TCTMD Privacy Policy

Privacy Statement

Effective Date: March 2026

This Privacy Statement (“Statement”) describes how the Cardiovascular Research Foundation^® (“CRF”) processes the Personal Data we collect when you use the website and mobile apps owned and operated by CRF, register or attend CRF conferences or events, engage CRF to provide services, or otherwise interact with us (collectively, the “Services”). 

If you are a participant in a research study for which CRF is a sponsor, please refer to the informed consent form for your study to learn about how your study data may be collected, used, and disclosed by CRF.

What Personal Data is Collected

“Personal Data” refers to any information that can be used to identify you or that CRF can link to you. Depending on how you interact with us, we may process the following categories of Personal Data:

• Identifiers: Such as your full name, email, contact information, IP address, photograph, and similar identifiers.
• Internet or other similar network activity: Such as Personal Data collected about your interaction with our websites, apps, and other Services.
• Payment information: Such as credit card or debit card information and information about the payment methods and services (such as PayPal or Venmo) you use in connection with the Services.
• Account history: Such as information about your donations, account, transactions, purchases, order history, or discounts.
• Demographic information: Such as your age, gender, income level, education, or professional information.
• Location information: Such as geographic location, including country, state or province, or city.
• Sensory information: Such as images, voice recordings, and videos collected or stored in connection with the Services.
• Other information: Such as other Personal Data you voluntarily provide us, such as health and demographic information.

In addition to Personal Data, we may collect information that is not identifiable. For example, we may collect our users’ browser types, device types, and operating system information and not connect it to other pieces of data. If we link this information to other information that can be used to identify you, we will treat such information as Personal Data.

How Personal Data is Collected

How we collect your Personal Data depends on your interactions with us. CRF may collect your Personal Data via:

• Direct Interactions: CRF collects your Personal Data when you communicate with us, register for an account, or otherwise interact with CRF or the Services.
• Events and Conferences: We collect Personal Data when you register for and attend our online and in-person conferences and events. Please see the Section titled “Notice for Events and Conferences” for more information about how we collect Personal Data at our events and conferences.
• Automatic Collection: CRF may automatically collect certain Personal Data when you use, access or interact with CRF via the CRF websites, for instance through browser settings or cookies.
• Third Parties: CRF may collect Personal Data from third parties, such as social media websites that share information about how you interact with CRF’s social media content, or if you interact with CRF via its social media accounts.

How Personal Data is Used

CRF processes Personal Data for various purposes, including:

• Provide Services: We use Personal Data to provide the Services and any content, features, information, products, or services that we make available through the Services for our legitimate interests and for the purpose of providing you with services you request.
• Service Improvements: We use Personal Data to understand how people use the Services and to operate, maintain and improve the Services. We may also use Personal Data to analyze trends, track your usage of and interactions with the Services and attendance at our events, and assess and improve the overall user and customer experience. This is sometimes done pursuant to your consent and to the extent necessary for our legitimate interest in developing and improving those Services and providing our users with more relevant content and service offerings.
• Contractual Obligations: We use Personal Data to carry out our obligations and enforce our rights arising from any contracts entered between you and us.
• Communications: We use Personal Data to provide transactional and marketing communications, such as welcome emails, and communications about features, products, services, or updates from CRF or in relation to the Services for our legitimate interests or, in certain cases, when you consent to these communications.
• Record Keeping and Other Internal Business Purposes: We use Personal Data to keep records on and administer how the Services are provided, how claims and complaints are handled, and to generally manage and operate our business, which is in CRF’s legitimate interests and for compliance with the law.
• Events: We use Personal Data to plan and host events or webinars you register for or attend and send event-related communications, sometimes with your consent and pursuant to our contract with you.
• Payments: We use Personal Data to verify and collect payments and donations to the extent that doing so is necessary to complete the transaction and perform our contract with you. We use a third-party payment processor to process your payments. CRF does not directly collect, store, or otherwise maintain your credit card or other financial information.
• Legal Obligations: We use Personal Data to comply with legal obligations applicable to CRF, such as responding to legal process or requests for information issued by government authorities or other third parties.
• Other Purposes: We use Personal Data to fulfill any other purpose for which you provide it, in any other way we may describe when you provide the information, or for any other purpose with your consent.

How CRF May Share the Personal Data It Collects

CRF may share your Personal Data with the following third parties and in the following circumstances:

• Service Providers: We may provide your Personal Data to our service providers to support CRF’s general business purposes, such as internal administration and providing you or your organization with the Services.
• Professional Advisors: We may provide your Personal Data to our professional advisors such as lawyers, auditors, bankers, and insurers, where necessary in the course of the professional services that they render to us.
• Business Partners: We may provide your Personal Data to our business partners such as entities with whom we jointly offer services or co-sponsor events.
• Advertising Partners: We may share your Personal Data with companies that help us display digital ads and track conversions, or advertisers that appear at our in-person events. CRF also works with advertising partners to provide a more customized experience for you when you visit the CRF websites. These partners may collect and profile your information to monitor and analyze the CRF website traffic for the purposes of business intelligence, provide personalized suggestions and content recommendations, including advertisements, and/or monitor the CRF websites for purposes of developing service improvements.
• Corporate Transaction: In the event CRF is involved in a merger, reorganization, acquisition or sale of all or a portion of its assets, or other corporate transaction, we may disclose your Personal Data as part of that transaction.
• As Required by Law: We may disclose your Personal Data if we determine that the disclosure is necessary: (i) to comply with any law applicable to us, a request from law enforcement, a regulatory agency, or other legal process; (ii) to protect the legitimate rights, privacy, property, interests or safety of CRF, our business partners, personnel, or the general public; (iv) to pursue available remedies or limit damages; (v) to enforce our policies and procedures; or (vi) to respond to an emergency.

