Privacy Policy

Updated as of December 23, 2019

1. Acceptance of Terms. This policy only covers CereCore (“CereCore,” “we” or “us”) online privacy practices with respect to use and/or disclosure of information we collect when you visit a website owned or operated by CereCore or its Affiliates (“Site”). For purposes of this Privacy Policy, “Affiliate” means any individual or entity that directly or indirectly controls, is controlled by, or is under common control with CereCore.  This policy does not apply to information collected through other means, such as by telephone or in person.  If you are a patient of one or more CereCore affiliated healthcare provider (“Provider”) facilities, consult the HIPAA Notices of Privacy Practices of those Provider facilities.

By accessing this Site, you acknowledge and fully understand CereCore’s Privacy Policy and freely consent to the information collection and use practices described in this Privacy Policy.  If you do not consent to the information collection and use practices described below, please exit this Site immediately.

2. Information Collected. CereCore collects certain information from and about its users in three ways: directly from our web server logs, with cookies, and from the user.

3. Web Server Logs. When you visit our Site, we may track information to administer the Site and analyze its usage. Examples of information we may track include:

  • Your Internet protocol address.
  • The kind of browser or computer you use.
  • Number of links you click within the Site.
  • State or country from which you accessed the Site.
  • Date and time of your visit.
  • Name of your Internet service provider.
  • Web page from which you linked to our Site.
  • Pages you viewed on the Site.

CereCore uses this information to analyze trends, administer and improve the Site, and monitor traffic and usage patterns for information security purposes and to help make the Site more useful.

4. Cookies and Web Beacons.  A “cookie” is a small text file that CereCore may transfer to your computer’s hard drive in order to personalize our services for you and to collect aggregate, non-personal information regarding Site usage by all of our users. Each computer is assigned a different cookie that contains a random, unique number.  The cookie does not contain personally identifiable information.  CereCore uses two different types of cookies: a “session” cookie, which is required to track a user session, for example, and which expires shortly after the session ends), and a “persistent” cookie, used to track unique visits to CereCore’s Portal Websites (defined below), as well as how the user arrived at the Portal Websites (for example, through an email link or from a referral link), and the type of user (patient, provider, etc.).  So that users are not counted twice, this cookie can “persist” anywhere from six months to two years.

Your browser software can be set to warn you of cookies or reject all cookies. Most browsers offer instructions on how to reset the browser to reject cookies in the “Help” section of the toolbar.  If you reject our cookie, this may disable some of the functionality on our Site and you may not be able to use certain services.

Cookies cannot be used to run programs or deliver viruses to your computer. One of the primary purposes of cookies is to provide a convenience feature to save you time. For example, if you personalize a web page, or navigate within a website, a cookie helps the website to recall your specific information on subsequent visits. This simplifies the process of delivering relevant content and eases website navigation by providing and saving your preferences and login information as well as providing personalized functionality.

Since sponsors or partners of CereCore may use their own cookies when you click on a hypertext link to their website or service, you should carefully review the privacy policy of other websites to which you link from our Site.

A “web beacon,” “clear GIF,” “web bug,” or “pixel tag” is a tiny graphic file with a unique identifier that is similar in function to a cookie, but would allow us to count the number of users that have visited certain pages or screens of our websites, and to help determine the effectiveness of promotional or advertising campaigns. When used in HTML-formatted email messages, web beacons can tell the sender whether and when the email has been opened. In contrast to cookies, which may be stored on your computer’s hard drive, web beacons are typically embedded invisibly on pages or screens.

CereCore reserves the right to share aggregated site statistics monitored by cookies and web beacons with partner companies.

5.User Communications. Email communications that you send to us via the email links on our Site may be shared with a customer service representative, employee, medical expert or agent that is most able to address your inquiry. CereCore makes every effort to respond in a timely fashion once communications are received. Once we have responded to your communication, it is discarded or archived, depending on the nature of the inquiry.

The email functionality on our Site does not provide a completely secure and confidential means of communication. It is possible that your email communication may be accessed or viewed by another Internet user while in transit to us. If you wish to keep your communication private, do not use our email.

