Privacy Policy

This Privacy Policy sets forth the policies and procedures of ESALetters.com (“ESA Letters”, “we”, “our” or “us”) in regard to the collection, usage and disclosure of personal and/or business information that you may provide to us through using this website, or by using any product or service provided by ESA Letters (collectively, the “Platform”).

If you do not accept this Privacy Policy and/or do not meet and/or comply with the provisions set forth herein, then you may not use any of the Platform.

1. Information we collect

When you use our Platform, you may provide ESA Letters with two main types of information: (1) Non-Personal Information and (2) Personal Information. We collect information from you when you (a) use and/or access our Platform, (b) open and/or respond to our emails, (c) contact ESA Letters, (d) visit any page online that displays our content, (e) purchase products and/or services through our Platform, and/or (r) provide information to any of our Service Providers (as defined below).

1.1 Personal Information

“Personal Information” is personally identifiable information that you knowingly choose to disclose, which is collected on an individual basis. We may ask for certain Personal Information from you for the purpose of providing to you content and/or services that you request. We may collect Personal Information such as your: (i) contact information (including name, address and email); (ii) information regarding your mental health and history, (iii) financial information (such as credit card number, expiration date, verification number and billing address); (iv) contact information and/or other identity information you share with us; (v) location information (such as geographic location of the device you are using) and/or (vi) preferences and feedback. By using our Platform, you are authorizing us to collect, store and use the information you provide, in accordance with this Privacy Policy. Once you use our products or services, you have opted in to receive electronic communications from ESA Letters. ESA Letters may also provide you with the opportunity to participate in surveys through our Platform. If you participate, we may request certain personally identifiable information. Participation in surveys is completely voluntary and you therefore have a choice whether to disclose such information.

1.2 Non-Personal Information

“Non-Personal Information” is general user information that does not contain personally identifiable information, which is collected on an aggregate basis as you use our Platform. We collect Non-Personal Information such as:

Cookies: We may use cookies and web log files to track usage and trends, to improve the quality of our Platform and to customize your experience. A “cookie” is a data file that resides on your computer, mobile phone, or other device, and allows ESA Letters to recognize you as a user when you return to our Platform using the same computer and web browser. Information gathered through cookies may include the date and time of visits, the pages viewed, and time spent at our Platform. You can remove or block cookies using the settings in your browser, but in some cases that may impact your ability to use our Platform. Sending a cookie to a user’s browser enables us to collect Non-Personal information about that user and keep a record of the user’s preferences when utilizing our services, both on an individual and aggregate basis. For example, we may use cookies to store the following information: session data, email address, username, and preferences. ESA Letters may use both persistent and session cookies; persistent cookies remain on your computer after you close your session and until you delete them, while session cookies expire when you close your browser.

Analytics Data: We may use third party analytics services to help analyze how users use the Platform. These analytics services use cookies to collect information such as how often users visit our website and we use the information to improve the Platform. The analytics services ability to use and share information collected by them is restricted by their terms of use and privacy policy, which you should refer to for more information about how these entities use this information. If third party services collect information, they do so anonymously without identifying individual visitors. However, we may link the information we record using tracking technology to Personal Information we collect.

Device Data: We may use device data, which is information concerning a device you use to access, use, and/or interact with the Platform, such as operating system type and/or mobile device model, browser type, domain, and other system settings, the language your system uses and the country and time zone of your device, geo-location, unique device identifier and/or other device identifier, mobile phone carrier identification, and device software platform and firmware information.

Aggregate: We may collect non-identifying and statistical information about the use of our Platform, such as how many visitors visit a specific page, how long they stay on that page and which links, if any, they click on. This information represents a generic overview of our users, including their collective habits. Information collected in the aggregate is not associated with you as an individual. We may share user information in the aggregate with third parties.

