ABM Respiratory Care Privacy Policy

Effective Date: January 1, 2017 — Last Updated September 5, 2025

ABM Respiratory Care (“ABMRC”) recognizes that you value—and we strive to respect—your privacy. We aim to balance our legitimate business interests in collecting and using information with your reasonable expectations of confidentiality. This Privacy Policy explains what we collect, how we use it, how we secure it, and when we disclose it. It governs information gathered at or submitted to the ABMRC website (www.abmrc.com) (the “Website”). Other interactions with ABMRC may be covered by different privacy terms.

By creating, registering, or logging into an account through the Website, or otherwise accessing or using the Website, you are automatically accepting, agreeing to, and acknowledging the most recent version of this Privacy Policy. If we make any changes to our Privacy Policy, we will post the revised Privacy Policy and update the “Last Updated” date above. We encourage you to read the Privacy Policy in its entirety from time to time as we may update the Privacy Policy without direct notice to you.  Your continued use of the Website means that you accept and agree to the revised Privacy Policy.  If you do not accept this Privacy Policy (as amended from time to time), please exit the Website immediately.

1. Types of Information Collected and How We Use It

1.1 Involuntarily Collected, Non-Personally Identifiable Information

We collect standard log and analytics data supplied by your browser (e.g., referring site, browser type, OS, IP address, timestamp). Cookies, web beacons, and similar technologies help us:

• recognize returning visitors
• understand feature usage
• improve site performance and offerings

You may disable cookies in your browser; doing so could affect site functionality.

1.2 Voluntarily-Submitted, Personally Identifiable Information

When you choose to provide information such as your name, address, email, or telephone number, we use it only for the purpose for which you supplied it (e.g., responding to inquiries) unless otherwise stated here. We do not sell or rent your data. We may, however:

• share information with contractors, agents, or partners who perform services on our behalf under confidentiality obligations
• disclose information when required by law, court order, or to protect rights, safety, or property
• create aggregated, de-identified statistics for any lawful purpose

1.3 General Uses

We use collected information to:

• understand preferences and enhance user experience
• operate, maintain, and improve our site
• respond to comments and customer service requests
• send product or company updates (you can opt-out at any time)
• detect, investigate, and prevent fraud or illegal activities
• deliver requested products and services

1.4  Personally Identifiable Information and Protected Health Information

When you set up an account with ABMRC, you are creating a customer relationship with ABMRC that enables you to access and/or utilize the various functions of the Website as a user. As part of that relationship, you provide information to ABMRC, including, but not limited to, your name, email  address, phone number and certain transactional information, which we do not consider to be “protected  health information” or “medical information” (“Personally Identifiable Information” or “PII”). 

However, in using certain components of the Website, you may also provide certain health or medical information that may be protected under applicable laws. ABMRC is not a “covered entity” under the  Health Insurance Portability and Accountability Act of 1996, Public Law 104-191, and its related regulations and amendments from time to time (collectively, “HIPAA”). The Website may be used to connect you with independent provider groups and individual practitioners who are not employed or controlled by ABMRC (the “Providers”). The Providers may be a “covered entity” under HIPAA, and ABMRC may in some cases be a “business associate” of a Provider. It is important to note that HIPAA does not necessarily apply to an entity or person simply because there is health information involved.  To the extent ABMRC is deemed a “business associate,” however, and solely in its role as a business associate, ABMRC may be subject to certain provisions of HIPAA with respect to “protected health information,” as defined under HIPAA and other governing law, that you provide to ABMRC or the Providers (“PHI”). (PII and PHI are collectively referred to herein as “Protected Information.”)  In addition, any medical or health information that you provide that is subject to specific protections under applicable state law, and will be used and disclosed only in accordance with such applicable laws. However, any information that does not constitute Protected Information under applicable laws may be used or disclosed in any manner permitted under this Privacy Policy. Protected Information does not include information that has been de-identified in accordance with applicable laws.

By accessing or using any part of the Website, you agree that, even if HIPAA does apply to ABMRC and/or the Providers, any information that you submit to ABMRC that is not intended and used solely for the provision of diagnosis and treatment by the Providers is not considered Protected Information, and will only be subject to our Privacy Policy and any applicable state laws that govern the privacy and security of such information. For purposes of clarity, information you provide to ABMRC in order to  register and set up an account on the Website, including name, username, email address, home address and phone number, is not considered Protected Information.

We may share your information with third-party service providers and medical providers to process information as part of a Service you request, for example, to process a credit-card payment or schedule an appointment. We may share your information to create your account on our Website and enable you to log into your account, provide you with customer support, for billing-related purposes, to enable and facilitate the Website as well as supervise and monitor the Website, to improve the Website, and to comply with applicable state and federal laws.

