PRIVACY POLICY

_{Last updated: January 11, 2022}

Information We Collect

1. Information You Provide to Us

_{We collect information from you through:}

• Account and product registration and administration of your account

• Processing your orders and requests for treatment

• Questions, communications, or feedback you submit to us

• Your participation in research and surveys

• Requests for customer support and technical assistance

• Uploads or posts to the Services

• Employment applications you submit

_{The types of data we collect directly from you includes:}

• Name, address, telephone number, date of birth, and email address

• Information about your medical conditions, treatment options, physician referrals, prescriptions, and lab results

• Log-in credentials, if you create an account

• Billing information and payment details

• Information about purchases or transactions

• Customer service interaction information

• Demographic information

• User-generated content you post publicly

2. Information We Collect Through Automated Means

_{We collect information about your use of the Services and devices, including:}

• IP address and browser information

• Operating system and device identifiers

• Usage patterns and preferences

• Location information

• Cookies and similar tracking technologies

3. Information We Collect From Social Media

_{When you interact with us on social media, we may collect:}

• Your name and contact information

• Comments and content you post

• Information from your public profile

How We Protect Your Information

_{Middle Tennessee Digital Research, Inc. takes technical and organizational security measures to protect your information, including:}

• Encryption of sensitive data

• Secure data storage systems

• Access controls and authentication

• Regular security assessments

HIPAA PRIVACY STATEMENT

_{Effective Date: August 8, 2023Notice of Privacy Practices for Protected Health Information (PHI)This Notice of Privacy Practices ("Notice") describes how Middle Tennessee Digital Research, Inc. ("we", "us", or "our") may use and disclose your Protected Health Information (PHI) to carry out treatment, payment, or healthcare operations and for other purposes that are permitted or required by law. This Notice also describes your rights regarding your PHI. We are required by law to maintain the privacy of your PHI, provide you with this Notice of our legal duties and privacy practices, and to abide by the terms of this Notice.}

Uses and Disclosures of PHI

_{We may use and disclose your PHI for the following purposes:}

a. Treatment

_{We may use and disclose your PHI to provide, coordinate, or manage your healthcare and related services. This may include communication with other healthcare providers about your treatment and coordinating your care with other providers.}

b. Payment

_{We may use and disclose your PHI to obtain payment for healthcare services provided to you. This may include contacting your insurance company to verify your coverage, billing and collection activities, and sharing PHI with other healthcare providers, insurance companies, or collection agencies.}

c. Healthcare Operations

_{We may use and disclose your PHI for healthcare operations, including quality assessment, improvement activities, case management, accreditation, licensing, credentialing, and conducting or arranging for medical reviews, audits, or legal services.}

d. As Required by Law

_{We may use and disclose your PHI when required to do so by federal, state, or local law.}

e. Public Health and Safety

_{We may use and disclose your PHI to prevent or control disease, injury, or disability, to report child abuse or neglect, to report reactions to medications or problems with products, and to notify persons who may have been exposed to a communicable disease or may be at risk of spreading a disease or condition.}

f. Health Oversight Activities

_{We may disclose your PHI to health oversight agencies for activities authorized by law, such as audits, investigations, inspections, and licensure.}

g. Judicial and Administrative Proceedings

_{We may disclose your PHI in response to a court or administrative order, subpoena, discovery request, or other lawful process.}

h. Law Enforcement

_{We may disclose your PHI for law enforcement purposes, such as to report certain types of wounds or injuries, or to comply with a court order, warrant, or other legal process.}

i. Research

_{We may use and disclose your PHI for research purposes when the research has been approved by an institutional review board and privacy protections are in place.}

j. Organ and Tissue Donation

_{If you are an organ donor, we may disclose your PHI to organizations that handle organ procurement, transplantation, or donation.}

k. Workers' Compensation

_{We may disclose your PHI for workers' compensation or similar programs that provide benefits for work-related injuries or illnesses.}

l. Military and Veterans

_{If you are a member of the armed forces, we may disclose your PHI as required by military authorities.}

m. Inmates

_{If you are an inmate, we may disclose your PHI to the correctional institution or law enforcement official having custody of you.}

Your Rights Regarding PHI

_{You have the following rights with respect to your PHI:}

a. Right to Inspect and Copy

_{You have the right to inspect and copy your PHI that we maintain, with certain exceptions. To request access, submit a written request to our Privacy Officer. We may charge a reasonable fee for the costs of copying, mailing, or other supplies associated with your request.}

b. Right to Amend

_{You have the right to request an amendment to your PHI if you believe it is incorrect or incomplete. To request an amendment, submit a written request to our Privacy Officer, specifying the information you believe is incorrect and why. We may deny your request if we believe the information is accurate and complete, or if we did not create the information.}

c. Right to an Accounting of Disclosures

_{You have the right to request an accounting of disclosures of your PHI made by us in the past six years, except for disclosures made for treatment, payment, or healthcare operations, and certain other disclosures. To request an accounting, submit a written request to our Privacy Officer.}

d. Right to Request Restrictions

_{You have the right to request a restriction on our use or disclosure of your PHI for treatment, payment, or healthcare operations. We are not required to agree to your request but will consider it. To request a restriction, submit a written request to our Privacy Officer, specifying the restriction you are requesting and to whom it applies.}

e. Right to Request Confidential Communications

_{You have the right to request that we communicate with you about your PHI in a certain way or at a certain location. To request confidential communications, submit a written request to our Privacy Officer, specifying how or where you wish to be contacted.}

f. Right to a Paper Copy of This Notice

_{You have the right to receive a paper copy of this Notice, even if you have agreed to receive it electronically. To obtain a paper copy of this Notice, contact our Privacy Officer.}

g. Right to be Notified of a Breach

_{You have the right to be notified in the event that we discover a breach of your PHI.}

Transmission of PHI

_{We are committed to protecting the privacy of your PHI and will ensure that any electronic transmission of PHI complies with the Health Insurance Portability and Accountability Act (HIPAA) Privacy Rule (45 CFR 164). This includes the use of Secure-Socket Layer (SSL) or equivalent technology for the transmission of PHI, as well as adherence to all applicable security standards for online transmissions of PHI.}

Changes to This Notice

_{We reserve the right to change this Notice and the revised Notice will be effective for PHI we already have about you, as well as any information we receive in the future. We will post a copy of the current Notice in our office and on our website. The Notice will contain the effective date on the first page.}

Complaints

_{If you believe your privacy rights have been violated, you may file a complaint with our Privacy Officer or with the Secretary of the Department of Health and Human Services. You will not be retaliated against for filing a complaint.}

Contact Information

_{To exercise any of your rights, or if you have any questions about this Notice or our privacy practices, please contact our Privacy Officer at:Middle Tennessee Digital Research, Inc.519 W 22nd St Suite 300Sioux Falls, SD [email protected]://www.bonerpills.comThis Notice is provided in accordance with the Notice of Privacy Practices for Protected Health Information from the Department of Health and Human Services' Model and is applicable across all US states.}

California Residents

_{In addition to the rights described above, California residents have additional rights under the Confidentiality of Medical Information Act (CMIA), including:}

• Right to access PHI in electronic format

• Right to restrict certain disclosures to health plans

• Additional protections for minors' rights

• Restrictions on marketing and sale of PHI

State-Specific Provisions

_{We comply with additional privacy laws in various states including New York, Texas, Florida, Illinois, and Massachusetts, which provide enhanced protections for mental health records, HIV-related information, and genetic testing results.Last updated on August 8, 2023}