Effective Date: April 2021
Your privacy is of great importance to the Cardiovascular Research Foundation, 1700 Broadway, 9th Floor, New York, United States of America (“CRF”) and CRF is committed to being responsible custodians of the information you provide and the information CRF collects in the course of operating its business.
CRF takes your personal privacy seriously. This privacy statement (this “Statement”) describes how CRF, as a data controller, may collect, use and share information, particularly in association with the operation of CRF’s websites (the “CRF Website(s)”) and when you attend any of CRF’s live, in-person or virtual events. This Statement applies to all personal data collected by CRF from individuals in the United States, European Union or from countries that have similar data protection laws.
Because CRF wants to demonstrate its commitment to your privacy, CRF share its information practices with you, including:
- What personal data is collected from users of CRF Websites.
- The organization collecting the personal data.
- How the collected personal data is used.
- With whom the personal data may be shared.
- What rights and choices are available to users.
- The security procedures in place to protect the loss, misuse or alteration of information that is under CRF’s control.
What Personal Data is Collected
CRF collects your personal data when you provide it, for instance by visiting CRF Websites, when you contact CRF, by attending CRF’s live, in-person or virtual events, or by entering into a contract with CRF. “Personal data” is any information that can be used to identify you or that CRF can link to you, such as your name, e-mail address or IP address. CRF may automatically collect certain information when you use, access or interact with CRF via the CRF Websites, for instance through browser settings or cookies. CRF may also collect information from other sources, such as social media platforms that may share information about how you interact with CRF’s social media content, or if you interact with CRF via its social media accounts.
All personal data you provide to CRF or that CRF (automatically) collects is provided voluntarily. However, without providing certain data, such as your e-mail address, CRF may not be able to respond to your requests or deliver its services to you.
CRF Websites and services are generally not directed to children under 16. CRF does not knowingly collect personal data from anyone under 16 without parental consent. If you become aware that CRF has collected personal data from a child under the age of 16 without parental consent, please let CRF know so that it can take appropriate action.
If you attend certain of CRF’s live, in-person events, CRF may attach a wearable beacon to your event badge. As you enter and exit various public areas at these events, your registration information will be captured by electronic readers. The information obtained through this process will be used to measure event attendance and to analyze aggregated event data for CRF’s internal business purposes. CRF may also use this information to send promotional and informational communications that CRF believes may be of interest to you, both during and after the event. You have the option of requesting that the beacon not be attached to your badge either via e-mail or at the time you pick up your badge at the event. Please check the terms and conditions of the applicable event when registering for additional information about the use/opt-out of the beacons. If you do not request to have the beacon removed at or during the event, you will later have the option not to receive promotional e-mails from CRF by using the “unsubscribe” link included in each promotional e-mail.
How CRF Uses the Information It Collects
CRF will only process personal data where CRF has a legal basis to do so. For example, CRF may use the information it collects:
- To enter into a contract with you, or to take steps, at your request, prior to entering into a contract (such as account registration for which CRF requires your name, e-mail address, city, state, country, zip/postal code, and clinical/non-clinical classification);
- To respond to your inquiries, to provide you with services that you request, to communicate with third-parties to provide services to you, to maintain business administration records and prevent fraud, which is in CRF’s legitimate interest;
- For other communications with you. For example, CRF sends each new member a welcome e-mail to verify username and password. Thereafter, members who elect to join one or more of CRF’s electronic communication distribution lists will occasionally receive communications about features, products, services or updates from CRF or in relation to the CRF Websites. It is in CRF’s legitimate interest to send these communications. Members who elect to join one or more of CRF’s electronic communication distribution lists and consent to receiving third-party communications may also occasionally receive communications about features, products, services or updates sponsored by third-parties that may be of interest to users of CRF Websites;
- To keep records and administration on how services were provided, claims and complaints were handled, including the documents underlying such services, claims and complaints, which is in CRF’s legitimate interest;
- To understand how people use the CRF Websites and services and to operate, maintain and improve the CRF Websites and services, which is in CRF’s legitimate interest;
- To comply with legal obligations applicable to CRF, such as responding to legal process or requests for information issued by government authorities or other third-parties.
