July 5, 2023

Privacy Highlights

This is a summary of how we may use and disclose your information and an overview of some core components of our data handling practices. For more details, please be sure to review our full Privacy Policy below.

Information We Collect

We generally collect the following information:

• Information we receive when you use our Services. We collect Web-Behavior and Mobile Device Information via cookies and other similar tracking technologies when you use and access our website, mobile apps (if any), and other services. See more information about our use of Cookies in our Privacy Policy below.
• Information you share directly with us. We collect and process your information when you use the Application to request a Visit, create an account, login to the account, complete surveys, comment on articles, use messaging features, synchronize the Application with other third-parties and contact our support team. This information can generally be categorized as Registration Information, Self-Reported Information, and/or User Content.

How We Use Information

We generally process Personal Information, for the following reasons:

• To provide our Services. We process Personal Information in order to provide our Services, which includes the creation of customer accounts and authenticating logins, communication with you, facilitating communications (including requests for Visits), providing users with access to their health information, processing payments, and billing users’ insurance carriers.
• To analyze and improve our Services. We constantly work to improve and provide new tools and Services. For example, we are constantly working to improve our Application. We may also need to fix bugs or issues, analyze use of our website or Application to improve the customer experience or assess our marketing campaigns.

Sharing Your Information

We do not share your Personal Information with third parties, except as described in our Privacy Policy or as otherwise disclosed to you. For example, we may share personal information as follows:

• When you give us your consent to do so, including if we notify you on our Application that the information you provide will be shared in a particular manner and you provide such information.
• To your treating Health Care Professionals.
• To third party payors who are financially responsible, or are reasonably believed to be financially responsible, for the Services.
• With contracted vendors, contractors, consultants, and other service providers who are working on our behalf and who require access to your information to carry out their work for us.

Other

• We have adopted commercially reasonable information security policies and practices to help protect your information, but please note that no method of transmitting or storing electronic data is ever completely secure.
• We may revise the Privacy Policy to reflect changes in our practices, in which event we will update the date the Privacy Policy was last modified posted at the top of the Policy.
• For more information about our privacy practices, please review our complete Privacy Policy below.

