Whose privacy practices are described by this Privacy Policy?

This Privacy Policy describes the policies and practices of Inmar, Inc. regarding collection of information from consumers, and it also describes how Inmar, Inc. uses and discloses such information.  Collectively, we refer to such collection, use, and disclosure as our “Privacy Practices.”  Inmar, Inc. has published this Privacy Policy so that consumers are informed about its Privacy Practices.

This policy also describes the Privacy Practices of the following affiliates of Inmar Inc.: BrightBridge, LLC; Carolina Coupon Clearing, Inc. dba Carolina Services Company, Inc.; Carolina Logistics Services, L.L.C.; Carolina Manufacturer’s Services, Inc.; Carolina Promotions Services, Inc.; Collective Bias, Inc.; Inmar Analytics, Inc.; Inmar Scanner Applications, LLC; Med-Turn, Inc.; Stratapult, Inc.; EXP Pharmaceutical Services Corp.; and Willard Bishop LLC. Collectively, we refer to Inmar, Inc. and its corporate affiliates listed above as “Inmar Companies” (and each one separately as an “Inmar Company”).  Each Inmar Company that is subject to this Privacy Policy is responsible solely for its own adherence to the Privacy Practices described below.

Throughout this Privacy Policy, the term “Inmar” and words like “we” and “us” apply to the particular Inmar Company whose Privacy Practices are being described.

What is the general nature of Inmar’s business and information usage?

The Inmar Companies provide a variety of services to manufacturers, retailers and consumers. We assist businesses in marketing their products and services to consumers, and we assist consumers as they shop for products and services that match their preferences.  For example, Inmar Companies process rebates and coupons that are redeemed by consumers at grocery stores and other locations, and we manage consumer loyalty programs (like grocery store discount cards) for our retailer customers.  Inmar Companies also operate websites and provide mobile applications that enable consumers to choose discount offers for goods and services that are of interest to them, and then we provide services that enable consumers to obtain those discounts when they use their loyalty cards at participating retailers.  Because Inmar Companies sometimes work with multiple retailers where an individual consumer participates in loyalty programs, we often have an ability to identify categories of products and services that are likely to be of interest to the individual consumer, based on his/her past purchases at a variety of retail locations, so that retailers who send advertisements to their customers are more likely to send only relevant ads that consumers want to receive.  Inmar Companies provide services that help business customers identify products and services that consumers want, and that help consumers save money as they shop for those products and services.

What consumer information does Inmar collect? How does Inmar collect that information?

Inmar collects information directly from consumers in a variety of ways.

When a consumer uses one of our mobile applications or websites, he or she may be required to register and/or create an account with us, and we collect the information provided by the consumer as part of the registration.

Our applications and websites provide information to end users, such as digital coupons and other information about available discounts at participating retailers.  When a consumer interacts with such an application or website, we may collect a record of each interaction.  For example, an end user may select a digital coupon for a product that is offered within the application or website, and we will ordinarily make a record of that selection.  Later, when the consumer purchases that product at a retailer whose loyalty program we manage, assuming the consumer meets the coupon’s requirements (e.g., purchase before expiration of the coupon’s validity period) we will be able to inform the retailer that the consumer is entitled to the discount offered by the digital coupon.

We may also collect any information that the consumer’s computer or mobile device tracks about the manner in which the application or website is used, such as the consumer’s geographic locations and/or other statistics regarding his/her use.  Such data assists us in improving our applications in future versions, and also enables us to offer better services both to consumers and to our business customers.  For example, if we are able to identify the location where a consumer is using an application, our applications may be able to suggest discounts available at nearby retailers.

We may also collect information regarding any preferences that the consumer chooses to indicate in the application or website, such as configurations or optional settings selected by the end user.

We may collect and retain all information that consumers submit to us as part of rebate programs.  For example, a consumer may submit information that identifies a recent purchase (e.g., a receipt) or that is otherwise necessary in order to process the rebate.  Such information may be collected electronically when consumers submit the information online, or it may be collected from materials submitted via postal mail or other means of physical delivery.