How CRF May Share the Information It Collects
CRF and its affiliated entities share information with each other or with third-party service providers/subprocessors (including consultants and attorneys) for CRF’s general business purposes, such as internal administration and providing you or your organization with services. CRF also works with third-party service providers/subprocessors to provide a more customized experience for you when you visit the CRF Websites. To do so, CRF may disclose personal data to these third-party service providers/subprocessors, though CRF does not permit such third-party service providers to re-sell or use your personal data for their own purposes. These third-party service providers/subprocessors may collect and profile your information in order to monitor and analyze the CRF Websites’ traffic for the purposes of business intelligence, provide personalized suggestions and content recommendations, including advertisements, and/or monitor the CRF Websites for purposes of developing service improvements.
CRF and its affiliated entities may share information with other third-parties (including law enforcement agencies and potential transaction partners, sponsors, supporters, exhibitors and investors) where CRF and its affiliated entities have a legal basis to do so.
During your attendance at an in-person event organized by CRF, your badge containing personal data or information that reasonably identifies you will be scanned for administrative and legal compliance purposes. At both in-person and virtual events organized by CRF, CRF will provide third-parties (i.e., CRF’s sponsors, supporters and exhibitors) with your personal data or information for such third-parties’ independent use in compliance with their privacy statements.
During your attendance at a virtual event organized by CRF, if you submit comments, questions, feedback or other information during any of the sessions, you understand that your first and last name will be tied to your submission, both of which will be shared publicly with other participants in that session. You further understand that these sessions (and the information you submit during a session) may be recorded and made available publicly on any of the CRF Websites.
If CRF transfers your personal data to a recipient outside of the European Union, CRF will only do so in compliance with the European Union General Data Protection Regulation. If you have questions about the international transfers of your personal data or the appropriate safeguards CRF has in place or wish to obtain a copy of such safeguards, please contact CRF via firstname.lastname@example.org.
Third-Party Services and Content
CRF Websites may include integrated content or links to content provided by third-parties (such as social media platforms). This Statement does not address the privacy, security or other practices of the third-parties that provide such content. CRF does not endorse, screen or approve, and are not responsible for, the privacy practices or content of such other websites. Visiting these other websites is at your own risk. CRF recommends that you review the privacy policies applicable to third-party websites prior to visiting those websites.
CRF engages third-parties that support the operation of the CRF Websites, such as analytics providers. For instance, CRF uses Google Analytics, and Feathr.co to analyze the audience of the CRF Websites and improve CRF’s content. These third-parties may use various technologies to track your online activities over time and across different websites and online platforms. For further information on the privacy policies concerning these third-party services, please visit their respective websites:
- Google Analytics: http://www.google.com/analytics/learn/privacy.html; and
- Feathr.co: https://www.feathr.co/privacy-policy.
Protection and Storage of the Information CRF Collects
CRF deploys administrative, technical and physical safeguards designed to safeguard the information that it collects. However, no safeguards or systems can be 100% secure. This means that CRF cannot guarantee the absolute security of your personal data. Moreover, CRF is not responsible for the security of information you transmit to CRF over networks that CRF does not control, including the internet and wireless networks, or that you submit to third-parties through their websites, services or otherwise.
CRF retains the information it collects in an identifiable form as reasonably necessary and only for as long as required to fulfill the purposes for which CRF collected the information and to comply with CRF’s legal obligations.
Your Choices and Rights
CRF encourages you to contact CRF to update or correct your information if it changes or if you believe that any information that CRF collected about you is inaccurate. If provided for under applicable law, you can also ask CRF to see what personal data CRF has about you, to rectify or erase your personal data or to port your personal data. You may also tell CRF if you object to or want to restrict CRF’s use of your personal data. If you would like to discuss or exercise such rights, please notify email@example.com. You can also use this address to lodge a complaint. Depending on your location, if you are not satisfied about the manner in which CRF handles your complaint, you may also lodge a complaint with the competent data protection authority.