Use of Cookies and Other Website Technologies

CRF collects certain Personal Data using cookies and similar website technologies (“Tracking Technologies”) when you visit CRF websites. Tracking Technologies are used to speed up your access to the CRF websites and the information you wish to see, as well as for website analytics, marketing efforts, tailoring our content, digital advertising, and website improvement, functionality, and performance.

CRF uses the following types of first-party and third-party Tracking Technologies on the CRF websites:

• Necessary Cookies: These are cookies that are required for the operation of the CRF websites. They include, for example, cookies that enable you to log into secure areas of the CRF websites, use a shopping cart, or make use of e-billing services.
• Statistics Cookies: These are cookies that allow CRF to recognize and count the number of visitors and to see how visitors move around the CRF websites when using them. These cookies help CRF to improve the way the CRF websites work, for example, by helping users to easily find what they are looking for.
• Preference Cookies: These are cookies that are used to recognize you when you return to a CRF websites. These cookies enable CRF to personalize content for you, greet you by name and remember your preferences (for example, your choice of language or region). They also remember your login details and password, so you do not have to type them every time you use the CRF websites.
• Marketing Cookies: These are cookies that are used to market to you, profile your interests and habits by recording or monitoring your visits to the CRF websites.  CRF will use this information to make the CRF websites and the advertising displayed on them more relevant to your interests. Marketing cookies are also placed by CRF’s third-party service providers that enable them to uniquely identify you to also provide you with personalized ads on the CRF websites or on other websites visited by you.

You may control the use of non-necessary cookies on the CRF websites by selecting your preferences within the CRF Cookie Preference Center, found at the bottom left corner of the webpage if you are visiting our website via browser. You may also control cookie settings in your web browser by refusing to allow the setting of all or some cookies. For detailed guidance on how to control or disable cookies, CRF recommends you visit  https://www.aboutcookies.org/how-to-control-cookies/. 

You may also opt-out from receiving targeted advertisements from Feathr and other third parties by visiting the following opt-out pages:

• NAI opt-out page: http://www.networkadvertising.org/choices/
• DAA opt-out page: http://www.aboutads.info/
• For EU users, the EDAA opt-out page: http://youronlinechoices.eu/            

Global Privacy Control

Individuals can automatically signal their privacy preferences to websites and other online services through their browser or through a browser extension called the Global Privacy Control (“GPC”). Depending on where you live, we may take steps to honor your preferences set by the GPC or any similar reputable universal opt-out mechanism.

Do Not Track Signals

Some web browsers incorporate a “Do Not Track” (“DNT”) or similar feature that signals to websites that a user does not want to have his or her online activity and behavior tracked. We are committed to providing you with meaningful choices about the information collected on our website for third party purposes; however, we do not currently recognize or respond to browser-initiated DNT signals.

Notice for Individuals in the European Economic Area (“EEA”)

If you are in the EEA and we maintain your Personal Data under this Privacy Statement, CRF is the controller of your Personal Data. You have the following rights under the EU GDPR regarding your Personal Data:

• Right to access and receive: You may request a copy of or access to the Personal Data we hold about you. You may also request that we transfer your Personal Data to a third party in a machine-readable format.
• Right to correct: You may ask us to update or correct inaccurate or incomplete Personal Data we hold about you.
• Right to limit or restrict: You may have the right to request that we stop using all or some of your Personal Data or to limit our use of it.
• Right to erase: You may have the right to request that we delete all or some of your Personal Data.
• Right to withdraw consent: You have the right to withdraw any consent you have previously given to CRF at any time. Your withdrawal of consent does not affect the lawfulness of our collecting, using, and sharing of your Personal Data prior to the withdrawal of your consent.
• Right to lodge a complaint: You have the right to lodge a complaint with your Supervisory Authority if you are unhappy with how we process your Personal Data. You can find contact information for your Supervisory Authority on the European Commission Data Protection Authorities webpage or through other publicly available sources.

If you would like to discuss or exercise any rights mentioned in this section, please notify officeoflegalaffairs@crf.org.  You can also use this address to lodge a complaint.

CRF is in the United States, and we recognize that the laws in the United States may be different and, in some cases, less protective as the laws in other countries, including the European Economic Area. By providing us with your Personal Data and using the Services, you acknowledge that your Personal Data will be transferred to and processed in the United States. If CRF transfers your personal data to a recipient outside of the European Economic Area, CRF will do so in compliance with the EU GDPR. If you have questions about the international transfers of your personal data or the appropriate safeguards CRF has in place, please contact CRF via officeoflegalaffairs@CRF.org.

