Chinese American Hematologist and Oncologist Network
Privacy and Data Protection Notice,
Rights and Responsibilities Under Applicable Privacy Laws,
The Chinese American Hematologist and Oncologist Network (CAHON) has a strong commitment to privacy, recognizing that we are a public association. The statements below outline the policies and procedures concerning information gathering and dissemination practices for our organization.
We acknowledge that you may have privacy and security concerns with respect to the information we collect, use, and disclose to third parties for the purpose of allowing us to offer and provide the Web Site and our products and/or services, so we provide this Privacy and Data Protection Notice to explain, in as clear and plain language as possible, how we collect, use and disclose such information.
As more fully described in our Rights and Responsibilities notice, we recognize principles and requirements of applicable law (including, without limitation, the General Data Protection Regulation (“GDPR”) adopted by the European Union, the California Consumer Privacy Act (the “CCPA” and certain other applicable privacy laws) pertaining to privacy of information (collectively, “Privacy Directives”). You will also find an explanation of certain rights you have with respect to your Personal Information. Please refer to the Rights and Responsibilities Notice if you are a resident of the European Union or the state of California.
Please read our Notices carefully before accessing or using the Web Site or our Products and/or Services, so you can fully understand our practices in relation to the collection, use and disclosure of information hereunder, before we begin processing any information you provide to us. By accessing or using the Web Site and/or otherwise registering for and/or using our Products and/or Services, you are agreeing to be bound to the terms hereof and all applicable laws and regulations, and you agree that you are responsible for compliance with same. If you do not agree to the terms hereof, please do not access or use the Web site or our products or services (and you are prohibited from doing so).
We may modify these Notices from time to time (see “Changes to This Notice” below), so please check periodically for updates. If any questions arise about the meaning or interpretation of these Notices, or if these Notices are translated into another language, the English-language version of these Notices is the official text.
Privacy and Data Protection Notice
What is “Personal Information”
This Notice undertakes to protect the personal data or personal information of individuals wherever located and covers many processing activities, including collection, storage, consultation, transfer, and destruction, of this data. “Personal information” means any and all information relating to an identified or identifiable natural person. You can be identified from information such as your name; email address; age; gender; home, work and/or mobile phone numbers; home and or work postal addresses; professional designations and titles and other demographics pertaining to your trade or profession; passport number; and payment information (including credit/debit card information). You may also be identifiable from information such as an online identifier, IP address, unique device ID or cookie.
Information Collected by Us
This Notice applies to information we collect:
- On the Web Site;
- In email, texts and other electronic messages between you and the Web Site;
- When you sign up for events that we host;
- When you use or access any Products and/or Services we provide, through the Web Site or otherwise;
In such circumstances, you may provide information online, over the telephone, in writing or otherwise in connection with such activities. During these processes, you may share with us Personal Information about yourself. Personal Information may also be collected, or your IP address logged, when you visit the Web Site even if you do not take express action to give us information. Additionally, information regarding your computer, your connection to the Web Site (such as your browser type, operating system and platform) and your user history (including, but not limited to, your session information, page errors and the length of your visits to specific pages within the Web Site) may also be collected.
How We Use Personal Information
If you elect to provide Personal Information (such as your name, employer name and title, mailing address and/or phone number), we will collect, use and share it pursuant to this Notice and applicable law. For instance, we may use Personal Information you provide for purposes such as:
- Carrying out a registration made by you;
- Fulfilling your requests for services (including purchases);
- Processing payment information when you register for a meeting or otherwise purchase services from us;
- Customizing and improving the Web Site (including its look and feel), the Content and otherwise our products and/or services thereon;
- Customizing and/or improving your experience on the Web Site;
- Contacting you;
- Conducting research or analysis;
- Emailing advance notice of and/or invitation to events;
- Sending email to confirm your registration;
- Looking up and printing your physical badge for a conference, meeting or other event
- Generating certificates of attendance, credentials, etc. as may be applicable for your event;
- Tracking attendance at conferences, meetings, events or sessions;
- Recording and maintaining continuing education information for purposes of awarding and verifying continuing education attendance, participation, qualifications and credits;
- Providing support services; and
- Responding to and resolving complaints.
We collect information in different ways from those who access the Web Site. We primarily use this information to provide a customized experience as you use our Web Site and/or to provide to you our Products and/or Services. We do not share this information with third parties, though we may disclose such information if we have received your permission beforehand or in special circumstances, such as when we believe that such disclosure is required by law, or in other particular cases described below.
