Notice at Collection for California Residents. At or before the time of collection of personal information, California residents may have a right to receive notice of our information practices, including the categories of personal information to be collected, the purposes for which such personal information is collected or used, whether such personal information is sold or shared and how to opt-out of such selling and sharing, and how long such information is retained. You can find those details in this Privacy Policy by clicking on the above links.
This Privacy Policy describes how Joint Restoration Foundation, Inc., and its subsidiaries, affiliates, and related entities (collectively, “JRF Ortho”, “Company”, “we”, or “us”) collect and process personal information about individuals (including, but not limited to, health care professionals, job applicants, agents, consultants, contractors, vendors, service providers, business associates and other users) through the JRF Ortho website located at https://jrfortho.org/ (the “Website”).
We collect and use information that identifies, relates to, describes, references, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular individual or household (“personal information”). Personal information does not include:
The chart below identifies which categories of personal information we collected from you within the last 12 months and the source of this personal information.
Category | Examples | Collected | Source of this Personal Information |
---|---|---|---|
A. Identifiers. | A real name, postal address, Internet Protocol address, email address. | YES | You, Service Providers |
B. Personal information categories listed in the California Customer Records statute (Cal. Civ. Code § 1798.80(e)) (“California Customer Records”). | A name, signature, address, telephone number, education, employment, employment history. Some personal information included in this category may overlap with other categories. | YES | You, Service Providers |
C. Protected classification characteristics under California or federal law (“Protected Classes”). | Age (40 years or older), race, color, ancestry, national origin, citizenship, physical or mental disability, sex, military and veteran status. | YES | You |
D. Commercial information. | Records of personal property, products, or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies. | YES | You, Service Providers |
E. Biometric information. | Genetic, physiological, behavioral, and biological characteristics, or activity patterns used to extract a template or other identifier or identifying information, such as fingerprints, faceprints, and voiceprints, iris or retina scans, keystroke, gait, or other physical patterns, and sleep, health, or exercise data. | NO | N/A |
F. Internet or other similar network activity. | Activity on our websites, mobile apps, or other digital systems, such as internet browsing history, search history, system usage, electronic communications with us, postings on our social media sites. | YES | You |
G. Geolocation data. | Physical location or movements, such as the time and physical location related to use of our internet website, application, or device. | YES | You |
H. Sensory data. | Audio, electronic, visual, thermal, olfactory, or similar information. | NO | N/A |
I. Professional or employment-related information. | Current or past job history. | YES | You |
J. Non-public education information (per FERPA) (“FERPA Information”). | Education records directly related to a student maintained by an educational institution or party acting on its behalf, such as grades, transcripts, class lists, student schedules, student identification codes, student financial information, or student disciplinary records. | NO | N/A |
K. Inferences drawn from other personal information. | Profile reflecting a person’s preferences, characteristics, psychological trends, predispositions, behavior, attitudes, intelligence, abilities, and aptitudes. | NO | N/A |
L. Sensitive personal information. | Further identified in the chart below. | NO | N/A |
Sensitive personal information is a subtype of personal information consisting of the specific information categories listed in the chart below. Importantly, the CCPA only treats this information as sensitive personal information when we collect or use it to infer characteristics about a consumer.
The chart below identifies which sensitive personal information categories, if any, we have collected from consumers to infer characteristics about them in the last 12 months.
Sensitive Personal Information Category | Collected to Infer Characteristics? | Retention Period |
---|---|---|
L.1. Government identifiers, such as your Social Security number (SSN), driver’s license, state identification card, or passport number. | NO | N/A |
L.2. Complete account access credentials, such as usernames, account logins, account numbers, or card numbers combined with required access/security code or password. | NO | N/A |
L.3. Precise geolocation, such as physical store visits or physical locations when visiting websites or using mobile apps. | NO | N/A |
L.4. Racial or ethnic origin. | NO | N/A |
L.5. Citizenship or immigration status. | NO | N/A |
L.6. Religious or philosophical beliefs. | NO | N/A |
L.7. Union membership. | NO | N/A |
L.8. Mail, email, or text messages not directed to the Company. | NO | N/A |
L.9. Genetic data. | NO | N/A |
L.10. Neural Data, such as information generated by measuring a consumer’s central or peripheral nervous system’s activity that is not inferred from nonneural information. | NO | N/A |
L.11. Unique identifying biometric information. | NO | N/A |
L.12. Health information. | NO | N/A |
L.13. Sex life or sexual orientation information. | NO | N/A |
We obtain the categories of personal information listed above from the following categories of sources:
This section provides more detail about Category F in the above table.
