Privacy Policy

DermCare Management Group

Privacy Policy & Notice of Privacy Practices

Effective Date: March 20, 2026
Last Updated: March 20, 2026

This Privacy Policy (“Policy”) applies to the DermCare Management Group corporate website located at www.dermcaremgt.com (the “Site”) and to DermCare Management Group, its brands, affiliates, subsidiaries, and practice entities operating under common control (“DermCare,” “we,” “our,” or “us”) with respect to information collected through this Site (collectively, the “Services”).

DermCare operates a multi-location network of dermatology and aesthetics practices across California, Texas, Virginia, Florida, North Carolina, and other states. This corporate Site provides general information about our organization, our network of practices, and career opportunities. It is not intended for scheduling appointments, requesting consultations, or submitting patient information. If you are a patient or prospective patient seeking to book an appointment or communicate with a specific practice, please visit that practice’s own website, which maintains its own privacy policy and, where applicable, a separate HIPAA Notice of Privacy Practices governing patient information.

For information about additional privacy rights you may have based on your state of residence, please see Section 14 (State-Specific Privacy Rights) and Section 15 (California Notice at Collection).

By using our Services, you agree that your personal information will be handled as described in this Policy. Your use of our Services and any dispute over privacy is subject to this Policy and the applicable Terms and Conditions posted on the Site.

1. Scope

This Policy applies to personal information we process through the corporate Site at www.dermcaremgt.com, including but not limited to:

  • Visitors to the corporate Site where this Policy is posted;
  • Individuals who inquire about DermCare, our network of practices, or business and partnership opportunities;
  • Individuals who sign up to receive corporate communications, newsletters, or other materials;
  • Individuals who explore career opportunities, submit job applications, or otherwise engage with our recruitment services through the Site;
  • Visitors to our corporate offices;
  • Current, former, and prospective business partners and service providers; and
  • Individuals who otherwise communicate or interact with us through the corporate Site.

Practice Websites and Patient Information. This Site is not used to schedule appointments, request consultations, or collect patient information. Each practice within the DermCare network maintains its own website with its own privacy policy that governs patient-facing data collection, appointment scheduling, and related activities. If you wish to book an appointment or communicate with a specific practice, please visit that practice’s website directly.

HIPAA-Protected Health Information. Although this corporate Site is not intended to collect protected health information (“PHI”) as defined by the Health Insurance Portability and Accountability Act of 1996, as amended (“HIPAA”), we recognize that individuals may occasionally submit health-related information through the Site (for example, when attempting to reach a practice). Any PHI that we collect, receive, or maintain in our capacity as a covered entity or business associate is governed by a separate Notice of Privacy Practices and applicable Business Associate Agreements. Please see Section 13 for a summary of our HIPAA obligations.

Additional Notices. Depending on how you interact with us, we may provide supplemental privacy notices with additional details about our privacy practices. Such supplemental notices will control to the extent there is a conflict with this Policy.

Job Applicants and Career Seekers. Our Site also serves as a career center where individuals can explore employment opportunities across our network and submit applications. Section 9 of this Policy describes in detail the personal information we collect from job applicants and career seekers, how we use that information, and your rights with respect to it.

Current Employees and Contractors. Personal information collected about current or former employees or contractors in the context of an existing working relationship is governed by internal employment policies and is not covered by this Policy.

2. Medical Advice Disclaimer

For Patients: Any content on this Site, including text, graphics, and images, is for general informational purposes only. It is not intended to be a substitute for professional medical advice, diagnosis, or treatment. Always seek the advice of your physician or other qualified health provider with any questions you may have regarding a medical condition. Never disregard professional medical advice or delay in seeking it because of something you have read on this Site.

For Healthcare Professionals: This Site is for general informational purposes only. You should use your own professional judgment in evaluating the information provided and rendering any medical opinion or advice.

3. Personal Information We Collect

We collect personal information directly from you, from third-party sources, and automatically through your use of the Services. The personal information we collect may vary depending upon your use of our Services and our interactions with you.

