PRIVACY AND SECURITY STATEMENT

Effective: March 1, 2006

This Privacy and Security Statement applies to information collected by DrPiatt.com. DrPiatt.com is committed to protecting the privacy of its Customers ("Customers"). We created the following Privacy Statement to give you an overview of the type of information we collect, how the information is used and how the information is safeguarded.

Customer information is collected by DrPiatt.com through the use of the DrPiatt.com web site. This Privacy Statement applies only to information collected by DrPiatt.com and does not apply to the medical practice of Dr. Carol Piatt in Fairfax, Virginia. Using this web site and/or ordering products through the DrPiatt.com web site does not constitute a doctor and patient relationship between Dr. Carol Piatt and the Customer. By visiting the online web site for DrPiatt.com, you are accepting the practices described in this Privacy and Security Notice.

In order to provide you with products of interest to you and to continually improve your shopping experience on DrPiatt.com, we collect information about our Customers in a variety of ways. In some cases, DrPiatt.com asks Customers directly for information in order for them to purchase products or use our services, and, in other cases, information is collected automatically as Customers use our Web Site. You may choose not to provide certain information, but then you may not be able to purchase products or take advantage of the features we offer. The following is a summary of the kinds of information we collect:

1. Active Collection.

DrPiatt.com is the sole owner of information collected on the web site. We collect certain information either voluntarily or as required in order to register with DrPiatt.com (i.e., to use the Forums) or use certain DrPiatt.com services. Please note that we use the Paypal financial transaction system so your financial information (such as credit card number and expiration date) is never revealed or shared with the staff at DrPiatt.com. The "checkout" purchase transaction is secured through Paypal.

Information that DrPiatt.com collects includes:

• Contact information, such as name, mailing address, e-mail address and phone number.


• Shipping or transaction information, such as billing address. If we have trouble processing an order, the information is used to contact the Customer.


• Demographic information such as zip code.


• Information you enter in forms and optional surveys or contests, such as name and e-mail address.


• Information provided in connection with discussions on bulletin boards, in chat rooms, and in messaging or other interactive services.


• Information provided in e-mail requests and communications.


• Information from other sources. In order to personalize our service by providing better product recommendations or special offers we may think will interest you, we may receive information about you from other sources and add it to our account information. We also sometimes receive updated delivery and address information from our shippers or other sources so that we can correct our records and deliver your next purchase or communication more easily.

2. Passive Collection

Some information is collected automatically while you are using DrPiatt.com. It is important to note that DrPiatt.com must store this information in order to ensure its Customers receive optimal service while using our services. This type of information includes:

a. Log Files: Log files information, such as IP addresses, browser type, domain names, number of page views, login frequency, page or section accesses. Log files are used to track visitor usage and engagement and to gauge the effectiveness of our different services. We use your IP address to help diagnose problems with our server and to administer the Web site.

b. Cookies: DrPiatt.com uses a technique known as setting a cookie, which is an electronic piece of information stored on your computer, to allow us to recognize you for the duration of your shopping session and to provide you with customized services and information. If Customers reject a cookie placed by DrPiatt.com, they will not be able to use the DrPiatt.com service (e.g., purchase products or login to the message Forums) other than view the DrPiatt.com web site. Please note that DrPiatt.com uses a "Session" cookie and does not use the kind of cookie that persists on your computer. In other words, we do not use cookies to track your return visits and we do not use cookies that store any personal infomation about you. A session cookie will be discarded by your Internet browser when you exit your browser program.

DrPiatt.com uses the PayPal service as a Third Party to provide services to you on behalf of DrPiatt.com, and in doing so they must set cookies on your local computer. If you reject this cookie, you cannot use the PayPal service.

How Does DrPiatt.com use the information collected?

DrPiatt.com endeavors to strictly adhere to state, local and federal laws regarding the preservation and archiving of information collected. In addition to the uses described elsewhere in this Privacy Statement, DrPiatt.com may use the information you provide in the following ways:

• We reserve the right to contact you about our products and services or about your use of our Web site. For example, customers may receive an email about their order status or an email containing questions about their preferred method of shipment. We may send emails when DrPiatt.com has new products, or when the web site has new features or enhancements or other news to relay to our Customers.


• DrPiatt.com does not use individually identifiable health information that may be collected from the web site.


• To respond to your comments or requests or to request feedback regarding our products or services.


• For billing purposes, to facilitate transactions and to fill Customer orders in connection with purchases of products offered by DrPiatt.com.


• For the specific purpose for which the information was provided.

How does DrPiatt.com Communicate With Customers?

DrPiatt.com would like to communicate with its Customers when we have new products or services we feel are of special interest to you. Unless you opt-out of communications from DrPiatt.com, you may receive correspondence about Special Offers and Updates, especially around the end of year holiday season. Out of respect for the privacy of our Customers, we present the option to not receive these types of communications. Please see the Choice/Opt-out section at the bottom of our emails.

We communicate with Customers via email and telephone to provide requested services and in regards to issues relating to their account, we reply via e-mail or phone, in accordance with the Customer's wishes.

What Information is shared with Third Parties?

Information about our customers is an important part of our business. Therefore, the simple answer is that we do not share any information about our customers with third parties.

Security

The following outlines different types of security procedures DrPiatt.com has in place to protect the loss, misuse or alteration of the information collected.

1. Identification and Authentication

Access to the data is assigned to specific individuals at DrPiatt.com in order to maintain strict control over access. We do not grant general access to data within DrPiatt.com and access to data is not granted to parties outside DrPiatt.com. We also verify the identity of the persons accessing the data by using a login name and password. Passwords are required to be six characters and include a non-alphabetic character. In addition, login sessions time-out after a period of time to prevent unauthorized use.

2. Authorization and Access Control

Only authorized personnel have access to restricted data. Access to sensitive data such as customer order information is revoked in a timely manner for employees who change function or resign. DrPiatt.com does not retain individually identifiable health information on customers.

Linking

DrPiatt.com may offer links to other Web sites. Please be aware that DrPiatt.com is not responsible for the privacy practices of such linked sites, including sites of our partners. We encourage our Customers to be aware of this when they leave DrPiatt.com and to read the privacy statements of each and every Web site that collects personally identifiable information. This privacy statement applies solely to information collected by DrPiatt.com.

Children

DrPiatt.com does not sell products for purchase by children. We may sell children's products for purchase by adults. If you are under 18, you may use DrPiatt.com only with involvement of a parent or guardian.

CHOICE/OPT OUT

DrPiatt.com gives Customers the ability to opt-out of receiving future communications by replying to "Unsubscribe" in the subject line via e-mail. For example, Customers may wish to opt-out of receiving an email that notifies customers of seasonal product sales.

Notification of Changes

DrPiatt.com reserves the right to make changes to the Privacy Statement at any time. If we plan significant changes to any of our privacy policies or practices with respect to how we use personally identifiable information, we will post those changes to this Web site 30 days before they take effect. DrPiatt.com will post those changes on our Web site so our Customers are always aware of what information we collect, how we use it, and under what circumstances, if any, we disclose it. Please review our Privacy Statement periodically to see recent changes.

Addressing Privacy & Security Concerns

If you have any questions about this Privacy Statement, the practices of this web site or your dealings with DrPiatt.com, please contact us:

Click here to send eMail to DrPiatt.com