6. Opt-Out.  We may send certain messages, including electronic newsletters, notification of account statuses, and marketing communications on a periodic basis. If you wish to be removed from such messages, you may request to discontinue future ones. All such material will have information as to how to opt-out of receiving it, although certain messages (such as a secure message sent by a doctor or an account status update), may be required and will not have opt-out capabilities.

7. Policy Changes. CereCore reserves the right to change the terms of this Privacy Policy at any time by posting those changes in revisions to this Privacy Policy, so that you are always aware of our processes related to collection, use and disclosure of information. We urge you to check here for any updates to this Privacy Policy from time to time.

8. Information Security. No website can guarantee security, but we maintain appropriate physical, electronic, and procedural safeguards to protect your personal information collected via the Site and Portal Websites in compliance with applicable law. Please see the Terms and Conditions and applicable Portal Website Terms and Conditions for more specific information about information security and your responsibilities.

9. What if I have questions or concerns regarding this Privacy Policy? If you have any questions or concerns about this Privacy Policy or the information practices of the Site or Portal Website, please contact us at


10. Additional Privacy Policies for Portal Websites. In the event that as a service to its customers, CereCore also provides websites which offer some customers secure, private access to their own records at Provider facilities, as well as certain internet-based services which may include, among other things, assistance in finding a doctor, assistance in scheduling appointments, the ability to register for classes and pre-register for procedures, and health and patient education materials (the “Portal Website”). The Portal Website has additional Privacy Policies and protections which are listed below.

11. Protected Health Information. If you are a patient of one or more Provider facilities, your personal information in our possession is protected health information (“PHI”) protected by the Health Insurance Portability and Accountability Act of 1996, as amended (“HIPAA”), and the applicable provisions of the Health Information Technology for Economic and Clinical Health (HITECH) Act. In addition to this Privacy Policy, the HIPAA Notices of Privacy Practices of those Provider facilities apply to your PHI.

This website may include pages that give you the opportunity to provide us with personal identifying information (“PII”) about yourself, if you choose not to provide this information, it may limit your ability to use certain functions of the site and/or request certain services or information. The Portal Website can provide you with access to some of your medical records. When you seek access to those records on the Portal Website, we need to confirm it is you so we ask you for information such as your name and email or physical address and other information such as your date of birth (which we may also use to make sure you are eligible to use the Portal Website in accordance with the Terms and Conditions) and the answers to “secret questions” to which only you know the answers. This information may be used to help administer your user account and in managing your account. We may need to ask you for the information again when you sign in from a new device.

We may ask for information about your location and medical needs to assist with finding a physician, and may collect and pass on information to assist you in scheduling appointments, registering for classes and pre-registering for procedures.

12. HIPAA Policies. In collecting your PII, our Sites may also collect PHI. Just as we strive to protect your PII we are committed to protecting your PHI. If there is a breach of your PHI, we are required by law to notify you. Your PHI will remain confidential, and will only be disclosed to you or your personal representative, unless otherwise required by state or federal law. In all circumstance, unless otherwise required by law, we will obtain your written authorization before using or disclosing your PHI. This protection extends to PHI that is oral, written, or electronic.

13. How Else May Your Information Be Used And Disclosed? In addition to the uses and disclosures of information outlined above, your information may also be used and disclosed as follows:

  • If another individual is managing your account on your behalf (for example, a mother managing the account of her son), as authorized by you or as a personal representative under applicable law, that person can view all of your information in the Portal Website.
  • We may use your information to send you surveys.
  • Your healthcare providers may have access to your information for scheduling and healthcare services.
  • We may use your information respond to and fulfill your orders and requests.
  • We may send you appointment reminders through messages or other alerts on the Portal Website.
  • We may share information with marketing, treatment or health care operations support partners required to protect the confidentiality of your information, that will enable them to send you targeted messages or serve you targeted advertising, with your authorization or otherwise in compliance with HIPAA and other applicable laws.
  • We may assign the information we have about you, including PII, in the event that all or part of our assets are sold or acquired by another party, including all or substantially all of our websites, or in the event of a merger for the same.
  • We may use or disclose your information as required by law.

CereCore will not disclose personal information (contact, health and/or billing) to third parties other than as provided for in this Privacy Policy, except when we believe in good faith that the law requires or permits it or you have otherwise consented to additional use or disclosure of the information.