3.1 Information Collected Directly

  • Contact Details and Identifiers. Name, email address, phone number, mailing address, date of birth, gender, and other similar personal identifiers.
  • Account and Profile Information. Username, password, and other information used in connection with accessing your account through patient portals or our websites.
  • Financial and Payment Details. Payment type, payment card details, billing address, insurance information, and other financial information necessary to process transactions.
  • Health and Medical Information. When you schedule an appointment, meet with our providers, or use our Services, we may collect health and medical-related information such as health conditions, treatments, diagnoses, and related wellness data. Where such data constitutes PHI under HIPAA, it is governed by our separate Notice of Privacy Practices.
  • Communications and Interactions. Records of emails, calls, chat messages, form submissions, social media interactions, reviews, testimonials, and other communications with us, including information submitted through AI-assisted chat tools or voice response systems we may deploy.
  • Career and Job Application Information. If you apply for a position or explore career opportunities through our website, we may collect your name, contact information, resume or CV, cover letter, work history, education, professional licenses and certifications, references, and any other information you choose to provide. For more detail, see Section 9.
  • Promotional Information. Contact details, preferences, and demographic information collected in connection with marketing communications, offers, or promotions.
  • Survey and Feedback Responses. Responses and feedback provided through surveys, questionnaires, or research conducted by us.
  • Event and Registration Details. Information related to your participation in or registration for events we host or sponsor.
  • Communication preferences, service preferences, and other preferences you provide when interacting with us.

3.2 Information Collected from Third Parties

We may also collect personal information about you from third-party sources, including:

  • Healthcare Partners and Referral Sources. Information from referring physicians, laboratories, imaging centers, and other healthcare entities involved in your care.
  • Data Analytics and Marketing Providers. Lead and prospect information from third parties for marketing, advertising, and customer enhancement purposes.
  • Social Media Platforms. Information you make publicly available or share when you interact with us through social media.
  • Business Partners and Service Providers. Information from entities that perform services or functions on our behalf.

3.3 Information Collected Automatically

We and our third-party service providers may automatically collect certain information about your use of our Services, including through the use of cookies, pixel tags, and similar technologies:

  • Device and Browsing Information. Browser type, operating system, device type, unique device identifiers, language preferences, referring URLs, access times, page views, and clickstream data.
  • Activities and Usage. Information about links clicked, searches performed, features used, items viewed, time spent within the Services, and other interaction data.
  • Location Information. Approximate geographic location derived from your IP address.

3.4 De-Identification and Privacy-Protective Processing

We employ a healthcare privacy platform that acts as an intermediary between our websites and third-party analytics and advertising tools. This platform is designed to strip personally identifiable information and protected health information from data flows before transmitting event data to downstream marketing and analytics destinations. Through this approach, data shared with advertising platforms such as Google Ads is de-identified—personal identifiers are removed or cryptographically hashed, and only non-identifiable behavioral signals (such as anonymized conversion events) are transmitted. This architecture is designed to comply with guidance from the U.S. Department of Health and Human Services regarding the use of online tracking technologies by HIPAA-regulated entities.

3.5 Derived and Inferred Information

We may derive or infer information about you based on the information we collect, such as information about your interests, preferences, or other demographic characteristics.

4. How We Use Your Information

We may collect, use, disclose, and otherwise process personal information for the following purposes:

