Last Updated February 21, 2023
IMPORTANT NOTE: The English version of this document governs our relationship. Any translated version is provided for convenience only and does not modify the English version.
Argosy Publishing, Inc. d/b/a Visible Body ("Company" or "we" or "us") makes web-based, desktop, and mobile applications. Company is committed to respecting the privacy of information and data of the users of our applications and other individuals ("you") about whom we collect information that may be used to identify you (your "personal information"). This Privacy Notice describes our policies and practices with respect to the collection and use of your personal information. If you do not agree to the terms set forth herein, please do not use our web sites or our web-based, desktop, and mobile applications. We reserve the right to update this Privacy Notice at any time, and the revision date above provides you with notice that the Privacy Notice has been updated.
How We Collect and Use Your Personal Information
The information we collect from you depends on how you interact with Company, our website, and our applications, as described in more detail below. In addition to the specific uses described below, we may use your personal information for our legitimate interests in complying with our legal obligations, for law enforcement purposes, to protect and defend our rights and property, or to enforce our User Agreement or agreements with third parties.
Website Forms and Mailing List Subscriptions
When you submit web-based forms on Company's website, we may collect the following information, depending on the form that you submit:
- Contact information (e.g., email address, phone)
- Location (e.g., state, country)
- Institutional affiliation and role (e.g., student, medical professional)
- Language preference
- Information about the products and technology that you use (e.g., device, platform,
- Your responses to open-ended questions (e.g., the type of product or service you are interested in, technical problems you've encountered, suggestions)
We may also collect this information if we connect with you in another manner. For example, if you agree to sign up for our mailing list when you visit our vendor booth at a conference.
We use this personal information for the following purposes:
- To deliver services, products, or information that you have requested
- To send you promotional materials or communications regarding our products and
services that we feel may be of interest to you
- To provide customer service or assist you with technical problems
- To evaluate and/or improve the products and services that we offer and develop new products or services
We send promotional emails on the basis of consent. When we provide you with services or information that you have requested, we do so because it is necessary to perform on our contract or for pre-contractual measures. Other processing activities are based on our legitimate interests, such as seeking feedback from our customers and improving our products.
Automatically Collected Tracking Information
When you visit our website and when we send you marketing emails, we collect certain information automatically using cookies and other technologies, such as web beacons. We collect the following information in this manner:
- IP address
- Source of visit (e.g., how you found our website)
- How many times certain pages are accessed and what web pages and application
functions visitors use
- What browser you use
- Email tracking information (such as whether you opened an email from us)
We use this information for the following purposes:
- To help improve the functionality and usefulness of our website and emails
- For statistical analysis of website users' behavior
- For product development and/or content improvement
- To customize content and layout of our website
If you purchase our products through one of our resellers, 2Checkout or Fastspring, we receive certain information about your purchase from the reseller, including contact information (e.g., name, email address) and order information (e.g., billing address, sales source, payment method). We use this information for our legitimate interests in providing customer support to our customers and to track product purchases.
Visible Body Application Users
If you are using our mobile applications because you are affiliated with a company or institution that has purchased our products or a license or subscription to access our applications on your behalf, you may use an activation code to get access to our applications. We may ask for your email address in order to send you the code. You'll need to provide this in order to get access to our applications. Your email address may also be associated with information about your activation, such as the date and time that you used your activation code. We use this information to maintain product activation, check activation status, and monitor aggregate usage of our applications. We process this personal information based on our legitimate interests.
Some of our web applications allow you to save user content, such as saved views and user-created notecards ("User-Created Content"). If you use these features, you will need to provide your email address to create an account. We store and use your User-Created Content only to provide that service to you.
You can choose to register the application you have purchased or that has been purchased or licensed on your behalf. If you register your application, we ask for your email address. We use this information, along with information about the product you registered, to send you promotional emails, but only with your consent.
