PRIVACY POLICY

EFFECTIVE DATE:  JUNE 17, 2018

Welcome to Clinical Rotation!

Clinical Rotation is committed to maintaining your confidence and trust with respect to the privacy of the Personal Data we collect from you.  When this Privacy Policy (“Privacy Policy”) mentions “Clinical Rotation”, “we”, “us”, or “our”, it refers to the company Clinical Rotation LLC.  The Privacy Policy applies to all visitors, users, Members, Hosts, and others (collectively, “you”, “your”) who access or use the Clinical Rotation Platform.  If you come upon an undefined term in this Privacy Policy (such as “Platform” or “Member”), it has the same definition as in our Terms of Service.

For the purpose of this Privacy Policy, Personal Data (“Personal Data”) refers collectively to any information relating to an identified or identifiable natural person; an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.

Please read this Privacy Policy carefully to understand our practices about how we collect, use, and share your Personal Data.

A) ABOUT OUR PRIVACY POLICY

This Privacy Policy describes how the Personal Data that is collected when you visit our Platform will be used.

B) INFORMATION WE COLLECT

The Platform collects information from you in two ways:  (i) directly from your input (“Information You Provide”), and (ii) automatically through the use of our Platform (“Information Collected Automatically”).

(i)  Information You Provide

 The types of Personal Data that the Platform collects directly from you may include:

  1. Contact and identification details, such as your name, date of birth, telephone number, email and physical address.
  2. Educational background information, such as school name, contacts, program type, and enrollment details.
  3. Professional background information, such as licensing information, board certification, practice details.
  4. Profile and Listing information, such as images, biography, service descriptions, preferences, and location.
  5. Payment information, such as PayPal email address, credit card and bank account details.
  6. Affiliation Agreement and other Host Service details.
  7. Usernames and passwords.
  8. Interests and communication preferences.
  9. Comments, Reviews, Ratings, feedback, inquires, posts, and all other content you submit to the Platform.

In order to access certain content and to make use of additional functionality and features of the Platform, we ask you to register for an account by completing and submitting a registration form used to customize Clinical Rotation for you.

Clinical Rotation is a “Data Controller” (as defined in Data Protection Legislation) in respect to this Personal Data. The legal basis upon which we process Personal Data is our legitimate interest to provide our Platform to you.

(ii)  Information Collected Automatically

The Platform also automatically collects, through our servers and the use of cookies (small text files sent to your computer), web beacons (also known as clear or single pixel .gifs), and other technologies, information that tells us how you use the Platform, such as:

  1. Internet Protocol (“IP“) address used to connect your computer to the internet is temporarily stored by our web server for security, maintenance and product improvement purposes and is not connected to Personal Data.
  2. Computer, device, and connection information, such as browser type and version, operating system, mobile platform, and unique device identifier (“UDID“) and other technical identifiers in order to optimize our Platform for your use.
  3. Uniform Resource Locator (“URL“) click stream data, including date and time stamp, referring and exit URLs, search terms you used, and pages you visited or searched for on the Platform; and for location-aware services, the physical location of your device in order to provide you with more relevant content for where you are in the world.
  4. Information related to your payment transactions through the Platform, including the payment method used, date and time, payment amount, payment instrument expiration date and billing zip code, PayPal email address, IBAN information, your address and other related transaction details. This information is necessary for the adequate performance of the contract between you and Clinical Rotation.

When you use our Platform, we may automatically collect certain information from your device including your precise geolocation, information about your device such as the device type, device ID, operating system, wireless service provider, and information about the operation of our Platform and your usage of our Platform, including features you used, pages and Listings you viewed, and when and for how long you used the Platform.  By using the Clinical Rotation Platform, you agree that we may collect this information and use, transmit, process, and store that information as described in our Privacy Policy including to provide and improve our Platform.

We may use and disclose information that does not reveal your identity or permit direct association with any specific individual, such as browser and device information, anonymous usage data, and aggregated information, for any purpose, except where we are restricted by law. If we combine non-Personal Data with Personal Data, the combined information will be treated as Personal Data for as long as it remains combined.

You can control cookies through your browser’s settings and other tools.  However, if you block certain cookies, you may not be able to register, login to the Platform, access certain parts of the Platform or make full use of the Platform.  Although you may disable the usage of cookies through your browser settings, our Platform currently does not respond to a “Do Not Track” signal from your browser or mobile application due to lack of standardization of how that signal should be interpreted.

C) USE OF YOUR INFORMATION

We may use your Personal Data to:

  1. Provide the Platform to you, such as allow access to or delivery of our products or services, process or fulfill an order or transaction, or administer surveys or promotional programs.
  2. Respond to your requests, inquiries, comments, or concerns.
  3. Provide technical, product, and other support and help keep the Platform working, safe, and secure.
  4. Offer you customized content and individualized personalization of the Platform to make it more relevant to your interests and needs.
  5. Enhance, evaluate, and improve the Platform, its advertisements and promotional campaigns and our products and services and to develop new products and services.
  6. Identify and analyze usage trends, including for the purposes of research, audits, reporting and paying royalties and license fees to third-party content providers.
  7. Notify you about changes or updates to the Platform and our products and services.
  8. Provide you special offers, promotions, surveys, advertisements and other information about the Platform as well as products, events and services of ours, our affiliates and non-affiliated third parties such as societies and sponsors.