How We May Share Your Information
It is our policy not to disclose, sell or rent any of your Personal Information to any individual, business, government entity or other outside party. However, we may disclose or share your Personal Information (and you are considered to consent to same) if we have received your permission beforehand, or in certain circumstances, such as:
- to provide Products and/or Services you have requested from us and otherwise to engage in activities inherent to your membership or other relationship with us;
- in response to a validly-issued subpoena, court order or other legal process;
- when necessary to establish or exercise our legal rights or defend against legal action;
- where you request us to do so;
- share with conference, meeting and event organizers;
- share with third parties involved in the conference, meeting or event process (e.g., hotel booking companies);
- potentially share with exhibitors at the event (e.g., through badge scanning onsite);
- allow event exhibitors to send you email/direct mail to the extent you so authorize;
- allow other attendees to contact you if you sign up for communications;
- to satisfy laws, such as the Electronic Communications Privacy Act, regulations, or governmental or legal requests;
- to identify, contact, or bring legal action against someone who may be violating the terms of this Notice or other policies;
- to protect us and our other users.
We may also use return e-mail addresses to answer e-mail we receive from you. Such addresses are not used for any other purpose.
Once your Personal Information has been shared with a third party, we no longer have direct control over that information, but we require our contractors and others who help us provide the Web Site and services to agree to follow applicable Privacy Directives.
Your personal information will not be collected for use that is in violation of applicable law or unrelated to that discussed in this Notice.
We recognize that all Personal Information you submit to us belongs to you, and that we use your data only with your permission. You have the following specific rights (which are more fully described in our Rights and Responsibilities notice).
- Informed: We will tell you exactly how we use your Personal Information in clear, plain language.
- Consent: We will not store or use your Personal Information without your consent. If we get your Personal Information from a membership organization or another source, we will ensure through a contract that they are also compliant with GDPR consent regulations.
- Access and Portability: You may view such or your Personal Information as is accessible on our Web Site and request a copy of all Personal Information we may store that is not accessible on our Web Site.
- Modification: You may request corrections, changes or updates to any personal data we store.
- Erasure: You may request that we purge all or your Personal Information at any time.
If you have any complaints on our processing of your Personal Information or if you believe that we have breached our own privacy policies or applicable law, we encourage you to contact us. However, please note that applicable Privacy Directives may provide you with a right to lodge a complaint with the competent supervisory authority as well; however, we ask that you please attempt to resolve any issues with us first.
Additionally, be aware that if you visit other, unrelated websites where you are prompted to log in or that are customizable, you may be required to accept cookies. Third parties and other unrelated websites may also use their own cookies. We do not control use of these cookies and expressly disclaim responsibility for information collected through them.
Finally, we may occasionally enable and implement various analytic tools, such as Google Analytics, which is an analytics tool provided by Google to collect and process collected information and data consisting of certain telematics about your use of our Web Site. Google sets and reads cookies to collect such Collected Data and your web browser will automatically send such collected information and data to Google. Google stores and uses this data to provide us with reports that we use to improve the Website’s structure and content. For more information on Google Analytics, please see www.google.com/policies/privacy/partners/.
When you visit our Web Site, we automatically collect information from your browser or your mobile device, such as Internet Protocol (IP) address or unique device identifier, cookies, and data about which pages you visit in order to allow us to operate and provide the Web Site and our services. This information is used to protect the Web Site and our services and to keep the Web Site secure, analyze and improve our Web Site and services and understand how the Web Site works and for the other purposes described in “How We Use Personal Information,” above.
We may use automated decision making in processing your Personal Information for some services and products. You may request a manual review of the accuracy of an automated decision if you are unhappy with it. You have the right not to be subject to a decision based solely on automated processing.
If you receive email communications from us, we may use certain tools to capture data related to when you open our messages and click on hyperlinks or banners it may contain. We use this information internally to enhance and support our marketing and sales operations.
