and be bound by the modified Privacy Policy.
If we make any material changes to this Privacy Policy, we will notify you either through the
email address you have provided us, or by placing a prominent notice on our website.
Contact Information
If you have any questions or concerns regarding this Privacy Policy or the handling of your
personal information, please contact our Privacy Officer using the following details:
• Email: ECAOFFICE@ECAMDINC.COM
• Phone: 626-584-0026
• Postal Address: 630 S. Raymond Ave, Ste. 340, Pasadena, CA 91105
This contact information is provided to ensure transparency and facilitate the exercise of Yours’
rights under the applicable data protection laws in California. Yours may use these contact
details to inquire about their personal information, request access to their data, seek correction,
request deletion, object to processing, and exercise other rights as afforded by the California
Consumer Privacy Act (CCPA) and other relevant legislation.
Governing Law and Jurisdiction
This Privacy Policy shall be governed by and construed in accordance with the laws of the State
of California, United States of America, without regard to its conflict of law provisions. The
parties agree to submit to the personal jurisdiction of the federal and state courts located in
California for any disputes that arise out of or relate to this Privacy Policy.
In addition, this Privacy Policy shall be compliant with applicable U.S. federal laws, including but
not limited to the HIPAA, as well as applicable California state privacy laws. Elisa C. Alvarado
M.D. Inc. commits to adhere to these regulations in the collection, use, and protection of
personal information to ensure the privacy and security of the Your information.