top of page

Privacy Policy

This Privacy Policy sets forth the information gathering, use, and dissemination practices of PediaMetrix Inc., with respect to and its affiliated web pages, sites, and mobile applications including SoftSpot™. This privacy policy has been compiled to better serve those who are concerned with how their Personal Information is being used online.

“Personal Information” is information that can be used on its own or with other information to identify, contact, or locate a single person, or to identify an individual in context. Please read our privacy policy carefully to get a clear understanding of how we collect, use, protect or otherwise handle your Personally Identifiable Information in accordance with our website.

“Sensitive Personal Information” includes data about racial or ethnic origin, political opinions, religious or philosophical beliefs, trade-union memberships, genetic and biometric data when used for identification purposes, and data about health, sex life, and sexual orientation.


This Privacy Policy applies to the information that we obtain through your use of PediaMetrix products and services, including our website (, our web and mobile-based tools, social media, communications (collectively, our “Services”).

Types of Personal Information that We Collect

  • Names

  • Email addresses

  • Telephone numbers

  • Date of births

  • User IDs and passwords

  • Identifiers of devices used to access our Services

  • Infant’s head images (even though not identifiable in most cases, may include identifiable body parts)


Information that We Collect from and About You

Information that You Provide to Us Voluntarily

Account and Profile Information: We collect information about you and your company when you register for an account, create or modify your profile, and make purchases through our Services. Information we collect includes your name, username, address, email address, and phone number. You may provide this information directly through our Services or in some cases another user (such as an account administrator) creating an account on your behalf may provide it. If you provide information (including personal information) about someone else, you confirm that you have the authority to act for them and to consent to the collection and use of their personal information as described in this Privacy Policy.

Content: We collect and store content that you create, input, submit, post, upload, transmit, or store while using our Services. Such content may include any personal or other sensitive information submitted using our Services, such as HIPAA protected health information, and other information such as source code or regulatory compliance materials.

Other submissions: We collect other data that you may submit to our Services or to us directly, such as when you request customer support or communicate with us via email or social media sites.


Information that We Collect Automatically When You Use Our Services

Web Logs and Analytics Information: We record certain information and store it in log files when you interact with our Services. This information may include Internet protocol (IP) or other device addresses or ID numbers as well as browser type, Internet service provider, URLs of referring/exit pages, operating system, date/time stamp, information that you search for, your locale and language preferences, your mobile carrier, and system configuration information. We and our analytics providers, also collect and store analytics information when you use our Services to help us improve our Services.

Cookies and Other Tracking Technologies: We use various technologies to collect information, including cookies that we save to your computer or mobile device. Cookies are small data files stored on your hard drive or in device memory. We use cookies to improve and customize our Services and your experience; to allow you to access and use the Services without re-entering your username or password; and to count visits and understand which areas and features of the Services are most popular. We may also associate the information we store in cookies with personal information you submit while on our Services. You can instruct your browser, by changing its options, to stop accepting cookies or to prompt you before accepting a cookie from websites you visit. If you do not accept cookies, which is strictly necessary for the provision of our services, you may not be able to use all aspects of our Services.

Information that We Collect from Other Sources

Information provided by other individuals: While using our Services, individuals may provide information about another individual, or an authorized user (such as an account administrator or a doctor’s office administrator) creating an account on your behalf may provide information about You. When one individual provides us with information (including personal information) about another individual, we assume that the individual has permission and authority to do so and to consent on behalf of that individual to the collection and use of personal information as described in this Privacy Policy. Please contact us immediately at if you become aware of an individual providing us with personal information about another individual without being authorized to do so, and we will act consistently with this Privacy Policy.

Information that We Receive About You From Our Customers

Our customers and their designated users use our Services to develop, establish, implement, and maintain secure application and database deployment environments for processing sensitive data, including personal information and sensitive personal information. While using our Services, our customers may create, input, submit, post, upload, transmit, or store personal information that they have collected from individuals. During the course of our business relationship, we may need to access a customer’s account and the information it contains to provide support for our Services.