Inmar utilizes a variety of technologies to collect information directly from consumers.  Our applications may include features that automatically track usage, and they may include features (such as feedback forms) that enable end users to provide information to us voluntarily.  Inmar websites may also use available Web-based technologies to collect consumer data, such as cookies or web beacons, and may collect any information that an end user’s browser provides, such as information identifying the end user’s operating system and Internet protocol address.  Inmar may also collect information from consumers from sources like telephone, fax or email.

Inmar also obtains a variety of information about consumers in the course of providing services to our business customers, such as retailers and manufacturers.  We may collect that information directly from consumers as we provide such services, or we may receive that information from our business customers after they have collected it from consumers.  For example, when we manage a retailer’s customer loyalty program, we may obtain a consumer’s registration information, including the customer’s name, address, phone number and any unique ID associated with his/her registration.  When a consumer makes a purchase using his/her loyalty program ID (e.g., by scanning or swiping a loyalty card in a checkout line at the grocery store), our computer systems may manage the loyalty program for the retailer by automatically reviewing items being purchased and identifying any discounts or other benefits to which the consumer is entitled.  We may maintain records associated with the consumer’s purchase history in such instances.

Some Inmar Companies provide financial management services to pharmacies, including sending invoices to insurance companies for amounts owed to the pharmacies for things like prescription medications dispensed to consumers.  Inmar may receive a variety of information about the consumers as necessary to perform those services, such as the consumer’s name, insurance provider, insurance plan, prescriptions, and prescription costs.  Some of that information may be subject to regulation under applicable law (e.g., information that is considered “Protected Health Information” is subject to the Health Insurance Portability and Accountability Act of 1996), and Inmar endeavors always to comply with applicable regulations, as well as any obligations of confidentiality that are created by its contracts with the pharmacies.  To the extent not prohibited by applicable law or its obligations to pharmacy customers, Inmar may collect and use information provided by the pharmacy to provide services to the consumers themselves or to assist its business customers in offering products and services of interest to consumers.  For example, if Inmar knows that a particular consumer was dispensed prescription allergy medicine by a pharmacy customer, and if Inmar manages a retailer loyalty program where that consumer later shops, Inmar may be able to suggest helpful discounts that are available from the retailer, such as a coupon for a generic version of the same medication.  To be clear, however, in all such instances Inmar never discloses a consumer’s Protected Health Information except as necessary to perform the services it has been asked to perform by the pharmacy or by the consumer.

For what purposes and in what manner do we use and disclose consumer information?

Most information collected by Inmar is statistical data that is not capable of identifying a particular individual (“Anonymous Data”).  Some information collected by Inmar, like name, address, and phone number, is capable of identifying an individual (“Personal Information”).  Information about an individual that is associated with his/her Personal Information is also considered Personal Information.  For example, a data record indicating that an anonymous person recently purchased a particular item would be Anonymous Data, but if that same record is associated with a person’s name or other Personal Information, the purchase record is also Personal Information for so long as it is so associated.   Together, we refer to Anonymous Data and Personal Information as “Consumer Information.”

In general, we use Consumer Information to provide services to consumers, such as making the benefits of store loyalty programs available and/or processing of digital coupons.  We also use Consumer Information to assist our business customers, like retailers and manufacturers, in marketing and providing products and services that will be of interest to consumers. We also use Consumer Information to provide helpful services to businesses such as coupon processing, rebate processing, and loyalty program management.

Inmar in all instances endeavors to abide by applicable law with respect to its Privacy Practices in connection with Consumer Information.  Subject to the foregoing, this Privacy Policy does not restrict Inmar’s Privacy Practices related to Anonymous Data.  We may create Anonymous Data from Personal Information by excluding information (such as consumers’ names or email addresses) that makes the information personally identifiable. We reserve the right to use and disclose Anonymous Data to third parties in our discretion.