  • Services and Support. To provide our healthcare and related services, manage your account, process transactions, schedule appointments, communicate with you about your care, and provide troubleshooting and technical support.
  • Analytics and Improvement. To understand how users access and use the Services, and for research and analytical purposes, including to evaluate and improve our Services, business operations, and internal quality control.
  • To respond to inquiries, fulfill requests, send appointment reminders, and provide information about our Services and offerings.
  • Customization and Personalization. To tailor content, offer location customization, and personalize your experience.
  • Marketing and Advertising. To send promotional communications about our Services, including information about new offerings, events, and special promotions, in accordance with applicable law and your preferences.
  • Research and Surveys. To administer surveys and questionnaires for market research, patient satisfaction, or quality improvement purposes.
  • Insight Development and Data Enhancement. To combine information collected through the Services with other information for analytics, research, and data enhancement, typically using de-identified or aggregated data.
  • Event Planning and Management. For event registration, attendance tracking, and related communications.
  • Recruitment and Talent Acquisition. To process job applications, evaluate candidates, communicate with applicants about their applications and career opportunities, conduct background checks where applicable and with appropriate consent, and manage our hiring process. For more detail, see Section 9.
  • Security and Protection of Rights. To protect the Services and our business operations, prevent and detect fraud, unauthorized activities, and other misuse.
  • Compliance and Legal Process. To comply with applicable legal or regulatory obligations, respond to subpoenas, court orders, and other legal processes.
  • Auditing, Reporting, and Internal Operations. To conduct audits, maintain business records, and enforce our policies.
  • General Business and Operational Support. To assess and implement business transactions, including mergers, acquisitions, and reorganizations, and to administer general business functions.

5. How We Share Your Information

We may disclose personal information to the following categories of recipients:

  • Affiliates and Subsidiaries. We may share personal information with our parent company, DermCare Management Group, and other entities under common ownership, control, or management, including affiliated practice entities.
  • Vendors and Service Providers. We share information with vendors and service providers who perform functions on our behalf, including IT and hosting providers, patient management systems, payment processors, marketing and analytics providers, customer support services, appointment scheduling platforms, and legal counsel. These service providers are contractually obligated to use personal information only for the purposes for which it is disclosed to them.
  • Healthcare Privacy Platform. We use a healthcare privacy platform that processes website behavioral data on our behalf under a Business Associate Agreement. This platform de-identifies data before it is transmitted to non-HIPAA-compliant analytics and advertising destinations, removing or hashing personal identifiers so that downstream recipients receive only anonymized event data.
  • Third-Party Analytics and Advertising Providers. We may disclose de-identified device, browsing, and usage information to third-party marketing, analytics, and advertising providers for purposes of measuring campaign performance, improving our Services, and delivering relevant content. Data shared with these providers through our healthcare privacy platform has been stripped of personal identifiers.
  • Recruitment and Background Check Providers. If you apply for a position through our website, we may share your application information with applicant tracking systems, background check providers, and the specific practice where the position is located, as further described in Section 9.
  • Business Partners. In some circumstances, we may partner with other businesses to offer services or facilitate programs, and may share personal information with those partners as necessary.
  • Other Users. If you submit information through public-facing features such as reviews or testimonials, that information may be visible to other users.
  • In Support of Business Transfers. In connection with any merger, acquisition, financing, reorganization, bankruptcy, or sale of assets, we may disclose or transfer personal information to the acquiring or successor entity.
  • Compliance and Legal Obligations. We may disclose information to third parties as required by law, including in response to subpoenas, court orders, and requests from government entities and law enforcement.
  • Security and Protection of Rights. Where we believe disclosure is necessary to protect our rights, property, or safety, or the rights, property, and safety of others.

De-Identified and Aggregated Data. We may use and disclose aggregated, de-identified, and other non-identifiable data for quality control, analytics, research, development, and other purposes. Where we use or disclose de-identified data, we maintain and use the information in de-identified form and do not attempt to re-identify it, except to determine whether our de-identification processes are adequate pursuant to applicable privacy laws.

6. Third-Party Websites and Practice Websites

Our Site contains links to third-party websites, as well as links to the individual websites of practices within the DermCare network. Because this corporate Site is informational, individuals seeking to book appointments, request consultations, or communicate with a specific practice will typically be directed to that practice’s own website. Each practice website is governed by its own privacy policy.

IMPORTANT: When you leave the corporate Site and access a practice website or any other third-party website or platform—including third-party booking, scheduling, or payment systems—your interaction is governed by that website’s own privacy policy, terms of service, and data handling practices, not this Policy. DermCare is not responsible for the privacy practices, security measures, content, or data collection activities of any third-party website or individual practice website, even if we link to it or it is branded with one of our practice names. We encourage you to review the privacy policy and terms of any website before submitting personal information.

