Privacy PolicyEFFECTIVE DATE JANUARY 1, 2019INTRODUCTIONThis Policy explains how the American Academy of Osteopathy (“Association”, “we” or “us”) collects and processes your Personal Data. Each time you use our Site, the current version of this Policy will apply. Accordingly, whenever you use our Site, you should check the date of this Policy (which appears at the top) and review any changes since the last version. This Policy is applicable to all Site visitors, registered users, and all other users of our Site. “Personal Data” is any information that enables us to identify you, directly or indirectly, by reference to an identifier such as your name, identification number, location data, online identifier or one or more factors specific to your physical, physiological, genetic, mental, economic, cultural or social identity. By visiting www.academyofosteopathy.org (the “Site”), you acknowledge that you have read and understood the processes and policies referred to in this Policy. WHO WE AREFor the purposes of the General Data Protection Regulation 2016/679 (the “GDPR”), the Data Controller is the American Academy of Osteopathy with a registered address at 3500 DePauw Blvd., Suite 1100, Indianapolis, IN 46268-1136. Association staff is responsible for overseeing questions in relation to this Policy for the purposes of the GDPR, and they may be contacted at [email protected] or 317-879-1881. HOW WE COLLECT PERSONAL DATAWe may collect and process the following Personal Data: Contact information, which you provide when corresponding with us by phone, e-mail or otherwise. The information you give us may include your name, address, e-mail address, phone number, financial information and/or credit card information. Membership information, about your membership including your name, contact details such as address, phone number and email address (business or personal), age, job title, year of admission and any other information related to your membership. Membership information may be provided by you during the registration process, or by your employer on your behalf. Dues payment information, including financial information such as credit/debit card and account numbers used to register or renew your membership. Purchase information, relating to purchases made by members and non-members of event participation, books, reports, journals or newsletter subscriptions either in-person or via our Site. Purchase information will include financial information as well as information concerning the content and time of the purchase. With regard to each of your visits to the Site we will automatically collect the following information: Information about your visit, including pages you viewed or searched for, page response times, download errors, length of visits to certain pages, page interaction information (such as scrolling, clicks, and mouse-overs), methods used to browse away from the page, and any phone number used to call our customer service number; and Location information We also collect information that is sent to us automatically by your web browser and we may use this information to generate aggregate statistics about visitors to our Site, including, without limitation: IP addresses, browser type and plug-in details, device type (e.g., desktop, laptop, tablet, phone, etc.), operating system, and local time zone. We may use non-Personal Data for various business purposes such as providing customer service, fraud prevention, market research, and improving our Site. Please check your web browser if you want to learn what information your browser sends or how to change your settings. HOW WE USE YOUR PERSONAL DATAWe will only process your Personal Data, including sharing it with third parties, where (1) you have provided your consent which can be withdrawn at any time, (2) the processing is necessary for the performance of a contract to which you are a party, (3) we are required by law, (4) processing is required to protect your vital interests or those of another person, or (5) processing is necessary for the purposes of our legitimate commercial interests, except where such interests are overridden by your rights and interests. We may use Personal Data that you provide directly to us for the following purposes:
We will use Personal Data that we have collected about your use of our Site:
We will combine this information with information you give to us and information we collect about you. We will use this information and the combined Personal Data for the purposes set out above (depending on the types of information we receive). WHEN WE SHARE AND WHO CAN ACCESS YOUR PERSONAL DATAWe may share your Personal Data for the purposes described in this Policy with:
We will only transfer your Personal Data to trusted third-parties who provide sufficient guarantees in respect of the technical and organizational security measures governing the processing to be carried out and who can demonstrate a commitment to compliance with those measures. SELLING YOUR PERSONAL DATAWe will never sell your Personal Data to third parties without your opt-in consent. SECURITYAlthough we use security measures to help protect your Personal Data against loss, misuse or unauthorized disclosure, we cannot guarantee the security of information transmitted to us over the Internet. All information you provide to us is stored on secure servers. Any payment transactions will be encrypted using SSL technology. TRANSFER OF PERSONAL DATA OUTSIDE OF THE EUROPEAN ECONOMIC AREA (“EEA”) AND INTERNATIONAL USERSWe are headquartered in the United States. Your Personal Data may be accessed by us or transferred to us in the United States or to our affiliates, partners, merchants, or service providers who are located worldwide. If you are visiting our Site from outside the United States, be aware that your information may be transferred to, stored, and processed in the United States where our servers are located, and our central database is operated. By using our services, you consent to any transfer of this information. STORAGE OF PERSONAL DATA; CORRECTION OF DATAWe will store your Personal Data, in a form which permits us to identify you, for no longer than is necessary for the purpose for which the Personal Data is processed. Association members have the right to correct or update information. Any Personal Data