As referenced above, we have engaged third-party vendors and service providers to provide services in connection with the Website, and to help us manage our web presence and improve performance.  We may share your Protected Information with those third-party vendors and service providers, so that they may provide the services for which they have been engaged.  By using the Website, you consent to the disclosure of your Protected Information and PII to such third parties, and acknowledge that such disclosures are compliant and in accordance with federal and state privacy laws. 

We may share your information in response to a subpoena or similar investigative demand, a court  order, or a request for cooperation from law enforcement or a government agency. We may also share your information to protect the rights and property of ABMRC, to investigate, prevent, or take other action regarding illegal activity, suspected fraud, or other wrongdoing, and to enforce our Terms and Conditions or other agreements and policies. We may release information to government bodies and law enforcement under circumstances required by law or determined to be an emergency to protect the safety of an employee, customer, or agent of ABMRC. This includes exchanging information with law enforcement in accordance with Providers’ professional and legal responsibilities.  To the fullest extent permitted by applicable law, and without notice to you, we have sole and complete discretion to elect whether or not to make such disclosures, and to contest or not contest requests for such disclosures.

1.5      Tracking Technologies

This Website makes use of cookies, log files, Web Beacons, Pixels, dynamic tags, and/or other technical means (“Tracking Technologies”), including through third-party vendors such as Google and HubSpot.  We may use these Tracking Technologies to collect information about your online activities over time and across third-party websites or other online services to deliver content and advertising tailored to your interests, both on our Website and on third-party websites (including without limitation search engines and social-media websites).

The third parties may use the Tracking Technologies to collect information about you when you use the Website to provide you with advertising based on your visit to the Website or to collect data regarding advertising placed with us.  The third parties may have the ability to link the information they collect about you when you use the Website with other information they collect about you elsewhere on the internet or information about the device you are using.  Third parties also may collect information about your online activities over time and across different websites and other online services or mobile devices, and may use this information to provide with you targeted content.

1.6      Aggregated/Anonymized Data

This Privacy Policy does not apply to any data to the extent it is held, processed, disclosed, or published  in a form which cannot be linked or attributed to a living individual (such as anonymized or aggregated data which cannot directly or indirectly be used to identify you or to obtain information about you)  (“Aggregate/Anonymized Data”). We may generate, use, and share Aggregate/Anonymized Data for any purpose, in our sole discretion, subject to applicable law.

2. Information Security and Safeguards

We use commercially reasonable controls that are designed to reasonably safeguard Protected Information consistent with applicable and governing laws.  We employ a combination of administrative, technical, and physical safeguards designed to protect your information against accidental, unlawful, or unauthorized destruction, loss, alteration, access, disclosure, or use. Key measures include:

• Encryption in transit and at rest – All data submitted through public portions of our site travels via TLS/SSL-protected channels; sensitive records stored in our production databases are encrypted using industry-standard algorithms.
• Access controls – Personal data is accessible only to employees or contractors who need it to perform their job duties and who are bound by confidentiality obligations. Role-based permissions and multi-factor authentication are enforced on internal systems.
• Secure infrastructure – Servers are hosted in ISO 27001- or SOC 2-certified facilities with 24/7 physical security, environmental controls, and redundant power and network connectivity.
• Monitoring and logging – We maintain audit logs of system access and regularly review them for suspicious activity.
• Vendor due diligence – Third-party service providers must meet comparable security standards and sign data-protection agreements.
• Employee training – Staff receive regular training on privacy, data-handling, and incident-response procedures.
• Incident response – We maintain an incident-response plan that includes prompt investigation, mitigation, and, where required, notification to affected individuals and regulators.

However, please be aware that no method of electronic transmission or storage is completely secure, and we cannot guarantee the security of your Protected Information.  Accordingly, we make no promise, representation, or warranty regarding the security of your Protected Information or any other information or date collected, stored, used, or transmitted in connection with the Website.

In the event that we become aware of unauthorized access to your Protected Information in a manner that exposes, or risks exposure of, your Protected Information in a manner that is inconsistent with this Privacy Policy, we will satisfy legal obligations to notify you and the other affected users, and display a notification on the Website, consistent and in accordance with our legal duties.  We also reserve the right to cooperate with any individual who pursues legally enforceable rights against data collectors and processors who fail to adhere to the law.

3. Storage of Personally Identifiable Information

Email and form submissions are stored on secure servers that apply the safeguards described above. Although we use best-effort practices to remove outdated records, system backups may retain residual copies that are infeasible to erase completely until normal retention cycles overwrite them.

4. Information Choices and Changes

You may:

• Opt-out of marketing emails by following the instructions in those messages
• Request that we remove or update your personal data by contacting us via the email address below
• Opt-out of certain third-party analytics cookies (note: deleting cookies, changing browsers, or using a new device will require repeating the opt-out)

Browser-based “do-not-track” signals are not yet uniform; therefore, we may not respond to every such signal.

