Diet vs. Disease Website Privacy Policy

Mint Nutrition LLC (“Mint Nutrition”) and its subsidiaries are committed to safeguarding the use of your personal information that we have. Mint Nutrition (referred to as “we”, “our”, and “us” throughout this notice) makes reasonable efforts to protect the security and confidentiality of the personal information we have and to ensure that such information is used for proper business purposes in connection with the management or servicing of your account. Our relationship with you is our most important asset. We understand that you have entrusted us with your private information, and we do everything we can to maintain that trust. Details of our approach to privacy and how your personal information is collected and used are set forth in this privacy policy.

When we refer to “personal data” or “personal information” in this notice, we mean any information, data, or data element, whether in electronic or other form, that, alone or in combination with other elements, can be used to distinguish, trace, or discover your identity. Certain data privacy laws include specific elements or defined terms for what they consider to be personal data. Where such data privacy laws apply to our processing of your personal data, then the terms “personal data” and “personal information” includes the specific elements and defined terms required by such laws.

We reserve the right to make changes to this privacy policy (“Privacy Policy”) at any time and for any reason. Any changes will be reflected in a revised policy posted on the website https://www.dietvsdisease.org (“Website”, “Site”) and we will alert you that there has been a change by updating the “Revised” date displayed on the Privacy Policy. If Mint Nutrition determines that such changes materially affect your privacy rights, we will provide additional notice to you.

Where Do We Get Your Personal Information From, What Categories Do We Collect, And How Do We Use And Share It?

The table immediately below provides detailed listing, on a category-by-category basis, of the types of personal information we collect or obtain, how we do so, and the ways in which we use and share it. In the remainder of this section we proved a more detailed description of each respective category and type of sharing. By using our online and mobile resources, you are signifying to us that you agree with this section of our privacy statement and that we may use and share your information as described.

Categories Of Personal Information Business Purpose Categories Of Sources Categories Of Third Parties
General IdentifiersTransaction Processing
Promotions
General Marketing
Tailored Marketing
Branded Messaging
Customer Service
Member Servicing
Product Safety
Know Our Customer
Verification
Voluntary Submission
External Sources
Corporate Affiliates And Franchisees
Promotional Or Fulfillment Vendors
Marketing Support Vendors
Transaction Support Vendors / Payment Processors
Protected CharacteristicsTransaction Processing
Promotions
General Marketing
Tailored Marketing
Member Servicing
Branded Messaging
Know Our Customer
Voluntary SubmissionCorporate Affiliates And Franchisees
Promotional Or Fulfillment Vendors
Marketing Support Vendors
Commercial InformationTransaction Processing
Promotions
General Marketing
Tailored Marketing
Member Servicing
Branded Messaging
Product Safety
Customer Service
External SourcesLaw Enforcement Or Government
Promotional Or Fulfillment Vendors
Marketing Support Vendors
Transaction Support Vendors / Payment Processors
Internet Activity DataTailored Marketing
User Experience
Know Our Customer
Technical Security
Debugging
Detect And Prevent Unlawful Acts
Verification
Voluntary Submission
Automatic Collection
External Sources
Corporate Affiliates And Franchisees
Promotional Or Fulfillment Vendors
Marketing Support Vendors
Transaction Support Vendors / Payment Processors
Geolocation DataMember Servicing
Branded Messaging
Tailored Marketing
User Experience
Know Our Customer
Technical Security
Debugging
Detect And Prevent Unlawful Acts
Voluntary Submission
Automatic Collection
External Sources
Corporate Affiliates And Franchisees
Promotional Or Fulfillment Vendors
Marketing Support Vendors
Transaction Support Vendors / Payment Processors
Financial DataTransaction Processing
Member Servicing
Voluntary SubmissionCorporate Affiliates And Franchisees
Transaction Support Vendors / Payment Processors
Audio/Visual DataTransaction Processing
Physical Security
Verification
Voluntary Submission
Automatic Collection
Voluntary Submission
Corporate Affiliates And Franchisees
Law Enforcement Or Government
Transaction Support Vendors / Payment Processors
Consumer Health DataTailored Marketing
Telehealth Services
User Experience
Know Our Customer
Voluntary Submission
Automatic Collection
Corporate Affiliates And Franchisees
Promotional Or Fulfillment Vendors
Ad-tech Partners
Marketing Support Vendors
Transaction Support Vendors / Payment Processors

Collecting Your Information. We may collect information about you in a variety of ways but generally speaking it is done either through (1) the information you provide to us, (2) the information we collect from you via automated means or (3) information we receive from third parties. The types of information we may collect include, but are not limited to:

Information You Provide To Us. This is personal information you choose to provide in connection with completing request for a consultation or creating an account such as your name, phone number, address, email, or other activities in which you participate on the Site or services:

  • Name, date of birth, mailing address, telephone number and email address;
  • Billing information, such as credit or debit card number, bank account and routing numbers, and identity verification information that is collected though our payment processors on our behalf;
  • Information about your medical conditions, family medical history, previous types of treatment, lab results and medical records or other related health information;
  • Log-in credentials;
  • Information about purchases or other transactions with Mint Nutrition
  • Information about your customer service and maintenance interactions with us;
  • User-generated content you post in public online forums on our Services; and
  • Any other information you choose to directly provide to us in connection with you use of the Services.