14. Third Party Websites and Payments. If you use the Portal Website to link to another third party website, you may decide to disclose personal information at that website. Please be aware that in contacting that third party website, or in providing information on that website, that third party may obtain personal information about you. This Privacy Policy does not apply when you leave the Portal Website and go to a third party website from the Portal Website. We encourage you to be aware when you leave the Portal Website and to read the privacy statements of each and every website that collects personally identifiable information.

Any payments you may make for services you have found on the Portal Website (such as enrolling in a class) are made exclusively through an affiliated third party website the separate privacy policy of which applies, and not through the Portal Website. We are not responsible for any fees, charges, or actions provided by such a third party website.

15. What can I do to protect my privacy?  In order to protect your privacy, you should:

  • Never share your username or password.
  • Always sign out when you are finished using the Portal Website.
  • Use only secure web browsers.
  • Employ common anti-virus and anti-malware tools on your system to keep it safe.
  • Use a strong password with a combination of letters and numbers.
  • Change your password often.
  • Notify us immediately if you feel your login and/or password have been compromised.

Please note that if you share your Portal Website username and password with another person, this will allow that person to see your confidential medical record information. CereCore has no responsibility concerning any breach of your confidential medical record information due to your sharing or losing your user name or password.

16. Children May Not Use the Portal Website. We will never ask for or knowingly collect information from children, if you are a child under the age of 13, you are not permitted to use this service and should immediately exit the Site or get an adult.  Consistent with the Children’s Online Privacy Protection Act, we will not knowingly collect any information from children under the age of 13.  Parents of unemancipated minors may set up accounts for themselves to access their children’s medical records only as permitted pursuant to the Terms and Conditions governing the Portal Website.  If you think that we have collected personal information from a child under the age of 13 through this Portal Website, please contact us and we will dispose of the information.

17. What if I am accessing this Portal Website from outside of the United States? If you are visiting our Portal Website from outside the United States, please be aware that your information may be transferred to, stored or processed in the United States, where our servers are located and our central database is operated. The data protection and other laws of the United States and other countries might not be as comprehensive as those in your country, but please be assured that we take steps to protect your privacy. By using our Portal Website, you understand that your information may be transferred to our facilities and those third parties with whom we share it as described in this Privacy Policy.

18. Connecticut Privacy Policy Notice. If collected, we will take reasonable measures to protect the confidentiality of Social Security numbers and limit access to those with a need for such information. We prohibit the unlawful disclosure of Social Security numbers.

19. Your California Privacy Rights. Under California Law, California residents have the right to request in writing from businesses with whom they have an established business relationship, (a) a list of the categories of personal information, such as name, e-mail and mailing address and the type of services provided to the customer, that a business has disclosed to third parties (including affiliates that are separate legal entities) during the immediately preceding calendar year for the third parties’ direct marketing purposes; and (b) the names and addresses of all such third parties. To request the above information, please contact us at with a reference to California Disclosure Information.

We will endeavor to respond to such requests to information access within 30 days following receipt at the e-mail address stated above. If we receive your request at a different e-mail address, we will respond within a reasonable period of time, but not to exceed 150 days from the date received. Please note that we are only required to respond to each customer once per calendar year.

20. Your Nevada Privacy Rights. We may collect the following categories of covered information about you through our Website, Portals, and Services when you visit the Website and Portals or use the Services such as:

  • First and Last Name
  • Physical Address
  • Email Address
  • Telephone Number
  • User Name

We may share such covered information with categories of third parties such as Marketing.

Third parties may collect covered information about your online activities over time and across different Internet websites or online services when you use the Website, Portals, or Services.

If you use or visit the Website and Portals or use the Services you may review and request changes to any of your covered information that is collected through the Website, Portals, or Services by calling 844-422-3282.

You may submit a verified request that we not sell any covered information that we have collected or will collect about you by calling 844-422-3282. After we receive your request and determine that it is a verified request, we will not sell any covered information that we have collected or will collect about you.

We treat the data of everyone who comes to our Site and Website Portal in accordance with this Privacy Policy, whatever their Do Not Track setting.

