Effective Date January 1, 2020
Introduction
This Policy explains how the Pediatric Dermatology Research Alliance, Inc. (“PeDRA”, “we” or “us”) collects and processes your Personal Data. Each time you use our Site, the current version of this Policy will apply. Accordingly, whenever you use our Site, you should check the date of this Policy (which appears at the top) and review any changes since the last version. This Policy is applicable to all Site visitors, registered users, and all other users of our Site.
“Personal Data” is any information that enables us to identify you, directly or indirectly, by reference to an identifier such as your name, identification number, location data, online identifier or one or more factors specific to your physical, physiological, genetic, mental, economic, cultural or social identity.
By visiting https://pedraresearch.org (the “Site”), you acknowledge that you have read and understood the processes and policies referred to in this Policy.
Who we are
Generally, and for the purposes of the General Data Protection Regulation 2016/679 (the “GDPR”), the Data Controller is the Pediatric Dermatology Research Alliance, Inc. with a registered address at 205 SE Spokane St., Suite 300, Portland, OR 97202. PeDRA staff is responsible for overseeing questions in relation to this Policy, and they may be contacted at info@pedraresearch.org or 971-369-4690.
Your Californian Rights
FOR RESIDENTS OF CALIFORNIA: Section 1798.83 of the California Civil Code requires select businesses to disclose policies relating to the sharing of certain categories of your Personal Data with third parties. If you reside in California and have provided your Personal Data to PeDRA, you may request information about our disclosures of certain categories of Personal Data to third parties for direct marketing purposes. Such requests must be submitted to us at one of the following addresses: info@pedraresearch.org or Pediatric Dermatology Research Alliance, Inc. Attn: California Privacy Rights, 205 SE Spokane St., Suite 300, Portland, OR 97202.
How we collect Personal Data
We may collect and process the following Personal Data:
Contact information, which you provide when corresponding with us by phone, e-mail or otherwise. The information you give us may include your name, address, e-mail address, phone number, financial information and/or credit card information.
Membership information, about your membership including your name, contact details such as address, phone number and email address (business or personal), age, job title, year of admission and any other information related to your membership. Membership information may be provided by you during the registration process, or by your employer on your behalf.
Dues payment information, including financial information such as credit/debit card and account numbers used to register or renew your membership.
Purchase information, relating to purchases made by members and non-members of event participation, books, reports, journals or newsletter subscriptions either in-person or via our Site. Purchase information will include financial information as well as information concerning the content and time of the purchase.
With regard to each of your visits to the Site we will automatically collect the following information:
Technical information, including the Internet protocol (IP) address used to connect your computer or device to the Internet, browser type and version, time zone setting, browser plug-in types and versions, operating system and platform;
Information about your visit, including pages you viewed or searched for, page response times, download errors, length of visits to certain pages, page interaction information (such as scrolling, clicks, and mouse-overs), methods used to browse away from the page, and any phone number used to call our customer service number; and
Location information: We also collect information that is sent to us automatically by your web browser and we may use this information to generate aggregate statistics about visitors to our Site, including, without limitation: IP addresses, browser type and plug-in details, device type (e.g., desktop, laptop, tablet, phone, etc.), operating system, and local time zone. We may use non-Personal Data for various business purposes such as providing customer service, fraud prevention, market research, and improving our Site. Please check your web browser if you want to learn what information your browser sends or how to change your settings.
How we use your Personal Data
We will only process your Personal Data, including sharing it with third parties, where (1) you have provided your consent which can be withdrawn at any time, (2) the processing is necessary for the performance of a contract to which you are a party, (3) we are required by law, (4) processing is required to protect your vital interests or those of another person, or (5) processing is necessary for the purposes of our legitimate commercial interests, except where such interests are overridden by your rights and interests.
We may use Personal Data that you provide directly to us for the following purposes:
• to carry out our obligations arising from your membership, or any other contract entered into between you and us and to provide you with the information, products and membership services that you request from us;
• to organize events that you have purchased or registered for, and to provide you with information, and other materials, relating to the content of the event, the speakers, sponsors and other attendees;
• to provide newsletters and other publications, provided you have given your consent;
• to respond to your questions and provide related membership services;
• to provide you with information about other events, products and services we offer that are similar to those that you have already purchased, provided you have not opted-out of receiving that information;
• to provide you, or permit selected third parties to provide you, with information about events, products or services we feel may interest you, provided you have given your consent;
• to notify you about changes to our membership service; and
• to ensure that content from our Site is presented most effectively for you and your computer.
We will use Personal Data that we have collected about your use of our Site:
• to administer our Site and for internal operations, including troubleshooting, data analysis, testing, research, statistical and survey purposes; to improve our Site to ensure that content is presented most effectively for you and your computer;
• as part of our efforts to keep our Site safe and secure;
• to measure or understand the effectiveness of advertising we serve to you and others, and to deliver relevant advertising to you; and
• to make suggestions and recommendations to you and other users of our Site about goods or services that may interest you or them.
We will combine this information with information you give to us and information we collect about you. We will use this information and the combined Personal Data for the purposes set out above (depending on the types of information we receive).