The categories of personal information we have collected from visitors and users of our online and mobile resources in the previous 12 months, and may collect from you, are as follows, some elements of which, such as social security numbers, may be considered “sensitive information” under applicable law:

  • General Identifiers such as a real name, alias, postal address, signature or unique personal identifier, physical characteristics or description, online identifier, Internet Protocol address, email address, account name, social security number, driver’s license number, passport number, or other similar identifiers.
  • Financial Data such as bank account number or any other information needed to complete a transaction with us that involves payment
  • Protected Characteristics such as gender, ethnicity, language preference age and the like.
  • Commercial Information including records of products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies.
  • Internet Activity Data or other similar electronic network activity information, such as browsing history, search history, and information regarding a consumer’s interaction with an internet website, application, or advertisement regardless of device type used be it a personal computer, cell phone or other mobile device.
  • Geolocation Data such as global position data, commonly referred to as “GPS location” of mobile devices.
  • Audio/Visual Data such as video or other electronic recordings such as recordings of phone calls, video surveillance in physical stores, access to phone camera to scan and input transaction details.
  • Inference Data drawn using the above-described personal information to create a profile reflecting our customers’ preferences.
  • Consumer Health Data defined by consumer health laws such as Washington’s My Health My Data, this is either user submitted data or inferential data that can be made by third parties based on the nature of the Website that may include data related to an individual’s health conditions or data related to individual’s past, present, or future physical or mental health.

Information We Collect About You. Information our servers automatically collect when you visit, use, or browse the Site, such as your IP address, your operating system, browser version, the address of a referring website, the pages you visit on the Site, the dates and times you visit the Site, device and usage information, such as language preferences, referring URLs, country, location, information about how and when you use our services and other technical information. If you access the Site from a mobile device, information about the type of mobile device you use.

Information Collected From Social Media and other Content Platforms. Mint Nutrition maintains a presence on a variety of social media platforms. When you “like” or “follow” us on Facebook, Instagram, Twitter, or other social media platforms, we may collect some information about you. This information includes your name, email address, any comments or content you post that is relevant to Mint Nutrition. We also collect your information if you sign up for a promotion and submit information to us through one of our social media accounts.

Information We Receive From Other Sources. Mint Nutrition works closely with third parties (including, for example, physicians, with whom we partner to provide you with the Services and their healthcare services, subcontractors in software engineering, advertising networks, analytics, and search information providers). These third-parties may provide Mint Nutrition with some additional information about you.

Understanding HIPAA and Your Protected Health Information.

The Health Insurance Portability and Accountability Act of 1996, and for the most part similar state laws (collectively “HIPAA”) applies to specific types of “covered entities”; it does not automatically apply to data even if that data is health or medical data.

Covered Entities under HIPAA are healthcare providers (doctors, clinics, dentists etc.), health plans (e.g, insurance companies) and healthcare clearing houses (specialized entities within the healthcare payments supply chain).  Mint Nutrition is an ecommerce platform that does not meet any of those definitions as itnot a healthcare provider nor does it operate a health plan or clearinghouse and is therefore not a covered entity under HIPAA. As such, any data you provide to us, even health or medical data, is as between you and Mint Nutrition protected by this Privacy Policy instead of HIPAA. However, once accessed by or in the possession of the labs, pharmacies and licensed healthcare providers with whom we partner to help you make decisions about treatment options, that data becomes subject to HIPAA because those entities are (with some exceptions) “covered entities” under HIPAA.

What does this mean for you in practical terms? When you view our Site, sign-up for newsletters or otherwise provide data before you create an account, you are interacting solely and directly with Mint Nutrition and no data you provide is subject to HIPAA. 

Similarly, when you create an account, the basic information you provide, like your name, email address, shipping address, phone number, and some transactional data, is not “protected health information” subject to HIPAA 

When you take the next step after creating an account and begin the process of submitting information about conditions or issues you may want addressed by the products available on our Site, the information you provide will be accessed by a licensed healthcare provider.

Using Your Information. Over the past 12 months, the information we have collected from you and the information you have provided to us has been used for the following purposes:

Telehealth Services. Mint Nutrition will use your information as necessary to carry out and manage its telehealth services (“Services”). This includes, scheduling and conducting appointments with a healthcare providers, providing you with access to your medical records, communicating with you about your care, billing you for our services.