Privacy Policy

This Privacy Policy discloses the practices of Kalmanovich Dental Corp. The “Practice” is sometimes referred to as “Pearline”, “we” or “us”. We welcome you to use our web application software (the “Application”) and utilize the website and the services provided through the Application (the “Services”). Pearline is committed to respecting your privacy and recognizing your need for appropriate protection and management of Personally Identifiable Information (“PII”) and Protected Health Information (“PHI”) that you share with us. The purpose of this Privacy Policy is to explain the types of information Pearline obtains about users of the Application and/or Services, how the information is obtained, how it is used, how it is disclosed, how you can get access to this information, and the choices you have regarding our use of, and your ability to review and correct, the information. By using the Application and/or the Services, you are accepting and consenting to the use of your information as described in this policy. We will not accept any PII or PHI from you prior to providing you with this Privacy Policy. Please review this Privacy Policy carefully. Please note, Kalmanovich Dental Corp is an administrative and technology service provider that owns the Pearline Health Application. Kalmanovich Dental Corp has entered into a contract with the Practice to provide the capability to receive, respond to and schedule requested Visits. Kalmanovich Dental Corp does not provide any health care services, nor does it refer or recommend any health care providers or personnel. This Privacy Policy specifically applies to how Pearline collects, uses, and discloses the information you provide or that we obtain with your consent as a result of your use of the Application or your enrollment as a registered user with Pearline. This Privacy Policy does not apply to protected health information provided by you to Pearline Health, which is covered by the Notice of Privacy Practices that you received upon registration. 1. Information That You Give Us When you create an account on the Application (“Enroll”), we collect personal information that can identify you (“PII”), such as your full name, email address, mailing address, telephone number, and credit card information for payment. In addition to PII, Pearline may also collect your PHI or PHI of an individual for whom you are requesting health services. For example, when you use the Application to transmit a request for dental services (a “Visit”), you will need to provide additional health information so that the Pearline can assess the request. Another example of how Pearline may obtain your PHI and/or PII is when you grant permission for other third-parties to share your information directly with Pearline. Ultimately, the information that Pearline collects varies depending upon how you use our Services and what permissions you give to us and other third-parties that also collect your PII and/or PHI. We will not use any PHI for any other purpose without your explicit authorization, or unless otherwise permitted or required by law. You may revoke, in writing, any such authorization at any time, except to the extent we have taken action in reliance thereon. Kalmanovich Dental Corp has no authority to access, delete or modify any portion of Pearline’s medical records of its patients except as an agent of the Pearline and in compliance with applicable law. WE DO NOT KNOWINGLY ENROLL OR COLLECT INFORMATION DIRECTLY FROM CHILDREN UNDER THE AGE OF EIGHTEEN. Please keep in mind that certain features on the Application may give you an opportunity to interact with us and others. These may include forums, message boards, chats, creating community profiles, and rating, tagging and commenting on articles. When you use these features you should be aware that any information you submit, including your name, location, health issues, and email address, may be publicly available to others. We do not protect the privacy of and are not responsible for your disclosure of any information through these interactive features, including, but not limited to information that you might post related to a minor. Also, whenever you voluntarily disclose anyone’s personal information on publicly-viewable web pages, that information can be collected and used by others. For example, if you post your email address, you may receive unsolicited messages. We cannot control who reads your posting or what other users may do with the information that you voluntarily post, so we encourage you to exercise discretion and caution with respect to information you choose to disclose through these interactive features. When an individual chooses to post information that will be publicly disclosed, he or she is responsible for all legal consequences. We are not responsible under any data protection laws for information that you voluntarily post on a site that can be accessed by others. If you believe that we have violated your privacy rights, you should contact us at the mailing address or e-mail address provided below. You may also file a complaint with the government. See http://oag.ca.gov/contact/consumer-complaint-against-business-or-company for more information. 2. Other Information We Collect. Cookies. Our Application or website may use cookies and other technologies to collect information. Cookies are small bits of information that our websites place on the hard drive of your computer. We may use cookies to facilitate your login processes; allow you to personalize and store your settings; collect usage information; determine our total audience size and traffic; and help us improve our sites by measuring which areas are of greatest interest to users. Tracking and/or Analytics Services. We may use mobile application tracking and/or analytics services. These services may record unique mobile gestures such as tap, double-tap, zoom, pinch, scroll, swipe and tilt but do not collect personally identifiable information that you do not voluntarily enter in the Application. These services do not track your browsing habits across mobile applications that do not use the same services. We are using the information collected by these services to understand user behavior and optimize site performance. Web Beacons. We may also use web beacons (invisible images often referred to as pixel tags or clear GIFs) in order to recognize users and assess traffic patterns, and we may include web beacons and cookies in our email messages in order to count how many email messages have been opened. Non-Personally Identifiable Information. We also may collect Non-Personally Identifiable Information that is not health information in the form of statistics and information regarding the Application user’s statistics and metrics obtained from third party devices which may be combined with personal information you submit to us so that you can fully enjoy the benefits of the Application’s tracking, monitoring, and diagnostic tools. 3. How We Use Your Information. Subject to this Privacy Policy, the Terms of Service, and applicable terms and conditions of third-party applications, all data transmitted through the Application is owned by Pearline. To the extent Pearline is precluded from owning data transmitted through the Application, you grant Pearline a perpetual, worldwide, royalty-free license to use such data (with the exception of PHI) to the extent necessary to enable use of the Application and Services. Generally, we may use information in the following ways:

• For the purposes for which you specifically provided it including, without limitation, to enable us to process your registration, provide the Services or other requests.
• To transmit a request for a Visit per your request.
• To send you information about your relationship or transactions with us.
• To notify you about our products, services, and special offers, except that we will not use PHI for marketing purposes without your prior written consent.
• To otherwise contact you with information that we believe will be of interest to you.
• To enhance or develop features, products and services. To allow us to personalize the content that you and others see on the Application.
• To provide advertisers and other third parties with aggregate information about Application users and Application usage patterns.
• To allow other select companies to send you promotional materials about their products and services, provided that no PHI will be used for this purpose without your prior written consent.

We use non-Personally Identifiable Information for purposes such as measuring the number of users of various features of the Application, making the Application more useful to users and delivering targeted advertising and non-advertising content. We may also use Non-Personally Identifiable Information (for example, statistics regarding use and metrics) for research purposes, for marketing and promotional purposes, and to develop new learning tools and solutions and we may share such information with third parties, including researchers and/or advertisers, on an aggregate and anonymous basis. We use IP addresses to analyze trends, administer the Application, track a visitor’s movement, and gather demographic information for aggregate, non-personally identifiable use. You acknowledge that unless you request in writing otherwise, we, in our sole discretion, have the right but not the obligation to store any information, whether PII or otherwise, perpetually, to the extent permitted by law. If you wish for any information about you to be removed from our database, please contact us through the contact information provided below in the “How to Contact Us” section of this Privacy Policy. 4. Sharing Your Information. Except as otherwise described in this Privacy Policy, or if we inform you otherwise at the time of data collection and receive your consent where required, we will not sell, trade, or share your information with third parties. We may share your information as follows:

