This Privacy Policy explains how CliniContact LLC (“CliniContact” or “we” or “us”) collects and uses Personal Data through its Websites and electronic communications with you. CliniContact values your privacy and is committed to protecting it. This Privacy Policy complies with the EU General Data Protection Regulation (“GDPR”) and other applicable privacy laws.
CliniContact complies with the EU-U.S. Data Privacy Framework (DPF) principles, including notice, choice, accountability for onward transfer, security, data integrity and purpose limitation, access, recourse, enforcement, and liability, for all personal data received from the European Union (EU), United Kingdom (UK), and Switzerland. CliniContact has self-certified to the U.S. Department of Commerce regarding its adherence to the DPF principles.
This Privacy Policy describes the types of information we may collect from you or that you may provide when you visit our websites at https://mainpage.clinicontact.com/ or https://www.clinicontact.com (each, a “Website”) and our practices for collecting, using, maintaining, protecting, and disclosing that information.
This policy applies to information we collect:
It does not apply to information collected by:
Please read this policy carefully to understand our policies and practices regarding your information and how we will treat it. If you do not agree with our policies and practices, you should not use our Websites. By accessing or using these Websites, you agree to this Privacy Policy. This Privacy Policy may change from time to time, so please check this Privacy Policy periodically for updates.
CliniContact is the data controller of your Personal Data collected through the Websites. CliniContact has appointed a Data Protection Officer and a representative in compliance with the General Data Protection Regulation. If you have any questions about this Privacy Policy or your Personal Data, please contact CliniContact using the information set forth in the “Contact Information” Section below.
Our Websites are not intended for children under the age of 13. If you are under 13, you must not use our Websites. If you are over the age of 13 but under the age of 16, your legal parent or guardian must provide the information on your behalf (you must not provide such information yourself).
We do not knowingly collect Personal Data directly from children under 13. If you are under 13, do not use or directly provide any information on our Websites or on or through any of its features, or provide any information about yourself to us, including your name, address, telephone number, email address, or any screen name or user name you may use. If we learn we have collected or received Personal Data directly from a child under 13, we will delete that information. If you believe we might have any information directly from a child under 13, please contact us using the information set forth in the “Contact Information” Section below.
We have lawful reasons for processing your Personal Data, which include processing based on our legitimate interests (taking into account your rights and freedoms), fulfilling contractual obligations, complying with the law, and obtaining your consent.
If you are located in the European Union, the processing of your Personal Data is only lawful if it complies with the applicable data protection laws. We have a lawful basis for each processing activity, except when an exception applies, as explained below:
We may process sensitive Personal Data with your explicit consent or when necessary to fulfill our legal obligations or protect our legitimate interests.
Certain Personal Data processed by CliniContact may be considered sensitive, such as information revealing your racial or ethnic origin or health-related data. We process this information only with your explicit consent, or when necessary to fulfill our legal obligations or protect our legitimate interests.
We use your Personal Data for various purposes, including providing our Websites to you, fulfilling your information requests, enforcing contractual rights, and notifying you about changes.
We use the information we collect about you or that you provide to us, including Personal Data, for the following purposes:
CliniContact processes personal data only for purposes consistent with the purposes for which it was collected, as outlined in this Privacy Policy, unless you provide explicit consent for additional uses.
We do not share, sell, or disclose your Personal Data for purposes other than those outlined in this Privacy Policy. However, we may share your Personal Data with specific third parties under certain circumstances.
We disclose your Personal Data to the following parties:
We do not share, sell, or disclose your Personal Data for purposes other than those outlined in this Privacy Policy. However, we may share aggregated information about our users without any restrictions.
We may disclose your Personal Data:
We may also disclose your Personal Data:
CliniContact ensures that any third parties processing personal data on our behalf adhere to the Data Privacy Framework principles or other legally recognized data protection measures. Contracts with such parties include provisions that require them to use personal data solely for the intended purposes and to protect it adequately.
We provide options for you to opt out of certain activities, such as the use of tracking technology, disclosure of your Personal Data for third-party advertising, and receiving our promotional offers.
We do not control the collection and use of your information by third parties as described in the "Disclosure of Your Information" section. However, these organizations are contractually obligated to use the data solely for providing services to us and maintain its confidentiality. These third parties may aggregate the collected information with data from other customers for their own purposes.
Additionally, we strive to give you control over your Personal Data by offering the following mechanisms:
California residents may have additional rights and choices regarding their personal information. Please refer to the "Your California Privacy Rights" section for more details.
