Supplemental Privacy Policy and Notice - Additional State Rights

Effective Date: January 31, 2023

Last Updated on: January 31, 2023

This Supplemental Privacy Policy supplements the information contained in BASS Medical Group’s Privacy Policy and applies if you are a resident of the specific state listed herein. This page contains information for additional state laws and regulations regarding privacy rights applicable to residents in the states of Colorado, Connecticut, Utah, and Virginia.

General Notice

We collect information that identifies, relates to, describes, references, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer, household, or device ("personal information"). Personal information does not include:

  • Publicly available information from government records.
  • Deidentified or aggregated consumer information.

In particular, the table below shows the categories of personal information we have collected from consumers and the categories of third-party recipients who we disclose personal information to for a business purpose.

Category
Examples
Collected
Category of Third-Party Recipients
A. Identifiers.
A real name, alias, postal address, unique personal identifier, online identifier, Internet Protocol address, email address, account name.
YES
AFFILIATES

PARTNERS

SERVICE PROVIDERS

OPERATING SYSTEMS AND PLATFORMS

INTERNET COOKIE DATA RECIPIENTS, LIKE GOOGLE ANALYTICS AND GOOGLE ADS

THIRD-PARTY ADVERTISING AND AUDIENCE AND TRAFFIC MEASUREMENT SERVICE PROVIDERS
B. Sensitive personal information.
A name, signature, Social Security number, physical characteristics or description, address, telephone number, passport number, driver's license or state identification card number, insurance policy number, education, employment, employment history, bank account number, credit card number, debit card number, or any other financial information, medical information, or health insurance information.
YES
AFFILIATES

PARTNERS

SERVICE PROVIDERS

OPERATING SYSTEMS AND PLATFORMS

INTERNET COOKIE DATA RECIPIENTS, LIKE GOOGLE ANALYTICS AND GOOGLE ADS

THIRD-PARTY ADVERTISING AND AUDIENCE AND TRAFFIC MEASUREMENT SERVICE PROVIDERS
C. Protected classification characteristics.
Age, race, color, ancestry, national origin, citizenship, religion or creed, marital status, medical condition, physical or mental disability, sex (including gender, gender identity, gender expression, pregnancy or childbirth and related medical conditions), sexual orientation, or veteran or military status.
YES
AFFILIATES

PARTNERS

SERVICE PROVIDERS

OPERATING SYSTEMS AND PLATFORMS

INTERNET COOKIE DATA RECIPIENTS, LIKE GOOGLE ANALYTICS AND GOOGLE ADS

THIRD-PARTY ADVERTISING AND AUDIENCE AND TRAFFIC MEASUREMENT SERVICE PROVIDERS
D. Commercial information.
Records of products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies.
YES
AFFILIATES

PARTNERS

SERVICE PROVIDERS

OPERATING SYSTEMS AND PLATFORMS

INTERNET COOKIE DATA RECIPIENTS, LIKE GOOGLE ANALYTICS AND GOOGLE ADS

THIRD-PARTY ADVERTISING AND AUDIENCE AND TRAFFIC MEASUREMENT SERVICE PROVIDERS
E. Geolocation data.
Physical location.
YES
AFFILIATES

PARTNERS

SERVICE PROVIDERS

OPERATING SYSTEMS AND PLATFORMS

INTERNET COOKIE DATA RECIPIENTS, LIKE GOOGLE ANALYTICS AND GOOGLE ADS

THIRD-PARTY ADVERTISING AND AUDIENCE AND TRAFFIC MEASUREMENT SERVICE PROVIDERS
F. Professional or employment-related information.
Resume and employment application information.
YES
AFFILIATES

PARTNERS

SERVICE PROVIDERS

OPERATING SYSTEMS AND PLATFORMS

We may use, or disclose the personal information we collect for one or more of the following business purposes: 

