Dear Valued Customer,

As we enter into a business relationship, we want to assure you of our unwavering

commitment to the privacy and security of the data you entrust to us. To that end, we

have established a comprehensive privacy policy that reflects our stringent compliance

standards and our dedication to protecting your sensitive information.

HIPAA Compliance

Our operations adhere strictly to the Health Insurance Portability and Accountability Act

(HIPAA), ensuring that all Protected Health Information (PHI) is handled with the

highest level of confidentiality and security. We have implemented robust safeguarding

measures to prevent unauthorized access, use, or disclosure of your PHI. This includes

comprehensive encryption, cloud security, and authentication measures.

We are committed to protecting your privacy and ensuring that your SMS opt-in

information is used solely for the intended purpose. As required by our third-party

carrier partners, we affirm that your opt-in to receive SMS communications will not be

shared with any third party for purposes unrelated to delivering the services of the

campaign you subscribed to.

However, we may share your personal information, including your SMS opt-in status or

consent, with trusted third parties that assist in providing our messaging services. This

may include platform providers, telecommunications carriers, and other service vendors

necessary for the proper delivery of text messages.

Your information will only be used to support the intended communication and will not

be sold, rented, or shared for unrelated marketing purposes.

Technology and Product Rights

We also wish to clarify the use of our technology and products. While we are proud to

provide you with our state-of-the-art insoles and the technology behind their

manufacturing, it is important to note that these products and their underlying

technologies remain the intellectual property of our company. As such, you do not hold

any rights to share, reproduce, or distribute our technology or products without our

express written consent.

Privacy Rights (CCPA/CPRA & GDPR)

Depending on where you live, you may have the following rights with respect to your

personal information (“PI”):

- Right to Know / Access – You can ask us for a copy of the PI we have collected,

used, disclosed, or shared in the past 12 months.

- Right to Delete – You can ask us to delete PI we collected from you, subject to

certain exceptions (e.g., HIPAA record‑keeping).

- Right to Correct – You may request that we correct inaccurate PI we maintain

about you.

- Right to Limit Use of Sensitive PI – If we process Sensitive PI (e.g., health scan

imagery) for purposes beyond providing our services, you may instruct us to limit

its use.

- Data Portability – We will provide PI in a structured, commonly used,

machine‑readable format.

- Non‑Discrimination / No Retaliation – We will not deny services, charge different

prices, or provide a different level of quality because you exercised any of these

rights.

How to Exercise Your Privacy Rights

Online: https://www.hikemedical.com/consumer-rights-request-form

Email: support@hikemedical.com (Subject: “Privacy Rights Request”).

Mail: 741 W Main Street, Peoria, IL 61606

Phone: 309-306-3696

We will confirm receipt within 10 days and respond within 45 days (California), unless

we notify you of an extension.

We believe that a clear understanding of our privacy policy and compliance is

vital for a transparent and trustworthy partnership. Should you have any

questions or require further clarification on any aspect of our policy, please do

not hesitate to reach out.

Thank you for choosing us as your trusted partner. We look forward to a productive

and secure collaboration.

Best regards,

Harshith Tripathi

Operations Lead

Hike Medical

harsh@hikemedical.com