Our customers and prospective customers are responsible for complying with all applicable federal, state, local, and international laws and regulations regarding notice, disclosure, consent, and transfer of personal information, prior to providing that personal information to PediaMetrix.

Why We Collect Information from and About You

We will not use your personal information for anything other than the following lawful purposes:


To establish and maintain contractual relationships with our customers:

  • To establish relationships with new customers

  • To fulfill our obligations to current customers

  • To contact customers regarding account-related issues and business communications relating to the Services, including technical notices, updates, security alerts, and administrative messages

  • To enable individuals to access and use our Services

  • To finalize and administer your request and service


To comply with our legal obligations :

  • To comply with legal obligations, including but not limited to complying with tax and financial reporting requirements

  • To demonstrate compliance with applicable privacy and data security laws and regulations, such as HIPAA and GDPR

  • To comply with incident monitoring, reporting, assessment, and notification requirements

  • To comply with other applicable criminal and civil law and regulatory requirements under federal, state, and international law


To provide services and information that you request and consent to receive:

  • To provide customer service and support

  • To communicate with you, including responding to your comments, questions, and requests regarding our Services

  • To process and complete transactions, and send you related information, including purchase confirmations and invoices

  • To provide direct marketing, email, and other distributed information distribution


To full fill our other legitimate interests to the extent that they are not overridden by individual interests, fundamental rights, or freedoms:

  • To administer, operate, maintain, and secure our website and Services

  • To monitor and analyze trends, usage, and activities in connection with our Services

  • To investigate and prevent fraudulent transactions, unauthorized access to our Services, and other illegal activities

  • To verify compliance with our internal policies and procedures

  • For accounting, recordkeeping, backup, and administrative purposes

  • To customize and improve the content of our communications, websites, and social media accounts

  • To educate and train our workforce in data protection and customer support

  • To provide, operate, maintain, improve, personalize, and promote our Services

  • To develop new products, services, features, and functionality

  • To market our products and services (first-party marketing only; we do not provide personal information for use in marketing any non-PediaMetrix, third-party goods or services)


When possible, we will use anonymized data for these purposes, but if we do not, or if we combine it with Personal Information we will treat it in accordance with this Privacy Policy.


How do we protect your information?

  • We do not use Malware Scanning.

  • Your personal information is contained behind secured networks and is only accessible by a limited number of persons who have special access rights to such systems, and are required to keep the information confidential. In addition, all sensitive/credit information you supply is encrypted via Secure Socket Layer (SSL) technology.

  • We implement a variety of security measures when a user enters, submits, or accesses their information to maintain the safety of your personal information.

  • All transactions are processed through a gateway provider and are not stored or processed on our servers.

  • Personal data will be erased or anonymized that they fulfil their purpose where there is no retention obligation. We will remove the identifiable information of yours where it is no longer necessary unless there is a regulatory obligation, or the primary interest of our company or any other third party, or administrative order.


How we can share your data

There will be times when we need to share your personal data with third parties. We will only disclose your personal data to:

  • third party service providers and partners who assist and enable us to use the personal data to, for example, support delivery of or provide functionality on the website or services, or to market or promote our goods and services to you

  • regulators, law enforcement bodies, government agencies, courts or other third parties where we think it’s necessary to comply with applicable laws or regulations, or to exercise, establish or defend our legal rights. Where possible and appropriate, we will notify you of this type of disclosure

  • an actual or potential buyer (and its agents and advisers) in connection with an actual or proposed purchase, merger or acquisition of any part of our business

  • other people where we have your consent.


Your rights

It’s your personal data and you have certain rights relating to it. When it comes to marketing communications, you can ask us not to send you these at any time – just follow the unsubscribe instructions contained in the marketing communication, or send your request to


You also have rights to:

  • know what personal data we hold about you, and to make sure it’s correct and up to date

  • request a copy of your personal data, or ask us to restrict processing your personal data or delete it

  • object to our continued processing of your personal data


You can exercise these rights at any time by sending an email to

If you’re not happy with how we are processing your personal data, please let us know by sending an email to We will review and investigate your complaint, and try to get back to you within a reasonable time frame. You can also complain to your local data protection authority. They will be able to advise you how to submit a complaint.