Except in instances prohibited by applicable law, we may disclose Consumer Information to any Inmar Company.  If the Inmar Company to which we disclose the information is not subject to this Privacy Policy (if, for example, it has published a separate privacy policy of its own), we will nevertheless require that Inmar Company to agree to treat the Consumer Information in a manner consistent with this Privacy Policy.

We may use, process and disclose all Consumer Information as necessary to perform the services for which the information was provided.  For example, if a consumer uses one of our mobile applications to select a “digital coupon” available from one of our retailer customers, we will disclose that information to the retailer customer as necessary to enable the consumer to redeem the digital coupon.  As another example, if a consumer uses one of our mobile applications to redeem a rebate offered through that application by one of our customers who is a manufacturer, we may disclose Consumer Information both to the manufacturer customer and to applicable third party payment services (e.g., PayPal) as necessary to process the rebate.

If we manage the loyalty programs for more than one retailer where the same consumer shops, in some cases we may have the ability to merge that consumer’s records from all such retailers, which enables us to offer even better services to both the consumer and the retailers.  For example, by building a more complete profile of a consumer’s purchasing history via the various loyalty programs we manage, we may be able to help retailers offer better values to their customers, such as discounts on products that are most likely to be of interest to particular consumers.

We may disclose Consumer Information, including Personal Information, to the particular business customers on whose behalf we have collected it, and you consent to their use of such information for their business purposes. For example, when a consumer first signs up for a department store’s loyalty program that happens to be managed by Inmar, we may receive Personal Information such as the individual’s name, address, phone number, email address or other personal information.  Later, when that individual purchases a selection of products at that department store, we may collect a variety of data related to the transaction, including a list of items purchased, prices paid, and payment method.  We may deliver all such Consumer Information to the retailer.

Inmar applications and websites may utilize third-party tools and services to assist us in collecting data and/or providing services.  For example, rather than creating new software tools that are capable of generating basic statistics about the consumers who use our mobile applications, we may incorporate one or more third-party software tools within our proprietary applications.  Such tools may communicate via the Internet with the computer servers of third-parties who provide services to us, such as the creation of useful reports that help us manage our own business.  If any such information transmitted to our third-party service providers includes Personal Information, we will either require the third party to agree to treat the Personal Information in a manner consistent with this Privacy Policy, or we will include a statement in the separate terms and conditions that govern the relevant mobile application, explaining how that Personal Information will be treated (e.g., indicating whether such data is subject to the privacy policy of the third party service provider).  In cases where separate terms and conditions are used, we will obtain the consumer’s assent to those terms and conditions prior to undertaking the relevant services or transmitting the relevant information to the third-party service provider.

If a consumer provides feedback to us, we may use and disclose such feedback for any purpose, provided that if we store that feedback in a manner that connects it to the consumer’s Personal Information, we will treat that Personal Information (e.g., the fact that Jane Doe submitted the particular feedback) in accordance with this Privacy Policy.

Inmar may be required to disclose an individual’s Personal Information to comply with the law or an order issued by a court or an authorized administrative agency, to respond to a subpoena, or in response to a lawful request by public authorities, including to meet national security or law enforcement requirements.

In addition to the general policies described above, Inmar may disclose Personal Information in any of the following specific circumstances: (i) if such disclosure is made to protect the rights or property of Inmar or any Inmar Companies, prevent a crime, or protect the personal safety or rights of others; (ii) to our service providers for the purpose of providing services on our behalf, such as customer service, information technology services, and hosting services; (iii) as part of a merger or consolidation, or part of the sale of all or substantially all the stock or assets of the business to which the information pertains; (iv) as part of a disposition in a bankruptcy proceeding in a transaction approved by the bankruptcy court; and (v) in other instances when we have gotten your permission before disclosure.