Course Packs Users
If you use one of our Course Pack products, we collect the following personal information:
- Email address
- Institutional affiliation
- User ID for your institution's Learning Management System ("LMS") (which is provided to us by the institution that you are affiliated with)
- Activation information (e.g., date and time of activation)
We use this information to maintain product activation, check activation status, and monitor aggregate usage of the Course Packs product. We use your LMS User ID to send quiz scores to your LMS, but we do not store your scores. We use your email address to send you an activation code. We process this personal information based on our legitimate interests in providing and monitoring the Course Pack service.
Visible Body Accounts for Courseware, Web Suite, and Some Mobile Application Users
If you use our Courseware, Web Suite, Human Anatomy Atlas＋, or Visible Body＋product, you will be required to create a Visible Body account. In addition, some of our mobile applications may require you to create a Visible Body account in order to share content and access your User-Created Content across devices. When you create a Visible Body account, we collect the following personal information:
- Contact information (e.g., name, email address)
- Login information, including encrypted password
- Activation and usage information (e.g., date and time of activation, date and time of last
login, IP address)
- (Courseware only) Institutional affiliation, LMS user id (if available)
- (Courseware and mobile apps only) Role (e.g., student or instructor)
- (Courseware and mobile apps only) User-created content (e.g., quizzes, due dates,
assignments, saved views, notecards)
- (Mobile apps only) App information and settings (e.g., product name, product version,
device OS, app language preference, in-app purchases)
If you sign in with your Google account, Google will share your name, email address, language preference, and profile picture with Visible Body.
We use this information to provide the product (Courseware and Web Suite) and User-created content (Courseware and mobile apps) to you, as well as for our legitimate interests in maintaining product activation, checking activation status, and monitoring aggregate usage of our product.
Account holders can choose to sign up for promotional emails. If you sign up for promotional emails, we use your email address, along with information stored in your account, to send you promotional emails, but only with your consent.
We may also use account holder email addresses to contact former or current account holders to request their optional participation in customer surveys.
We may also use account holder email addresses to contact current account holders who are instructors to offer personalized product training.
How We Share Your Personal Information
We will not sell, share, rent or disclose to third parties any personally identifying information, such as names, mailing address, email addresses, telephone numbers, and other personal information that you provide to us, unless we secure your permission to do so, except that we may disclose your personal information for the purposes described above to the following third parties:
- Our vendors and service providers, such as those that assist with the provision of services, marketing, analytics, data storage, or content management, or that provide consulting or professional services to Company
- Law enforcement, government agencies, or other authorities in order to comply with laws, regulations, court order or other legal obligations, or to protect and defend our legal interests
- The institution you are affiliated with, if you use our products through your affiliation with an institution, such as a college or university, in order to track activation of applications and to provide learning management services, such as Courseware (for example, your name, your email address, and your quiz scores will be provided to your instructor)
- Our authorized resellers and distributors, if you have requested information on a Visible Body product sold by one of our resellers or distributors
You agree that we may collect and use technical data and related information, including but not limited to technical information about your device, system and application software, and peripherals, that is gathered periodically. We may use this information, as long as it is in a form that does not personally identify you, to improve our products or to provide services or technologies to you.
Transfer of Information to the United States
Company is headquartered in the United States. Information we collect from you will be processed in the United States. The United States has not sought nor received a finding of "adequacy" from the European Union. With respect to transfer from the European Union, Company relies on derogations for specific situations. In particular, Company transfers personal information to the United States only with your consent, to perform on a contract with you (or in your interest), or to fulfill compelling legitimate interests of Company in a manner that does not outweigh your rights and freedoms. Company endeavors to apply suitable safeguards to protect the privacy and security of your personal information and to use it in a manner that is consistent with this Privacy Notice. Company does not collect sensitive data (known as special categories of data in the European Union).
Unless otherwise noted in this Privacy Notice, Company retains personal information for as long as necessary to provide services to you, and thereafter for as long as necessary to comply with our legal or contractual obligations. We periodically delete information regarding prospective customers if we determine the information is no longer needed for that purpose. Personal information will be removed from live databases upon written request or after an established period following termination of an agreement. Information stored in backups is not actively purged but instead naturally ages itself. Visible Body does not retain backups of personal information for more than 90 days.