5. Links to Third-Party Websites

Our site may link to external sites that operate under separate privacy policies. ABMRC is not responsible for the content, security, or privacy practices of those sites. Please review their policies before providing personal information.

6. International Transfers

We may process or store information in the United States or other countries where we or our service providers operate. By using this site, you consent to these transfers, recognizing that data-protection laws may differ from those in your jurisdiction.

7. Merger, Sale, or Bankruptcy

If ABMRC undergoes a business transition such as a merger, acquisition, or sale of assets, personal information may be transferred as part of that transaction. In bankruptcy or similar proceedings, information may be treated like any other business asset.

8. No Error-Free Performance

Despite reasonable efforts, we cannot guarantee error-free performance of this policy. We welcome feedback on any privacy concern and will take prompt action when we discover issues.

9. Your Consent

By using our site, you consent to the collection, use, and security practices described herein. We may update this policy at any time; the “last updated” date will change accordingly.

10. Additional State-Law Privacy Protections

CALIFORNIA CONSUMER PROTECTION ACT (CCPA) AND CALIFORNIA PRIVACY RIGHTS ACT (CPRA)

This section applies to California Residents.

The Protected Information we collect might, depending on the situation, include identifiers, characteristics of protected classifications under California law, commercial information, internet or other network activity information, or inferences drawn from any of the information identified above to create a profile about a consumer reflecting the consumer’s preferences, characteristics, behavior, attitudes, intelligence, abilities and aptitudes. For detailed information on what we collect please review the “Information We Collect and How We Use It” section of this Privacy Policy.

The CCPA provides consumers (California residents) with specific rights regarding their Personal Data. This section describes your CCPA rights and explains how to exercise those rights. Those rights are:

• The right to know
• The right to delete
• The right to opt-out

In accordance with applicable law, we will not discriminate against you for exercising these rights. You can exercise your right, at any time by contacting us via email at marketing@abmrc.com. 

You may only make a verifiable consumer request for access or data portability twice within a 12-month period. The verifiable consumer request must:

• Provide sufficient information that allows us to reasonably verify you are the person about whom we collected Protected Information or an authorized representative.
• Describe your request with sufficient detail that allows us to properly understand, evaluate, and respond to it.

Only you, or someone legally authorized to act on your behalf, may make a verifiable consumer request related to your Protected Information. We cannot respond to your request or provide you with Protected Information if we cannot verify your identity, or authority to make the request, and confirm Protected Information relates to you. We will only use Protected Information provided in a verifiable consumer request to verify the requestor’s identity or authority to make the request.

We will respond to a Request to Opt-Out within 15 days. We will respond to Requests to Delete and Requests to Know within 45 days, unless we need more time, in which case, we will notify you and may take up to 90 days total to respond to your request.

California Do Not Track Disclosure: At this time, ABMRC’s Website does not respond to Do Not Track beacons sent by browser plugins as there is not yet a common agreement about how to interpret Do Not Track signals from browsers.  However, you may delete or refuse cookies, though taking such action may limit your ability to use the Website fully.

OTHER STATE CONSUMER PRIVACY LAWS

Other states also have enacted comprehensive consumer privacy laws that include additional provisions and protections that may apply if you reside in any of those states, including the following state laws:

The Colorado Privacy Act (CPA) (Colo. Rev. Stat. Ann. § 6-1-1308(1);

The Connecticut Act Concerning Personal Data Privacy and Online Monitoring (CTDPA) (Conn. Gen. Stat. Ann. § 42-520(c)-(e);

The Delaware Personal Data Privacy Act (DPDPA) (6 Del. C. § 12D-106(c)-(e) (effective January 1, 2025);

The Florida Digital Bill of Rights (FDBR) (§§ 501.711 and 501.715(2), Fla. Stat. (effective July 1, 2024);

The Indiana Consumer Data Protection Act (INCDPA) (Ind. Code §§ 24-15-4-3 to 24-15-4-5 (effective January 1, 2026);

The Iowa Consumer Data Protection Act (ICDPA) (Iowa Code Ann. § 715D.4(5)-(7) (effective January 1, 2025);

The Montana Consumer Data Privacy Act (MCDPA) (Mont. Code Ann. § 30-14-2812(5)-(6) (October 1, 2024);

Nevada Rev. Stat. 603A: Security and Privacy of Personal Information;

The Oregon Consumer Privacy Act (OCPA) (Section 5(4), 2023 Or. Laws Ch. 369 (SB 619) (effective July 1, 2024);

The Tennessee Information Protection Act (TIPA) (T.C.A. § 47-18-3305(c)-(e) (effective July 1, 2025);

