EFFECTIVE DATE: JUNE 17, 2018
Welcome to Clinical Rotation!
B) INFORMATION WE COLLECT
The Platform collects information from you in two ways: (i) directly from your input (“Information You Provide”), and (ii) automatically through the use of our Platform (“Information Collected Automatically”).
(i) Information You Provide
The types of Personal Data that the Platform collects directly from you may include:
- Contact and identification details, such as your name, date of birth, telephone number, email and physical address.
- Educational background information, such as school name, contacts, program type, and enrollment details.
- Professional background information, such as licensing information, board certification, practice details.
- Profile and Listing information, such as images, biography, service descriptions, preferences, and location.
- Payment information, such as PayPal email address, credit card and bank account details.
- Affiliation Agreement and other Host Service details.
- Usernames and passwords.
- Interests and communication preferences.
- Comments, Reviews, Ratings, feedback, inquires, posts, and all other content you submit to the Platform.
In order to access certain content and to make use of additional functionality and features of the Platform, we ask you to register for an account by completing and submitting a registration form used to customize Clinical Rotation for you.
Clinical Rotation is a “Data Controller” (as defined in Data Protection Legislation) in respect to this Personal Data. The legal basis upon which we process Personal Data is our legitimate interest to provide our Platform to you.
(ii) Information Collected Automatically
- Internet Protocol (“IP“) address used to connect your computer to the internet is temporarily stored by our web server for security, maintenance and product improvement purposes and is not connected to Personal Data.
- Computer, device, and connection information, such as browser type and version, operating system, mobile platform, and unique device identifier (“UDID“) and other technical identifiers in order to optimize our Platform for your use.
- Uniform Resource Locator (“URL“) click stream data, including date and time stamp, referring and exit URLs, search terms you used, and pages you visited or searched for on the Platform; and for location-aware services, the physical location of your device in order to provide you with more relevant content for where you are in the world.
- Information related to your payment transactions through the Platform, including the payment method used, date and time, payment amount, payment instrument expiration date and billing zip code, PayPal email address, IBAN information, your address and other related transaction details. This information is necessary for the adequate performance of the contract between you and Clinical Rotation.
We may use and disclose information that does not reveal your identity or permit direct association with any specific individual, such as browser and device information, anonymous usage data, and aggregated information, for any purpose, except where we are restricted by law. If we combine non-Personal Data with Personal Data, the combined information will be treated as Personal Data for as long as it remains combined.
You can control cookies through your browser’s settings and other tools. However, if you block certain cookies, you may not be able to register, login to the Platform, access certain parts of the Platform or make full use of the Platform. Although you may disable the usage of cookies through your browser settings, our Platform currently does not respond to a “Do Not Track” signal from your browser or mobile application due to lack of standardization of how that signal should be interpreted.
C) USE OF YOUR INFORMATION
We may use your Personal Data to:
- Provide the Platform to you, such as allow access to or delivery of our products or services, process or fulfill an order or transaction, or administer surveys or promotional programs.
- Respond to your requests, inquiries, comments, or concerns.
- Provide technical, product, and other support and help keep the Platform working, safe, and secure.
- Offer you customized content and individualized personalization of the Platform to make it more relevant to your interests and needs.
- Enhance, evaluate, and improve the Platform, its advertisements and promotional campaigns and our products and services and to develop new products and services.
- Identify and analyze usage trends, including for the purposes of research, audits, reporting and paying royalties and license fees to third-party content providers.
- Notify you about changes or updates to the Platform and our products and services.
- Provide you special offers, promotions, surveys, advertisements and other information about the Platform as well as products, events and services of ours, our affiliates and non-affiliated third parties such as societies and sponsors.
We may also verify, match, or combine the Personal Data that you provide with information that we obtain from other sources or that is already in our records, whether collected online or offline or by predecessor or affiliated group companies, for the purposes described above.
D) DISCLOSURE OF YOUR INFORMATION
We may share your Personal Data with:
- Relevant Members or Hosts in order to process, accept, decline, and/or confirm a Reservation for a Host Service, Rotation, or Recreation, or other Service.
- Relevant Schools and professional healthcare and student societies, organizations, boards, or credentialing bodies.
- Relevant agents, representatives, joint ventures, and entities for which we are acting as an agent, licensee, or publisher, such as societies and sponsors.
- Applicable suppliers and service providers, including editors, reviewers, credit card processors, customer support, email service providers, mailing houses and shipping agents, and IT service providers.
We also may share your Personal Data with our affiliated group companies worldwide and with societies, sponsors, and other non-affiliated third parties that wish to send you information about their products and services that may be of interest to you as determined by your choices in managing your communications preferences following the process described below.
If our Platform offers a content database or learning service (“Subscription Service“) and you access the Subscription Service through an institution-sponsored subscription, your Personal Data and certain usage data gathered through the Subscription Service, such as the number of items you downloaded, any non-subscribed items you accessed, and test scores, may be shared with your institution for the purposes of usage analysis, subscription management, course management and testing and remediation. If your institution is a corporation or other business entity, additional usage data, such as the types of records you viewed and the number of searches you ran, also may be shared for the purposes of cost attribution and departmental budgeting.
We also may need to disclose your Personal Data:
- To respond to or comply with any law, regulation, subpoena, court order or other legal obligation.
- To enforce and protect our rights and properties.
- To detect, investigate and help prevent security threats, fraud or other malicious activity.
- To protect the rights, property or safety of our users, employees or others.
- If Clinical Rotation, the Platform or a related asset or line of business is acquired by, transferred to or merged with another company.