Other Tracking Technologies: We may supplement information you provide to us with information from other sources, such as information to validate and/or update your address and/or other demographic information. This information is used to maintain the accuracy of information on our Platform and for internal analysis. We may also use clear gifs, pixel tags and web beacons, which are tiny graphic images placed on website pages and/or in our emails that allow us to determine whether you have performed specific actions and are further used to track online movements of our users. In contrast to cookies, which are stored on your computer’s hard drive, clear gifs are embedded invisibly on web pages. We do not tie the information gathered by clear gifs to your Personal Information.

1.3 Information you provide by using the Platform

You may submit User Content (as defined in our Terms and Conditions) to the Platform, including certain information via online forms. Please see our Terms and Conditions for how User Content is treated.

1.4 Information you send to other Users

This Privacy Policy only addresses the use and disclosure of information we collect from you. If you disclose your information to other parties using the Platform, or visit other websites linked through the Platform, different rules may apply to their use or disclosure of the information you disclose to them. Since ESA Letters does not control the privacy policies of third parties, or other individual’s actions, you are subject to the privacy policies of that third party or those individuals. We encourage you to be sure the recipients are authenticated to your satisfaction before you send them any documents or sensitive information.

2.1 General Use

We may share your Personal Information to fulfill the purpose for which you provide it, for any other purpose disclosed by us when you provide the information and/or to third parties designated by you. Except as otherwise stated in this Privacy Policy, we do not sell, trade, rent or otherwise share for marketing purposes your Personal Information with third parties without your consent. For example, we may use your information to:

operate, maintain, and improve our sites, products, and services;
connect you to a Service Provider;
respond to comments and questions and provide customer service;
provide technical support;
send information including confirmations, invoices, technical notices, updates, security alerts, support and administrative messages;
communicate about promotions, upcoming events, other news about products and services offered by us and our selected partners;
send you reminders, support and marketing messages;
manage our administration of the Platform;
link or combine user information with other Personal Information we get from third parties, to help understand your needs and provide you with better service;
perform analytics and conduct research;
protect, investigate, and deter against fraudulent, unauthorized and/or illegal activity;
to process orders and/or otherwise provide and deliver products and services you request;
to process and deliver orders for additional services;
identify you as a user in our system;
facilitate the creation of and secure your account on our network; and/or
develop and improve marketing and advertising for the Platform and partner services.

The information collected in the aggregate enables ESA Letters to better understand your use of the Platform and to enhance your enjoyment. We may use financial information to process payment for any purchases made on the Platform, enroll you in one of our accounts and/or other related services in which you elect to participate. If you use the Platform, you agree to receive certain communications from us including but not limited to the following:

Special Offers, Newsletters and Updates. We may occasionally send you information on products, special deals, promotions and newsletters. You can sign up for these emails from us at any time on our website. You may elect not to receive these types of communications by notifying us.

Customer Service. Based upon the personally identifiable information you provide us, we may communicate with you in response to your inquiries, to provide the services you request and to manage your account. We may communicate with you by email or telephone.

Supplementation of Information. In order to process your credit card orders, we use a third-party provider to validate and verify your account information. All billing and account information is transmitted via https, which is a secure encrypted protocol system.

2.2 Parties with whom we may share your information

We may share Personal Information and User Content with vendors, employees, contractors, healthcare professionals and/or agents who are performing or providing services for ESA Letters or you (collectively, “Service Providers”). Our Service Providers will be given access to your information as is reasonably necessary to provide the products and/or services offered through the Platform. We strive to use commercially acceptable means to protect your Personal Information. If Service Providers acquire confidential or proprietary information belonging to ESA Letters or its customers, such information is required to be handled in confidence and may not be disclosed to unauthorized third parties. Certain Service Providers may automatically collect non-identifying information about your use of our Platform by using cookies and other technologies as similarly used by ESA Letters.