  • To fulfill or meet the reason you provided the information. For example, if you share your name and contact information to use a function of the Website or to ask a question about our products or services, we will use that personal information to respond to your inquiry. If you provide your personal information to purchase a product or service, we will use that information to process your payment and facilitate delivery. 
  • To provide, support, personalize, and develop our Website, products, and services.
  • To create, maintain, customize, and secure your account with us.
  • To process your requests, purchases, transactions, and payments and prevent transactional fraud.
  • To provide you with support and to respond to your inquiries, including to investigate and address your concerns and monitor and improve our responses.
  • To personalize your Website experience and to deliver content and product and service offerings relevant to your interests (with your consent, where required by law).
  • To help maintain the safety, security, and integrity of our Website, products and services, databases and other technology assets, and business.
  • For testing, research, analysis, and product development, including to develop and improve our Website, products, and services.
  • To respond to law enforcement requests and as required by applicable law, court order, or governmental regulations.
  • As described to you when collecting your personal information.
  • To evaluate or conduct a merger, divestiture, restructuring, reorganization, dissolution, or other sale or transfer of some or all of our assets, whether as a going concern or as part of bankruptcy, liquidation, or similar proceeding, in which personal information held by us about our Website users/consumers is among the assets transferred.

We will not collect additional categories of personal information or use the personal information we collected for materially different, unrelated, or incompatible purposes without providing you notice.

Colorado

Right to Know and Data Portability

You have the right to request that we disclose certain information to you about our collection and use of your personal information. Once we receive your request and confirm your identity (see Exercising Your Rights), we will disclose to you:

  • The categories of personal information we collected about you.
  • The categories of sources for the personal information we collected about you.
  • Our business or commercial purpose for collecting that personal information.
  • The categories of third parties with whom we share that personal information.
  • If we disclosed your personal information for a business purpose, a separate list disclosing:

         - disclosures for a business purpose, identifying the personal information categories that each category of            recipient obtained. 

  • The specific pieces of personal information we collected about you (also called a data portability request), disclosed in a portable format.

Right to Correct

You have the right to request that we correct inaccurate personal information. To exercise this right, see Exercising Your Rights. We may not accommodate a request to change information if we believe the change would violate any law or legal requirement or cause the information to be incorrect.

Right to Delete 

You have the right to request that we delete any of your personal information that we collected from you and retained, subject to certain exceptions (the "right to delete"). Once we receive your request and confirm your identity (see Exercising Your Rights), we will review your request to see if an exception allowing us to retain the information applies. We may deny your deletion request if retaining the information is necessary for us or our service provider(s) to: 

  1. Complete the transaction for which we collected the personal information, provide a good or service that you requested, take actions reasonably anticipated within the context of our ongoing business relationship with you, fulfill the terms of a written warranty or product recall conducted in accordance with federal law, or otherwise perform our contract with you.
  2. Detect security incidents, protect against malicious, deceptive, fraudulent, or illegal activity, or prosecute those responsible for such activities.
  3. Debug products to identify and repair errors that impair existing intended functionality.
  4. Exercise free speech, ensure the right of another consumer to exercise their free speech rights, or exercise another right provided for by law.
  5. Engage in public or peer-reviewed scientific, historical, or statistical research in the public interest that adheres to all other applicable ethics and privacy laws, when the information's deletion may likely render impossible or seriously impair the research's achievement, if you previously provided informed consent.
  6. Enable solely internal uses that are reasonably aligned with consumer expectations based on your relationship with us.
  7. Comply with a legal obligation.
  8. Make other internal and lawful uses of that information that are compatible with the context in which you provided it.

We will delete or deidentify personal information not subject to one of these exceptions from our records and will direct our service providers to take similar action. 

We do not provide these deletion rights for B2B personal information.

Connecticut

Right to Know and Data Portability

You have the right to request that we disclose certain information to you about our collection and use of your personal information. Once we receive your request and confirm your identity (see Exercising Your Rights), we will disclose to you:

  • The categories of personal information we collected about you.
  • The categories of sources for the personal information we collected about you.
  • Our business or commercial purpose for collecting that personal information.
  • The categories of third parties with whom we share that personal information.
  • If we disclosed your personal information for a business purpose, a separate list disclosing:

        - disclosures for a business purpose, identifying the personal information categories that each category of           recipient obtained. 

  • The specific pieces of personal information we collected about you (also called a data portability request), disclosed in a portable format.

Right to Correct

You have the right to request that we correct inaccurate personal information. To exercise this right, see Exercising Your Rights. We may not accommodate a request to change information if we believe the change would violate any law or legal requirement or cause the information to be incorrect.

