Effective date: February 1, 2020
Commitment to Privacy
Changes to This Policy
We may change this Policy from time to time, with any such changes to be effective prospectively. Please consult this portion of the Site regularly to stay informed of any important changes to the Policy as they occur. The “Effective date” at the top of this page will indicate when the Policy was most recently updated. Unless otherwise provided in a signed, written agreement between you and the Association, by using the Site after the Association posts any changes to this Policy, you agree to accept those changes, whether or not you have reviewed them, and such acceptance shall be deemed legally conclusive. If at any time you choose not to accept the terms of this Policy, you may not use this Site.
If you have any questions or concerns regarding this Policy, including any request to exercise your legal rights, please contact us at:
- E-mail address: firstname.lastname@example.org
- Telephone number: 202-249-7100
- Mailing address: Association for Accessible Medicines, 601 New Jersey Ave NW, Suite 850, Washington, DC 20001.
For purposes of the EU’s General Data Protection Regulation 2016 (the “GDPR”) the controller is Association for Accessible Medicines, with an office at 601 New Jersey Ave NW, Suite 850, Washington, DC 20001.
When you visit our Site, attend an event or otherwise interact with us, we will collect information about you including personal information, as described below.
“Personal information” (or personally identifiable information) means any information about you which is in a form that permits us to identify you either directly or indirectly when combined with other information (such as your name, address, telephone number, social security number, billing and shipping information, credit card information or e-mail address).
Information you provide to us. We collect personal information that is provided to us by our members, event attendees, event sponsors, Site users and others, which may include:
- Contact data, such as your name, employer, job title, department, username or similar identifier, postal address, email address and telephone numbers. Contact data may be provided when you subscribe to receive our newsletter, provide your business card at a meeting or one of our events, when you communicate with us or when an organization becomes a member of the Association.
- Credentials, such as passwords, username, or similar security information used for authentication and account access.
- Marketing and subscription data, such as your preferences in receiving marketing from us and our third parties, including the information you provide when you subscribe to receive our email newsletter.
- Event data, such as the contact data you provide when you register for an event, and a record of your participation in events as an attendee, presenter or a member of the press.
- Invoicing information, such as invoice data details to process payments.
- Candidate data, such as employment history, qualifications, academic qualifications and education records, and any other information that you provide to us when applying for a role, for example in your curriculum vitae, a covering letter, on an application form or during an interview, or that we have received from a recruitment agency or background check provider.
In addition, some of our pages and interactive advertisements on our Site may invite visitors to submit names, e-mail addresses or addresses of others in connection with certain promotions or offers that appear on our Site or interactive advertisements.
If you opt not to provide us with personal information, no material consequences will result, although you may be unable to participate in certain promotions, receive product information, or participate in any transactions through the Site. Parties wishing to participate in any transactions through the Site are required to provide the Association with a variety of necessary and personal information.
Information we automatically collect. When you use or access the Site, we may also collect information through automated means, including (but not limited to) some or all of the following:
- Device data, such as your unique device ID, device type, machine ID, the location from which you use or access the Site, the kind of browser you use, computer and connection information, browser type, Internet Protocol (“IP”) address (a number that is automatically assigned to your computer or device when you use the Internet, which may vary from session to session) and domain name. We also may collect any telephone number from which you contact us.
- Log data, including information associated with your activities on the Site such as the date and time you visit the Site, the amount of time you spend on the Site, information about the way you interact with the Site, statistics regarding your page views and traffic to and from the Site, the hyperlinks clicked, and other actions you take. We may also track information such as the URL that you visited before you come to the Site and the URL to which you next go. Generally, we gather this information for the purpose of analyzing aggregated trends and statistics.
Cookies and similar tracking technologies. In addition, when you view one of our Sites or advertisements, we may store some information on your computer. This information will be in the form of a “cookie” or similar file and will help us in many ways. Most Internet browsers enable you to erase cookies from your computer hard drive, block all cookies, or receive a warning before a cookie is stored. For more information about our practices in this area, please see our Cookie Notice
Use of Personal Information
We process your personal information for the purposes set out in this Policy only where we have a valid legal ground for doing so under applicable data protection law. The legal ground will depend on the purpose for which we process your personal information.