Collection of Personal Information from Children
Our Website is not intended for children under 13 years of age. We do not knowingly collect personal information from children under 13. If you are under 13, do not use or provide any information on this Website or on or through any of its features, including your name, address, telephone number, or email address. If we learn we have collected or received personal information from a child under 13 without verification of parental consent, we will delete that information. If you believe we might have any information from or about a child under 13, please contact us immediately.
This website contains links to other sites. We are not responsible for the privacy practices of such other sites. We encourage visitors to be aware when they leave our site, and to read the privacy policies of each and every website that collects personal information. Except as otherwise provided herein, this privacy statement applies solely to information collected by this website.
While we have instituted security measures to protect the information and systems that we maintain, we cannot guarantee that all transmissions to and from our websites are secure. Emails that you send to us may be subject to interception. If your communication includes personal information that you do not wish to provide electronically, please contact us by postal mail or telephone. Once we have received your information, we will employ reasonable procedures and security features to guard against unauthorized access.
Opt Out/Deletion of Personal Information
You may opt out of having your personal information collected by not completing online forms, signing up for services, or creating an account. To opt out after submitting personal information, you must contact us at email@example.com. To request that we delete personal information that you have previously provided to us, you may contact us at firstname.lastname@example.org, and we will endeavor promptly to delete such information at your request.
If you want to stop using your account, you may request that we delete it by contacting us at email@example.com. When you delete an account, you will not be able to use our services and your information will not be capable of being viewed through our site. When we delete an account, we remove from our database any personally identifiable information you had previously provided. However, even after you submit a request to delete your information, copies of your information including but not limited to name and email address may be retained by us as backup copies for legal and compliance reasons.
Opt out of Promotional or Marketing Communications
If you do not want to receive promotional or marketing communications from Company, you may opt-out of receiving those communications at any time by clicking the "unsubscribe" link at the end of our emails. If you choose to unsubscribe, we will retain your contact information to ensure that we do not contact you again.
European Economic Area and United Kingdom Privacy Rights
If you are located in the European Union, Iceland, Liechtenstein or Norway (the “European Economic Area” or “EEA”) or in the United Kingdom (“UK”), you are entitled to additional rights regarding our use of your personal information. To learn more, see EEA PRIVACY DISCLOSURES.
California Privacy Rights
If you are a California resident, California law may provide you with additional rights regarding our use of your personal information. To learn more about your California privacy rights, see CCPA PRIVACY NOTICE FOR CALIFORNIA RESIDENTS.
Reporting of Data Breaches
We make reasonable efforts to monitor and detect any data breach affecting personal information. In the unlikely event that a data breach results in the disclosure of your personal information to third parties, we will make all reasonable efforts to inform you, in compliance with applicable law.
Changes to Privacy Notice
If you have questions about how we handle your personal data, please contact us by email at firstname.lastname@example.org or by mail at:
492 Old Connecticut Path, Suite 501
Framingham, MA 01701
For personal information subject to European data protection laws, Argosy Publishing, Inc. is the controller of the personal information.
EEA Privacy Disclosures
These privacy disclosures (the “Disclosures”) provide information about the collection, use, processing and sharing of data about individuals located in the European Union, Iceland, Liechtenstein or Norway (the “European Economic Area” or “EEA”).
These Disclosures also provide information about the collection, use, processing and sharing of data about individuals located in the United Kingdom, which has left the European Union but has adopted legislation substantially similar to the GDPR. With respect to individuals in the UK, references to the GDPR in these Disclosures are to be read as referring to the UK’s similar legislation, the Data Protection Act 2018.
In these Disclosures:
- GDPR means the European Union’s General Data Protection Regulation;
- Personal Data means information relating to an identified or identifiable individual; an identifiable individual is one who can be identified, directly or indirectly, by use of any identifier or factor specific to that individual; and
- GDPR Processing Activities means the collection, use, processing or sharing of Personal Data when those activities are within the scope of the GDPR.
These Disclosures apply only to the use of Personal Data in GDPR Processing Activities. In these Disclosures the words “Company,” “we,” “us” or “our” refer to Argosy Publishing, Inc. d/b/a Visible Body. These Disclosures apply to GDPR Processing Activities by any means, including hardcopy (such as paper applications or forms) and electronic means (such as websites and mobile applications).