In cases of onward transfer to third parties of data of EU individuals received pursuant to the EU-US Privacy Shield, Inmar is potentially liable. Accordingly, if we disclose Personal Information collected from the EU to another Inmar Company or any other third party, we will (i) transfer such data only for limited and specified purposes, (ii) ascertain that the Inmar Company or other third party is obligated to provide at least the same level of privacy protection as is required by the US-EU Privacy Shield Principles, (iii) take reasonable and appropriate steps to ensure that the Inmar Company or other third party, as applicable, processes such Personal Information in a manner consistent with such Privacy Shield Principles; and (iv) require the Inmar Company or other third party, as applicable, to notify the organization if it makes a determination that it can no longer meet its obligation to provide the same level of protection as is required by the Principles, and, upon receiving such notice, take reasonable and appropriate steps to stop and remediate unauthorized processing.

Treatment of Consumer Information in connection with mergers and acquisitions.

In the event Inmar goes through a business transition such as a merger, acquisition by another company, or the sale of all or a portion of its assets, Personal Information may be among the assets transferred to the acquiring company or otherwise coming under the control of the new owner(s).  For avoidance of doubt, any acquirer of Inmar or of its assets may continue to collect, use and disclose Personal Information as set forth in this Privacy Policy.

Third-Party Treatment of Consumer Information

Inmar’s mobile applications and websites may include links to applications, websites, information and services provided by third parties.  Inmar is not responsible for the Privacy Practices of those third parties.  We encourage consumers to review the applicable privacy policies of such third parties if they elect to follow the links provided.

Whenever Inmar receives Consumer Information from its business customers, like retailers and manufacturers, Inmar relies upon the business customers to obtain any consent from consumers that may be required to authorize Inmar’s Privacy Practices related to the applicable Consumer Information.  We may use and disclose such Consumer Information as authorized by those business customers. Inmar is not responsible for the policies or practices of those business partners with respect to the Consumer Information those business partners collect.

Inmar does not knowingly collect Personal Information from children.

Protecting the privacy of children is very important to Inmar.  Except as noted below, Inmar does not knowingly collect Personal Information from children under the age of 13, and Inmar’s products and services are not designed to attract or provide services to persons under 13 years of age.  If we later learn that a user is under 13 years of age, we will make a good faith effort to remove that person’s Personal Information from our databases.  We will also ask any Inmar Companies to whom we have disclosed such Personal Information to make good faith efforts to remove the same from their databases.

As an exception to the rule stated above, Inmar may receive Personal Information, including Protected Health Information, in the course of providing financial management and related services to pharmacies, as those services are described above.  While Inmar does not actively solicit information regarding children, in some cases the information received by Inmar from pharmacies or insurance companies may relate to children under the age of 13.  Inmar uses such information only as necessary to provide the services requested by the relevant pharmacy or as requested (via an affirmative opt-in) by a parent or legal guardian of the relevant child, and in any event Inmar will treat such information only in accordance with this Privacy Policy.

Choice and Access: What options and choices do consumers have regarding our Privacy Practices?  How may a consumer obtain access to Personal Information about himself/herself held by Inmar?

In order to make use of the services that Inmar offers to consumers via its websites and applications, it is necessary for consumers to permit Inmar’s collection, use and disclosure of information as described in this Privacy Policy.  Without those Privacy Practices, Inmar would not be able to offer its services to consumers.  If a consumer does not wish Inmar to collect information directly from him/her, he/she must not use Inmar’s websites or applications.

However, before Inmar collects Sensitive Data (defined below) directly from any consumer, Inmar will offer the consumer an opportunity to opt-in to such collection, and we will provide an explanation of our Privacy Practices related to that information, if those practices differ materially from this Privacy Policy.  If a consumer does not opt-in to such collection, Inmar will not collect the Sensitive Data.  In such instances, however, Inmar may be unable to provide the services for which the Sensitive Data would otherwise be collected.  For purposes of this Privacy Policy, “Sensitive Data” refers to Personal Information specifying medical or health conditions, racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, or information specifying the sex life of the individual, or any other information regarding which applicable law requires opt-in consent prior to its collection.