General Use. Mint Nutrition will use your information as necessary to carry out and manage its Services. This includes, using your information to verify and administer your account, including processing payments and fulfilling orders (if applicable). We will use your information to communicate with you about Mint Nutrition’s Services, your use of the Services or your inquiries related to the Services. Mint Nutrition will use your information to ensure that content from our Services is presented in the most effective manner for you and for your computer or device, allow you to participate in interactive features of our Services (when you choose to do so), and as part of our efforts to keep our Services safe and secure.

Improve Mint Nutrition’s Services. Mint Nutrition continuously seeks to improve its Services. To do so, we conduct research to understand the effectiveness of our Services, improve our Services, and to better understand the Mint Nutrition community. If we publish the results of our research to others, such research will be presented in a de-identified and aggregate form such that individual users cannot be identified.

Promotional Communications. We will use your personal information to communicate with you by email, postal mail, phone, or text message about surveys, promotions, special events or our products and Services and those of our affiliates or third-party partners, and any of their related businesses. By creating an account and using this Website, you are giving your express permission to Mint Nutrition and their agents or vendors the right to contact you with targeted advertising materials by email, text message (SMS), telephone or cellphone, including the use of automated, predictive, programmable, or similar (“robodialers”) dialers or dialing software, or any other means of communication to provide promotional offers. To the extent applicable, you expressly acknowledge that you are solely responsible for all charges billed by your mobile

Marketing/Performance Analysis & Data Analytics. We will use your information to help us better understand your interests and needs, such as by engaging in analysis and research regarding use of the Services. We may use your information to measure or understand the effectiveness of advertising and content we serve to you and others, and to deliver and customize relevant advertising and content to you.

Combined Information. For the purposes discussed in this Privacy Policy, we may combine the information that we collect through the Services with information that we receive from other sources, both online and offline, and use and share such combined information in accordance with this Privacy Policy.

Aggregate/De-Identified Data. We may aggregate and/or de-identify any information collected through the Services so that such information can no longer be linked to you or your device (“Aggregate/De-Identified Information”). We may use Aggregate/De-Identified Information for any purpose, including for research and marketing purposes, and may also share such data with any third parties, including advertisers, promotional partners, and sponsors.

Sharing Your Information.

We may share your information with third parties that perform services for or on our behalf for business purposes that include:

Healthcare Providers. We may share your information with healthcare providers in order to schedule and fulfill appointments so that the healthcare providers may provide medical evaluations or personalized consultations. This includes consultants, insurance companies, pharmacies, and other healthcare providers involved in your care.

Affiliates & Related Business Entities. We may share the information we collect with our affiliates or related business entities for the purposes of delivering products or services to you, ensuring a consistent level of service, and to enhance our products, services, and your customer experience.

Service Providers and Third Party Partners. We may allow selected service providers or processors, such as Google Analytics to use tracking technology on the Site, which will enable them to collect information about how you use the Site over time. This information may be used to, among other things, analyze and track data, determine the popularity of certain content, and better understand your online activity.

Transfer of Assets. If we reorganize or otherwise transfer some or all of the Site or our assets to another organization (such as in the course of a merger, dissolution, or liquidation), your information may be shared with the transferee; however, we will ask the transferee to honor commitments we made in this Privacy Policy.

Targeted Advertising. We do not share or sell your personal information for monetary consideration or value. If you are a Washington resident, Mint Nutrition shall only share your Consumer Health Data if you have provided your consent.  Mint Nutrition does not exchange Consumer Health Data for monetary or other valuable consideration.

Security and Fraud. We allow third parties to receive personal information from our users to provide both security and fraud protection to Mint Nutrition.

Required By Law. We may share your information as permitted or required by any applicable law in response to a subpoena or other legal process or as we deem necessary to investigate or remedy any actual or potential violation of our policies or to protect the rights, property, and safety of the  Mint Nutrition or others, as we deem appropriate.

Security of Your Information. 

We have adopted, implemented and maintain an enterprise-wide corporate information security and privacy program that includes technical, organizational, administrative, and other security measures designed to protect, as required by applicable law, against reasonably anticipated or actual threats to the security of your personal information (the “Security Program”). Our Security Program was created with reference to the obligations set forth under the Health Insurance Portability and Accountability Act (“HIPAA”). It includes, among many other things, procedures for assessing the need for, and as appropriate, either employing encryption and multi-factor authentication or using equivalent compensating controls. We therefore have every reason to believe our Security Program is reasonable and appropriate for our business and the nature of foreseeable risks to the personal information we collect. We further periodically review and update our Security Program, including as required by applicable law.

