LifeScience Therapy LLC, a Kansas limited liability company (“LST”), considers you and your child’s privacy to be of utmost importance to us. LST strives to maintain high standards for the protection of you or your child’s privacy on our LST website, or use of LST’s products and software which includes all websites owned and operated by LST (the “LST Tools”). It is a top priority to keep the protected health information you share with us about you or your child secure. Below you will find how LST might use and disclose information about you or your child (the “User”), as applicable, and how you can get access to this information. Please read this statement carefully and thoroughly.   1. Information Collected. 
   a. Personal Information Collected from Users. Below are the ways in which we collect personal information from Users, and for Users under the age of 13, LST will obtain parental consent.
 i. In general, Users may provide the following information to us in the course of using the LST Tool: 
 1. contact information (such as name and email address), 
 2. demographic information (such as age, date of birth, gender), and
 3. Protected Health Information (such as information submitted by a parent or health professional). 
   b. Protected Health Information. The Health Insurance Portability and Accountability Act (HIPAA) has established standards to ensure the privacy of your electronic protected health information. Protected Health Information is information about your past, present, or future health or medical condition. LST maintains full compliance with HIPAA’s privacy and security regulations, and has implemented various administrative, physical and technical safeguards to comply with its provisions. “Protected Health Information” or PHI includes information, whether oral or recorded in any form or medium, that we receive from a User, or a physician (or other health care providers) or that we create on behalf of a physician (or other health care provider), (i) that relates to the past, present or future physical or mental condition of the User; the provision of health care to the User; or the past, present or future payment for the provision of health care to the User; and (ii) that identifies the User or with respect to which there is a reasonable basis to believe the information can be used to identify the User. PHI has the same meaning generally in this Privacy Policy as defined as the term “Protected Health Information” in 45 C.F.R. § 160.103.
 c. Non-Personal Information. When Users interact with us, certain information may be collected automatically, both to make our LST Tools more interesting and useful to Users and for various purposes related to our business, which is considered Non-Personal Information. Examples include (i) the type of computer operating system, (ii) the User’s IP address or mobile device identifier, (iii) the web browser used, (iv) the frequency with which the User visits various parts of our LST Tools, and (v) information regarding the online or mobile service provider. This information is collected using technologies such as cookies, pixel tags, web beacons, and other unique identifiers. This information may be collected by LST or by a third party. Please see the Cookies Section for more detail.
 d. Registration. Users can register to use our LST Tools (among other things) to (i) view, interact with and download content, (ii) view, interact with and download activities, and (iii) view LST Tool notifications. During the registration process, LST may ask the User to provide certain personal information for security purposes and so we can send notices to parents, if applicable, including (i) a parent or guardian’s email address, (ii) the child’s first name and gender, and (iii) the child’s member or account username, and password. We will ask for information to verify a parent’s identity to confirm parental consent. We also may ask for birth dates from children to validate their ages. A User name will be either (i) a random combination of words suggested by our systems, or (ii) a User can select their own user name, or we advise Users not to provide any personal information in their usernames. If a User chooses not to share their personal information with us, this limits their access to certain features. LST will not require a User to provide more information than is reasonably necessary in order to participate in the applications. Also, LST will keep the information consistent with our retention practices – that is to (i) honor the User’s choices, (ii) to fulfill the purposes described in this privacy policy and (iii) to help ensure the security of our users and our services as required or permitted by applicable laws and regulations.
   2. U.S. Children’s Online Privacy Protection Act (COPPA). COPPA applies to information provided online by children under the age of 13 (“child” or “children”). Our parental consent practices are in accordance with COPPA. Consistent with what COPPA requires, we have an age screen in place and we determine that the user is age 12 or under, we will (a) ask for a parent or guardian email address before we collect personal information from the child, (b) offer an age-appropriate experience for the child, consistent with COPPA requirements, or (c) not allow access to those sections or features the LST Tool or application directed to a general interest audience (those age 13 and over). If we discover LST collected information from a child in a manner inconsistent with COPPA’s requirements, we will either delete the information or promptly seek the parent’s consent for that collection of information.
 a. Verifiable Parental Consent. Depending on the website or application, LST may seek different types of parental consent. In each case, when LST asks for consent we will provide notice about the specific activities available to a child through the website or application.
   b. High-Level Parental Consent. LST seeks “high-level” consent from a parent as follows:
 i. by asking for a credit card or other payment method for verification (with a nominal charge involved), or
 ii. by requiring a signed consent form by mail or email attachment, or 
 iii. by requiring verification of a parent’s identity through knowledge-based authentication. 
