Last updated: June 19, 2021
AMENDMENTS TO POLICY
PERSONAL INFORMATION COLLECTED
Pursuant to our Terms and Conditions, you may be required to register with the Site. All registration information you submit must be true, accurate, current, and complete. This information may include personal data, such as your name, email address, personal account preferences, and Third-Party Content (as defined in our Terms and Conditions) that is obtained through your use of this Site.
We do not intentionally request any sensitive personal information, as defined in applicable local law. Personal information is collected, processed, and used for purposes including, but not limited to, informing you about our events, services, and company that may be of interest to you.
HEALTH INSURANCE PORTABILITY AND ACCOUNTABILITY ACT (HIPAA)
We provide programs and services that may require clients to disclose medical and other sensitive information. We maintain this information for proper diagnosis and treatment, required reporting of health information, and to receive reimbursement for services provided with the individual’s knowledge and consent. Any of this information is handled with the highest degree of confidentiality and privacy consistent with providing the highest quality medical care possible. This information will not be requested by the Site.
Your Contributions, Submissions, Social Network Content, and Third-Party Accounts, as defined in our Terms and Conditions, obtained through your use of this Site is publicly accessible.
PROTECTION OF PERSONAL INFORMATION COLLECTED
Our Information Technology Department maintains an Internet security infrastructure consisting of hardware, software, policies and standards, and department staff responsible for providing technical guidance on internet security. The Information Technology Department monitors compliance with Internet security requirements and function as a computer emergency response team (“CERT”) to respond to any virus infestations, hacker intrusions, and similar events.
The Information Technology Department periodically, and no less than semi-annually conducts risk assessment of each production information system to identify risks and determine vulnerabilities.
Any of this information is handled with the highest degree of confidentiality and privacy consistent with providing the highest quality medical care possible.
DATA SHARING WITH THIRD-PARTIES
USERS LOCATED IN FOREIGN JURISDICTIONS
If you access the Site from the European Union, Asia, or any other region of the world with laws or other requirements governing personal data collection, use, or disclosure that differ from applicable laws in the United States, then through your continued use of the Site, you are transferring your data to the United States, and you expressly consent to have your data transferred to and processed in the United States.
The General Data Protection Regulation (EU) 2016/670 (“GDPR”) applies to the processing of personal data of data subjects who are in the United Kingdom, Switzerland, European Union, Norway, Liechtenstien, and Iceland (collectively, the “Union”) by a controller or processor not established in the Union. For purposes of the GDPR, Vista Maria acts as a Data Controller for your personal information, determining the purpose and means by which data is processed. Please contact us using the Contact Information detailed below to make a complaint or assert your rights, if applicable, under the GDPR. If any complaint with us is not satisfactorily resolved, you can contact the applicable supervisory authority pursuant to Art. 77 GDPR.
The New York Stop Hacks and Improve Electronic Data Security Act (“NY SHIELD”) requires nonprofits to develop and implement a data security program that contains reasonable administrative, technical and physical safeguards for protecting against unauthorized access to personal information of New York residents. NY SHIELD defines personal information to include social security numbers, driver’s license numbers, bank account numbers, credit or debit card numbers, biometric information, and username or e-mail addresses in combination with a password or security questions. We do not intend to receive NY SHIELD personal information, but we acknowledge that this information may be obtained through User Registration as detailed in our Terms and Conditions. Please contact us using the Contact Information detailed below to make a complaint or assert your rights, if applicable, under the NY SHIELD. If any complaint with us is not satisfactorily resolved, you can contact the New York Attorney General.
The California Consumer Privacy Act of 2018 (“CCPA”) applies to general consumer information and the exercise of privacy rights by California consumers and residents. However, the CCPA does not apply to us because the CCPA definition of “business” does not include nonprofit organizations pursuant to CCPA 1798.140(c).
SITE USE BY MINORS
This Site is intended for users who are at least 18 years old. We do not knowingly accept, request, or solicit information from children or knowingly market to children. However, we acknowledge that users who are minors in the jurisdiction in which they reside (generally under the age of 18) may access this Site. We request that minors under the age of 18 do not submit any personal information to us via this Site. We will not knowingly ask minors to provide their personal information.
Therefore, in accordance with the U.S. Children’s Online Privacy Protection Act, 15 U.S.C. 6501-6505, if we receive actual knowledge that anyone under the age of 13 has provided personal information to us without the requisite and verifiable parental consent, we will delete that information from the Site as quickly as is reasonably practical.
In order to resolve a complaint regarding the Site or to receive further information regarding use of the Site, please contact us at:
20651 W. Warren Ave.
Dearborn Heights, MI 48127
Main: (313) 271-3050
Toll-free: (800) 7-VISTA-6