The Texas Data Privacy and Security Act (TDPSA) (Tex. Bus. & Com. Code Ann. § 541.102 (effective July 1, 2024);

The Utah Consumer Privacy Act (UCPA) (Utah Code § 13-61-302(1) (effective December 31, 2023);

The Virginia Consumer Data Privacy Act (VCDPA) (Va. Code Ann. § 59.1-578(C)-(E);

These state laws may include additional provisions governing disclosure of your personal information, including provisions governing the following:

• Personal data categories collected or processed;
• Processing purposes;
• Personal data categories shared with third parties, if any;
• Categories of third parties with whom we share personal data, if any;
• The sale of personal data to third parties or processes personal data for targeted advertising and how you may exercise the right to opt out of this processing; and
• How you may exercise your consumer rights, including how to submit requests and, when available, appeal a controller’s decision.

We will comply with legally required requests in accordance with any of these laws that govern your data.  If you have any such requests, or questions about these issues, please contact us via email at marketing@ambrc.com.

11. Children Under the Age of 18

The following applies to persons under 18 years of age (children) who have not secured parental authorization, consent, and monitoring to use our Website as expressly agreed by parents and children in our Website terms and conditions. In the absence of such expressly agreed and accepted parental authorization, consent, and monitoring:

No one under age 18 may provide any Protected Information to or on the Website. We do not knowingly collect Protected Information from children. If you are under 18, do not use or provide any information on the Website, through any of its features, register on the Website, make any purchases through the Website, use any of the interactive or public comment features of this Website, or provide any information about yourself to us, including your name, address, telephone number, email address, or any screen name or user name you may use. If we learn we have collected or received personal information from a person under 18 without verification of parental authorization, consent, and monitoring, we will delete that information. If you believe we might have any information from or about a person under 18, please contact us at marketing@abmrc.com.

12. Changes to Our Privacy Policy

It is our policy to post any changes we make to our Privacy Policy on this page.  If we make material changes to how we treat our users’ personal information, we will notify you through a notice on the Website home page.  The date the Privacy Policy was last revised is identified at the top of the page. You are responsible for ensuring we have an up-to-date active and deliverable email address for you, and for periodically visiting our Website and this privacy policy to check for any changes.

13. Medical Disclaimer

THE CONTENT (AS DEFINED BELOW) AVAILABLE THROUGH THIS SERVICE, OR COMMUNICATED TO YOU DIRECTLY OR THROUGH AN APPLICATION, WEBSITE, TOOL, TEXT (SMS MESSAGE), EMAIL, OR OTHER METHOD, IS FOR INFORMATIONAL AND EDUCATIONAL PURPOSES ONLY AND IS NOT A SUBSTITUTE FOR THE PROFESSIONAL JUDGEMENT OF A HEALTHCARE PROFESSIONAL IN DIAGNOSING AND TREATING PATIENTS. ABM RESPIRATORY CARE DOES NOT, THROUGH THIS SERVICE OR ITS AVAILABLE FUNCTIONS, PROVIDE MEDICAL ADVICE, NOR DOES IT PROVIDE MEDICAL PRESCRIPTIONS, TREATMENTS, OR DIAGNOSTIC SERVICES. ADDITIONALLY, THE USE OF THE CONTENT OBTAINED THROUGH THIS SERVICE, AND INFORMATION PROVIDED BY ABM RESPIRATORY CARE IN CONNECTION WITH YOUR USE OF THE SERVICE OR THE PRODUCTS, DOES NOT ESTABLISH A CLINICIAN-PATIENT RELATIONSHIP. DO NOT RELY ON THIS SERVICE TO DIAGNOSE OR TREAT ANY HEALTH CONDITION.

We do not provide advice to you on any issues relating to medical treatment, diagnosis or clinical support (and advice does not form part of the Service) and the Content and the Service is intended solely as a resource and informational tool. Always seek the advice of a physician or other qualified health provider for any questions you may have regarding a medical condition. Never disregard professional medical advice or delay in seeking it because of something you have seen or read on this Service or through an application, tool or Website of this Service. We are not medical professionals and will not discuss with you, or advise you on, any issues relating to medical treatment or diagnosis.

Subject to and without limiting the foregoing, ABM Respiratory Care has no involvement in, and/or responsibility or liability for, your communications with any provider or any third parties (including other providers), even if such communications occur through the Website, Products, and/or Services.   

Although ABM Respiratory Care attempts to ensure the integrity and accuracy of the Products, Services, the Website, and Content, it makes no representations, warranties, or guarantees whatsoever as to the correctness or accuracy of information set forth therein. 

Contact Information

You may contact us at marketing@ambrc.com if you have questions or concerns about our Website or this Privacy Policy.