We may process your personal information for the following purposes as is necessary in accordance with any agreements that you may have entered into with the Association, or to answer questions or take steps at your request prior to entering those terms:
- to provide our products and services, and contact you regarding your use of our products and services;
- to provide you with copies of our research and other membership content that you have requested;
- to manage registration, payments and your attendance to our events; and
- to respond to requests or inquiries.
We may use your sensitive information, such as health data, to provide you with specialized services, such as disabled access to our events, where you have given your explicit consent to the extent required by applicable law (such consent can be withdrawn at any time).
We may process your personal information as necessary for certain legitimate interests, or where you have given your consent to such processing to the extent required by applicable law (such consent can be withdrawn at any time):
- to better understand your needs and to develop a relationship with you;
- to improve our services;
- to send you marketing or promotional materials or other information;
- to respond to your comments or requests for information and to contact you if needed in the course of processing your requests;
- to invite you to events;
- where you attend one of our events, to share your contact data with sponsors and other attendees;
- to contact you after you have attended one of our events;
- to confirm, update and improve our records;
- to identify and inform you of services that may be of interest;
- to offer our products and services to you in a personalized way;
- to administer the Site;
- for internal administrative and technical operations to keep the Site, network and information systems secure; and
- to (i) comply with legal obligations, (ii) respond to requests from competent authorities; (iii) protect our interests; (iv) protect our rights, safety or property, and/or that of our partners, you or others; and (v) enforce or defend our legal rights.
If you have applied for employment, and internship or secondment, we will use personal information in the following ways as necessary in our legitimate interests, and to decide whether to enter into a contract with you:
- to assess your skills, qualifications, and suitability for the role you have applied for;
- to carry out background and reference checks, where applicable;
- to communicate with you about the recruitment process;
- to keep records related to our hiring processes; and
- to comply with legal or regulatory requirements.
Disclosing Personal Information
There are circumstances where we wish to disclose or are compelled to disclose your personal information to third parties. This will only take place in accordance with the applicable law and for the purposes listed in this Policy.
Subject to applicable law, we disclose and share your personal information with:
- Our business associates;
- Trusted third parties that are under contract to perform services for or on behalf of the Association. The services provided by such parties include services in the following categories: website hosting services, e-mail fulfillment, payment processing, authenticating identities, helping us to create or maintain our databases, helping us to research or analyze visitors to our Site and maintaining the security of our services, backend support services and data analysis and visualization support services;
- A third party as set forth in “Transfer of Business Assets”;
- Third parties including (without limitation) public authorities, to comply with the law, applicable regulations, governmental and quasi-governmental requests, court orders or subpoenas, to enforce other agreements you may have with the Association, or to protect our rights, property or safety or the rights, property or safety of our users or others (e.g., to a reporting agency for fraud protection). We reserve the right to release information that we collect to law enforcement or other government officials, as we, in our sole and absolute discretion, deem necessary or appropriate.
- Any other third party where you have provided your consent; and
- Other persons as permitted or required by applicable law or regulation.
Nothing in the Policy shall be deemed to prohibit the Association from disclosing your identity if the Association is required by law to do so.
We may also share aggregated or anonymous information that cannot identify you with third parties. For example, we may disclose the number of visitors to the Site, attendees to our events, or the number of people who have downloaded content from our Site.
We require all third parties to respect the security of your personal information and to treat it in accordance with the law. We do not allow our third-party service providers to use your personal information for their own purposes and only permit them to process your personal information for specified purposes and in accordance with our instructions.
Transfer of Business Assets
As we continue to develop the Association, we might acquire, buy or merge with other businesses or assets. In such transactions, customer information generally is one of the transferred business assets. Also, in the event that the Association or substantially all of its assets are acquired, identifiable including personal information will be one of the transferred assets.
We are headquartered in Washington DC. By using the Site from outside the United States, you acknowledge that your personal information may be accessed by us or transferred to us in the United States and to our affiliates, partners, and service providers who are located around the world and that your personal information will be transferred to, and stored and processed in, the United States or elsewhere in the world where our servers are located.