We collect information about how you use our Services by setting and accessing cookies on your computer. A cookie is a small piece of information sent by our Services that is saved on your storage drive by your computer’s browser. The cookie holds information our Services may need to personalize or enhance your experience and to gather statistical data, such as which pages are visited, the Internet provider’s domain name and the addresses of the sites visited immediately before coming to and immediately after leaving our Services. The information in the cookie lets us trace “clickstream” activity (i.e., the paths taken by visitors to our Services as they move from page to page) to enable us to better serve our customers by revealing which portions of our Services are the most popular. We may link the anonymous visitor ID from your cookie to a user ID in our database to help us analyze web traffic and statistics. From time to time, other companies may help us with data research and analysis, but they will be prohibited from using that data for any other purpose.
You may manage how we use cookies on your browser by clicking the “Manage Cookie Preferences” link in the bottom left hand corner or our Website or by visiting https://jrfortho.org/info/manage-cookies (collectively, the “Cookie Preference Tools”). Clicking either of the Cookie Preference Tools take you to a page where you can manage your cookie preferences. The four categories of cookies utilized and their purpose are as follows:
By selecting the appropriate radio button next to each cookie type, you can choose which cookies to allow, except for the Strictly Essential Cookies that are necessary for the operation of the Services. In addition to using our Cookie Preference Tools, you can also manage and disable cookies through your browser settings. You can learn more about cookies at the following link: All About Cookies | Online Privacy and Digital Security. Note that certain features of the Services may not be available if you delete or reject cookies.
We may obtain information about you from a third-party website or application where we post content or invite your feedback or participation.
We obtain information about you that you provide through our chat technologies operated by third party vendors that enable the chat features that you can use to communicate with us through the Services. JRF Ortho and our third party vendors may monitor and record information (including personal information should you provide it) you share through these chat features, and collect information about your interaction with them and your device (e.g., IP address, online identifiers), for quality assurance, analytics, and the other purposes described in this Privacy Policy.
We may use and disclose the personal information we collect to advance the Company’s business and commercial purposes, specifically to:
We will not collect additional categories of personal information or use the personal information we collected for materially different, unrelated, or incompatible purposes without providing you notice. If required by law, we will also seek your consent before using your personal information for a new or unrelated purpose. We may collect, process, and disclose aggregated or deidentified consumer information for any purpose, without restriction. When we collect, process, or disclose aggregated or deidentified consumer information, we will maintain and use it in deidentified form and will not attempt to reidentify the information, except to determine whether our deidentification processes satisfies any applicable legal requirements.
We may disclose the personal information we collect to third parties for the business purposes described in Personal Information Collect, Use, and Disclosure Purposes section and in the table below, such as to engage third parties to support our business functions.
We only make these business purpose disclosures under written contracts that describe the purposes, require the recipient to keep the personal information confidential, prohibit using the disclosed information for any purpose except performing the contract, and meet the CCPA’s other contract requirements for engaging service providers or contractors.
The chart below identifies the categories of entities to whom we have disclosed our consumers’ personal information for a business purpose over the preceding 12 months, along with the personal information categories disclosed and the disclosure’s business purposes.
Category of Business Purpose Disclosure Recipients | Personal Information Categories Disclosed | Sensitive Personal Information Categories Disclosed | Business Purpose Disclosures |
---|---|---|---|
Service Providers (including Sales Representatives) | A. Identifiers B. California Customer Records D. Commercial information |
None | To deliver our services |
Order Fulfillment and Shipping Providers | A. Identifiers B. California Customer Records D. Commercial information |
None | To deliver products you purchased from us |
Payment Processor | A. Identifiers B. California Customer Records D. Commercial information |
None | To process payments for products you purchased from us |
Enterprise Resource Planning System | A. Identifiers B. California Customer Records D. Commercial information |
None | To deliver our services |
We do not sell your personal information to third parties and have not sold it in the preceding 12 months. We do not share your personal information with third parties for cross-context behavioral advertising purposes and have not shared your personal information in the preceding 12 months.
