Legal Notices

MEDIFAST, INC. PRIVACY POLICY

I. ABOUT THIS PRIVACY POLICY AND USING OUR SITES AND TOOLS

This Privacy Policy applies to the Medifast1.ca/privacy.jsp. and Medifastmd.ca/privacy.jsp. websites, as provided by Medifast Nutrition Inc. (the “Company”). Within this privacy policy, the names “Medifast1.ca/privacy.jsp” and “Medifastmd.ca/privacy.jsp” are collectively referred to as the “Sites”. The Sites pertain to any and all websites hosted and/or operated by the Company and its parents, subsidiaries and affiliates, including co-branded, product and divisional websites.

The Company is committed to the protection of your personal information and this Privacy Policy (the “Policy”) describes how we collect, use and disclose personal information relating to you. If you do not agree to this Policy and/or do not want information about you to be used in the manner set forth in this Policy, please do not continue to visit or to use our Sites.

Please note that certain Company operations are located in the United States. In addition, certain personal information may be collected, used, disclosed and may be processed through our service providers, including through Jason Pharmaceuticals, Inc. Personal information, including personal health information that you may provide to us, may be collected, used, disclosed or stored in the United States or country other than Canada and may be stored on cloud servers. Personal information may be accessed by regulatory and law enforcement authorities in the jurisdiction(s) in which the personal information is collected, used, stored and disclosed.

While you may use some of the functionality of the Sites without registration, some of the specific tools and services on the Sites require registration such as for order placement and to process your order. If you use the Sites without registering, the only information we collect will be non-personal information through the use of cookies or web beacons (as described below). If you choose to register with the Sites for certain services such as for order placement and to process your order, you will be required to submit certain personal information. Depending on the tool or service you have selected, we may also collect personal health information relating to you. You are responsible for ensuring the accuracy of the personal information including any personal health information that you submit to the Company through the Sites. Inaccurate information may affect the information you receive when using our Sites and tools and our ability to contact you as contemplated in this Policy. Please update your personal information with us as necessary in order that we may continue to communicate with you and to provide you with the services that you have requested. For example, your email address should be kept current because that it is how we communicate with you.

II. PERSONAL INFORMATION WE COLLECT ABOUT YOU

Personal information is information that identifies you or that may be used in connection with other information to identify you. We collect personal information that you provide to us when you register as a member on the Sites and/or when you update your member profile with us.

We collect personal information from you including:

  • your name, mailing address, billing address and e-mail address and other contact information;
  • financial information including your credit card number; and
  • personal information about your experience with the Company relating to your weight-loss journey and/or your opinion or views about our products.

We use the personal information that you provide to:

  • respond to your questions;
  • provide you the specific services you select;
  • process your payment for products that your purchase from us;
  • send you the products that you have purchased from us;
  • send you emails about website maintenance and updates;
  • administer and manage the Company’s operations;
  • respond to requests for information and other inquiries from you concerning our products or services;
  • administer and manage contests or promotions;
  • investigate breaches or potential breaches of applicable laws;
  • respond to requests from regulatory agencies;
  • pursue payment delays;
  • comply with legal and regulatory requirements;
  • enforce or protect our rights;
  • in connection with a commercial transaction including a transaction involving the sale or transfer of our business;
  • administer our marketing plan;
  • meet or fulfill other purposes permitted or required by law; and
  • inform you of significant changes to this Policy.

A. Emails You Send to the Company

This Privacy Policy does not protect you when you send content, business information, ideas, concepts or inventions to the Company or through the Sites or by email. If you want to keep content or business information, ideas, concepts or inventions private or proprietary, do not send them in an email to the Sites. We try to answer every email within 48 business hours, but are not always able to do so.

B. Website Registration and Interactive Tools on the Sites

After you have registered as a member of the Sites, you may choose to use certain interactive content, tools and services that may ask you to voluntarily provide other types of information about yourself including personal health information. In such cases, you may choose which, if any, information you wish to provide to the Sites.

C. Children

We are committed to protecting the privacy of children. We do not knowingly collect information from any person we actually know is under the age of 13. The Sites do not sell products for purchase by children. If you are under the age of majority in the province or territory in which you reside, do not continue to use the Sites and do not purchase products from the Company.

D. Health Care Providers

If you are a healthcare provider, do not send personal information or personal health information relating to any patient to the Company unless you have direct consent from patient to do so. Healthcare providers are responsible for ensuring they have policies and procedures in place to ensure compliance with all applicable privacy laws and regulatory and ethical requirements and codes of conduct.

Health care providers purchasing products from the Company for use with their patients are also bound by the terms and conditions of their agreement with the Company including all terms and conditions relating to the protection of personal information and compliance with all laws governing the collection, use and disclosure of personal information including personal health information.

E. Market Research

From time to time the Company marketing department, or operations contractors acting on its behalf, may conduct online research surveys in order to gather feedback about the Sites through email invitations, pop-up surveys or online focus groups. When participating in a survey, we may ask you to submit personal information. You may choose whether or not you wish to participate in such a survey and whether, and if so to what extent, you wish to provide any personal information in response to a research survey. This personal information is used for research purposes, and is not used for sales solicitations. Your ability to use the Sites and/or to order products through the Sites is not affected by your decision as to whether or not you wish to participate in a survey.

When a third party sponsors a survey, the survey responses are aggregated and anonymized before the survey results are reported to the sponsor. Aggregate data does not contain any information that could be used to identify or to contact you. Any personal information collected through market research will only be used by the Company and its operations contractors and will not be given or sold to a third party without your consent as outlined in Section III below.