A. How We Collect and Use Personal Data
We collect several categories of Personal Data in circumstances that may involve GDPR Processing Activities, including data you provide, data collected automatically (potentially including location data), and data we obtain from third party sources.
We use the Personal Data that we collect to:
- Create and maintain your account;
- Process your account registration;
- Answer your questions;
- Send you newsletters, updates, and other communications that you have requested;
- Send you information about our services and resources; and
- If you use our products through your affiliation with an institution, such as a college or university, coordinate with the institution you are affiliated with, in order to track activation of applications and to provide learning management services.
As described in more detail below, we rely on a number of legal bases to lawfully process your Personal Data.
The ways in which we collect and use your data vary depending on the relationship between you and us. The following sections of these Disclosures describe in more detail how we collect and use Personal Data in various circumstances that may involve GDPR Processing Activities.
Please note that, depending on the situation, some of the processing of Personal Data we do in the various circumstances described below may not fall within the scope of the GDPR.
1. Personal Data We Collect
Websites and Mobile Applications
As is true of most digital platforms, we obtain certain data automatically when you use one of our websites or mobile applications, such as your IP address, browser type and device type. Certain web forms also collect Personal Data you provide, for example when you enter data into form fields, such as for the purpose of registration. If we also process data through our websites or mobile applications for one of the activities described further below, those descriptions will provide additional information about how those data are collected and used. We and our third-party vendors use this Personal Data for the primary purposes of conducting analytics, improving our websites, responding to your requests and providing you with relevant information.
2. Personal Data We Obtain from Third Party Sources
As part of our GDPR Processing Activities, we may obtain certain Personal Data about you from third party sources, which we may use for the purposes and in the ways described in “How We Collect and Use Personal Data” above and in “Additional Uses of Personal Data” below. In some cases, we may obtain your consent for additional uses.
Partners and Service Providers
We use partners and service providers to provide services for us. Some of these partners have access to Personal Data about you that we may not otherwise have (for example, when you sign up directly with that provider) and may share some or all of these data with us.
3. Additional Uses of Personal Data
In addition to the uses described above, including under “How We Collect and Use Information” and “Personal Data We Obtain from Third Party Sources,” we may use your Personal Data for the following purposes. These additional uses may under certain circumstances be based on your consent, or may be necessary to fulfill our contractual commitments to you, for legal compliance, or to serve our legitimate interest in the following activities:
- Conducting our operations and administering educational offerings;
- Responding to your requests for research assistance;
- Processing and responding to your requests or inquiries of any other kind;
- Providing you with newsletters, articles, service alerts or announcements, event invitations, and other information that we believe may be of interest to you;
- Conducting research, surveys and similar inquiries to help us understand trends and needs of our Members and customers;
- Performing marketing, promotions and advertising, either directly or through third-parties. These activities may include interest-based advertising, targeted advertising and online behavioral advertising in order to increase the likelihood that the content will be of interest to you;
- Preventing, investigating, taking action regarding or providing notice of fraud, unlawful or criminal activity, other misconduct, security or technical issues, or unauthorized access to or use of Personal Data, our website or data systems; or
- Responding to subpoenas, court orders, or other legal process; enforcing our agreements; protecting the health, safety, rights or property of you, us or others; and meeting legal obligations.
4. Legitimate Interests
In addition to interests otherwise described in these Disclosures, we rely on other legitimate interests in using and sharing your Personal Data. These interests include:
- Providing, improving and customizing our educational offerings;
- Administering our operations;
- Furthering research and understanding in fields of academic study;
- Offering attendance to events and opportunities to participate;
- Understanding how our online platforms are being used;
- Exploring ways to develop and grow our operations;
- Enhancing protection against fraud, spam, harassment, intellectual property infringement, crime and security risks; and
- Meeting our obligations and enforcing our legal rights.