We do not control and are not liable for the actions of third-party websites or platforms, including but not limited to how they collect, store, use, or disclose your personal information. Any questions or concerns about a practice website or third-party platform should be directed to that website’s or platform’s operator.

7. Cookies and Other Tracking Technologies

We and our third-party service providers use cookies, pixels, local storage objects, log files, and similar technologies to automatically collect browsing, activity, device, and similar information within our Services. We use this information to analyze how users interact with our Services, to optimize performance, and for marketing and analytics purposes.

7.1 Types of Cookies

  • Essential Cookies. Necessary for the basic functionality of our websites, such as enabling secure areas and remembering your preferences.
  • Performance and Analytics Cookies. Collect information about how visitors use our websites, such as which pages are visited most often and whether users encounter error messages. Data collected by these cookies is processed through our healthcare privacy platform to ensure personal identifiers are removed before transmission to analytics tools.
  • Functional Cookies. Remember your preferences, login details, and other choices to provide enhanced, more personalized features.
  • Advertising Cookies. Used to deliver relevant advertisements and measure campaign effectiveness. These cookies transmit de-identified signals through our healthcare privacy platform rather than transmitting raw personal data directly to advertising networks.

7.2 Cookie Consent and Management

On our practice websites in California, Texas, and other jurisdictions where required by law, we deploy a cookie consent management tool that allows you to manage your cookie preferences, including opting out of non-essential cookies, the sale of personal information through cookies, and targeted advertising. You may access and update your preferences at any time through the cookie preference center available on the relevant practice website.

You may also manage cookies through your browser settings. The “Help” section of most browsers explains how to prevent your device from accepting new cookies, how to receive notification when a new cookie is set, and how to delete cookies. Disabling cookies may affect the functionality of certain features of our Services.

7.3 Third-Party Analytics

We use third-party analytics tools, including Google Analytics, to evaluate usage of our Services. These tools may use cookies and similar technologies to collect and analyze usage data. Data transmitted to these third-party tools is routed through our healthcare privacy platform, which removes personal identifiers before the data reaches the analytics provider. For more information about Google’s privacy practices, please visit https://www.google.com/policies/privacy/partners/.

7.4 Cross-Device Tracking

We and our third-party providers may use the information we collect to identify other devices you use (e.g., mobile phone, tablet, computer). Cross-device data is subject to the same de-identification processes described in this Policy.

7.5 Third-Party Advertising

We work with third-party advertising networks and partners to personalize content and display advertising within and outside our Services. Information shared with advertising partners is processed through our healthcare privacy platform to ensure that personal identifiers and protected health information are not disclosed to non-HIPAA-compliant advertising destinations.

7.6 Browser and Opt-Out Preference Signals

We are committed to honoring user privacy preferences communicated through browser-based or device-based signals. Where our website and its supporting technology are capable of detecting opt-out preference signals—such as the Global Privacy Control (“GPC”) signal or similar mechanisms recognized under applicable state privacy laws—we will treat such signals as a valid request to opt that browser or device out of the “sale” or “sharing” of personal information and targeted advertising conducted through cookies and tracking tools on our website, to the extent required by law.

Because our websites use a variety of technologies and platforms, the ability to detect and honor specific signals may vary. If you are unsure whether your opt-out preference signal is being recognized, you may also exercise your opt-out rights directly through our cookie preference center or by contacting us using the information in Section 14.2. We do not currently respond to “Do Not Track” browser signals, as there is no industry-wide standard for this signal at this time.

8. Your Privacy Choices

  • Account and Profile Information. You may access, update, and delete certain personal information by adjusting your account settings within our patient portals or contacting us directly.
  • Marketing Communications. You may opt out of promotional communications by following the unsubscribe instructions included in each message. If you opt out, we may still send you transactional or service-related communications.
  • Cookie Preferences. You may adjust your cookie preferences through our cookie consent management tool, available on applicable practice websites, or through your browser settings.
  • Opt-Out of Sale and Targeted Advertising. Where applicable, you may opt out of the “sale” or “sharing” of your personal information and targeted advertising through our cookie preference center or by submitting a request as described in Section 14.
  • Industry Ad Choice Programs. You can opt out of receiving targeted ads from participating third-party ad networks at aboutads.info/choices (Digital Advertising Alliance). Opting out does not mean you will stop seeing ads—you may continue to receive generic advertisements.