A consumer may elect to withdraw his/her consent to future collections of Sensitive Data by sending a written notice to Inmar’s Privacy Office at the address below.  Such notice should state clearly that the individual wishes to withdraw his/her consent to Inmar’s future collection of Sensitive Data directly from the consumer.  Following Inmar’s receipt of that notice, Inmar will take steps to stop future collections within a reasonable time.  If the consumer so requests, Inmar will make good faith efforts to remove previously collected Sensitive Data about the consumer from Inmar’s databases, except in the limited situations described below.  In such instances, Inmar will also ask any Inmar Companies to whom we have disclosed such Sensitive Data to make good faith efforts to remove the same from their databases.

Consumers may write to Inmar’s Privacy Office at the following address:

Inmar, Inc.
Attention: Privacy Office
635 Vine St.
Winston-Salem, NC 27101

Furthermore, as described above, much of the Consumer Information processed by Inmar, including Sensitive Data, is received from its third party business partners, such as retailers and manufacturers who are Inmar’s customers.  For purposes of this Privacy Policy, we refer to such information as “Partner-Provided Data.”  Inmar receives authorization to use Partner-Provided Data from the business partners, and Inmar relies on those business partners to obtain consent from consumers, if necessary, prior to providing the relevant Consumer Information to Inmar.  Inmar may use all Partner-Provided Data as authorized by its business partners, or within the scope of any broader authorizations that consumers may provide directly to Inmar related to that information.

Notwithstanding Inmar’s policies regarding Sensitive Data described above, unless required to do so by applicable law, Inmar will not attempt to remove Sensitive Data that may be retained solely in archival copies of its databases (e.g., tape backups retained for auditing purposes).  Furthermore, Inmar will not be required to remove Sensitive Data from its databases to the extent the same are Partner-Provided Data, or if the burden or expense of accomplishing such removal would be disproportionate to the risks to the privacy of the individual in the case in question or where the rights of persons other than the individual would be violated.

An individual who seeks access, or who seeks to correct, amend, or delete inaccurate data, should direct his or her query to the Inmar Privacy Office. If requested to remove data, we will respond within a reasonable timeframe.  Inmar will exercise good faith efforts to provide access to such Personal Information to the extent it is available within a reasonable time, and will exercise good faith efforts to correct or amend information that the consumer believes to be inaccurate, except where the burden or expense of providing access, correction or amendment would be disproportionate to the risks to the privacy of the individual in the case in question or where the rights of persons other than the individual would be violated.

Because Inmar Companies may share Consumer Information with one another as described in this Privacy Policy on an ongoing basis, it is possible that, even after we remove Sensitive Data or other information about a particular consumer from our databases, we may later receive information about that same consumer from an affiliated company.  We may also later receive Consumer Information about the same consumer from one or more business partners, such as retailers or manufacturers whose loyalty programs we manage.  We will continue to treat any such Consumer Information in accordance with this Privacy Policy.

In some circumstances applicable law may provide consumers a right to request a report regarding Inmar’s disclosures of Protected Health Information or other Personal Information about himself or herself, and Inmar will always undertake to provide such information as required by applicable law.  For example, pursuant to California Civil Code Section 1798.83 (the “Shine the Light Law”), a California resident may request an information statement from Inmar regarding disclosures of Personal Information about that resident, if any, that Inmar has made to third parties for direct marketing purposes during the preceding calendar year.  All such requests should be submitted in writing to the Inmar Privacy Office at the address set forth above.  Inmar will endeavor to respond to such requests within a reasonable time by providing a report that includes the information required by applicable law.

Retention of Information

Inmar’s ability to provide valuable services both to consumers and to business customers increases as Inmar develops better, more accurate profiles of consumer purchasing patterns and preferences.  For example, if we are able to collect a consumer’s purchasing history from his/her participation in several store loyalty programs, we are better able to understand the kinds of products and services that the consumer ordinarily needs, when he/she ordinarily purchases them, and where he/she ordinarily prefers to purchase them.   Over time, our understanding of the consumer’s preferences improves.  As a result, we are better able to identify discounts (or suggest that our retailer customers and manufacturer customers offer discounts) that will be of most interest to the consumer.  Accordingly, we may maintain Consumer Information in our databases indefinitely, except to the extent we are required to remove such Consumer Information by applicable law, and except as described above regarding Sensitive Data.  Even after we remove Consumer Information from the databases that we use in active operation of our business, some or all of that Consumer Information may be retained in our inactive archival backups of those databases.