that is no longer needed for the purpose of membership may be deleted by Association and will be deleted at your request; provided, however, we will retain and use your information as necessary to comply with our legal obligations, resolve disputes and enforce our agreements, or if it is not technically reasonably feasible to remove it. Information may be retained by Association indefinitely. Consistent with these requirements, we will try to delete your Personal Data promptly upon request. Contact [email protected] for instructions on correcting and deleting information. WHERE WE STORE YOUR PERSONAL DATAThe Personal Data that you provide to us is generally stored on servers located in the United States. If you are located in another jurisdiction, you should be aware that once your Personal Data is submitted through our Site, it will be transferred to our servers in the United States and that the United States currently does not have uniform data protection laws in place COOKIESThe Site uses cookies to provide you a safer, customized and efficient experience. Cookies are small amounts of information that we may store on your local computer or mobile device when you visit the Site. When you visit the Site again, the cookies allow us to recognize your browser. Cookies may store your preferences and other information but cannot read data off your hard disk or read cookie files created by other sites. The cookies we use collect non-personally identifiable information about users of the Site, including: browser used to access the site, date and time, the URL of the page being loaded, visits to particular web pages, any previously assigned cookie identification (a unique identifier assigned to a user to identify repeat visitors), browser window size, the geographic location of the user, device and operating system used to access the Site. The information we collect from these cookies is used to determine information about a user’s visit to our Site, including the number of visits, average time spent, pages viewed, navigation history through the website, and other statistics. This information is used to enhance the user’s experience while visiting our Site and to improve the performance of our Site by, among other things, allowing us to monitor Site performance, making the Site easier to use, measuring the effectiveness of promotional placements, and tailoring the Site (including the ads and offers a user receives) to better match a user’s interests and preferences. Users who prefer not to accept cookies can set their Internet browser to notify them when they receive a cookie or to prevent cookies from being placed on their hard drive. If you consent to our collection of cookies and you subsequently wish to withdraw your consent, you will need to manage the settings on your web browser to delete all cookies and disallow further acceptance of cookies. Please note that disabling cookies on your browser will prevent us from tracking your activities in relations to our Site, however, it may also disable some of the functions and features of the Site and the Site may not work properly. CHILDREN’S PRIVACYThis Site is not targeted nor directed at children under the age of 13 and we do not knowingly or intentionally collect any information from children under the age of 13. If you believe that a child under the age of 13 has provided us with his or her information, please notify us immediately at [email protected]. COPYRIGHTAll material and images are copyright protected and may not be reproduced without written permission of the Academy. ACCESS TO INFORMATION; DATA PORTABILITYAn Academy member has the right to request access to information the Academy has on the member. Contact us at [email protected] to obtain such data. You will be provided with a copy of the data we process about you. Verification of identity will be required. Requests will be fulfilled electronically within five business days. An Association member has the right to receive personal data which the member has previously provided in a 'commonly use and machine-readable format' and to have this data transmitted outside of Association. DATA BREACH RESPONSE POLICYAny individual who suspects a theft, breach or exposure of Association-protected data has occurred must immediately provide a description of the event to [email protected]. Association will investigate all reported thefts, data breaches and exposures to confirm if an incident has occurred. If an incident has occurred all affected users will be notified immediately of the scope of incident, steps to correct the situation, and any further actions to help serve Association members in protecting their information. LINKS TO THIRD PARTY SITES AND SERVICESOur Sites may contain links to third party websites, applications and services not operated by us. These links are provided as a service and do not imply any endorsement by us of the activities or content of these sites, applications or services nor any association with their operators. We are not responsible for the privacy policies or practices of any third-party including websites or services directly linked to our Site. We encourage you to review the privacy policies of any third-party site that you link from our Site. YOUR CALIFORNIAN RIGHTSFOR RESIDENTS OF CALIFORNIA ONLY. Section 1798.83 of the California Civil Code requires select businesses to disclose policies relating to the sharing of certain categories of your Personal Data with third parties. If you reside in California and have provided your Personal Data to Association, you may request information about our disclosures of certain categories of Personal Data to third parties for direct marketing purposes. Such requests must be submitted to us at one of the following addresses: [email protected] or American Academy of Osteopathy, Attn: California Privacy Rights, 3500 DePauw Blvd., Suite 1100, Indianapolis, IN 46268-1136. CHANGES TO THIS POLICYIf we make any material changes to this Policy or the way we use, share or collect Personal Data, we will notify you by revising the “Effective Date” at the top of this Policy and posting the revised Policy on our Site. QUESTIONS?If you have any question about this Policy that is not addressed above, please contact AAO Executive Director Sherri L. Quarles at [email protected] or 317-879-1881. |