You have the following data subject rights:
You can submit a request to exercise one or more of your data subject rights stated above using the following methods:
After we receive your request, we will determine if the request is a verifiable customer request before acting on the request. You must provide enough information for us to verify that it is the proper person making the request; if we cannot complete the verification, the request will not be processed. We have 45 days in which to take action on your request. If we run into issues in honoring your request, we will notify you within those 45 days. The original 45-day period may be extended by 45 days if reasonably necessary. We will inform you, without delay, of the reasons, if we decide not to take action on your request. We will also inform you if you have rights to appeal our decision.
If you use an authorized agent to submit a request and the authorized agent does not provide a proper power of attorney, we may require you to either (1) verify your identity directly with us, or (2) directly confirm with us that you provided the authorized agent permission to submit the request.
If your browser supports an opt-out preference signal, you may opt out of the sharing or sale of your personal information by properly configuring the opt-out preference signal. If you subsequently delete cookies, change your browser settings, or use a different browser, you will need to turn the opt-out signal on again.
Some functionality within our Services may require us to sell or share your data. For example, if you have opted out of us selling or sharing your information and now want to opt-in to the selling or sharing of your information in order to access such functionality within our Services and you are opted out we will inform you that the functionality requires the sale or sharing of your personal information and provide instructions on how you can provide consent to opt-in to the sale or sharing of your personal information.
We apply commercially reasonable and appropriate administrative, technical, and physical safeguards to protect the confidentiality, integrity, and availability of your personal information. Such safeguards protect against unauthorized access, alteration, disclosure, unlawful processing and accidental loss, destruction, or damage of your personal information. Although these safeguards reduce the risk of adverse effects to the confidentiality, integrity, and availability of your personal information, they cannot ensure or guarantee against the possibility of a security incident.
Your personal information is retained for as long as reasonably necessary and proportionate to achieve:
We do not knowingly collect or allow the collection of personal information with our Services from individuals under the age of 18. If we have actual knowledge that we have collected personal information from someone under the age of 18 we will delete that personal information. If you believe that we have collected information from a child under the age of 18, please contact us at privacy@jrfortho.org.
Our Services may contain links to third party websites, services, or resources that are not covered under this Privacy Policy and our Terms and Conditions. Upon visiting or using those third-party websites, services, or resources, we recommend that you review their privacy policy, terms and conditions, and terms of use before providing your personal information.
If JRF Ortho is acquired by or merged with a third-party entity, we reserve the right to transfer or assign the personal information you provided to us as part of such merger, acquisition, sale, or other change of control to the new entity. In the event of bankruptcy, insolvency, reorganization, receivership, or assignment for the benefit of creditors, or the application of laws or equitable principles affecting creditor’s rights generally, we may not be able to control how your personal information is processed. If such a situation arises, we would request that all applicable privacy laws and protection standards at least as stringent as ours be applied to your personal information originally in our possession. In the event of a transfer of corporate assets, the information regarding the transfer will be posted on our Services.
You have choices available when it comes to information about you:
We use features or technologies provided by our third-party service providers that leverage artificial intelligence or machine learning (collectively, “AI”) in connection with our Services to facilitate a more seamless customer service chatbot experience. While we strive for accuracy and relevance, AI-generated content may not always be entirely accurate or up-to-date, and may not reflect personalized advice. Please verify key information with reliable sources and consider consulting with a professional for specific guidance. We do not guarantee the accuracy or completeness of AI-generated content, and users rely on it at their own risk.
We reserve the right to update this Privacy Policy to accurately disclose changes as necessitated by applicable laws and other events. If those changes are material in nature, we will notify you by a notice placed on our public facing Website or by electronic mail.
If you have a question about this Privacy Policy, or you would like to contact us about any of your rights mentioned herein, please contact us at privacy@jrfortho.org. You may reach us by mail to JRF Ortho, Attention: Legal, 7245 S. Havana Street, Suite #300, Centennial, Colorado 80112 USA.
Last Modified: September 15, 2025