Information Security and Integrity

We exercise reasonable security measures consistent with industry standards to protect against unauthorized access to Personal Information stored in our databases, and to prevent unauthorized use, alteration, corruption or disclosure of that Personal Information.  Personal Information stored in our possession is maintained behind firewalls, and our servers are located within facilities that are subject to physical security measures designed to prevent unauthorized access.

We restrict access to Personal Information to our employees, contractors and agents who need to access that information in order to operate our business in a manner consistent with this Privacy Policy.  All such personnel are required to treat Personal Information in a manner consistent with this Privacy Policy, and they are subject to discipline, potentially including termination, if they fail to comply with those requirements.

We require any business partners who perform services on our behalf to agree to treat Personal Information in a manner consistent with this Privacy Policy.

While we believe our policies and practices regarding information security and integrity are reasonable, we cannot guarantee that the security and/or integrity of Personal Information will not be breached or that such Personal Information will not be subject to unauthorized access, alteration, corruption or disclosure.  We review our information security policies and practices periodically and may update them as we determine reasonably necessary to achieve information security and integrity consistent with industry standards.

Declaration of Compliance with US-EU Privacy Shield Principles

Inmar complies with the EU-US Privacy Shield Framework as set forth by the US Department of Commerce regarding the collection, use, and retention of personal information from European Union member countries. Inmar has certified that it adheres to the Privacy Shield Principles of notice, choice, accountability for onward transfer, security, data integrity and purpose limitation, access, and recourse, enforcement and liability. If there is any conflict between the policies in this privacy policy and the Privacy Shield Principles, the Privacy Shield Principles shall govern. To learn more about the Privacy Shield program, and to view our certification page, please visit https://www.privacyshield.gov/.

Verification and Enforcement

Inmar periodically conducts internal reviews and self-assessment of its Privacy Practices to confirm its compliance with this Privacy Policy.  We will take good faith steps to correct any non-compliance identified in the course of such reviews.

Consumers who believe that Inmar may have acted in a manner inconsistent with this Privacy Policy may contact the Inmar Privacy Office at the address stated above, and we will exercise good faith efforts to resolve disputes and complaints.

Inmar is subject to the investigatory power and enforcement authority of the Federal Trade Commission, and Inmar is committed to resolving your complaints about our Privacy Practices. If you have inquiries or complaints regarding Inmar’s collection, use and/or disclosure of your Personal Information, you may contact the Inmar Privacy Office at the address given above.

Further, European Union citizens with inquiries or complaints regarding this Privacy Policy should also first contact the Inmar Privacy Office at the address stated above.  In the event that we are unable to resolve privacy complaints that arise under the EU-US Privacy Shield Principles, Inmar has further committed to refer unresolved privacy complaints under the EU-US Privacy Shield Principles to BBB EU PRIVACY SHIELD, a non-profit alternative dispute resolution provider located in the United States and operated by the Council of Better Business Bureaus. If you do not receive timely acknowledgment of your complaint, or if your complaint is not satisfactorily addressed, please visit www.bbb.org/EU-privacy-shield/for-eu-consumers/ for more information and to file a complaint. Please note that if your complaint is not resolved through these channels, under limited circumstances, a binding arbitration option may be available before a Privacy Shield Panel.

Privacy Policy Changes

Inmar reserves the right to update this Privacy Policy from time to time.  We will make any such updates publicly available for review, and will indicate the date as of which the revised Privacy Policy becomes effective.  We will continue to treat that Personal Information collected prior to the effective date of the revised Privacy Policy in accordance with the Privacy Practices described in this version of the Privacy Policy, unless we receive appropriate consent from the party who has provided us the relevant information or from the particular consumer to whom the Personal Information relates.

This Privacy Policy is effective as of November 3, 2017.

Start typing and press Enter to search