Effective date: March 2020
Your privacy is of great importance to the Cardiovascular Research Foundation, 1700 Broadway, 9th Floor, New York, United States of America ("CRF", "we" or "us") and we are committed to being responsible custodians of the information you provide us and the information we collect in the course of operating our business.
We take your personal privacy seriously. This privacy statement ("Statement") describes how we, as a data controller, may collect, use and share information, particularly in association with the operation of our websites (the "Sites") and when you attend any of our live, in-person events. This Statement applies to all personal data collected by us from individuals in the United States, European Union or from countries where similar data protection laws apply.
Because we want to demonstrate our commitment to your privacy, we share our information practices with you, including:
- What personal data is collected from users of the Sites.
- The organization collecting the personal data.
- How the collected personal data is used.
- With whom the personal data may be shared.
- What rights and choices are available to users.
- The security procedures in place to protect the loss, misuse or alteration of information under our control.
What personal data is collected
We collect your personal data when you provide it to us, for instance by visiting our Sites, contacting us, attending our live, in-person events, or by entering into a contract with us. "Personal data" is any information that can be used to identify you or that we can link to you, for instance your name, email address and IP address. We may automatically collect certain information when you use, access, or interact with us via our Sites, for instance via browser settings or cookies. We may also collect information from other sources, such as social media platforms that may share information about how you interact with our social media content, or if you interact with us via our social media accounts.
All personal data you provide to us or that we (automatically) collect is voluntarily. However, without providing certain data, for instance your email address, we may not be able to respond to your request or deliver our services.
Our Sites and services are generally not directed to children under 16. We do not knowingly collect personal data from anyone under 16 without parental consent. If you become aware that we have collected personal data from a child under the age of 16 without parental consent, please let us know so we can take appropriate action.
If you attend certain of our live, in-person events, we may attach a wearable beacon to your event badge. As you enter and exit various public areas of our events, your registration information will be captured by electronic readers. The information obtained through this process will be used to measure event attendance and to analyze aggregated event data for our internal business purposes. We may also use this information to send promotional and informational communications that we think may be of interest to you, both during and after the applicable event. You have the option of requesting that the beacon not be attached to your badge either via email or at the time you pick up your badge at the event, please check the terms and conditions of the applicable event when registering for additional information about the use/opt-out of the beacons. In addition, if you do not request to have the beacon removed, you will later have the option not to receive promotional e-mails from us by using the “unsubscribe” link included in each promotional e-mail.
How we use the information we collect
We will only process personal data where we have a legal basis to do so. For example, we may use the information we collect:
(a) To enter into a contract with you, or to take steps at your request prior to entering into a contract (such as account registration for which we require your name, e-mail address, city, state, country, zip/postal code, and clinical/non-clinical classification);
(b) To respond to your inquiries, to provide you with services that you request, to communicate with third parties to provide of services to you, to maintain business administration records and prevent fraud, which is in our legitimate interest;
(c) For other communications with you. For example, we send each new member a welcome email to verify username and password. Thereafter, members who elect to join one or more of our electronic communication distribution lists will occasionally receive communications about features, products, services, or updates from us or in relation to the Sites. It is our legitimate interest to send these communications. Members who elect to join one or more of our electronic communication distribution lists and consent to receiving third party communication may also occasionally receive communications about features, products, services, or updates sponsored by third parties that may be of interest to users of our Site;
(d) To keep records and administration on how services were provided, claims and complaints were handled, including the documents underlying such services, claims and complaints, which is in our legitimate interest;
(e) To understand how people use our Sites and services, to operate, maintain and improve our Sites and services, which is in our legitimate interest;
(f) To comply with legal obligations applicable to us, such as responding to legal process or requests for information issued by government authorities or other third parties.
How we may share the information we collect
We and our affiliated entities share information with each other or with third-party service providers/subprocessors (including consultants and attorneys) for our general business purposes, such as internal administration, billing, claim handling and services, and providing you or your organization with services. We also work with third party service providers/ subprocessors to provide a more customized experience for you when you visit our Sites. To do so, we disclose personal data to these third party service providers/subprocessors, though we do not permit such third party service providers to re-sell or use your personal data for their own purposes. These third-party service providers/subprocessors may collect and profile your information in order to monitor and analyze our Sites’ traffic for the purposes of business intelligence; provide personalized suggestions and content recommendations, including advertisements, and/or monitor our Sites for the purpose of developing service improvements.
We and our affiliated entities may share information with other third-parties (including law enforcement agencies and potential transaction partners, sponsors, supporters, exhibitors and investors) where we and our affiliated entities have a legal basis to do so.
During your attendance at an event organized by us, your badge containing personal data or information that reasonably identifies you will be scanned for administrative and legal compliance purposes. We will also provide third parties (i.e., our sponsors, supporters and exhibitors whose event, presentation or booth you visited or attended) with your personal data or information for such third parties’ independent use in compliance with their privacy statements.
If we transfer your personal data to a recipient outside of the European Union, we will only do so in compliance with the European General Data Protection Regulation. If you have questions about the international transfers of your personal data or the appropriate safeguards we have in place or wish to obtain a copy of such safeguards, please contact us via email@example.com.
