Kyber Privacy Supplement

Kyber Supplemental Privacy Notice for Certain California Residents

Effective: May 2020

This Kyber Supplemental Privacy Notice for Certain California Residents (this “Notice”) is provided on behalf of Kyber Data Science® LLC and its subsidiaries (referred to collectively as “we”, “us”, “our” or similar pronouns). This Notice applies solely to California residents who are health care providers and whose personal information is included in one or more of Kyber Health Data LLC’s data products (“health care providers” or “you”). We adopt this Notice to comply with the California Consumer Privacy Act of 2018 (“CCPA”) and any terms defined in the CCPA (such as “personal information”) have the same meaning when used in this Notice.

We are part of the larger Cowen Inc. organization. For our privacy notice applicable to other California residents (such as our customers), please read Cowen’s Privacy Notice for California Residents. For our privacy practices with respect to information collected through online services operated by us, including Kyber Data Science, or by our other affiliates within the Cowen Inc. corporate family, please read Cowen’s Online Privacy and Cookie Policy.

Categories of Personal Information

We have collected the following categories of personal information of health care providers in the preceding 12 months:

  • Identifiers, such as government-issued unique personal identifier and business address.
  • Personal information categories listed in the California Customer Records statute (Cal. Civ. Code § 1798.80(e)), such as place of employment or employment history.
  • Commercial information, such as devices and supplies used by health care providers in the course of their provision of care.
  • Professional or employment-related information.

Categories of Sources

We collect limited personal information related to professional activities of health care providers residing in the state of California that come from a variety of sources, including health care organizations (e.g., physician practices, hospitals, clinics, and pharmacies), federal and state government organizations, payers, medical claims clearinghouses and other vendors.

Use and Disclosure for Business and Commercial Purposes

We use and disclose the categories of personal information listed above for business or commercial purposes.  These purposes include to operate, manage and maintain our business, to create, develop, provide and enhance our products and services, and to accomplish our business purposes and objectives.  In the preceding 12 months, we have shared the categories of personal information listed above for business purposes with our service providers. 

Sales of Personal Information of Health Care Providers

Certain of Kyber Health Data LLC’s data products include limited personal information related to professional activities of health care providers who reside in California and, as a result, our provision of such data products to our customers may constitute a “sale” under the CCPA.  On this basis, in the preceding 12 months, we have “sold” and, subject to each such health care provider’s opt-out right described below, may in the future “sell” the following categories of personal information to customers of those Kyber data products: identifiers; personal information categories listed in the California Customer Records statute; commercial information; and professional or employment-related information. Kyber Health Data LLC’s customers are not permitted by contract to use our products to market products and services to you or to contact your business. Kyber Health Data LLC’s products are provided to its customers for internal use only. We do not have actual knowledge that we sell the personal information of minors under 16 years of age.

Access and Data Portability Rights for Health Care Providers

You have the right to request that we disclose the following information to you with respect to the preceding 12 months:

  • the categories of personal information collected about you;
  • the categories of sources from which the personal information is collected; 
  • the purposes for collecting or sharing personal information;
  • the categories of third parties with which we share personal information for a business purpose;
  • the categories of personal information we have “sold” and, if applicable, the categories of third parties to which we sold personal information; and
  • the specific pieces of personal information we collected about you.

These access and data portability rights do not apply to personal information reflecting a written or verbal business-to-business communication (“B2B personal information”) for so long as an exception provided by the CCPA applies.

Deletion Request Rights for Health Care Providers

You have the right to request that we delete the personal information we collected about you, subject to certain exceptions provided by the CCPA.  Once we receive and confirm your verifiable request, we will delete the requested personal information from our records, unless an exception provided by the CCPA applies.  For example, we may retain personal information as required or permitted by law, and may maintain a copy of your deletion request.

Exercising Your Access, Data Portability or Deletion Rights

To exercise the access, data portability and deletion rights described above, please submit a verifiable consumer request to us by either calling us at 1-800-648-1158 or emailing us at KyberCCPA@cowen.com.

We cannot respond to your request or provide you with personal information if we cannot verify your identity or authority to make the request and confirm the personal information relates to you. You may only make a verifiable consumer request for access or data portability twice within a 12-month period. The verifiable consumer request must provide sufficient information that allows us to reasonably verify you are the person about whom we collected personal information or an authorized representative. Please describe your request with sufficient detail for us to properly understand, evaluate and respond to it.

Opt-Out Rights for Personal Information Sales

You have the right to opt out of our future “sale” of your personal information. To do so, you may submit a request to us by:

Please describe your request with sufficient detail for us to properly understand, evaluate and respond to it.

Requests from Authorized Agents

If you would like an authorized agent to submit a CCPA request on your behalf or if you are an authorized agent of a consumer and registered with the Secretary of State to conduct business in California, please send us an email at KyberCCPA@cowen.com for instructions and details on proof required for use of an authorized agent, including a copy of the written permission signed by the consumer for the agent to act on the consumer’s behalf in this manner.

Right of Non-Discrimination

You have the right not to receive discriminatory treatment by us for exercising any of your CCPA rights.

Reasonable Access for Health Care Providers with Disabilities

Persons with disabilities may obtain this Notice in alternative format upon request by contacting us at KyberCCPA@cowen.com or calling 1-800-648-1158.

Changes to this Notice

We reserve the right to amend this Notice at our discretion at any time. When we make changes to this Notice, we will post the updated Notice on the website and update the Effective Date.

Contact Information

If you have any questions about this Notice, the ways in which we collect, use and disclose your personal information described here, or your choices and rights regarding such practices, please do not hesitate to contact us at 1-800-648-1158 or KyberCCPA@cowen.com