Right to Delete 

You have the right to request that we delete any of your personal information that we collected from you and retained, subject to certain exceptions (the "right to delete"). Once we receive your request and confirm your identity (see Exercising Your Rights), we will review your request to see if an exception allowing us to retain the information applies. We may deny your deletion request if retaining the information is necessary for us or our service provider(s) to: 

  1. Complete the transaction for which we collected the personal information, provide a good or service that you requested, take actions reasonably anticipated within the context of our ongoing business relationship with you, fulfill the terms of a written warranty or product recall conducted in accordance with federal law, or otherwise perform our contract with you.
  2. Detect security incidents, protect against malicious, deceptive, fraudulent, or illegal activity, or prosecute those responsible for such activities.
  3. Debug products to identify and repair errors that impair existing intended functionality.
  4. Exercise free speech, ensure the right of another consumer to exercise their free speech rights, or exercise another right provided for by law.
  5. Engage in public or peer-reviewed scientific, historical, or statistical research in the public interest that adheres to all other applicable ethics and privacy laws, when the information's deletion may likely render impossible or seriously impair the research's achievement, if you previously provided informed consent.
  6. Enable solely internal uses that are reasonably aligned with consumer expectations based on your relationship with us.
  7. Comply with a legal obligation.
  8. Make other internal and lawful uses of that information that are compatible with the context in which you provided it.

We will delete or deidentify personal information not subject to one of these exceptions from our records and will direct our service providers to take similar action. 

We do not provide these deletion rights for B2B personal information.

Utah

Right to Know and Data Portability

You have the right to request that we disclose certain information to you about our collection and use of your personal information. Once we receive your request and confirm your identity (see Exercising Your Rights), we will disclose to you:

  • The categories of personal information we collected about you.
  • The categories of sources for the personal information we collected about you.
  • Our business or commercial purpose for collecting that personal information.
  • The categories of third parties with whom we share that personal information.
  • If we disclosed your personal information for a business purpose, a separate list disclosing:

        - disclosures for a business purpose, identifying the personal information categories that each category of           recipient obtained. 

  • The specific pieces of personal information we collected about you (also called a data portability request), disclosed in a portable format.

Right to Delete 

You have the right to request that we delete any of your personal information that we collected from you and retained, subject to certain exceptions (the "right to delete"). Once we receive your request and confirm your identity (see Exercising Your Rights), we will review your request to see if an exception allowing us to retain the information applies. We may deny your deletion request if retaining the information is necessary for us or our service provider(s) to: 

  1. Complete the transaction for which we collected the personal information, provide a good or service that you requested, take actions reasonably anticipated within the context of our ongoing business relationship with you, fulfill the terms of a written warranty or product recall conducted in accordance with federal law, or otherwise perform our contract with you.
  2. Detect security incidents, protect against malicious, deceptive, fraudulent, or illegal activity, or prosecute those responsible for such activities.
  3. Debug products to identify and repair errors that impair existing intended functionality.
  4. Exercise free speech, ensure the right of another consumer to exercise their free speech rights, or exercise another right provided for by law.
  5. Engage in public or peer-reviewed scientific, historical, or statistical research in the public interest that adheres to all other applicable ethics and privacy laws, when the information's deletion may likely render impossible or seriously impair the research's achievement, if you previously provided informed consent.
  6. Enable solely internal uses that are reasonably aligned with consumer expectations based on your relationship with us.
  7. Comply with a legal obligation.
  8. Make other internal and lawful uses of that information that are compatible with the context in which you provided it.

We will delete or deidentify personal information not subject to one of these exceptions from our records and will direct our service providers to take similar action. 

We do not provide these deletion rights for B2B personal information.

Virginia

Right to Know and Data Portability

You have the right to request that we disclose certain information to you about our collection and use of your personal information. Once we receive your request and confirm your identity (see Exercising Your Rights), we will disclose to you:

  • The categories of personal information we collected about you.
  • The categories of sources for the personal information we collected about you.
  • Our business or commercial purpose for collecting that personal information.
  • The categories of third parties with whom we share that personal information.
  • If we disclosed your personal information for a business purpose, a separate list disclosing:

        - disclosures for a business purpose, identifying the personal information categories that each category of           recipient obtained. 