The Platform may let you post and share Personal Data, comments, materials and other content. Any information you disclose publicly may be collected and used by others, may be indexable by search engines, and might not be able to be removed. Please be careful when disclosing Personal Data in these public areas.
E) YOUR CHOICES AND COMMUNICATIONS PREFERENCES
You can manage your communications preferences by using the “opt-out” or unsubscribe mechanism or other means provided within the communications that you receive from us or by contacting us at: Email. We reserve the right to notify you of changes or updates to the Platform whenever necessary, as determined in its sole discretion by Clinical Rotation.
F) ACCESS AND ACCURACY OF YOUR INFORMATION
You have a right to be informed of Personal Data processed by the Platform, a right to rectification/correction, erasure and restriction of processing. Upon request, you have the right to receive a structured, common and machine-readable format of the Personal Data you provided to us. We may need to request specific information from you to help us confirm your identity and ensure your right to access your Personal Data (or to exercise any of your other rights). This is a security measure to ensure that you are the data subject entitled to receive such Personal Data.
You will not have to pay a fee to access your Personal Data. However, we may charge a reasonable fee if your request is clearly unfounded, repetitive, or excessive. Alternatively, we may refuse to comply with your request in these circumstances.
Registered users can access their account information and make corrections or updates upon login at any time. The accuracy of such information is solely the responsibility of the user.
Where you have provided consent, you may withdraw it at any time, without affecting the lawfulness of the processing that was carried out prior to withdrawing it. Whenever you withdraw consent, you acknowledge and accept that this may have a negative influence on the quality of the Platform. We will endeavor to fulfill your request within 30 days but some Personal Data may persist in backup copies for a certain period of time and may be retained as necessary for legitimate business purposes or to comply with our legal obligations. You further agree that Clinical Rotation shall not be held liable with respect to any loss and/or damage to your Personal Data if you choose to withdraw consent.
You have the right to lodge a complaint with the data protection authority in your jurisdiction.
G) DATA SECURITY
Clinical Rotation takes precautions to safeguard your Personal Data against loss, theft and misuse and unauthorized access, disclosure, alteration, and destruction through the use of appropriate administrative, physical and technical security measures.
Our website is scanned on a regular basis for security holes and known vulnerabilities in order to make your visit to our site as safe as possible. Your Personal Data is contained behind secured networks and is only accessible by a limited number of persons who have special access rights to such systems, and are required to keep the information confidential. We implement a variety of security measures when a user enters, submits, or accesses their information to maintain the safety of your Personal Data.
Personal Data and usage data is stored as long as is necessary for the purpose(s) for which we originally collected it. We may also retain information as required by law.
H) CROSS-BORDER TRANSFER OF YOUR INFORMATION
Your Personal Data may be transferred to other countries for processing. By using the Platform, you consent to the transfer of information to countries outside of your country of residence, which may have different Personal Data protection rules than in your country.
J) THIRD-PARTY LINKS
We may include or offer third-party products or services on our Platform. These third-party sites have separate and independent privacy policies. We, therefore, have no responsibility or liability for the content and activities of these linked sites. Nonetheless, we seek to protect the integrity of our Platform and welcome any feedback about these sites.
EU General Data Protection Regulation (“GDPR”)
We carry out all data control and processing operations in strict compliance with the GDPR. We use a limited number of external service providers that are trusted and meet high data protection and security standards for certain tasks such as technical data analysis, processing and/or storage offerings. We only share information with them that is required for the services offered, and we may contractually bind them to keep any information we share confidential. We will only pass your data on to third parties without your express consent if we are obliged to do so by statutory law or as an instruction from a public authority or court.
California Online Privacy Protection Act
According to CalOPPA we agree to the following:
Does our site allow third-party behavioral tracking?
It’s also important to note that we allow third-party behavioral tracking to improve our users’ experience.
COPPA (Children Online Privacy Protection Act)
When it comes to the collection of Personal Data from children under 13, the Children’s Online Privacy Protection Act (COPPA) puts parents in control. The Federal Trade Commission, the nation’s consumer protection agency, enforces the COPPA Rule, which spells out what operators of websites and online services must do to protect children’s privacy and safety online. You must be at least 18 years or older to access and use our Platform and we do not specifically market to children under 13.
Fair Information Practices
The Fair Information Practices Principles form the backbone of privacy law in the United States and the concepts they include have played a significant role in the development of data protection laws around the globe. Understanding the Fair Information Practice Principles and how they should be implemented is critical to comply with the various privacy laws that protect Personal Data.
In order to be in line with Fair Information Practices we will take the following responsive action, should a data breach occur:
We will notify the users via email within seven (7) business days. We will notify the users via in-site notification within seven (7) business days. We also agree to the Individual Redress Principle, which requires that individuals have a right to pursue legally enforceable rights against data collectors and processors who fail to adhere to the law. This principle requires not only that individuals have enforceable rights against data users, but also that individuals have recourse to courts or government agencies to investigate and/or prosecute non-compliance by data processors.
The CAN-SPAM Act is a law that sets the rules for commercial email, establishes requirements for commercial messages, gives recipients the right to have emails stopped from being sent to them, and spells out tough penalties for violations.
We collect your email address in order to provide you with occasional Platform or Service updates, which you can easily opt-out of.
To be in accordance with CAN-SPAM we agree to the following:
If at any time you would like to unsubscribe from receiving future emails, you can email us at Email and we will promptly remove you from ALL correspondence.
Clinical Rotation LLC
ATTN: Privacy Officer
217 East 70th Street, Unit 2343
New York, NY 10021