We may also verify, match, or combine the Personal Data that you provide with information that we obtain from other sources or that is already in our records, whether collected online or offline or by predecessor or affiliated group companies, for the purposes described above.

D) DISCLOSURE OF YOUR INFORMATION

We may share your Personal Data with:

  1. Relevant Members or Hosts in order to process, accept, decline, and/or confirm a Reservation for a Host Service, Rotation, or Recreation, or other Service.
  2. Relevant Schools and professional healthcare and student societies, organizations, boards, or credentialing bodies.
  3. Relevant agents, representatives, joint ventures, and entities for which we are acting as an agent, licensee, or publisher, such as societies and sponsors.
  4. Applicable suppliers and service providers, including editors, reviewers, credit card processors, customer support, email service providers, mailing houses and shipping agents, and IT service providers.
  5. To assist us with producing and delivering our products and services, developing and operating our businesses, systems and applications, processing payments, customer support, marketing, promotion and communications, and for other purposes set forth in this Privacy Policy.

We also may share your Personal Data with our affiliated group companies worldwide and with societies, sponsors, and other non-affiliated third parties that wish to send you information about their products and services that may be of interest to you as determined by your choices in managing your communications preferences following the process described below.

If our Platform offers a content database or learning service (“Subscription Service“) and you access the Subscription Service through an institution-sponsored subscription, your Personal Data and certain usage data gathered through the Subscription Service, such as the number of items you downloaded, any non-subscribed items you accessed, and test scores, may be shared with your institution for the purposes of usage analysis, subscription management, course management and testing and remediation. If your institution is a corporation or other business entity, additional usage data, such as the types of records you viewed and the number of searches you ran, also may be shared for the purposes of cost attribution and departmental budgeting.

We also may need to disclose your Personal Data:

  1. To respond to or comply with any law, regulation, subpoena, court order or other legal obligation.
  2. To enforce and protect our rights and properties.
  3. To detect, investigate and help prevent security threats, fraud or other malicious activity.
  4. To protect the rights, property or safety of our users, employees or others.
  5. If Clinical Rotation, the Platform or a related asset or line of business is acquired by, transferred to or merged with another company.

The Platform may let you post and share Personal Data, comments, materials and other content. Any information you disclose publicly may be collected and used by others, may be indexable by search engines, and might not be able to be removed. Please be careful when disclosing Personal Data in these public areas.

E) YOUR CHOICES AND COMMUNICATIONS PREFERENCES

You can manage your communications preferences by using the “opt-out” or unsubscribe mechanism or other means provided within the communications that you receive from us or by contacting us at: Email. We reserve the right to notify you of changes or updates to the Platform whenever necessary, as determined in its sole discretion by Clinical Rotation.

F) ACCESS AND ACCURACY OF YOUR INFORMATION

You have a right to be informed of Personal Data processed by the Platform, a right to rectification/correction, erasure and restriction of processing. Upon request, you have the right to receive a structured, common and machine-readable format of the Personal Data you provided to us. We may need to request specific information from you to help us confirm your identity and ensure your right to access your Personal Data (or to exercise any of your other rights). This is a security measure to ensure that you are the data subject entitled to receive such Personal Data.

You will not have to pay a fee to access your Personal Data. However, we may charge a reasonable fee if your request is clearly unfounded, repetitive, or excessive. Alternatively, we may refuse to comply with your request in these circumstances.

Registered users can access their account information and make corrections or updates upon login at any time. The accuracy of such information is solely the responsibility of the user.

Where you have provided consent, you may withdraw it at any time, without affecting the lawfulness of the processing that was carried out prior to withdrawing it. Whenever you withdraw consent, you acknowledge and accept that this may have a negative influence on the quality of the Platform. We will endeavor to fulfill your request within 30 days but some Personal Data may persist in backup copies for a certain period of time and may be retained as necessary for legitimate business purposes or to comply with our legal obligations. You further agree that Clinical Rotation shall not be held liable with respect to any loss and/or damage to your Personal Data if you choose to withdraw consent.

To exercise any of the rights mentioned in this Privacy Policy and/or in the event of questions or comments relating to the use of Personal Data, you may contact Clinical Rotation’s support team: Email.

You have the right to lodge a complaint with the data protection authority in your jurisdiction.

G) DATA SECURITY

Clinical Rotation takes precautions to safeguard your Personal Data against loss, theft and misuse and unauthorized access, disclosure, alteration, and destruction through the use of appropriate administrative, physical and technical security measures.