5. Data Retention
We will retain your Personal Data for as long as is necessary for the purposes set out in these Disclosures and for as long as is required under applicable law or is needed to resolve disputes or protect our legal rights or otherwise to comply with legal obligations. Consistent with the foregoing guidance, some data may be retained indefinitely.
Where we are processing Personal Data based on your consent, we generally will retain the information for the period of time necessary to carry out the processing activities to which you consented, subject to your right, under certain circumstances, to have certain of your Personal Data erased (see “Your Rights” below).
Where we are processing Personal Data based on contract, we generally will retain the information for the duration of the contract plus some additional limited period of time that is necessary to comply with law or that represents the statute of limitations for legal claims that could arise from the contractual relationship.
Where we are processing Personal Data based on the public interest, we generally retain the information for the period of time that continues to serve that underlying interest.
Where we are processing Personal Data based on our legitimate interests, we generally will retain the data for a reasonable period of time based on the particular interest, taking into account the fundamental interests and the rights and freedoms of the data subjects. In some cases, where Personal Data was primarily processed and retained on the basis of consent, contract, the public interest, or other bases described in these Disclosures, we may continue thereafter to retain the data based on a legitimate interest.
B. How We Share and Disclose Personal Data
We share your Personal Data with third parties in the ways described in these Disclosures, including the “How We Collect and Use Personal Data” section above. Additionally, we may share information as described below:
We share your Personal Data with third-party service providers that complete transactions or perform services on our behalf or for your benefit, such as:
- Marketing and analytics;
- Event registration and coordination;
- Providing course platforms or tools that enable or enhance our offerings;
- Research insights and analytics;
- Research collaboration;
- System maintenance and security;
- Facilitating other transactions with you; and
- Assisting with our legal compliance.
Social Media Platforms
Legal Process, Safety and Terms Enforcement
We may disclose your Personal Data to legal or government regulatory authorities as required by applicable law. We may also disclose your Personal Data to third parties in connection with claims, disputes or litigation, when otherwise required by applicable law, or if we determine its disclosure is necessary to protect the health, safety, rights or property of you, us or others, or to enforce our legal rights or contractual commitments that you have made.
C. International Data Transfers
Much of our Personal Data processing takes place in the United States, though sometimes we or third parties with whom we share data, as discussed above, may process data in other countries. The data privacy laws in the United States and other countries outside the EEA and the UK may provide less protection than such laws in the EEA or the UK. In the event we transfer your Personal Data outside the EEA or outside the UK as part of our GDPR Processing Activities, we rely where required on appropriate or suitable safeguards or specific derogations recognized under the GDPR or under UK law.
The European Commission has adopted standard data protection clauses, also applicable in the UK, which provide safeguards for Personal Data transferred outside of the EEA or the UK. We may use Standard Contractual Clauses when transferring Personal Data from a country in the EEA or from the UK to a country outside the EEA or the UK. If so and your Personal Data are affected, you can request a copy of the Standard Contractual Clauses relevant to your Personal Data by contacting us as set forth in the “Contact Us” section below.
D. Cookies and Similar Technologies
These small data files or graphic files serve various functions:
- Strictly Necessary: Necessary to deliver our services;
- Performance and Functionality: Enhance the performance and functionality of our services but are non-essential to their use;
- Analytics and Customization: Allow us to understand the effectiveness of our services and marketing campaigns, as well as to customize our services based on this information; or
- Advertising: Make advertising messages more relevant to you and your interests.
You can control the use of certain cookies and similar technologies by:
- Opting out of targeted online advertising through advertising networks (please visit http://www.aboutads.info/choices/, http://optout.networkadvertising.org/ or
http://www.youronlinechoices.com for more information);
E. Your Rights
Upon your reasonable, good faith request we will provide you with information about whether we hold any of your Personal Data as part of our GDPR Processing Activities, to the extent required by and in accordance with applicable law. In certain cases, you may also have a right, with respect to your Personal Data collected and used in the GDPR Processing Activities, to:
- correct or update any of your Personal Data that is inaccurate;
- restrict or limit the ways in which we use your Personal Data;
- object to the processing of your Personal Data;
- request the deletion of your Personal Data; and
- obtain a copy of your Personal Data in an easily accessible format.