California Consumer Privacy Act of 2018 (“CCPA”)

This section only applies to California residents (“Consumers”). For the purposes of this section only, “Personal Information” means information that identifies, relates to, describes, references, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular Consumer or household.

Consumers have the following rights:

  • Right to Request Information. You have the right to request that we disclose the following information to you, limited to the preceding twelve (12) months:
    • The categories of Personal Information that we collected about you.
    • The categories of sources from which the Personal Information is collected.
    • The business or commercial purpose for collecting or selling Personal Information.
    • The categories of third parties with whom we share Personal Information.
    • The specific pieces of Personal Information that we have collected about you.
    • The categories of Personal Information that we disclosed about you for a business purpose.
    • The categories of Personal Information that we sold about you and the categories of third parties to whom the Personal Information was sold, by category or categories of Personal Information for each category of third parties to whom the Personal Information was sold.

Please note that we are only required to respond to such requests from you twice in a twelve-month period.

  • Right of Deletion. You have the right to request that we delete any Personal Information about you which we have collected from you.

Right to Opt-Out. You have the right to direct us not to sell your Personal Information. You may exercise your opt-out rights by clicking on the following link: Personal Information Request or by calling us at 844-422-3282.

  • Right to Opt-In. If you are at least 13 years of age and less than 16 years of age you have the right to opt-in to the sale of your Personal Information.  If you are a Consumer who is less than 13 years of age, then your parent or guardian has the right to opt-in to the sale your Personal Information.
  • Non-Discrimination. We may not discriminate against you because you exercise any of your rights under the CCPA, including, but not limited to:
    • Denying goods or services to you.
    • Charging different prices or rates for goods or services, including through the use of discounts or other benefits or imposing penalties.
    • Providing a different level or quality of goods or services to you.
    • Suggesting that you will receive a different price or rate for goods or services or a different level or quality of goods or services.
  • Limited Rights of Job Applicants, Employees, Medical Staff Members, and Contractors. If you are a job applicant, employee, medical staff member, or contractor, to the extent that we collect information from you in your role as such, you have the right, at or before the point of collection, to know the categories of Personal Information that we will collect or have collected and the purposes for which we will use the categories of Personal Information.

You may submit requests for information by calling us at 844-422-3282 or by emailing us at Personal Information Request.

The categories of sources from which we collect Personal Information are:

  • directly from you
  • directly from our web server logs
  • with cookies and web beacons.


The categories of third parties with whom we share Personal Information are described in detail in the “How We Disclose Personal Information” section of this Privacy Policy.


The chart below describes:

  • The categories of Personal Information that we have collected about Consumers in the preceding twelve (12) months and may collect about you through our Website, Portal, and Services.
  • The categories of Personal Information that we have disclosed about Consumers for a business purpose in the preceding twelve (12) months.
  • The categories of Personal Information that we have sold about Consumers in the preceding twelve (12) months.




Disclosed for a Business Purpose



Name, address, e-mail address, telephone number, date of birth, IP address



Personal Information categories described in Cal. Civ. Code § 1798.80(e)

Name, address, telephone number, insurance policy number, employment history, medical information, health insurance information



Protected classification characteristics under California or federal law

Age, race, color, ancestry, national origin, citizenship, religion or creed, marital status, medical condition, physical or mental disability, sex (including gender, gender identity, gender expression, pregnancy or childbirth and related medical conditions), sexual orientation, veteran or military status, genetic information (including familial genetic information)



Commercial information

Products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies



Internet or other similar network activity

Internet protocol address, type of browser, number of links clicked within our Services, state or country from which you accessed our Services, date and time of visit, name of Internet service provider, third party websites you linked to from our Services, pages or information you viewed on our Services, number of times you have viewed an ad



Geolocation data

Region or postal code



Professional or employment-related information

Work experience, performance evaluations




The purposes for which the categories of Personal Information shall be used, and the business or commercial purposes for collecting or selling personal information, are described in detail in the following sections of this Privacy Policy: (i) Web Server Logs, (ii) Cookies and Web Beacons, (iii) Geolocation Data, (iv) Third Party Advertising, (v) Information Collected through the Portal, (vi) The Purposes for Which We Use Personal Information, (vii) How We Disclose Personal Information, and (viii) User Communications.