When we share and who can access your Personal Data
We may share your Personal Data for the purposes described in this Policy with:
• a member of PeDRA
• partners, suppliers and sub-contractors, for the performance of obligations arising from your membership, or any other contract we enter into with them or you or to provide you with the information, products and membership services that you request from us
• analytics and search engine providers that assist us in the improvement and optimization of our Site
• trusted third-party companies and individuals to help us provide, analyze, and improve the Site and our membership services (including but not limited to data storage, maintenance services, database management, web analytics and payment processing)
We will only transfer your Personal Data to trusted third-parties who provide sufficient guarantees in respect of the technical and organizational security measures governing the processing to be carried out and who can demonstrate a commitment to compliance with those measures.
Selling your Personal Data
We will never sell your Personal Data to third parties without your opt-in consent.
Security
Although we use security measures to help protect your Personal Data against loss, misuse or unauthorized disclosure, we cannot guarantee the security of information transmitted to us over the Internet. All information you provide to us is stored on secure servers. Any payment transactions will be encrypted using SSL technology.
Transfer of Personal Data Outside of the European Economic Area (“EEA”) and International Users
We are headquartered in the United States. Your Personal Data may be accessed by us or transferred to us in the United States or to our affiliates, partners, merchants, or service providers who are located worldwide. If you are visiting our Site from outside the United States, be aware that your information may be transferred to, stored, and processed in the United States where our servers are located, and our central database is operated. By using our services, you consent to any transfer of this information.
Storage of Personal Data; Correction of Data
We will store your Personal Data, in a form which permits us to identify you, for no longer than is necessary for the purpose for which the Personal Data is processed. PeDRA members have the right to correct or update information. Any Personal Data that is no longer needed for the purpose of membership may be deleted by PeDRA and will be deleted at your request; provided, however, we will retain and use your information as necessary to comply with our legal obligations, resolve disputes and enforce our agreements, or if it is not technically reasonably feasible to remove it. Information may be retained by PeDRA indefinitely. Consistent with these requirements, we will try to delete your Personal Data promptly upon request. Contact info@pedraresearch.org for instructions on correcting and deleting information.
Where we store your Personal Data
The Personal Data that you provide to us is generally stored on servers located in the United States. If you are located in another jurisdiction, you should be aware that once your Personal Data is submitted through our Site, it will be transferred to our servers in the United States and that the United States currently does not have uniform data protection laws in place
Cookies
The Site uses cookies to provide you a safer, customized and efficient experience.
Cookies are small amounts of information that we may store on your local computer or mobile device when you visit the Site. When you visit the Site again, the cookies allow us to recognize your browser. Cookies may store your preferences and other information but cannot read data off your hard disk or read cookie files created by other sites.
The cookies we use collect non-personally identifiable information about users of the Site, including: browser used to access the site, date and time, the URL of the page being loaded, visits to particular web pages, any previously assigned cookie identification (a unique identifier assigned to a user to identify repeat visitors), browser window size, the geographic location of the user, device and operating system used to access the Site. The information we collect from these cookies is used to determine information about a user’s visit to our Site, including the number of visits, average time spent, pages viewed, navigation history through the website, and other statistics. This information is used to enhance the users experience while visiting our Site and to improve the performance of our Site by, among other things, allowing us to monitor Site performance, making the Site easier to use, measuring the effectiveness of promotional placements, and tailoring the Site (including the ads and offers a user receives) to better match a user’s interests and preferences.
Users who prefer not to accept cookies can set their Internet browser to notify them when they receive a cookie or to prevent cookies from being placed on their hard drive. If you consent to our collection of cookies and you subsequently wish to withdraw your consent, you will need to manage the settings on your web browser to delete all cookies and disallow further acceptance of cookies. Please note that disabling cookies on your browser will prevent us from tracking your activities in relations to our Site, however, it may also disable some of the functions and features of the Site and the Site may not work properly.
Children’s Privacy
This Site is not targeted nor directed at children under the age of 13 and we do not knowingly or intentionally collect any information from children under the age of 13. If you believe that a child under the age of 13 has provided us with his or her information, please notify us immediately at info@pedraresearch.org.
Copyright
All material and images are copyright protected and may not be reproduced without written permission of PeDRA.
Access to Information; Date Portability
A PeDRA member has the right to request access to information PeDRA has on the member. Contact us at info@pedraresearch.org to obtain such data. You will be provided with a copy of the data we process about you. Verification of identity will be required. Requests will be fulfilled electronically within five business days. A PeDRA member has the right to receive personal data which the member has previously provided in a ‘commonly use and machine-readable format’ and to have this data transmitted outside of PeDRA.
Data Breach Response Policy
Any individual who suspects a theft, breach or exposure of PeDRA-protected data has occurred must immediately provide a description of the event to info@pedraresearch.org. PeDRA will investigate all reported thefts, data breaches and exposures to confirm if an incident has occurred. If an incident has occurred all affected users will be notified immediately of the scope of incident, steps to correct the situation, and any further actions to help serve PeDRA members in protecting their information.
Links to Third Party Sites and Services
Our Sites may contain links to third party websites, applications and services not operated by us. These links are provided as a service and do not imply any endorsement by us of the activities or content of these sites, applications or services nor any association with their operators. We are not responsible for the privacy policies or practices of any third-party including websites or services directly linked to our Site. We encourage you to review the privacy policies of any third-party site that you link from our Site.
Changes to this Policy
If we make any material changes to this Policy or the way we use, share or collect Personal Data, we will notify you by revising the “Effective Date” at the top of this Policy and posting the revised Policy on our Site.
Questions?
If you have any question about this Policy that is not addressed above, please contact the Executive Director of PeDRA at mike.siegel@pedraresearch.org or 971-369-0373.