To submit a request, please send an email message to email@example.com. Because we want to avoid taking action regarding your Personal Data at the direction of someone other than you, we will ask you for information verifying your identity. We will respond to your request within a reasonable timeframe.
Subject to certain legal limits, you also have the right to withdraw your consent to our processing of your Personal Data as part of our GDPR Processing Activities, where our processing is solely based on your consent. In some cases, you can do this by discontinuing use of the services involved in the GDPR Processing Activities. This would include by closing all of your online accounts with us and contacting us at firstname.lastname@example.org to request that your Personal Data be deleted. If you withdraw your consent to the use or sharing of your Personal Data for the purposes set out in these Disclosures or the other Visible Body privacy statements that link to or expressly adopt these Disclosures, you may not have access to some or all of the related services, and we might not be able to provide you some or all of the services. Please note that, in certain cases, we may continue to process your Personal Data after you have withdrawn consent and requested that we delete your Personal Data, if we have a legal basis to do so. For example, we may retain certain data if we need to do so to comply with an independent legal obligation, if we still need the data for the lawful purposes for which we obtained the data, or if it is necessary to do so to pursue our legitimate interest in keeping our services and operations safe and secure or to safeguard our rights or the rights or safety of others.
If you have any complaints regarding our privacy practices, you have the right to make a complaint with your national data protection authority (i.e., supervisory authority).
F. User Generated Content
Some of our online activities enable users to submit their own content. Please remember that any Personal Data you submit or post as user-generated content in these circumstances could in some cases be seen by others or become public. You should exercise caution when deciding to disclose your personal, financial or other information in such submissions or posts. We cannot prevent others from using that information in a manner that may violate these Disclosures, the law or your personal privacy and safety. We are not responsible for the results of such postings.
G. Updates to the Disclosures
We may update these Disclosures from time to time without prior notice by posting revised Disclosures to this site. You can determine when these Disclosures were last revised by checking the Last Updated date at the beginning of these Disclosures.
H. Contact Us
If you have any questions, comments, requests or concerns about these Disclosures or other privacy-related matters, you may contact us in the following ways:
- Email: email@example.com
- Mail: Visible Body
492 Old Connecticut Path, Suite 501
Framingham, MA 017014
CCPA Privacy Notice for CA Residents
This PRIVACY NOTICE FOR CALIFORNIA RESIDENTS and applies solely to visitors, users, and others who reside in the State of California (“consumers” or “you”). We adopt this notice to comply with the California Consumer Privacy Act of 2018 (“CCPA”) and other California privacy laws. Any terms defined in the CCPA have the same meaning when used in this notice.
Information We Collect
We collect information that identifies, relates to, describes, references, is capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer or device (“personal information”). In particular, we have collected the following categories of personal information from consumers within the last twelve (12) months:
|A. Identifiers.||A real name, alias, postal address, unique personal identifier, online identifier, Internet Protocol address, email address, account name, Social Security number, driver’s license number, passport number, or other similar identifiers.||YES|
|B. Personal information categories listed in the California Customer Records statute (Cal. Civ. Code § 1798.80(e)).||A name, signature, Social Security number, physical characteristics or description, address, telephone number, passport number, driver’s license or state identification card number, insurance policy number, education, employment, employment history, bank account number, credit card number, debit card number, or any other financial information, medical information, or health insurance information. Some personal information included in this category may overlap with other categories.||YES|
|C. Protected classification characteristics under California or federal law.||Age (40 years or older), race, color, ancestry, national origin, citizenship, religion or creed, marital status, medical condition, physical or mental disability, sex (including gender, gender identity, gender expression, pregnancy or childbirth and related medical conditions), sexual orientation, veteran or military status, genetic information (including familial genetic information).||NO|
|D. Commercial information.||Records of personal property, products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies.||NO|
|E. Biometric information.||Genetic, physiological, behavioral, and biological characteristics, or activity patterns used to extract a template or other identifier or identifying information, such as, fingerprints, faceprints, and voiceprints, iris or retina scans, keystroke, gait, or other physical patterns, and sleep, health, or exercise data.||NO|
|F. Internet or other similar network activity.||Browsing history, search history, information on a consumer’s interaction with a website, application, or advertisement.||YES|
|G. Geolocation data.||Physical location or movements.||NO|
|H. Sensory data.||Audio, electronic, visual, thermal, olfactory, or similar information.||NO|
|I. Professional or employment-related information.||Current or past job history or performance evaluations.||NO|
|J. Non-public education information (per the Family Educational Rights and Privacy Act (20 U.S.C. Section 1232g, 34 C.F.R. Part 99)).||Education records directly related to a student maintained by an educational institution or party acting on its behalf, such as grades, transcripts, class lists, student schedules, student identification codes, student financial information, or student disciplinary records.||NO|
|K. Inferences drawn from other personal information.||Profile reflecting a person’s preferences, characteristics, psychological trends, predispositions, behavior, attitudes, intelligence, abilities, and aptitudes.||NO|
Personal information does not include:
- Publicly available information from government records.