2.3 Disclosures

We also may be required to disclose an individual’s Personal Information in response to a lawful request by public authorities, including to meet security or law enforcement requirements. For example, we will disclose your Personal Information in the following circumstances: (i) to investigate and defend ESA Letters members, employees, officers, agents, contractors, principals and affiliates against any third party claims and/or allegations and/or otherwise to protect ESA Letters from liability, (ii) to investigate, prevent and/or take action regarding suspected and/or actual illegal activities, (iii) to assist government enforcement agencies, respond to a legal process and/or comply with the law, (iv) to exercise or protect the rights, property and/or personal safety of the users of the Platform and/or (v) to protect the security and/or integrity of the Platform. In response to a request by law enforcement or other government officials relating to a criminal investigation or alleged illegal activity, we can (and you authorize us to) disclose your Personal Information, including your name, city, state, telephone number, email address, user ID history, fraud complaints, and usage history, without a subpoena, in connection with an investigation of fraud, intellectual property infringement, piracy, and/or other unlawful activity.

2.4 Business Transitions

In the event we undergo a business transaction such as a merger, acquisition by another company, or sale of all or a portion of our assets, your Personal Information may be among the assets transferred and/or examined during the due diligence process. You acknowledge and consent that such transfers may occur and are permitted by this Privacy Policy, and that any acquirer of our assets may continue to process your Personal Information as set forth in this Privacy Policy.

2.5 No Doctor-Patient Confidentiality with ESA Letters

Using our website and/or products and services is not intended to create and does not constitute any professional relationship (including any doctor-patient relationship) between ESA Letters or any of its officers, directors, trustees, employees, consultants, contractors, advisors, representatives, volunteers, affiliates or agents and you. Communications on or through our Website do not create any client-professional relationships and are not the subject of any associated privileges or confidentiality protections.

3. Information Choices

Depending on the situation, ESA Letters may obtain consent to the collection of Personal Information in different ways. Express consent may be obtained verbally, online and/or in writing. Implied consent may be obtained through your use of our Platform and related services, and/or when you approach us to obtain information, inquire about or request services from us. Although we think that you benefit from a more personalized experience when we know more about you and what you like, you can limit the information you provide to ESA Letters, and you can limit the communications that ESA Letters sends to you. If you visit our website and volunteer personally identifiable information, you can opt out of receiving notifications, and you may review, modify, update, and/or delete such Personal Information by contacting us. Please be aware that even after your request for a change is processed, ESA Letters may, for a time, retain residual information about you in its backup and/or archival copies of its database. Please be aware that we may still email you non-commercial emails related to your account and your transactions through our Platform. ESA Letters may retain information (including without limitation your account information) for a commercially reasonable time for backup, archival, and/or audit purposes. In some cases, if you choose not to provide ESA Letters with requested information, you may not be able to use and/or access our Platform.

4. California Privacy Rights

Effective January 1, 2020, the California law known as the California Consumer Privacy Act (“CCPA”) allows, with some exceptions, California residents to request that a business that collects consumers’ personal information to give consumers access to the specific pieces and categories of personal information that the business has collected about the consumer, the categories of sources for that information, the business or commercial purposes for collecting the information, and the categories of third parties with which the information was shared. California residents also have the right to submit a request for deletion of information under certain circumstances. Consistent with the CCPA, if you choose to exercise your rights, we won’t charge you different prices or provide different quality of services unless those differences are related to your information.

Notice to Business-to-Business Consumers: Many of the obligations imposed by the CCPA currently do not apply to personal information reflecting communications or transactions between the business and a California resident where the resident is acting on behalf of another business, e.g., a business-to-business transaction. If your personal information is being processed within this context, your rights under the CCPA are limited.

Your Rights Under California Law

The following are your rights under California law:

To request that the business disclose what personal information (about you) it collects, uses, discloses, and sells.
To request deletion of your personal information collected or maintained by the business. This right is limited, and we may not always honor your request, particularly when it is necessary to maintain your information for legal purposes or to complete the business we have with you.
To opt-out of the sale of your personal information by the business. A “sale” occurs when your personal information is exchanged with a, non-service provider, third party in exchange for valuable consideration. It is not a sale when you intentionally authorize us to disclose your personal information or interact with a third party. To exercise your right to opt-out, please contact us at [email protected].
To not receive discriminatory treatment by the business for exercising any of the privacy rights conferred under the CCPA.