California Online Privacy Protection Act

CalOPPA is the first state law in the nation to require commercial websites and online services to post a privacy policy. The law’s reach stretches well beyond California to require any person or company in the United States (and conceivably the world) that operates websites collecting Personally Identifiable Information from California consumers to post a conspicuous privacy policy on its website stating exactly the information being collected and those individuals or companies with whom it is being shared.

According to CalOPPA, we agree to the following:

  • Users can visit our site anonymously.

  • Once this privacy policy is created, we will add a link to it on our home page or as a minimum, on the first significant page after entering our website.

  • Our Privacy Policy link includes the word ‘Privacy’ and can easily be found on the page specified above.


COPPA (Children Online Privacy Protection Act)

When it comes to the collection of personal information from children under the age of 13 years old, the Children’s Online Privacy Protection Act (COPPA) puts parents in control. The Federal Trade Commission, United States’ consumer protection agency, enforces the COPPA Rule, which spells out what operators of websites and online services must do to protect children’s privacy and safety online.

Even though we may collect personal data that belong to children of any age, we do not specifically market to children under the age of 13 years old.


Fair Information Practices

The Fair Information Practices Principles form the backbone of privacy law in the United States and the concepts they include have played a significant role in the development of data protection laws around the globe. Understanding the Fair Information Practice Principles and how they should be implemented is critical to comply with the various privacy laws that protect personal information.

In order to be in line with Fair Information Practices we will take the following responsive action, should a data breach occur:

  • We will notify you via email

  • Within 7 business days


We also agree to the Individual Redress Principle which requires that individuals have the right to legally pursue enforceable rights against data collectors and processors who fail to adhere to the law. This principle requires not only that individuals have enforceable rights against data users, but also that individuals have recourse to courts or government agencies to investigate and/or prosecute non-compliance by data processors.



The CAN-SPAM Act is a law that sets the rules for commercial email, establishes requirements for commercial messages, gives recipients the right to have emails stopped from being sent to them, and spells out tough penalties for violations.

To be in accordance with CANSPAM, we agree to the following:

  • Not use false or misleading subjects or email addresses.

  • Identify the message as an advertisement in some reasonable way.

  • Include the physical address of our business or site headquarters.

  • Monitor third-party email marketing services for compliance, if one is used.

  • Honor opt-out/unsubscribe requests quickly.

  • Allow users to unsubscribe by using the link at the bottom of each email.


Notification of Changes

We may change this Privacy Policy from time to time. If we make any changes, we will notify you by revising the date on this Privacy Policy and, in some cases, where appropriate we may provide you with additional notice.

Your continued use of our Services after the revised Policy has become effective indicates that you have read, understood, and agreed to the current version of this Policy.

The Company is committed to complying with the Privacy Rule.

The Company recognizes the need to protect the privacy of PHI in order to facilitate the effective delivery of health care. These Privacy Policies and Procedures are designed and intended to ensure the Company’s compliance with the Privacy Rule. The Company adopts these Policies and Procedures to protect the PHI that it creates and maintains from unauthorized use, disclosure, or access, and to maintain the confidentiality and integrity of that PHI. These Policies and Procedures also ensure that individuals have rights related to their PHI. Through the Company’s Notice of Privacy Practices ("Privacy Notice") individuals are informed of the Company’s legal duties and these Policies and Procedures, as well as their individual rights with respect to their PHI.

By agreeing, you acknowledge receipt of the Notice of Privacy Practices (“NPP”) of PediaMetrix Inc. Our NPP provides information about how we may use and disclose your protected health information. We encourage you to read it in full.

Our NPP is subject to change. If we change our NPP, you may obtain a copy of the revised NPP by accessing our website at or contacting us at .

Rev. A

Published: 01/01/2021

Contacting Us

If there are any questions regarding this privacy policy, you may contact us using the information below.
155 Gibbs St, Suite 537
Rockville, MD 20850
United States
+1 (240) 670-0171

bottom of page