The security of your personal information is important to us. The Association will make reasonable efforts to keep secure the data you provide us and will take reasonable precautions, such as using a secure server, in an effort to protect your personal information from loss, misuse or alteration. Agents or hosting contractors of the Association who have access to your personal information in connection with providing services for the Association are required to keep the information confidential and are not permitted to use this information for any other purpose than to carry out the services they are performing for the Association. The Association cannot, however, be liable for any security breaches, either by the Association or any third party, as discussed in greater detail below.
Retention of Information
We will store your personal information for no longer than is necessary for the purpose for which such personal information is processed. Please note, however, that we may retain and use your personal information as necessary to comply with our legal obligations, to resolve disputes and to enforce our agreements and rights.
The Association intends that the Site be used by adults and does not want to collect personal information from minors (children under 13 years of age, or any other age defined under applicable law). If a child has provided us with personal information, a parent or guardian of that child may contact us at the e-mail address or address provided by the Site (email@example.com) if they would like this information deleted from our records. We will use reasonable efforts to delete the child’s information from our databases. Parents may learn more about keeping children safe online at www.netsmartz.org.
You can always opt not to disclose information to us, but keep in mind some information may be needed to take advantage of some of the features on the Site.
Marketing communications. You can opt-out of receiving certain marketing communications from us at any time, by using the unsubscribe link in the email communications we send, or by contacting us using the details contained in the “Contact Us” section at the beginning of this Policy. We may continue to send you non-promotional communications, like service-related emails.
“Do Not Track” signals
At this time, our Site does not support “do not track” signals (“DNT”) that may be available in your browser for letting websites know that you do not want them collecting certain kinds of information. If you turn on the DNT setting on your browser, our Site is not currently capable of following whatever DNT preferences you set. For more information about DNT, visit www.donottrack.us.
If you are based in the European Economic Area (“EEA”) or the United Kingdom, in certain circumstances you have rights under data protection laws in relation to your personal information that we hold about you—specifically:
- Request access to your personal information. You may have the right to request access to any personal information we hold about you as well as related information, including the purposes for processing the personal information, the recipients or categories of recipients with whom the personal information has been shared, where possible, the period for which the personal information will be stored, the source of the personal information, and the existence of any automated decision making.
- Request correction of your personal information. You may have the right to obtain without undue delay the rectification of any inaccurate personal information we hold about you.
- Request erasure of your personal information. You may have the right to request that personal information held about you be deleted.
- Request restriction of processing your personal information. You may have the right to prevent or restrict processing of your personal information.
- Request transfer of your personal information. You may have the right to request transfer of your personal information directly to a third party where this is technically feasible.
Where you believe that we have not complied with our obligations under this Policy or European data protection law, we ask that you contact us first to see if we can resolve the issue. However, you have the right to make a complaint to an EU Data Protection Authority, such as the UK Information Commissioner’s Office.
The Association may provide links to Web pages which are not part of the Association. These sites are not under Association control and the Association is not responsible for the information or links you may find there. The Association is providing these links only as a convenience. The presence of these links on any Association Site is not intended to imply Association endorsement of that site but to provide a convenient link to relevant sites which are managed by other organizations, companies, or individuals.
No Liability for Acts of Third Parties
Although the Association will use reasonable efforts to safeguard the confidentiality of your personal information, transmissions made by means of the Internet cannot be made absolutely secure and the Site cannot be absolutely protected against unauthorized intrusion. The Association will have no liability for disclosure of information due to errors in transmission or unauthorized or negligent acts of third parties. In addition, the Association will release specific information about you to comply with any valid legal process such as a search warrant, subpoena, statute or court order. We will also release specific information in special cases, such as if there is an attempted breach of security or a physical threat to you or others.
Please note that if you give out personal information online that information can be collected and used by third parties. Although we strive to protect our users’ privacy, we cannot guarantee the security of information you post in these forums. You disclose such information at your own risk.
Your Acceptance of These Terms
By accessing and using the Site, you have agreed to and accepted the Association’s Policy. If you do not agree to this Policy, you may not use the Site.