• With Affiliates: We may share your information with affiliated companies and businesses, provided that your PHI will not be shared for any marketing purposes without your prior written consent, in accordance with applicable law.
• With Service Providers: We may use other companies to perform services including, without limitation, facilitating some aspects of our Application such as processing credit card transactions, sending emails, fulfilling purchase requests, and data analysis on our behalf. These other companies may be supplied with or have access to your information solely for the purpose of providing these services to you on our behalf. Such service providers shall be bound by appropriate confidentiality and security obligations, which may include, as applicable, business associate contract obligations.
• With Business Partners: When you make purchases or engage in promotions offered through our Application, we may share PII, but not your PHI, with the businesses with which we partner to offer you those products, services, and promotions. When you accept a particular business partner’s offer, you authorize us to provide your information to that business partner.

Special Circumstances: We also may disclose your information:

• In response to a subpoena or similar investigative demand, a court order, or other request from a law enforcement or government agency where required by applicable law.
• When disclosure is required or allowed by law in connection with efforts to investigate, prevent, or take other action regarding illegal activity, suspected fraud or other wrongdoing; to protect and defend the rights, property or safety of Heal, our users, our employees, or others; to comply with applicable law or cooperate with law enforcement; or to enforce the Application’s terms and conditions or other agreements or policies.
• In connection with a corporate transaction, such as the sale of all or a portion of our business, a divestiture, merger, consolidation, or asset sale, or in the event of bankruptcy, as required or allowed by law.

5. Confidentiality of Health Information. The Practice may be subject to laws and regulations governing the use and disclosure of health information they create or receive. Included among them is the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”), the Health Information Technology for Economic and Clinical Health of 2009 (“HITECH”), and the regulations adopted thereunder, and applicable state laws. When Kalmanovich Dental Corp stores, processes, or transmits “individually identifiable health information” (as such term is defined by HIPAA) on behalf of the Practice, Kalmanovich Dental Corp does so as its “business associate” (as also defined by HIPAA). Kalmanovich Dental Corp is prohibited from, among other things, using individually identifiable health information in a manner that the health care provider itself may not. Kalmanovich Dental Corp is also required to, among other things, apply reasonable and appropriate measures to safeguard the confidentiality, integrity and availability of individually identifiable health information we store and process on behalf of such health care providers. For more information regarding our treatment of health information, please see our Notice of Privacy Practices. 6. How to Access or Update Your Information. You have the ability to review and update your personal information by visiting the account management section on the Application. You can also review and update your personal information by contacting us at the email address provided below in the “How to Contact Us” section of this Privacy Policy. 7. How We Protect Your Information. We use commercially reasonable administrative, technical, and physical measures to safeguard your information in our possession against loss, theft and unauthorized use, disclosure or modification. We follow generally accepted industry standards to protect the information submitted to us, both during transmission and once we receive it. No method of transmission over the internet is 100% secure, however. Therefore, while we strive to make all reasonable efforts to use commercially acceptable means to protect your personal information, we cannot guarantee its absolute security. In the unlikely event of a data breach, you will be notified as soon as reasonably possible, in accordance with applicable law. Furthermore, we are not responsible for any breach of security or for any actions of any third parties that receive the information. 8. Changes To Our Privacy Policy. From time to time we may revise this Privacy Policy. If we make revisions that change the way we collect or use your information, those changes will be posted in this Privacy Policy and the effective date will be noted at the end of the Privacy Policy. Therefore, you should review it periodically so that you are up to date on our most current policies and practices. If we make material changes to our practices regarding use of your information, your information will continue to be governed by the Privacy Policy under which it was subject prior to those changes, unless you have been provided notice of, and have not objected to, the changes. 9. Children’s Online Privacy Protection Act. We support and comply with the Children’s Online Privacy Protection Act (COPPA) and we do not knowingly collect information from children under the age of 18, nor do we share such information with third parties. Children under the age of 18 may not use the Application. 10. Links to Third Party Sites. Our Application may contain links to websites or applications operated and maintained by third-parties, over which we have no control. Privacy policies for these third-party sites and applications may be different from our Privacy Policy. You access these third-party sites and applications at your own risk. You should always read the privacy policy of a linked site or applications before disclosing any personal information on such site and/or through such applications. Pearline is not responsible for information you submit to third-parties. 11. For California Residents. The California Consumer Privacy Act (CCPA) and California Online Privacy Practices Act (CalOPPA) provide some California residents with the additional rights listed below. To exercise any of these rights, please follow the instructions listed in this section. Personal Information Collected. We collect information that identifies, relates to, describes, references, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer, household, or device (“personal information”). For purposes of CCPA, “personal information” does not include publicly available information from government records, deidentified or aggregated information, or information excluded from CCPA’s scope (including health information covered by HIPAA or the California Confidentiality of Medical Information Act). More information about the categories of personal information we collect, the sources from which it is collected, the purposes of the collection, and the categories of third parties with whom we share personal information, are described elsewhere in this Privacy Policy. See Section 1 (Information That You Give Us), Section 2 (Other Information We Collect), Section 3 (How We Use Your Information), and Section 4 (Sharing Your Information). In particular, in the past 12 months we have collected the following categories of personal information:

• Identifiers (e.g. name, postal address, online identifier, Internet Protocol address, email address, account name, passport number, or other similar identifiers)
• Personal information categories listed in the California Customer Records statute, Cal. Civ. Code 1798.80(e) (e.g., Social Security number, physical characteristics or description, education, employment, employment history, financial information)
• Protected classification characteristics under California or federal law (e.g. age, race, color, ancestry, national origin, citizenship, religion or creed, marital status, health condition, physical or mental disability, sex, sexual orientation, veteran or military status, genetic information)
• Commercial information (e.g. records of personal property, products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies)
• Biometric information (e.g., genetic, behavioral, and biological characteristics or activity patterns, such as fingerprints or retina scans)
• Internet or other similar network activity (e.g., browsing history, search history)
• Geolocation data (e.g., physical location or movements)
• Sensory data (e.g., audio, electronic, visual, thermal, or similar information)
• Professional or employment-related information (e.g., current or past job history)
• Non-public education information pursuant to FERPA (e.g., educational records maintained by an educational institution)
• Inferences drawn from other personal information (e.g., profile reflecting a person’s preferences, characteristics, trends, behavior)

Right to Know. You have the right to know and see what personal information we have collected about you over the past 12 months, including:

• The categories of personal information we have collected about you;
• The categories of sources from which the personal information is collected;
• The business or commercial purpose for collecting your personal information;
• The categories of third parties with whom we have shared your personal information; and
• The specific pieces of personal information we have collected about you.

Right to Delete. You have the right to request that we delete the personal information we have collected from you (and direct our service providers to do the same). There are a number of exceptions, however, that include, but are not limited to, when the information is necessary for us or a third party to do any of the following:

• Complete your transaction;
• Provide you with the Services;
• Perform a contract between us and you;
• Detect security incidents, protect against malicious, deceptive, fraudulent or illegal activity, and prosecute those responsible for such activities;
• Fix our system in the case of a bug;
• Protect the free speech rights, including the free speech rights of you or other users, or exercise another right provided by law;
• Comply with the California Electronic Communications Privacy Act (Cal. Penal Code § 1546 et seq.);
• Engage in public or peer-reviewed scientific, historical, or statistical research in the public interests that adheres to all other applicable ethics and privacy laws;
• Comply with a legal obligation; or
• Make other internal and lawful uses of the information that are compatible with the context in which you provided it.

Right to Opt-Out of the Sale of Your Personal Information. We do not sell any of your personal information. Right to Non-Discrimination. We will not discriminate against those who exercise their rights under this section. If you exercise your rights, we will not deny you goods or services, charge you different prices or rates for goods or services, or provide you with a different level or quality of goods or services. Other Rights. California Civil Code § 1798.83 permits users of our Services that are California residents to request certain information regarding our disclosure of personal information to third parties for their direct marketing purposes. We do not disclose your personal information to third parties for their direct marketing purposes. However, you are free to make an inquiry with any questions by contacting us in accordance with the “How to Contact Us” section in this Privacy Policy. Exercising these Rights. To request access to or deletion of your personal information, or to exercise any other data rights under California law, please contact us in accordance with the “How to Contact Us” section in this Privacy Policy. Please include your full name, email address, along with why you are emailing us, so that we can verify and process your request in an efficient manner. If we cannot verify your identity from the initial information you provide, we may request additional information from you, which will be used only for the purposes of verifying your identity to assist you with exercising your rights. You may also designate an authorized agent to make a request under this section on your behalf. We may request additional information from you to confirm that the authorized agent has in fact been authorized by you to act on your behalf. Accessing in Alternative Formats. For individuals with disabilities, please contact us in accordance with the “How to Contact Us” section regarding how to access the information in this Privacy Policy in an alternative format. Response Time. We aim to respond to a consumer request for access or deletion within 45 days of receiving a verifiable request. If we require more time, we will inform you of the reason and extension period in writing. Do Not Track Symbols. We do not have the capability to respond to “Do Not Track” signals received from various web browsers at this time. 12. How to Contact Us. If you have any questions, comments or concerns about our Privacy Policy, or if you have a CCPA request, you may contact us at hello@pearlinehealth.com or (323) 230-0047. 13. Effective Date. This Privacy Policy is effective as of the date first listed above.