Notice for Events and Conferences

This section applies to the Personal Data collected during attendance at online and in-person conferences or events.

In-Person Events

If you attend certain of CRF’s live, in-person conferences or events, CRF may attach a wearable beacon to the conference badge issued to you. As you enter and exit various public areas at these events, your registration information will be captured by electronic readers. You have the option of requesting that the beacon not be attached to your badge either via e-mail or at the time you pick up your badge at the event. Please check the terms and conditions of the applicable event when registering for additional information about the use/opt-out of the beacons. If you do not request to have the beacon removed at or during the event, you will later have the option not to receive promotional e-mails from CRF by using the “unsubscribe” link included in each promotional e-mail.

During your attendance at an in-person conference or event organized by CRF, your conference badge containing Personal Data (e.g., name, photo, city, state, country, and clinical/non-clinical classification, etc.) will be:

• visible to people present at the conference or event (e.g., other attendees, staff, vendors, workers, etc.) as conference badges must be worn at all times during the conference for security, identification, and networking  purposes; and
• scanned at exhibition booths if you choose to allow the scanning of your badge during your visit to the exhibition booth.

By allowing the scan of your badge at the exhibition booth, you may receive communications from that exhibitor, which are subject to such exhibitor’s privacy policies. To stop receiving such exhibitor communications, you must opt-out directly with the exhibitor directly and not through CRF. This Statement does not address the privacy, security, or other practices of the exhibitor and CRF does not endorse, screen, or approve, and is not responsible for, the privacy practices or content of such exhibitor communications and polices. Scanning of your badge at an exhibition booth is strictly voluntary.

In addition, during your attendance at an in-person conference or event organized by CRF, you may be photographed or videotaped by CRF or CRF’s designated vendor(s) capturing the event. Some of these photographs or videos may be displayed by CRF or others in publications or materials connected with the conference, other CRF conferences, or third-party events.

Virtual Events

During your attendance at a virtual event organized by CRF, if you submit comments, questions, feedback or other information during any of the sessions, you understand that your first and last name will be tied to your submission, both of which will be shared publicly with other participants in that session.  You further understand that these sessions (and the information you submit during a session) may be recorded and made available publicly on any of the CRF websites.

Marketing Communications

If you do not wish to receive marketing-related emails from us, please click the unsubscribe link at the bottom of any marketing email, or email us using the information in the section “Contact Us.” Please note that even if we stop all marketing communications, you may still receive administrative, legal, and other important communications from us.

Third-Party Services

The Services may include integrated content or links to content provided by third parties (such as social media platforms). This Statement does not address the privacy, security, or other practices of the third parties that provide such content. CRF does not endorse, screen, or approve, and is not responsible for, the privacy practices or content of such other websites. Visiting these other websites is at your own risk. CRF recommends that you review the privacy policies applicable to third-party websites prior to visiting those websites.

Protection and Retention of the Information CRF Collects

CRF deploys administrative, technical, and physical safeguards designed to safeguard the information that it collects. However, no safeguards or systems can be 100% secure. This means that CRF cannot guarantee the absolute security of your personal data. Moreover, CRF is not responsible for the security of information you transmit to CRF over networks that CRF does not control, including the internet and wireless networks, or that you submit to third parties through their websites, services or otherwise.

CRF retains the information it collects in an identifiable form as reasonably necessary and only for as long as required to fulfill the purposes for which CRF collected the information and to comply with CRF’s legal obligations. In connection with CRF’s conferences, registration information is retained for three years by our 3rd Party Service Provider however, the photos submitted for use in the conference badges are deleted after one year’s time.

Children’s Privacy

The Services are not directed to or intended for use by minors. Consistent with applicable laws, if we learn that we have received Personal Data directly from a child without his or her parent or legal guardian’s verified consent, we will use that Personal Data only to respond directly to that child (or his or her parent or legal guardian) to inform the child that he or she cannot use our services. Subsequently, we will delete such Personal Data in accordance with applicable legal requirements. If you believe that we might have any Personal Data from or about a child under the age of eighteen, please contact us.

Changes to This Statement

CRF may update this Statement at any time. The effective date of the current Statement is noted at the beginning of this Statement. CRF encourages you to periodically review this page. If CRF make changes, CRF will inform you by revising the effective date and, in some cases (for example, if CRF intends to use your information in a way that materially differs from what is described in this Statement), CRF may provide you with an additional notice (such as adding a statement to CRF website homepages or sending you a notification).  Your continued use of the Services following the posting of any changes to this Statement means you consent to such changes.

Contact Us

We welcome your questions and comments about this Statement or how we process your Personal Data. Please contact us using the information below and we will respond to you as soon as reasonably possible.

1700 Broadway, 9th Floor

New York, NY 10019

646.434.4500

info@crf.org

 

For privacy requests, email us at officeoflegalaffairs@crf.org.