Surveys, Questionnaires, Social Media
When you provide us with your Personal Information through social media or other online survey or questionnaire tools and platforms, or sign up for one of our mailing lists, newsletters, or marketing lists, we or third parties operating those tools, platforms or social media sites, may collect your social media handle or profile, and/or any other identifier that you use to be contacted online or offline. This information may also include personally identifiable and business information and whatever information or comments you may post on such platforms, but only to the extent that you voluntarily provide it to us. Anything you post on a social media platform or site is public information and will not be treated confidentially. Your use of social media platforms is governed by the privacy policies and terms of the third parties that own and operate those platforms and not by this Policy. We encourage you to review the terms contained in this Notice.
How We Protect Personal Information/Data Security
This Notice, along with our Rights and Responsibilities notice, reflects a comprehensive approach to privacy and data security that complies with applicable Privacy Directives and generally accepted best business practices. We use commercially reasonable technical and organizational measures to help secure your Personal Information and prevent it from being lost, used or accessed in an unauthorized manner, altered or disclosed during collection, storage, and processing. The specific privacy and data security measures we use incorporate the following guidelines, as applicable:
- No sensitive Personal Information such as credit card numbers, bank account numbers, passport, and social security numbers, is stored on our servers other than as required to perform a function for which the user provided such information, and in such cases where such information is provided, such information exists in our servers only for such transitory or other short period as is needed to perform such function, at which time is then purged from our servers;
- We follow generally accepted best practices for secure software development;
- All data is stored on physically secure hardware;
- Personal data is secured behind network firewalls and access requires login credentials;
- All data processed through web sites is encrypted in transit;
- In the unlikely event of a data breach, we have policies in place to promptly notify affected parties; and
- Data security is regularly audited by third parties.
While our security measures seek to protect your Personal Information in our possession, no security system is perfect and we cannot guarantee that your Personal Information will remain absolutely secure in all circumstances or that any privacy settings or security measures contained on our Web Site cannot be circumvented.
The majority of communications on the Web Site, including any submissions through available forms, are sent through the standard HTTP protocol and may be delivered using regular e-mail. Information sent over HTTP is not encrypted. E-mail, while convenient, does pose some risks (e.g., e-mail is not a secure form of communication, is unreliable, can be forwarded, etc.).
If a security breach causes an unauthorized intrusion into the Web Site or systems that compromises your data, we will notify you and any applicable regulator only if required under applicable law.
Access to and Updating Your Personal Information
If you wish to access, view, modify, update or erase your Personal Information as it exists in our records, please send an email to firstname.lastname@example.org
Accessing the Web Site From Outside the United States
The Web Site is operated and maintained by us from the United States. If you access the Web Site from outside the United States, please be aware that any personal information from you will be transferred to, stored in, and processed in the United States.
Third Party Web Sites
To the extent that the Web Site contains links to other, third-party web sites, we encourage you to take reasonable precautions when sharing your Personal Information on third party web sites. Please be aware that we have no control over the content and practices of such other sites and cannot accept responsibility for their respective privacy or use policies.
The Web Site is not intended for children under 16 years of age. We do not knowingly collect personally identifiable information from children under 16. If you are under 16, do not use or provide any information on the Web Site or provide any information about yourself to us, including your name, telephone number, email address or any screen name or user name you may use. If we learn we have collected or received personally identifiable information from a child under 16 without verification of parental consent, we will delete that information. If you believe we might have any information from or about a child under 16, please contact us at email@example.com or at the toll freetelephone number set forth at the end of the this Privacy notice.
Links to Other Sites
The Web Site may contain links to other websites. We are not responsible for the privacy practices or content of other websites. We encourage you to read the privacy statements and terms and conditions of each website that collects your personal information.
Changes to This Notice
We reserve the right to revise, amend, or modify this Notice, the Web Site, our privacy and data security policies and our other policies and agreements at any time and in any manner. Notice of any revision, amendment, or modification will be posted in accordance with terms hereof. By continuing to use the Web Site, you agree to any changes in this Notice.
You may opt out of receiving future communications from us and/or having your contact information displayed in our membership directory at any time by emailing an opt out request to firstname.lastname@example.org or calling us at the toll free number set forth at the end of this Notice. You may also be able to opt out of processes listed under “How We May Share Your Information” above. You may also request that we delete any personal information that we have collected from you, subject to exceptions as permitted by law. For further information regarding these and other rights you may have, please see our Rights and Responsibilities notice.