- De-identified or aggregated consumer information.
- Information excluded from the CCPA’s scope, like:
- health or medical information covered by the Health Insurance Portability and Accountability Act of 1996 (HIPAA) and the California Confidentiality of Medical Information Act (CMIA) or clinical trial data;
- personal information covered by certain sector-specific privacy laws, including the Fair Credit Reporting Act (FRCA), the Gramm-Leach-Bliley Act (GLBA) or California Financial Information Privacy Act (FIPA), and the Driver’s Privacy Protection Act of 1994.
We obtain the categories of personal information listed above directly and indirectly from activity on our website and in our applications. For example, from submissions through our website portal or website usage details collected automatically.
Use of Personal Information
We may use or disclose the personal information we collect for one or more of the following business purposes:
- To fulfill or meet the reason for which the information is provided. For example, if you share your name and contact information to request pricing information or ask a question about our products or services, we will use that personal information to respond to your inquiry.
- To provide you with information, products or services that you request from us.
- To provide you with email alerts, event registrations and other notices concerning our products or services, or events or news, that may be of interest to you.
- To carry out our obligations and enforce our rights arising from any contracts entered into between you and us, including for billing and collections.
- To improve our website and present its contents to you.
- For testing, research, analysis and product development.
- As necessary or appropriate to protect the rights, property or safety of us, our clients or others.
- To respond to law enforcement requests and as required by applicable law, court order, or governmental regulations.
- As described to you when collecting your personal information or as otherwise set forth in the CCPA.
- To evaluate or conduct a merger, divestiture, restructuring, reorganization, dissolution, or other sale or transfer of some or all of our assets, whether as a going concern or as part of bankruptcy, liquidation, or similar proceeding, in which personal information held by us is among the assets transferred.
We will not collect additional categories of personal information or use the personal information we collect for materially different, unrelated, or incompatible purposes without providing you notice.
Sharing Personal Information
We may disclose your personal information to a third party for a business purpose. When we disclose personal information for a business purpose, we enter a contract that describes the purpose and requires the recipient to both keep that personal information confidential and not use it for any purpose except performing the contract.
In the preceding twelve (12) months, we have disclosed the following categories of personal information for a business purpose:
Category A: Identifiers.
Category B: California Customer Records personal information categories.
We disclose your personal information for a business purpose to the following categories of third parties:
- Service providers.
- The institution you are affiliated with, if you use our products through your affiliation with an institution, such as a college or university
In the preceding twelve (12) months, we have not sold any personal information.
Your Rights and Choices
The CCPA provides consumers (California residents) with specific rights regarding their personal information. This section describes your CCPA rights and explains how to exercise those rights.
Access to Specific Information and Data Portability Rights
You have the right to request that we disclose certain information to you about our collection and use of your personal information over the past 12 months. Once we receive and confirm your verifiable consumer request, we will disclose to you:
- The categories of personal information we collected about you.
- The categories of sources for the personal information we collected about you.
- Our business or commercial purpose for collecting or selling that personal information.
- The categories of third parties with whom we share that personal information.