 We may offer parents the opportunity to use a pin or password in future communications as a way to confirm the parent’s identity.   c. Teacher Consent in Lieu of Parent. For school-based activities, COPPA allows teachers and school administrators to act in the place of parents to provide consent for the collection of personal information from children. Schools should always notify parents about these activities. In some cases, in order that an account is not closed and so that a child can continue to use a website or application outside of the school context, we may ask schools to obtain consent directly from a parent instead of and/or in addition to providing consent in the place of a parent. For more information on parental rights with respect to a child’s educational record under the U.S. Family Educational Rights and Privacy Act (FERPA), please see the FERPA section below.
   d. Parent Choices and Control. At any time, parents can (i) refuse to permit LST to collect further personal information from their children in association with a particular account and (ii) request that LST delete from our records the personal information LST has collected in connection with that account. Please keep in mind that a request to delete records may lead to a termination of an account, membership, or other service and that any content saved in that account may no longer be accessible. Where a child under 13 has registered for an account, LST uses two methods to allow parents to access, change, or delete the personally information that we have collected from their children: parents can request access to and delete their child’s personal information by logging into the parent’s moderator account, or parents can contact us to request access, a change, or delete their child’s personal information by sending an email to us at: info@lifesciencetechnologies.com. In any correspondence such as e-mail, please include: (i) the name of the LST Tool, (ii) the User’s username, (iii) the parent’s email address and telephone number and (iv) to protect a child’s privacy and security, we will take reasonable steps to help verify a parent’s identity before granting access to any personal information.
 e. Education and FERPA. If you are using our applications through a school program, your personal information may be subject to the Family Educational Rights and Privacy Act (FERPA). LST has included information here that is most relevant to our products and services when they are used by schools that are subject to FERPA. You can look at the U.S. Department of Education website for more information. FERPA is a United States law that provides certain rights with respect to student education records and personal information associated with those records. Parents exercise these rights on behalf of their children under 18. These rights transfer to the student when he or she reaches the age of 18 or attends a school beyond the high school (12th grade) level, known as “eligible students”. FERPA gives parents and eligible students certain rights (subject to limitations), including (i) the right to inspect and review the student's education records maintained by the school and (ii) the right to request that a school correct records which they believe to be inaccurate or misleading. As a general rule, schools subject to FERPA must have written permission from the parent or eligible student in order to release any information from a student's education record. However, under certain circumstances schools are allowed to disclose records without consent, including under the following conditions:
 i. to school officials with legitimate educational interest, which includes vendors providing services to schools,
 ii. to other schools to which a student is transferring,
 iii. directory information (subject to an opt-out), and
 iv. appropriate officials in cases of health and safety emergencies.
 Schools are required to notify parents and eligible students annually of their rights under FERPA. Each school can choose how to provide notification such as sending a special letter or including the information in a student handbook. We help schools comply with their obligations under FERPA in various ways. This can include obtaining consent directly from a parent or eligible student and providing them with direct access to relevant information within our applications, or providing schools with the ability to manage parent or eligible student requests. 3. HIPAA. The Health Insurance Portability and Accountability Act, Public Law 104-191, became law in 1996. Frequently termed HIPAA, it was designed to (a) simplify processing and distribution of medical information – which includes claims, enrollment, payment advice, (b) improve the portability of health insurance by removing penalties for changing jobs, (c) give patients access to their own medical information, and (d) protect patient data that is stored, processed, or transmitted. The Administrative Simplification portion of the Act went into effect in 2002 and it covers (a) electronic transactions: standards for the electronic exchange of administrative and financial healthcare transactions, (b) security: confidentiality, integrity, and availability of individual health information, (c) privacy: protection of personal health information, (d) code sets: sets of codes used for encoding data elements, such as tables of terms, medical concepts, medical diagnostic codes, or medical procedure codes, (e) identifiers: unique identification numbers for health care providers (NPI, National Provider Identifier) and employers (EIN, Employer Identification Number) for use in healthcare transactions. Entities that use, store, or transmit individually identifiable healthcare data are subject to HIPAA regulations (including physician practices, healthcare facilities, other healthcare providers, health plans, and healthcare clearinghouses). Be assured LST understands the nature of these requirements and follows all provisions of HIPAA.
   4. Safe Harbor Privacy Policy Measures to Safeguard Your Protected Health Information. It is LST’s policy never to share nonpublic protected health information with nonaffiliated third parties. We restrict access to only those LST affiliates, subsidiaries, employees and contractors who need to know this information in order to provide you with LST’s products and services, and who are under an obligation to keep such information confidential. We also maintain physical, electronic, and procedural safeguards that comply with federal and state regulations to protect your information. In addition, LST internally utilizes non-identifying personal information for the proper management, administration and development of our products and services. Unless you specifically consent to a disclosure, your or your child’s protected health information will not be sold, shared, licensed, or rented to third parties.