Third-party services and content
Our Sites may include integrated content or links to content provided by third parties (such as social media platforms). This Statement does not address the privacy, security, or other practices of the third parties that provide such content. We do not endorse, screen or approve, and are not responsible for, the privacy practices or content of such other websites. Visiting these other websites is at your own risk. We recommend that you review the privacy policies applicable to third party websites prior to visiting those websites. We engage third parties that support the operation of our Sites, such as analytics providers. For instance, we use Google Analytics, and Feathr.co to analyze the audience of the Sites and improve our content. These third parties may use technologies to track your online activities over time and across different websites and online platforms. For further information on the privacy policies concerning these third party services, please visit their respective websites: Google Analytics: http://www.google.com/analytics/learn/privacy.html; Feathr.co: https://www.feathr.co/privacy-policy
Protection and storage of the information we collect
We deploy administrative, technical, and physical safeguards designed to safeguard the information that we collect. However, no safeguards or systems can be 100% secure. This means that we cannot guarantee the absolute security of your personal data. Moreover, we are not responsible for the security of information you transmit to us over networks that we do not control, including the Internet and wireless networks, or that you submit to third parties through their websites, services or otherwise.
We retain the information we collect in an identifiable form as reasonably necessary and only for as long as required to fulfill the purposes for which we collect the information and to comply with our legal obligations.
Your choices and rights
We encourage you to contact us to update or correct your information if it changes or if you believe that any information that we have collected about you is inaccurate. If provided for under applicable law, you can also ask us to see what personal data we hold about you, to rectify or erase your personal data, or to port your personal data and you may tell us if you object to or want to restrict our use of your personal data. If you would like to discuss or exercise such rights, please notify firstname.lastname@example.org. You can also use this address to lodge a complaint. Depending on your location, if you are not satisfied about the manner in which we handle your complaint, you may also lodge a complaint with the competent data protection authority.
If we process your personal data on the basis of your consent, you may withdraw your consent at any time by contacting us at email@example.com. Depending on your location, where we process your personal data on the basis of our or a third party's legitimate interest, you may object to such processing at any time by contacting us at firstname.lastname@example.org.
Changes to this Statement
We may update this Statement from time to time. The effective date of the current Statement is noted at the top of this page. We encourage you to periodically review this page. If we make changes, we will notify you by revising the date at the top of the Statement and, in some cases (for example if we plan to use your information in a way that materially differs from this Statement), we may provide you with additional notice (such as adding a statement to our Sites’ homepages or sending you a notification). Your continued use of the Services following the posting of any changes to this Statement means you consent to such changes.
Cookies are also used to distinguish you from other users of our Sites. This helps us to provide you with a good experience when you browse our Sites and allows us to improve our Sites. Our Sites may also use web beacons (either directly or through our third party service providers) along with cookies to understand your browsing and buying activities and to determine if you have visited a particular site, which aids us in providing you with more relevant advertising and allows us to measure the success of online advertising campaigns. Web beacons allow us to obtain information such as the IP address of the computer that downloaded the page on which the beacon appears, the URL of the page on which the beacon appears, the time the page containing the beacon was viewed, the type of browser used to view the page, and the information in cookies set by the third-party. We also collect IP addresses. An IP address is a unique identifier that certain electronic devices use to identify and communicate with each other on the Internet. When you visit our Sites, we may view and/or store the IP address of the device you use to connect to the Internet. For a third party cookie or web beacon, the third party will have access to the collected information in order to provide us with information or services to enhance the performance or functionality of the Sites. We use this information to determine the general physical location of the device and understand from what regions of the world our Sites’ visitors come from. We use the information collected from these technologies to compile reports and help us improve the Sites.
The Types of Cookies We Use
We use the following types of cookies on our Sites:
- Permanent and strictly necessary cookies. These are cookies that are required for the operation of our Sites. They include, for example, cookies that enable you to log into secure areas of our Sites, use a shopping cart or make use of e-billing services. They also remember your login details and password, so you don't have to type them in every time you use the Sites.
- Analytical/performance cookies. These are cookies that allow us to recognize and count the number of visitors and to see how visitors move around our Sites when they are using them. These cookies help us to improve the way our Sites work, for example, by helping users to easily find what they are looking for.
- Functionality cookies. These are cookies that are used to recognize you when you return to our Sites. These cookies enable us to personalize our content for you, greet you by name, and remember your preferences (for example, your choice of language or region).
- Targeting cookies. These are cookies that are used to profile your interest and habits by recording or monitoring your visit to our Sites and providing information such as the browser used to access the Sites, date and time, URL of the page being loaded, any previously assigned cookie identification, your geographic location, the pages you have visited, the links you have followed, the ads you have viewed and the length of time spent viewing such items on our Sites. We will use this information to make our Sites and the advertising displayed on the Sites more relevant to your interests. Targeting cookies are also placed by our third party service providers that enable them to uniquely identify you so as to also provide you with personalized ads on our Sites or on other websites visited by you.
- Session cookies: These are temporary cookies that expire when the browser is closed.
You may control cookie settings in your web browser by refusing to allow the setting of all or some cookies. For detailed guidance on how to control or disable cookies, we recommend you visit www.aboutcookies.org. If you view our Sites without changing your cookie settings, you are indicating your consent to receive all cookies from our Sites. However, if you change your cookie settings to block cookies, some features and functionality of our Sites may not operate as expected.