- The specific pieces of personal information we collected about you (also called a data portability request).
- If we disclosed your personal information for a business purpose, the personal information categories that each category of recipient obtained.
Deletion Request Rights
You have the right to request that we delete any of your personal information that we collected from you and retained, subject to certain exceptions. Once we receive and confirm your verifiable consumer request, we will delete (and direct our service providers to delete) your personal information from our records, unless an exception applies.
We may deny your deletion request if retaining the information is necessary for us or our service providers to:
- Complete the transaction for which we collected the personal information, provide a good or service that you requested, take actions reasonably anticipated within the context of our ongoing business relationship with you, or otherwise perform our contract with you.
- Detect security incidents, protect against malicious, deceptive, fraudulent, or illegal activity, or prosecute those responsible for such activities.
- Debug products to identify and repair errors that impair existing intended functionality.
- Exercise free speech, ensure the right of another consumer to exercise their free speech rights, or exercise another right provided for by law.
- Comply with the California Electronic Communications Privacy Act (Cal. Penal Code § 1546 seq.).
- Engage in public or peer-reviewed scientific, historical, or statistical research in the public interest that adheres to all other applicable ethics and privacy laws, when the information’s deletion may likely render impossible or seriously impair the research’s achievement, if you previously provided informed consent.
- Enable solely internal uses that are reasonably aligned with consumer expectations based on your relationship with us.
- Comply with a legal obligation.
- Make other internal and lawful uses of that information that are compatible with the context in which you provided it.
Exercising Access, Data Portability, Deletion, and Opt-out Rights
To exercise the access, portability, deletion, or opt-out rights described above, please submit a verifiable consumer request to us by email at firstname.lastname@example.org or by mail at:
492 Old Connecticut Path, Suite 501
Framingham, MA 01701
Only you or a person registered with the California Secretary of State that you authorize to act on your behalf, may make a verifiable consumer request related to your personal information. You may only make a verifiable consumer request for access or data portability twice within a 12-month period. The verifiable consumer request must:
- Provide sufficient information that allows us to reasonably verify you are the person or an authorized representative of the person we collected personal information on.
- Describe your request with sufficient detail that allows us to properly understand, evaluate, and respond to it.
We cannot respond to your request or provide you with personal information if we cannot verify your identity or authority to make the request and confirm the personal information relates to you. Making a verifiable consumer request does not require you to create an account with us. We will only use personal information provided in a verifiable consumer request to verify the requestor’s identity or authority to make the request.
Response Timing and Format
We endeavor to respond to a verifiable consumer request within 45 days of its receipt. If we require more time (up to 90 days), we will inform you of the reason and extension period in writing. If you have an account with us, we will deliver our written response to that account. If you do not have an account with us, we will deliver our written response by mail or electronically, at your option. Any disclosures we provide will only cover the 12-month period preceding the verifiable consumer request’s receipt. The response we provide will also explain the reasons we cannot comply with a request, if applicable. For data portability requests, we will select a format to provide your personal information that is readily usable and should allow you to transmit the information from one entity to another entity without hindrance.
We do not charge a fee to process or respond to your verifiable consumer request unless it is excessive, repetitive, or manifestly unfounded. If we determine that the request warrants a fee, we will tell you why we made that decision and provide you with a cost estimate before completing your request.
We will not discriminate against you for exercising any of your CCPA rights. Unless permitted by the CCPA, we will not:
- Deny you goods or services.
- Charge you different prices or rates for goods or services, including through granting discounts or other benefits, or imposing penalties.
- Provide you a different level or quality of goods or services.
- Suggest that you may receive a different price or rate for goods or services or a different level or quality of goods or services.
Changes to Our Privacy Notice
We reserve the right to amend this privacy notice at our discretion and at any time. When we make changes to this privacy notice, we will notify you by email or through a notice on our website homepage.
If you have any questions or comments about this notice, our Privacy Notice, the ways in which we collect and use your personal information, your choices and rights regarding such use, or wish to exercise your rights under California law, please do not hesitate to contact us at:
492 Old Connecticut Path
Framingham, MA 01701