   5. Use of Collected Information.
   a. Disclosing Your Protected Health Information. While it is LST’s policy never to share nonpublic protected health information with nonaffiliated third parties, LST may use your protected health information for a number of reasons as detailed below.
 i. Treatment: We may disclose your protected health information to doctors, nurses, and other licensed healthcare personnel who are involved in providing your healthcare services upon your prior written authorization for you or your child.
 ii. Payment: We may use or disclose your information to assist in obtaining payment for healthcare services rendered to you or your child.
 iii. For Healthcare Operations: We may disclose your information or your child’s information in the course of administering our various healthcare services.
 iv. Care Reminders: We may use your contact information to remind or notify you of the benefits of a health service.
 v. Legal Requirements: If necessary, we may be legally required to disclose your protected health information to comply with applicable laws, regulations, search warrants, subpoenas, discovery requests, or court orders
 1. in response to a law enforcement or public agency’s (including schools or children services) request, 
 2. if we believe disclosure may prevent the instigation of a crime, facilitate an investigation related to public safety or protect the safety of a child using our LST Tools or applications, 
 3. to protect the security or integrity of our LST Tools, applications, and other technology, as well as the technology of our service providers, or
 4. to enable us to take precautions against liability.
 vi. Other Uses and Disclosures: We may use medical information for other disclosures; however, this will only be done with your prior written authorization.
 vii. Service Providers: LST may share information with our service providers if necessary for them to perform a business, professional, or technology support function for us.
   b. Disclosing Your Non-Personal Information. Because Non-Personal Information does not personally identify you, LST may use and disclose Non-Personal Information for any purpose whatsoever. In some instances, we may combine Non-Personal Information with Personal Information (such as combining your name with your geographical location). If we combine any Non-Personal Information with Personal Information, the combined information will be treated by us as Personal Information as long as it is combined. Further, Non-Personal Information, as explained above, may be used by LST for LST’s internal purposes, in order to (i) provide Users with access to features and activities on the LST Tools, (ii) customize content and improve our LST Tools, (iii) conduct research and analysis to address the performance of our LST Tools, and (iv) generate aggregated or de-identified reporting for use by LST. In the event we collect (or allow others to collect) such information from Users on our LST Tools and applications for other purposes, we will notify Users or parents and obtain consent from parents if applicable prior to such collection.
   6. Your Rights Regarding Your Protected Health Information.  You have the following rights regarding your protected health information:
 a. Right to Inspect and Copy: Upon written request, you have the right to inspect your health information.
 b. Right to Amend: If you feel there is a mistake or oversight in any of our records, you may request in writing that we amend your information.
 c. Right to Previously Disclosed Information: You may request a list of when, to whom, and for what purpose your information has been released over a six year period.
 d. Right to Receive Notice: You have the right to receive a paper copy of this privacy notice and/or an electronic copy by email upon your request.
 e. Right to Revoke Notice: You have the right to revoke prior authorizations to disclose your information upon written notice to LST.
 f. Right to Request Restrictions on Certain Uses & Disclosures: You may request that we restrict the disclosure of certain confidential information, subject to various limitations.
 g. Right to Receive Protected Health Information by Alternative Means or in Alternative Locations: You have the right to request that your protected health information be provided by alternative means or at alternative locations.
 h. Right to know LST’s liability in cases of onward transfers to third parties.
   7. California Privacy Rights. If you want to restrict how LST uses your information or how we disclose your information or your child’s information to third parties, or have other questions about this Privacy Policy, you may submit your request online. California residents may have certain additional rights, including the right to information about how personal information is shared with third parties for the third parties' direct marketing purposes during the preceding calendar year. Please be aware that we do not share your information with non-affiliated third parties for any third party direct marketing purposes. We may share personal information with affiliated entities that share the same brand name as LST. If you are a California resident, you have the right to submit a request to receive, with respect to such affiliated third parties that share the same brand name as LST, the following information: (a) the categories of information LST disclosed to such affiliated entities; and (b) the overall number of affiliated companies that share the same brand name. You may contact us for such information by submitting your request online.
   8. Cookies. LST uses “cookie” technology to obtain usage information when you visit our website. "Cookies" are small computer files we transfer to your computer's hard drive that measure the number of times you visit the website and in what capacity. If you wish to disable this feature, please consult the user manual of your computer's operating system. However, please note that disabling this feature may prevent you from utilizing certain features on LST website. Also, please remember that cookies do not identify a specific user and are not used to collect any personal information.
   9. Changes. This privacy notice may be revised from time to time. Any new notice will be effective immediately for any and all confidential information we maintain. Upon revision, this notice will be available upon request and displayed prominently on our website and in our office locations. For more information on your rights regarding protected health information, please contact LST at info@lifesciencetechnologies.com.