Despite the significant investment we’ve made in, and our commitment to, the Security Program we cannot guarantee that your personal information, whether during transmission or while stored on our systems, otherwise in our care, or the care of our third-party vendors and service providers, will be free from either failed or successful attempts at unauthorized access or that loss or accidental destruction will never occur. Except for our duty under applicable law to maintain the Security Program, we necessarily disclaim, to the maximum extent the law allows, any other liability for any such theft or loss of, unauthorized access or damage to, or interception of any data or communications including personal information.

All that said, as part of our Security Program, we have specific incident response and management procedures that are activated whenever we become aware that your personal information was likely to have been compromised. Those procedures include mechanisms to provide, when circumstances and/or our legal obligations warrant, notice to all affected data subjects within the timeframes required by law, as well as to give them such other mitigation and protection services (such as the credit monitoring and ID theft insurance) as may be required by applicable law. We further require in the contracts with our vendors and business partners that they notify us immediately if they have any reason to believe that an incident adversely affecting personal information we provided to them has occurred.

Policy for Children. 

We do not use the Site to solicit information from or market to children under the age of 18. By using the Site, you represent that you are at least 18 years of age. We encourage parents and legal guardians to monitor their children’s internet usage and to instruct their children never to provide personal information through the Site or any other website without parental consent. If you believe a child has provided personal information to us via the Site, please contact us and we will use reasonable efforts to locate and delete the information.

Links to Other Websites and Third Party Practices. 

The Site may contain links to third party websites. It is our intent to provide links only to other quality websites. However, we have no control over these linked websites or, for that matter, any third parties. Any information collected by websites, other than the Site, is not covered by this Privacy Policy. We are not responsible for the content or privacy and security practices and policies of any third parties, including other websites that may be linked to or from the Site. We encourage you to read the provisions of privacy policies on other websites before providing them with your personal information.

Submitting Information From Outside The United States

We control and operate the online and mobile resources from within the United States of America (the “U.S.”). Information collected through the Site may be stored and processed in the United States or any other country in which our vendors or we maintain facilities. Although we do not actively block or monitor visitors from other countries, the Site is directed only at visitors from the U.S. As such, this Privacy Policy is consistent with U.S. law and practice and is not adapted to other laws (including European data security and privacy laws). Mint Nutrition will apply the applicable laws of the U.S., including as embodied in this Privacy Policy in place of data protections under your home country’s law. That is, you freely and unambiguously acknowledge that this Privacy Policy, not your home country’s laws, controls how we will collect, store, process, and transfer your personal information. Similarly, the English language version of this Privacy Policy is the controlling version regardless of any translation you may attempt.

Exercise Your Privacy Rights

Mint Nutrition takes privacy seriously. Where applicable, data subjects have certain rights which they can request for Mint Nutrition to fulfill. These requests can be made by either the data subject or an authorized agent. These rights include:

  1. The Right to Know. You have the right to request that Mint Nutrition disclose the personal data that Mint Nutrition has collected about you;
  2. The Right to Amend. You have the right to correct any information that Mint Nutrition stores about you;
  3. The Right to Withdraw Consent for Consumer Health Data. You have the right to withdraw your consent for any Consumer Health Data that Mint Nutrition maintains about you if you are a Washington resident;
  4. The Right to Delete. You have the right to request that Mint Nutrition delete information that it maintains about you, subject to certain exceptions; and
  5. The Right to Opt Out Of Your Personal Information Being Sold or Shared. You may opt-out of Mint Nutrition sharing or selling your information. Additionally, you may request a list of all entities we have shared your Consumer Health Data to where applicable.

In order to exercise any of the rights detailed above, please contact us at support@dietvsdisease.com. We will use your email as proof of verification unless otherwise prohibited. Exercising your rights under this section will not result in any discrimination by Mint Nutrition. We will treat you the same as any other user. If you disagree or dispute a decision that has been made on the scope or application of the rights described in this clause, you may appeal this decision by contacting support@dietvsdisease.com.

We will respond to your request to exercise any of the above rights in writing (including via email), or orally if requested, as soon as practicable and in any event not more than within one month after receipt of your request. In exceptional cases, we may extend this period by up to two months and we will tell you why. If you would like to exercise any of these rights, please contact us using the contact details provided above.

Retention Period.

Mint Nutrition shall only store personal information for as long as it is required. This is determined by considering the purposes for which it was obtained in accordance with applicable laws. Our retention period is based on (1) the nature of our relationship with the data subject and (2) any legal obligations we are bound to fulfill.

Contact Us.

If you have questions or comments about this Privacy Policy, please email us at: support@dietvsdisease.com.  If you prefer, you may also contact us via at:

Mint Nutrition LLC

1846 E. Innovation Park Dr. Ste 100

Oro Valley

Arizona 85755