If CRF process your personal data on the basis of your consent, you may withdraw your consent at any time by contacting CRF at firstname.lastname@example.org. Depending on your location, where CRF processes your personal data on the basis of CRF’s or a third-party’s legitimate interest, you may object to such processing at any time by contacting CRF at email@example.com.
Changes to This Statement
CRF may update this Statement at any time. The effective date of the current Statement is noted at the beginning of this Statement. CRF encourages you to periodically review this page. If CRF make changes, CRF will inform you by revising the effective date and, in some cases (for example, if CRF intends to use your information in a way that materially differs from what is described in this Statement), CRF may provide you with an additional notice (such as adding a statement to CRF Website homepages or sending you a notification). Your continued use of the Services following the posting of any changes to this Statement means you consent to such changes.
Cookies are also used to distinguish you from other users of the CRF Websites. This helps CRF to provide you with a good experience when you browse CRF Websites and allows CRF to improve them. The CRF Websites may also use web beacons (either directly or through CRF’s third-party service providers) along with cookies to understand your browsing and buying activities and to determine if you have visited a particular site, which aids CRF in providing you with more relevant advertising and allows CRF to measure the success of online advertising campaigns. Web beacons allow CRF to obtain information such as the IP address of the computer that downloaded the page on which the beacon appears, the URL of the page on which the beacon appears, the time the page containing the beacon was viewed, the type of browser used to view the page, and the information in cookies set by the third-party. CRF also collects IP addresses. An IP address is a unique identifier that certain electronic devices used to identify and communicate with each other on the internet. When you visit the CRF Websites, CRF may view and/or store the IP address of the device you use to connect to the internet. For a third-party cookie or web beacon, the third-party will have access to the collected information in order to provide CRF with information or services to enhance the performance or functionality of the CRF Websites. CRF uses this information to determine the general physical location of the device and understand from what regions of the world visitors to the CRF Websites come from. CRF uses the information collected from these technologies to compile reports and help CRF improve the CRF Websites.
The Types of Cookies CRF Uses
CRF uses the following types of cookies on the CRF Websites:
- Permanent and Strictly Necessary Cookies. These are cookies that are required for the operation of the CRF Websites. They include, for example, cookies that enable you to log into secure areas of the CRF Websites, use a shopping cart or make use of e-billing services. They also remember your login details and password, so you don’t have to type them in every time you use the CRF Websites.
- Analytical/Performance Cookies. These are cookies that allow CRF to recognize and count the number of visitors and to see how visitors move around the CRF Websites when using them. These cookies help CRF to improve the way CRF Websites work, for example, by helping users to easily find what they are looking for.
- Functionality Cookies. These are cookies that are used to recognize you when you return to a CRF Websites. These cookies enable CRF to personalize content for you, greet you by name and remember your preferences (for example, your choice of language or region).
- Targeting Cookies. These are cookies that are used to profile your interests and habits by recording or monitoring your visits to the CRF Websites and providing information such as the browser used to access the CRF Websites, date and time, the URL of the webpage being loaded, any previously assigned cookie identification, your geographic location, the pages you have visited, the links you have followed, the ads you have viewed and the length of time spent viewing such items on the CRF Websites. CRF will use this information to make the CRF Websites and the advertising displayed on them more relevant to your interests. Targeting cookies are also placed by CRF’s third-party service providers that enable them to uniquely identify you so as to also provide you with personalized ads on the CRF Websites or on other websites visited by you.
- Session Cookies. These are temporary cookies that expire when the browser is closed.
You may control cookie settings in your web browser by refusing to allow the setting of all or some cookies. For detailed guidance on how to control or disable cookies, CRF recommends you visit https://www.aboutcookies.org/how-to-control-cookies/. If you view a CRF Website without changing your cookie settings, you are indicating your consent to receive all cookies from the CRF Website. However, if you change your cookie settings to block cookies, some features and functionality of the CRF Websites may not operate as expected.