9. Careers and Job Applicant Information

Our website serves as a career center for DermCare and our network of managed practices. This section describes how we handle personal information collected from individuals who explore job opportunities or submit applications.

9.1 Information We Collect from Job Applicants

When you apply for a position or express interest in career opportunities, we may collect:

  • Name, email address, phone number, and mailing address;
  • Resume or curriculum vitae (CV), cover letter, and work history;
  • Education history, degrees, certifications, and professional licenses;
  • Professional references and their contact information;
  • Information about your skills, qualifications, and areas of interest;
  • Salary expectations or requirements, if voluntarily provided;
  • Work authorization status and visa information, as required for employment eligibility; and
  • Any other information you choose to include in your application or provide during the recruitment process.

In some cases, and with your consent or as permitted by law, we may also collect:

  • Background check information, including criminal history, conducted by third-party providers;
  • Professional license verification results;
  • Drug screening results, where required for the position; and
  • Information from references you have provided.

9.2 How We Use Job Applicant Information

We use the information collected from job applicants for the following purposes:

  • To process and evaluate your application for the specific position(s) to which you have applied;
  • To communicate with you about your application status, schedule interviews, and coordinate the hiring process;
  • To verify your qualifications, credentials, work history, and references;
  • To conduct background checks and employment eligibility verification, where applicable and with appropriate consent;
  • To consider you for other open positions within our network that may match your qualifications, unless you opt out;
  • To comply with applicable employment laws, regulations, and reporting requirements;
  • To improve our recruitment processes and analyze hiring trends; and
  • To maintain records as required by law.

9.3 How We Share Job Applicant Information

We may share your application information with:

  • Managed Practices. If you apply for a position at a specific practice within our network, your application information will be shared with that practice’s hiring team.
  • Applicant Tracking and Recruitment Platforms. We use third-party applicant tracking systems to manage job postings and applications. Your information will be processed through these platforms.
  • Background Check and Screening Providers. With your consent or as permitted by law, we may share your information with third-party providers who conduct background checks, credential verification, drug screening, and reference checks.
  • Professional Advisors. We may share information with legal counsel and other advisors as necessary for compliance with employment laws.

9.4 Retention of Job Applicant Information

We retain job applicant information for a reasonable period after the conclusion of the recruitment process, typically consistent with applicable statutes of limitations and legal requirements. If you are not selected for a position, we may retain your information to consider you for future opportunities unless you request that we delete it. If you are hired, your application information will become part of your employment records, which are governed by internal employment policies.

9.5 Your Rights as a Job Applicant

Job applicants have the same rights described in Section 14 of this Policy, including the right to access, correct, and delete personal information, subject to applicable law and certain limitations. To exercise your rights or to request deletion of your application information, please contact us using the information in Section 17.

Equal Opportunity. DermCare Management Group is an equal opportunity employer. We do not discriminate on the basis of race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, veteran status, or any other protected characteristic under applicable law.

10. Children’s Privacy

Our Services are not designed for or directed to children under the age of eighteen (18). We do not knowingly collect personal information from children under 18. If you are a parent or legal guardian and believe we have collected information from your child in violation of applicable law, please contact us using the information in Section 17 so that we can take appropriate action.

In jurisdictions with specific requirements regarding children’s data, we comply with applicable provisions of the Children’s Online Privacy Protection Act (COPPA) and relevant state laws governing data collection from minors.

11. Data Retention

We retain personal information for as long as needed or permitted based on the purpose for which it was collected, consistent with applicable law. When determining retention periods, we consider:

  • Whether we are subject to legal obligations that require us to maintain records for a specified period;
  • Whether the information is necessary to provide ongoing services or maintain our relationship with you;
  • Whether we have taken legal positions that require preservation of information (e.g., legal holds); and
  • Applicable statutes of limitations and regulatory requirements.