Exercising Your Rights Under the CCPA

How to make a disclosure request: You may request these disclosures by contacting us at [email protected]. You have the right to make a free request two times in any 12-month period. We will make the disclosure within 45 days of receiving your request, unless we request an extension. In the event that we reasonably need a 45-day extension, we will notify you of the extension within the initial 45-day period.

Right of deletion: You have the right to request that we delete your personal information, subject to certain exceptions. After we receive and validate your request, we will delete your personal information, as well as direct our service providers to delete your personal information, unless an exception applies. Contact us at [email protected] to delete your data.

The CCPA permits using a designate an authorized agent to make a request on a consumer’s behalf. You may designate an agent by filling an agent-designation form. Both the designated agent and the consumer are subject to verification before accepting a consumer rights request.

All consumer rights requests are subject to verification by us. We verify requests by matching the information provided by the consumer to the personal information of the consumer already maintained by the business. In some instances, we may use your contact information to contact you in order to verify your identity.

Residents of the state of California have the right to request certain information from us with respect to the types of personal information we share with third parties for their direct marketing purposes, as well as the identities of the third parties we have shared such information with during the immediately preceding calendar year. To exercise your choices, please contact us at [email protected].

5. Service Eligibility and Changes

5.1 Children and Minors

ESA Letters does not knowingly collect personally identifiable information from individuals under the age of thirteen (13). If we learn that we have collected Personal Information from a child under age thirteen (13), we will delete such information as quickly as possible. If you believe that a child under the age of thirteen (13) may have provided us Personal Information, please contact us at [email protected].

By using the Platform, you represent that you are at least eighteen (18) years old and understand that you must be at least eighteen (18) years old in order to create an account and/or purchase the goods and/or services through the Platform.

5.2 Changes to Privacy Policy

In general, changes will be made to this Privacy Policy to address new or modified laws and/or new or modified business procedures. However, we may update this Privacy Policy at any time, with or without advance notice, so please review it periodically. We may provide you additional forms of notice of modifications and/or updates as appropriate under the circumstances. Your continued use of the Platform after any modification to this Privacy Policy will constitute your acceptance of such modifications and/or updates. You can determine when this Privacy Policy was last revised by referring to the date it was last “Updated” above.

6. Other Platforms and services

We are not responsible for the practices employed by any services linked to and/or from our Platform, including the information and/or content contained therein. Please remember that when you use a link to go from our Platform to another website and/or service, our Privacy Policy does not apply to such third-party websites and/or services. Your browsing and interaction on any third-party website and/or service, including those that have a link on our Platform, are subject to such third party’s own rules and policies. In addition, you agree that we are not responsible and do not have control over any third-parties that you authorize to access your Personal Information. If you are using a third-party website and/or service and you allow them to access your Personal Information, you do so at your own risk.

7. How we protect information

We implement security measures designed to protect your information from unauthorized access. We follow generally accepted industry standards to protect the Personal Information submitted to us, both during transmission and once we receive it. We may further protect your information from potential security breaches by implementing certain technological security measures including encryption, firewalls and secure socket layer technology. Because the internet is not a completely secure environment, ESA Letters cannot warrant the security of any information you transmit to ESA Letters or guarantee that information on the Platform may not be accessed, disclosed, altered and/or destroyed by breach of any of our physical, technical and/or managerial safeguards. In addition, while Service Providers are obligated to keep your information confidential and secure, such Service Provider’s practices are ultimately beyond our control. We are not responsible for the functionality, privacy and/or security measures of any other organization. By using our Platform, you acknowledge that you understand and agree to assume these risks.

8. International

Please be aware that our Platform are subject to United States laws, including laws governing privacy and security of your information. By using our Platform, you agree and consent (and represent that you have the authority to provide such consent) to the information collection, use and/or sharing practices described in this Privacy Policy and understand that the laws of the United States and other countries and territories related to the foregoing may differ from those of other countries and may not be as protective as the laws in the country where you reside.

9. How to contact us

If you have questions and/or comments about this Privacy Policy, please email us at [email protected].