III. DISCLOSURE OF YOUR INFORMATION

Except as set forth in this Policy or as specifically agreed to by you, the Company will not disclose any personal information including personal health information it collects from you on our Sites. We may release personal information including personal health information to third parties to:

  • comply with valid legal requirements such as a law, regulation, search warrant, subpoena or court order;
  • in response to a regulatory requirement that is binding on the Company; or
  • in special cases, such as in order to report, respond to or address an issue of public safety or a physical threat to you or others.

In the event that we are legally compelled to disclose your personal information including your personal health information to a third party, we will attempt to notify you unless doing so would violate the law or court order. In addition, we may disclose personal information as described below.

Company operations and maintenance contractors sometimes have limited access to personal information including personal health information in the course of providing products or services to the Company or for the Sites. These contractors include vendors and suppliers that provide the Company with technology, services, and/or content related to better operation and maintenance of our Site. Access by these contractors to the personal information including personal health information that you may have provided to us is limited to the information reasonably necessary for the contractor to perform its limited function for the Company and the Sites. The Company also contractually requires that our operations and maintenance contractors:

  • protect the privacy of your personal information including your personal health information consistent with this Policy; and
  • not use or disclose personal information including personal health information for any purpose other than providing the Company with products and services.

IV. HOW THE COMPANY HANDLES PRIVACY AND SECURITY INTERNALLY

We are committed to the secure retention of your personal information including any personal health information. Set out below are some of the security measures that we use to protect your privacy. By way of example, we

  • require both a personal username and a password in order for users to access their personal information including any personal health information;
  • use firewalls to protect information held in our servers;
  • utilize encryption in transmitting personal information including personal health information to our servers;
  • closely monitor the limited number of Company employees who have potential access to your personal information including personal health information;
  • require all Company employees to abide by our Policy;
  • back-up our systems to protect the integrity of your personal information including personal health information;
  • provide secure messaging within the Site so that information related to your personal health is sent through a secure, encrypted connection; and
  • process all card transactions via encrypted channels.

Despite the Company’s efforts to protect your personal information including your personal health information, there is always some risk that an unauthorized third party may find a way around our security systems or that transmissions of your information over the Internet will be intercepted. You are responsible for ensuring you have created a strong password and for keeping that password secure. Do not share your password with any other person and do not write that password down.

V. NON-PERSONAL INFORMATION WE COLLECT ABOUT YOU

Even if you do not register with the Sites, certain non-personal information relating to the use of the Sites, special promotions and newsletters may be collected.

A. Cookies

We collect non-personal information about your use of the Sites and your use of the websites of selected sponsors and advertisers through the use of Cookies. The Site assigns every computer a different Cookie. The information collected by Cookies (i) helps us dynamically generate advertising and content on web pages or in newsletters, (ii) allows us to statistically monitor how many people are using our website and selected sponsors' and advertisers' sites, (iii) how many people open our emails, and (iv) for what purposes these actions are being taken. We may use Cookie information to target certain advertisements to your browser or to determine the popularity of certain content or advertisements. Cookies are also used to facilitate a user's log-in, as navigation aides and as session timers, but not to retain personal information or personal health information about you.

Your browser software can be set to reject all Cookies. Most browsers offer instructions on how to reset the browser to reject Cookies in the “Help” section of the toolbar. If you reject our Cookies, certain of the functions and conveniences of the Sites may not work properly but you do not have to accept our Cookies in order to productively use our sites. We do not link non-personal information from Cookies to personal information without your permission and do not use Cookies to collect or store personal health information about you.

B. Web Beacons

We also may use Web Beacons to collect non-personal information about your use of our website and the websites of selected sponsors and advertisers, and your use of special promotions or newsletters. The information collected by Web Beacons allows us to statistically monitor your usage of our websites.

Our Web Beacons are not used to track your activity outside of our websites. We do not link non-personal information from Web Beacons to personal information without your permission and do not use Web Beacons to collect or store personal information (including personal health information) about you.

C. Third-Party Web Beacons

We use third-party web beacons from Yahoo! to help analyze where visitors go and what they do while visiting our website. Yahoo! may also use anonymous information about your visits to this and other websites in order to improve its products and services and provide advertisements about goods and services of interest to you.

The Sites contains links to other sites. Once you enter another website, be aware that neither the Company nor the Sites is responsible for the privacy practices of such other sites. We encourage you to look for and review the privacy statements of each and every website that you visit through a link on Sites.

VI. UPDATING YOUR INFORMATION AND CONTACTING OUR SITES

A. Updating Your Personal Information

The pages of our Sites that collect and store self-reported personal information allow you to correct, update or review information you have submitted by going back to the specific page, logging-in and making the desired changes.

B. Removing your Personal Information

If you have a complaint or problem, including removing your personal information from our systems, please email us at info@medifastdiet.com. Our customer service department will forward your complaint to the appropriate internal department for a response or resolution. We try to answer every email within 48 business hours, but may not always able to do so. If you do not receive adequate resolution of a privacy related problem, you may write to:

Attn. Privacy Officer
Medifast Nutrition Inc.
11445 Cronhill Drive
Owings Mills, MD 21117

C. Limitations on Removing or Changing Information

We retain personal information including personal health information only for as long as required for the purposes set out in this Policy. Except as may be required by law or for the purposes for which the personal information was collected or to protect our rights, and upon your request, we will delete your personal information including your personal health information from our active databases and, where feasible, from our back-up media. You should be aware that it is not technologically possible to remove each and every record of the information you have provided to the Company or from our servers.

VII. CHANGES TO THIS PRIVACY POLICY

The Company retains the right to update this privacy policy at its general discretion according to the needs of the business, its consumers or as may be required by law.

Last Updated: March, 2014