Where we have committed to maintaining personal information in a de-identified form, we will not attempt to re-identify such information except as permitted by applicable law.

12. Security

We have implemented administrative, technical, and physical safeguards designed to protect the personal information we collect from loss, misuse, unauthorized access, disclosure, alteration, and destruction. These measures include encryption, access controls, regular security assessments, and employee training.

Despite our efforts, no data security measures can guarantee complete security. You can help protect your information by choosing a strong, unique password for your account and keeping your login credentials confidential. If you believe your account has been compromised, please contact us immediately.

13. Notice of Privacy Practices (HIPAA Summary)

THIS SECTION PROVIDES A SUMMARY OF HOW PROTECTED HEALTH INFORMATION MAY BE USED AND DISCLOSED BY DERMCARE AND ITS MANAGED PRACTICES UNDER HIPAA. ALTHOUGH THIS CORPORATE SITE IS NOT INTENDED FOR SCHEDULING APPOINTMENTS OR COLLECTING PATIENT INFORMATION, WE RECOGNIZE THAT INDIVIDUALS MAY SUBMIT HEALTH-RELATED INFORMATION THROUGH THIS SITE. A COMPLETE NOTICE OF PRIVACY PRACTICES IS AVAILABLE FROM EACH PRACTICE WITHIN OUR NETWORK AND IS PROVIDED TO PATIENTS AT THE TIME OF THEIR FIRST VISIT OR UPON REQUEST.

If you have reached this corporate Site while trying to contact a practice, we encourage you to visit that practice’s website directly for its full Notice of Privacy Practices. We will make reasonable efforts to route any health-related inquiries received through this Site to the appropriate practice.

13.1 Uses and Disclosures of PHI

Our managed practices may use and disclose your PHI for the following purposes:

  • To provide, coordinate, or manage your healthcare, including disclosures to other physicians, nurses, technicians, pharmacy staff, or other healthcare providers involved in your care.
  • To bill and collect payment for services, including disclosures to insurance companies, health plans, and other third parties responsible for payment.
  • Healthcare Operations. To operate our practices, including quality assessment, employee training, compliance activities, and business planning.
  • Appointment Reminders. To contact you with appointment reminders, treatment alternatives, or other health-related benefits and services.

13.2 Disclosures Without Authorization

We may disclose your PHI without your prior authorization in certain legal situations, including:

  • Public health activities, including disease prevention, reporting child abuse or neglect, and communicable disease notifications;
  • Law enforcement purposes, in response to court orders, subpoenas, warrants, or summons;
  • Judicial and administrative proceedings;
  • Situations involving serious threats to health or safety;
  • Workers’ compensation programs; and
  • As otherwise required by law.

13.3 Your Rights Regarding PHI

You have the right to:

  • Inspect and obtain a copy of your medical and billing records;
  • Request amendment of health information you believe is incorrect or incomplete;
  • Request an accounting of certain disclosures of your PHI;
  • Request restrictions on certain uses or disclosures of your PHI; and
  • Request confidential communications (e.g., asking that we contact you only at a certain phone number or address).

To exercise any of these rights, please contact the practice location where you receive care or use the contact information in Section 17.

14. State-Specific Privacy Rights

Residents of certain U.S. states may have additional rights under applicable state privacy laws. This section describes those rights. If you are a California resident, please also see Section 15 for additional California-specific disclosures.

14.1 Consumer Privacy Rights

Subject to applicable law and certain limitations and exceptions, residents of California, Texas, Virginia, and other states with comprehensive consumer privacy laws may have the following rights:

  • To confirm whether we are processing your personal information and to obtain a copy in a portable, readily usable format.
  • To request deletion of your personal information.
  • To request correction of inaccurate personal information.
  • Opt-Out. To opt out of: (a) the “sale” of your personal information; (b) targeted advertising; and (c) profiling in furtherance of decisions that produce legal or similarly significant effects.
  • Revoke Consent. To revoke consent previously provided for the processing of your personal information.

