RiverRock Medical Clinic, PA
On the RiverRock Website(s), including but not limited to riverrockmedical.com and drhakeem.com, we collect the information needed to process transactions and manage online accounts (Name, Billing information, Shipping Information, email). We keep to a minimum the amount of data we collect. We do not share that data with anyone, in any format.
Our contact forms and wait list forms are actually google form embeds, from our RiverRock G-Suite account. That data is encrypted both in transit and at rest, and we have signed a confidentiality agreement with Google that meets HIPAA requirements for security in transmitting and storing personal health information. Again, we collect an e-mail address, so that we can reply, and the rest of the information is only what the user sends us, and that information is securely stored on our HIPAA-secured account. It is never shared unless the user specifically requests for it to be shared with another person or entity.
When visitors leave comments on the site we collect the data shown in the comments form, and also the visitor’s IP address and browser user agent string to help spam detection.
If you leave a comment, the comment and its metadata are retained indefinitely. This is so we can recognize and approve any follow-up comments automatically instead of holding them in a moderation queue. Visitor comments may be checked through an automated spam detection service.
For users that register on our website (if any), we also store the personal information they provide in their user profile. All users can see, edit, or delete their personal information at any time (except they cannot change their username). Website administrators can also see and edit that information.
If you upload images or other media to the website, you should avoid uploading images with embedded location data (EXIF GPS) included. Visitors to the website can download and extract any location data from images on the website.
If you have an account on this site, or have left comments, you can request to receive an exported file of the personal data we hold about you, including any data you have provided to us. You can also request that we erase any personal data we hold about you. This does not include any data we are obliged to keep for administrative, legal, or security purposes.
If you leave a comment on our site you may opt-in to saving your name, email address and website in cookies. These are for your convenience so that you do not have to fill in your details again when you leave another comment. These cookies will last for one year.
If you have an account and you log in to this site, we will set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser.
When you log in, we will also set up several cookies to save your login information and your screen display choices. Login cookies last for two days, and screen options cookies last for a year. If you select "Remember Me", your login will persist for two weeks. If you log out of your account, the login cookies will be removed.
If you edit or publish an article, an additional cookie will be saved in your browser. This cookie includes no personal data and simply indicates the post ID of the article you just edited. It expires after 1 day.
Articles and pages on this site may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website.
More information can be found at https://support.google.com/analytics/answer/6004245.
We are also required to keep the information related to charges (Name, email, billing and shipping information) for tax purposes for at least 7 years. That information (the charge amount and name) resides on our servers, protected by our security measures as detailed below.
WP Ultimate Recipe
When user ratings are enabled we store a WPURP_User_Voted_%recipe% cookie (with %recipe% the ID of the recipe) that contains the rating this user has given to a particular recipe. This cookie is used as (one of the) measures to prevent rating spam.
When the User Menus feature is enabled we store WPURP_Shopping_List_Recipes_v2, WPURP_Shopping_List_Servings_v2 and WPURP_Shopping_List_Order_v2 cookies to be able to show the same shopping list to a guest on later visit. This does not contain any personal data.
When the Meal Planner feature is enabled we store WPURP_Meal_Plan_ID and WPURP_Meal_Plan_ID_%id% cookies to be able to show the same meal plan to a guest on later visit. This does not contain any personal data.
When user ratings are enabled we store the IP address upon voting. This is used as (one of the) measures to prevent rating spam.
Credit Card Charge Information
We never store your credit card information on our site. For all transactions, an encrypted (hashed) token of your credit card information is created, and that token is sent to your bank, along with the charge request. Your bank then sends back approval or denial of that charge. At no time is your actual credit card number stored on our site.
Security Measures and Certification
Our site is PCI/DDS certified and secure, and meets all the requirements for charging credit cards.
Our site is entirely run over SSL/TLS, and cannot be accessed using non-secure protocols. This is another layer of security that prevents anyone (such as a coffee-shop hacker) from snooping on your use of our site.
Login and Admin Account Protection
We also block all standard methods of login, except through google. This allows us to offer features such as 2-factor authentication(2FA), with google authenticator app, or U2F-FIDO security keys. Our users can opt-in anytime. All of our administrator accounts are required by our organization to use 2FA with U2F, the most secure known method of securing an account. Furthermore, all administrator passwords are required to be more than 20 characters in length, to prevent brute force attacks.
Accessing your information, complaints and obtaining further information, or requesting corrections or deletion of your information
If any patient has questions, concerns or complaints, they may contact us at any time, by phone, mail, or fax:
(512) 213 - 0700
711 W. 38th St., Suite D1, Rm 105
Austin, TX 78705
Fax: (512) 501 – 1060