  • The specific pieces of personal information we collected about you (also called a data portability request), disclosed in a portable format.

Right to Correct

You have the right to request that we correct inaccurate personal information. To exercise this right, see Exercising Your Rights. We may not accommodate a request to change information if we believe the change would violate any law or legal requirement or cause the information to be incorrect.

Right to Delete 

You have the right to request that we delete any of your personal information that we collected from you and retained, subject to certain exceptions (the "right to delete"). Once we receive your request and confirm your identity (see Exercising Your Rights), we will review your request to see if an exception allowing us to retain the information applies. We may deny your deletion request if retaining the information is necessary for us or our service provider(s) to: 

  1. Complete the transaction for which we collected the personal information, provide a good or service that you requested, take actions reasonably anticipated within the context of our ongoing business relationship with you, fulfill the terms of a written warranty or product recall conducted in accordance with federal law, or otherwise perform our contract with you.
  2. Detect security incidents, protect against malicious, deceptive, fraudulent, or illegal activity, or prosecute those responsible for such activities.
  3. Debug products to identify and repair errors that impair existing intended functionality.
  4. Exercise free speech, ensure the right of another consumer to exercise their free speech rights, or exercise another right provided for by law.
  5. Engage in public or peer-reviewed scientific, historical, or statistical research in the public interest that adheres to all other applicable ethics and privacy laws, when the information's deletion may likely render impossible or seriously impair the research's achievement, if you previously provided informed consent.
  6. Enable solely internal uses that are reasonably aligned with consumer expectations based on your relationship with us.
  7. Comply with a legal obligation.
  8. Make other internal and lawful uses of that information that are compatible with the context in which you provided it.

We will delete or deidentify personal information not subject to one of these exceptions from our records and will direct our service providers to take similar action. 

We do not provide these deletion rights for B2B personal information.

Exercising Your Rights

To exercise your rights described above, please submit a request by either: 

Only you, or someone legally authorized to act on your behalf, may make a request related to your personal information. 

You may also make a request on behalf of your child by one of the above methods. 

Your request must:

  • Provide sufficient information that allows us to reasonably verify you are the person about whom we collected personal information or an authorized representative, which may include:

           - If you maintain a password-protected account, we may verify your identity through our existing authentication              practices for your account;

           - Match the requester's identification information to the personal information already kept by the business;

           - If the requester does not have a password-protected account, identity verification is subject to different              standards depending on the nature of the request and type of personal information at issue. 

  • Describe your request with sufficient detail that allows us to properly understand, evaluate, and respond to it.

We cannot respond to your request or provide you with personal information if we cannot verify your identity or authority to make the request and confirm the personal information relates to you. 

You do not need to create an account with us to submit a request. However, we do consider requests made through your password protected account sufficiently verified when the request relates to personal information associated with that specific account.

We will only use personal information provided in the request to verify the requestor's identity or authority to make it.

For residents of Colorado, Connecticut, and Virginia, you may appeal our decision regarding a request related to these rights by writing to us at the addresses for our contact information listed below.

Retention of Personal Information

We will retain your information for as long as is reasonably necessary for the purposes set out above, considering criteria such as applicable rules on statute of limitations, the sensitivity of the relevant information, and the duration of your use of the Website. We also retain your information as reasonably necessary to comply with our legal obligations and enforce our terms and policies.

Contact Information

If you have any questions or comments about this notice, the ways in which BASS Medical Group collects and uses your information described here and in the Privacy Policy, your choices and rights regarding such use, or wish to exercise your rights under state law, please do not hesitate to contact us at:

Website: https://www.bassmedicalgroup.com/

https://www.basscancercenter.com/

https://www.bassadvancedurgentcare.com/  

https://www.herniainnovations.com/

Email: legal@bassmedicalgroup.com

Postal Address

BASS Medical Group 

2637 Shadelands Drive, Walnut Creek, CA 94598 

If you need to access this Policy in an alternative format due to having a disability, please contact us by email at legal@bassmedicalgroup.com or by phone at (925) 350-4044.

Find the BASS location nearest to you

Monday through Friday — 8:00 AM to 5:00 PM
Find a location

Subscribe to our newsletter!

Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.