You have certain rights under data protection laws, including the right to access and update your Personal Data, restrict its use, transfer it to another controller, withdraw your consent, and request the erasure of certain Personal Data. You also have the right to lodge a complaint with a supervisory authority regarding our handling of your Personal Data.
To exercise your rights, you can review and modify your Personal Data by contacting us using the provided Contact Information. If you notice any errors or changes in your Personal Data, you can inform us to ensure its accuracy and completeness. However, we may be unable to accommodate your request if it violates any legal requirements or results in incorrect information.
You have the right to restrict our processing of your Personal Data under certain circumstances, such as contesting its accuracy, if the processing is unlawful, or if we no longer need it but are permitted to retain it by law.
If you have provided your consent and your Personal Data is processed based on that consent, you can withdraw it at any time by closing your account. Please note that withdrawing your consent does not affect the lawfulness of processing based on your consent prior to its withdrawal, or processing based on other lawful bases.
You have the right to request the deletion of all your Personal Data. However, we can only delete your Personal Data by also deleting your user account, and we will do so when we no longer have a legal basis for processing your Personal Data or when it is determined to have been unlawfully processed. We may not delete information if it would violate any legal requirements or result in incorrect information. In some cases, certain data may remain in backups as per our disaster recovery policies.
You can also provide us with instructions regarding the storage, erasure, and sharing of your Personal Data after your death.
If you have concerns about your privacy, we encourage you to contact us directly before lodging a complaint with the supervisory authority. We will work with you to address your concerns.
If you exercise any of these rights, we may ask for additional information to verify your identity. We reserve the right to limit or deny your request if you fail to provide sufficient information or if it conflicts with legal or business requirements. Please note that making unfounded, repetitive, or excessive requests may result in a fee, as permitted by applicable law.
Under the Data Privacy Framework, individuals have the right to:
To exercise these rights, please contact us using the information provided in the 'Contact Information' section.
Residents of certain states may have additional rights regarding the use of their Personal Information. To learn about any additional rights applicable to you as a resident of your state, please refer to the privacy addendum attached to this Privacy Policy.
YOUR CALIFORNIA PRIVACY RIGHTS
If you are a California resident, you have additional rights under the California Privacy Notice. California Civil Code Section 1798.83 (California's "Shine the Light" law) permits you to request information about our disclosure of personal information to third parties for their direct marketing purposes. To make such a request, please contact us using the provided Contact Information.
We do not track your online activities across third-party websites or services, and we do not honor "do not track" signals sent by some browsers.
While we implement security measures to protect your Personal Data, transmitting information over the Internet is not completely secure. You can help protect your information by keeping your password confidential. We are not responsible for the circumvention of privacy settings or security measures on our Websites.
Your Personal Data may be processed and stored outside your home country, including in the United States. We only do this when permitted by law and when appropriate safeguards are in place to protect your Personal Data.
If you are a resident of the European Economic Area (EEA), we may transfer and store your Personal Data outside the EEA, including in the United States. By using our Websites, you consent to the storage and processing of your Personal Data, acknowledging that it may be transferred to countries that may not provide an equivalent level of protection. We use Data Protection Agreements and, where applicable, Standard Contractual Clauses to ensure the protection of your Personal Data. You have the same rights under these Standard Contractual Clauses as if your data was not transferred. You can request a copy of the Data Protection Agreement by contacting us through the provided Contact Information.
We retain your Personal Data as long as your account remains open. Even after account closure, we may retain your Personal Data for legal purposes, on our backup systems, and to protect our rights.
After closing your account, we may retain your Personal Data to comply with legal requirements, store it in our backup systems, protect our legal interests, pursue legal rights and remedies, and retain anonymized or aggregated data indefinitely.
We will notify you of any material changes to our Privacy Policy and invite you to review and accept the changes. It is your responsibility to keep your contact information up to date and regularly check our Websites and Privacy Policy for any updates.
CliniContact conducts annual reviews to verify its ongoing compliance with the Data Privacy Framework principles and renews its self-certification with the U.S. Department of Commerce.
For any questions, concerns, complaints, or requests related to your Personal Data, please contact us through the provided Contact Information or the "Contact Us" page on our Websites.
For unresolved privacy complaints under the Data Privacy Framework, individuals may contact their local EU Data Protection Authority.
This service is provided free of charge.
To find the contact details for your local EU Data Protection Authority, please visit:
https://ec.europa.eu/justice/article-29/structure/data-protection-authorities/index_en.htm
If an unresolved complaint cannot be addressed through the designated independent recourse mechanism, individuals may invoke binding arbitration under the Data Privacy Framework as a final resort. Details on this process are available at EU-U.S. and UK Extension DPF Program Binding Arbitration Mechanism | ICDR.org.