We recognize principles and requirements under applicable state, federal and foreign laws (including, without limitation, the General Data Protection Regulation (“GDPR”) adopted by the European Union, the California Consumer Privacy Act (“CCPA”), and the California Privacy Rights Act (“CPRA”) pertaining to privacy of information (collectively, “Privacy Directives”). Certain of the provisions set out below are addressed in previous sections of this Notice, but are nonetheless set forth below to the extent that they have particular application with respect to the requirements of applicable Privacy Directives.
We will undertake to comply with Privacy Directives with a view to ensuring that all information is:
- fairly and lawfully processed (for purposes of this Section, “processing” means any operation which is performed on personal information, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction);
- obtained and used solely for specific and clearly stated purposes;
- adequate, relevant, and not excessive;
- accurate and up-to-date;
- not kept for longer than necessary;
- processed in accordance with your rights;
- secure; and
- not transferred to other parties without adequate protection.
- Right to Request Information:
- You have the right to request the categories and specific pieces of Personal Information we have collected.
- We collect the following:
- The categories of Personal Information collected are described in our Privacy Notice.
- The purpose of such collection is primarily to provide a customized experience as you use our Web Site, as discussed in more detail in our Privacy and Data Protection Notice, and for the other purposes described elsewhere in this Notice.
- We do not sell or share any information we collect, except as described in our Privacy Notice (“How We May Share Your Personal Information”).
- We do not collect sensitive Personal Information within the meaning of the CPRA.
- We intend to retain each category of Personal Information for as long as reasonably necessary for the purposes for which the information was collected, but in no event longer than as is reasonably necessary in order to perform the function for which such information was provided to us and/or subject to applicable record retention procedures.
- Right to Not be Subjected to a Decision Based Solely on Automated Decision-Making: We may use automated decision making in processing your Personal Information for some services and products. You may request a manual review of the accuracy of an automated decision if you are unhappy with it. You have the right not to be subject to a decision based solely on automated processing.
- Right to Request Deletion of Personal Information: You have the right to request that we delete any Personal Information that we have collected from you, subject to exceptions as permitted by law. Although we generally do not disclose any Personal Information to third parties except as expressly described in this Notice, in the event that we do so in accordance with this Notice and such request is made as to information we have disclosed, we will notify such third party of your deletion request.
- Right to Correct:
- You have the right to request that we correct inaccurate Personal Information. If the Personal Information you have provided to us changes, please let us know. For instance, if your email address changes, you wish to cancel any request you have made of us, or if you become aware of inaccurate Personal Information about you, please contact us using the contact information at the end of this Notice.
- Right to Know and Access What Personal Information is Being Collected:
- The categories of Personal Information collected are described in our Privacy Notice.
- The categories of sources from which Personal Information are collected include the Web Site, email, and other electronic messages between you and the Web Site. We also collect Personal Information when you interact with us in another way, such as by contacting us in writing or orally with an inquiry.
- The purposes for collecting your Personal Information are described in our Privacy Notice.
- The categories of third parties to whom we may disclose Personal Information pursuant to this Notice (and subject to the restrictions set forth herein) include third-party vendors, service providers, suppliers, consultants and agents (including Website management and hosting, marketing, and email services), and, to the extent of any such disclosure required under applicable law, governmental, administrative and judicial bodies and instrumentalities.
- If we collect your Personal Information, you have the right to request the following:
- The categories of Personal Information we have collected about you.
- The categories of sources from which the Personal Information is collected.
- The purpose for collecting the Personal Information.
- The categories of third parties to whom it is disclosed.
- The specific pieces of Personal Information we have collected about you.
- Right to Access What Information Has Been Collected If We Sell or Share:
- We have not sold or shared, within the meaning of the CPRA, consumers’ Personal Information.
- We have disclosed Personal Information for a business purpose to the categories of persons described in Section 5(d) above. The categories of Personal Information we have disclosed are described in our Privacy Notice
- Right to Not be Discriminated Against: We will not discriminate against you if you exercise any of the rights referenced in the policy. We will not deny you services, charge you different prices, provide a different level of quality, suggest that you will receive a different price or level of quality, or retaliate against you or any employee, applicant, or independent contractor for exercising rights.
To exercise your rights as described in this Notice, or to ask questions or make any comments about this Notice or our privacy practices, please contact us at email@example.com or Call 1-866-723-0678.
Our mailing address is:
Chinese American Hematologist and Oncologist Network
555 East Wells Street, Suite 1100
Milwaukee, WI 53202-3823 USA