Our website is scanned on a regular basis for security holes and known vulnerabilities in order to make your visit to our site as safe as possible. Your Personal Data is contained behind secured networks and is only accessible by a limited number of persons who have special access rights to such systems, and are required to keep the information confidential. We implement a variety of security measures when a user enters, submits, or accesses their information to maintain the safety of your Personal Data.

Personal Data and usage data is stored as long as is necessary for the purpose(s) for which we originally collected it. We may also retain information as required by law.

H) CROSS-BORDER TRANSFER OF YOUR INFORMATION

Your Personal Data may be transferred to other countries for processing. By using the Platform, you consent to the transfer of information to countries outside of your country of residence, which may have different Personal Data protection rules than in your country.

I) CHANGES TO OUR PRIVACY POLICY

We may change this privacy policy from time to time. Any changes will be posted on this page with an updated revision date.

J) THIRD-PARTY LINKS

We may include or offer third-party products or services on our Platform. These third-party sites have separate and independent privacy policies. We, therefore, have no responsibility or liability for the content and activities of these linked sites. Nonetheless, we seek to protect the integrity of our Platform and welcome any feedback about these sites.

K) GOOGLE

Google’s advertising requirements can be summed up by Google’s Advertising Principles. They are put in place to provide a positive experience for users. You can find more information here: https://support.google.com/adwordspolicy/answer/1316548?hl=en. We may use Google AdSense Advertising and DoubleClick for Publishers on our Platform. Google, as a third-party vendor, may use cookies to serve ads on our site. Google’s use of the DART cookie enables it to serve ads to our users based on previous visits to our site and other sites on the Internet. Users may opt-out of the use of the DART cookie by visiting the Google Ad and Content Network privacy policy.

L) COMPLIANCE

EU General Data Protection Regulation (“GDPR”)

We carry out all data control and processing operations in strict compliance with the GDPR. We use a limited number of external service providers that are trusted and meet high data protection and security standards for certain tasks such as technical data analysis, processing and/or storage offerings. We only share information with them that is required for the services offered, and we may contractually bind them to keep any information we share confidential. We will only pass your data on to third parties without your express consent if we are obliged to do so by statutory law or as an instruction from a public authority or court.

California Online Privacy Protection Act

CalOPPA is the first state law in the U.S. to require commercial websites and online services to post a privacy policy. The law’s reach stretches well beyond California to require a person or company in the United States (and conceivably the world) that operates websites collecting personally identifiable information from California consumers to post a conspicuous privacy policy on its website stating exactly the information being collected and those individuals with whom it is being shared, and to comply with this policy. – See more at: Consumercal.org.

According to CalOPPA we agree to the following:

Users can visit our site anonymously. Once this privacy policy is created, we will add a link to it on our home page or as a minimum on the first significant page after entering our website. Our Privacy Policy link includes the words “Privacy Policy” and can be easily be found on the page specified above. Users will be notified of any Privacy Policy changes when they login to their account.

Does our site allow third-party behavioral tracking?

It’s also important to note that we allow third-party behavioral tracking to improve our users’ experience.

COPPA (Children Online Privacy Protection Act)

When it comes to the collection of Personal Data from children under 13, the Children’s Online Privacy Protection Act (COPPA) puts parents in control. The Federal Trade Commission, the nation’s consumer protection agency, enforces the COPPA Rule, which spells out what operators of websites and online services must do to protect children’s privacy and safety online. You must be at least 18 years or older to access and use our Platform and we do not specifically market to children under 13.

Fair Information Practices

The Fair Information Practices Principles form the backbone of privacy law in the United States and the concepts they include have played a significant role in the development of data protection laws around the globe. Understanding the Fair Information Practice Principles and how they should be implemented is critical to comply with the various privacy laws that protect Personal Data.

In order to be in line with Fair Information Practices we will take the following responsive action, should a data breach occur:

We will notify the users via email within seven (7) business days. We will notify the users via in-site notification within seven (7) business days. We also agree to the Individual Redress Principle, which requires that individuals have a right to pursue legally enforceable rights against data collectors and processors who fail to adhere to the law. This principle requires not only that individuals have enforceable rights against data users, but also that individuals have recourse to courts or government agencies to investigate and/or prosecute non-compliance by data processors.

CAN-SPAM Act

The CAN-SPAM Act is a law that sets the rules for commercial email, establishes requirements for commercial messages, gives recipients the right to have emails stopped from being sent to them, and spells out tough penalties for violations.

We collect your email address in order to provide you with occasional Platform or Service updates, which you can easily opt-out of.

To be in accordance with CAN-SPAM we agree to the following:

If at any time you would like to unsubscribe from receiving future emails, you can email us at Email and we will promptly remove you from ALL correspondence.

M) CONTACT

If you have any questions, comments or requests regarding this Privacy Policy or our processing of your information, please contact:

Clinical Rotation LLC
ATTN: Privacy Officer
217 East 70th Street, Unit 2343
New York, NY 10021
Email