14.2 How to Exercise Your Rights

You may submit a request to exercise your privacy rights by:

  • Emailing us at info@dermcaremgt.com;
  • Calling us at (954) 237-7090; or
  • Submitting a request through the privacy web form available on our practice websites.

When you submit a request, we will take steps to verify your identity by matching the information you provide with information in our records. In some cases, we may request additional information to verify your identity. If we are unable to verify your identity after a good faith attempt, we may deny the request and explain the basis for the denial.

14.3 Authorized Agents

You may designate an authorized agent to submit privacy requests on your behalf. Authorized agents will be required to provide proof of their authorization, and we may require you to directly verify your identity and the agent’s authority.

14.4 Appeals

If we deny your privacy request, you may appeal our decision. To appeal, please contact us using the information in Section 17 within sixty (60) days of the denial. We will respond to your appeal as required under applicable state law.

14.5 Non-Discrimination

We will not discriminate against you for exercising any of the privacy rights described in this Policy.

14.6 Sale of Personal Information

We do not disclose personal information to third parties in exchange for monetary compensation. However, our use of cookies and tracking technologies may constitute a “sale” or “sharing” of personal information under certain state privacy laws. Specifically, identifiers, location information (e.g., IP address), and Internet and network activity information may be disclosed to third-party advertising networks and analytics providers through cookies and similar technologies. Where required by law, we provide opt-out mechanisms for such disclosures through our cookie consent management tool and the “Do Not Sell or Share My Personal Information” link available on applicable practice websites.

We employ a healthcare privacy platform to de-identify data before it reaches advertising and analytics destinations. This platform removes personal identifiers and protected health information, transmitting only anonymized event data to downstream tools.

14.7 State-Specific Notes

California (CCPA/CPRA): See Section 15 for the complete California Notice at Collection, including categories of personal information collected and disclosed, sensitive personal information handling, and California-specific rights.

Texas (TDPSA): The Texas Data Privacy and Security Act, effective July 1, 2024, provides Texas residents with the rights described in Section 14.1, including the right to opt out of sale, targeted advertising, and profiling. Data protection assessments are conducted for processing activities that present a heightened risk of harm.

Virginia (VCDPA): The Virginia Consumer Data Protection Act provides Virginia residents with the rights described in Section 14.1. We honor Virginia residents’ rights to access, correct, delete, and opt out of sale, targeted advertising, and profiling of personal data.

North Carolina: North Carolina consumer privacy legislation has been introduced and, if enacted, would provide North Carolina residents with rights similar to those described in Section 14.1, including the right to confirm processing, access, delete, and opt out of sale and targeted advertising. We will update this Policy to reflect applicable North Carolina privacy requirements upon enactment and effective date of such legislation.

Florida (FDBR): The Florida Digital Bill of Rights applies primarily to entities meeting specific high-revenue thresholds. Regardless of applicability thresholds, DermCare is committed to responding to Florida residents’ privacy inquiries and requests in good faith. Florida residents may contact us to exercise their privacy rights using the methods described in Section 14.2.

15. California Notice at Collection and Privacy Rights

This section provides additional information for California residents pursuant to the California Consumer Privacy Act, as amended by the California Privacy Rights Act (collectively, the “CCPA”). This section applies to “personal information” as defined in the CCPA, whether collected online or offline, and does not apply to information exempt under the CCPA, such as publicly available information or de-identified or aggregated data.

15.1 Categories of Personal Information Collected and Disclosed

The following table identifies the categories of personal information we may collect (and may have collected in the prior 12 months), along with the categories of third parties to whom we may disclose such information:

Category of Personal Information Third-Party Recipients
Identifiers (name, email, phone, address, IP address, online identifiers) Affiliates; service providers; analytics and advertising providers; regulators and law enforcement
Customer Records (name, contact info, financial/payment info, health-related info) Affiliates; service providers; regulators and law enforcement
Commercial Information (services purchased, purchasing history) Affiliates; service providers; analytics providers; regulators and law enforcement
Internet/Electronic Network Activity (browsing history, clickstream, search history, interaction data) Affiliates; service providers; analytics and advertising providers; regulators and law enforcement
Location Data (approximate location from IP address) Affiliates; analytics and advertising providers; regulators and law enforcement
Audio, Visual, or Similar Information (call recordings, photographs) Affiliates; service providers; regulators and law enforcement
Professional Information (job title, company, business contact details) Affiliates; service providers; regulators and law enforcement
Inferences and Profiles (preferences, characteristics, behaviors) Affiliates; analytics providers; regulators and law enforcement
Sensitive Personal Information (login credentials, financial account data, health-related information, precise geolocation) Affiliates; service providers; regulators and law enforcement

15.2 Sensitive Personal Information

We do not collect, use, or disclose “sensitive personal information” beyond the purposes authorized by the CCPA. We only use and disclose sensitive personal information as reasonably necessary and proportionate to: (i) perform services you request; (ii) ensure security and integrity; (iii) detect and prevent fraud; (iv) verify quality and safety of our services; (v) comply with legal obligations; (vi) provide information to service providers; and (vii) for purposes other than inferring characteristics about you.

15.3 Sales and Sharing

While we do not disclose personal information to third parties in exchange for monetary compensation, our use of third-party analytics and advertising cookies may be considered “selling” or “sharing” under the CCPA. We may “sell” or “share” the following categories: identifiers, commercial information, location information (IP address), and Internet and network activity information. We do not sell or share sensitive personal information, nor do we sell or share personal information of individuals we know to be under sixteen (16).

15.4 California Privacy Rights

California residents have the following rights under the CCPA:

  • Right to Know (Access and Portability). Request the categories and specific pieces of personal information we have collected, the sources, business purposes, and categories of third parties to whom we have disclosed it.
  • Right to Correct. Request correction of inaccurate personal information.
  • Right to Delete. Request deletion of your personal information.
  • Right to Opt-Out of Sales and Sharing. Opt out of the “sale” and “sharing” of your personal information via our cookie preference center or the “Do Not Sell or Share My Personal Information” link on our websites.
  • Right to Limit Use of Sensitive Personal Information. We only use sensitive personal information for purposes permitted under the CCPA.
  • Right to Non-Discrimination. We will not discriminate against you for exercising any CCPA right.

To exercise your rights, see Section 14.2.

15.5 California Shine the Light

Under California’s “Shine the Light” law (Cal. Civ. Code § 1798.83), California residents who provide us certain personal information may request information about sharing with third parties for their direct marketing use. To submit a request, email us at info@dermcaremgt.com.

16. Changes to This Policy

We may update this Policy from time to time. We will post any changes on this page and update the “Last Updated” date. If we make material changes, we will endeavor to provide prior notice, such as by email or prominent notice on our websites. We encourage you to review this Policy periodically.

17. Contact Us

If you have questions or concerns about this Policy or our privacy practices, or wish to exercise your privacy rights, please contact us:

Email: info@dermcaremgt.com

Phone: (954) 237-7090

Mailing Address:

DermCare Management Group

Attn: Compliance Officer

4000 Hollywood Boulevard, Suite 215-S

Hollywood, FL 33021

Data Protection Inquiries: For data protection inquiries, please email info@dermcaremgt.com.

HHS Complaints: If you believe your health information privacy rights have been violated, you may also file a complaint with the U.S. Department of Health and Human Services, Office for Civil Rights, at https://www.hhs.gov/ocr/.

INTERESTED IN PARTNERING WITH US?

Let’s Talk

Are you a patient at one of our practices? Please call 844.633.9358.

This field is for validation purposes and should be left unchanged.
SMS/Mobile Phone Usage
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

* All indicated fields must be completed.
Please include non-medical correspondence only.

VISIT US TODAY

Our Office Locations

4000 Hollywood Boulevard

Suite 215-S
Hollywood, FL 33021

844.633.9358

Interested in Partnering With Us?

Let's Talk

Close
This field is for validation purposes and should be left unchanged.
SMS/Mobile Phone Usage
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Scroll to Top