Privacy & User Consent

NACCD Privacy Policy

This Policy was last updated on October 17, 2018.

Introduction

The National Association of Chronic Disease Directors (the "NACDD" and also referred to as “we,” “us,” and “our”) is committed to protecting the privacy and security of the personal information we receive or collect from you through our website, https://www.chronicdisease.org/ and any associated services (the "Website").

We also believe in transparency and are committed to informing you about certain rights and options that you have with regard to your personal information and how we treat your personal information. We do this through our online Privacy Policy, together with our Terms of Use, and Cookies and Similar Technologies Policy ("Cookies Policy"), and any documents referenced therein.

PLEASE READ THIS PRIVACY POLICY CAREFULLY TO UNDERSTAND HOW WE TREAT YOUR PERSONAL INFORMATION AND WHAT CHOICES AND RIGHTS YOU HAVE IN THIS REGARD.  IF YOU DO NOT AGREE WITH THE TERMS AND CONDITIONS OF THIS POLICY, YOU SHOULD NOT ACCESS OR USE THE WEBSITE.

Who is Responsible for your Personal Information?

The NACCD is the party responsible for processing data on this Website. We observe certain legal and compliance measures with regard to the personal information (any information that identifies or is identifiable to a natural person under U.S. and other laws that may apply) that you provide to us through our Website and associated services. 

If you are a user in in the European Union (the "EU"), the European Economic Area ("EEA"), or the United Kingdom (UK), for purposes of the EU General Data Protection Regulation, 2016/679 (the "GDPR") or the UK Data Protection Act of 2018, or any successor legislation (collectively, "Data Protection Laws"), the NACCD acts as data controller for the "personal data" we collect from you via our Website.

Whenever we disclose your personal data to our organizational affiliates, or vice versa, we will inform you of our lawful basis for doing so and honor your rights with respect to the processing of your personal data. We also will let you know if an entity other than the NACCD is acting as a controller or processor of your data when you request a product or service from us.

What Personal Information Do We Collect and Why

We may collect or request anonymous or non-personally identifiable information from our Website users that cannot identify you as an individual unless combined with personally identifiable information. For example, we may collect aggregate website statistical information for a variety of audience and website performance-related purposes, such as calculating the percentage of website users who live in a particular region or to determine which Website pages are visited most frequently.

Specifically, we may collect, process, store, and transfer the following types of personal data from you, as identified by category below:

  • Identity and Contact Data includes first name, last name, username or similar identifier, title, zip code, email address, and/or telephone or cell phone number.
  • Business Information includes information provided in the course of the contractual or client relationship between you or your organization and us, or otherwise voluntarily provided by you or your organization.

·      Transaction Data includes details about products and services you have ordered or purchased.

        ·    Financial and Payment Data including bank account and bank routing numbers, credit card numbers, security codes, expiration dates, and other related billing information. Different payment methods may require the collection of different categories of information. 

Please note that your credit card, banking, and other payment details are not stored on our servers in order to ensure your security.  We use a third party payment processor for all payments made to us. When you transmit your credit card information, you will select a payment method and the third party payment processor will process your payment according to your instructions. PCI-DSS standards are maintained to securely process your cardholder data. 

· Technical Data includes internet protocol (IP) address, your login data, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform, and other technology on the devices you use to access this Website.  To learn more about our use of cookies or similar technologies, please review our Cookies Policy.

·  Profile Data includes your username and password, purchases or orders made by you, your interests, preferences, and feedback.

·  Usage Data includes information about how you use our website, products and services.

· Marketing and Communications Data includes your preferences in receiving marketing from us and our third parties and your communication preferences.

Special Categories of Personal Data

We do not collect any special categories of personal data about you (this includes details about your race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, information about your health, and genetic and biometric data). Nor do we collect any information about criminal convictions and offenses.

If You Fail to Provide Personal Data

Where we need to collect personal data by law, or under the terms of a contract we have with you, and you fail to provide that data when requested, we may not be able to perform the contract we have or are trying to enter into with you (for example, to provide you with goods or services). In such cases, we may have to cancel a product or service you have with us and will notify you if that occurs.

Why Do We Collect Personal Data

We generally collect data from and about you through the following means:

Category

Types of Data and Purpose

Contact Information, Feedback, and Inquiries

When you submit feedback to us, contact us for support, or ask us questions, we collect your name, email address, zip code, telephone or cell phone number, and/or other contact information necessary to respond to your feedback, provide support, or answer your question.

User Account Information

When you register with our Website, we collect your contact information and ask if you would like to submit other identifying information and demographic information (i.e., geographic location). We do this in order to provide you with password-protected access to the account you requested and allow you to maintain your account profile and access certain interactive Website features.

Business Information

When you seek services from us in the course of our contractual or customer relationships between you and/or your organization, we collect business contact information and other personal information in order to provide you with the products and services you have requested.

Payments

If you choose to order or purchase products or services from us, we will collect certain information from you, including financial and payment data submitted by you via our third party processor, necessary to authorize, process, and fulfill your order or purchase.

Cookies

When you visit our Website, we may collect cookies and use similar technologies to, among other things, provide you with a more personal and interactive experience on our Website, to improve our behavior-based advertising efforts, and for website usage analytics. This means that a third party may use technology (e.g., a cookie) to collect information about your use of our website so that they can provide advertising about products and services tailored to your interests. That advertising may appear either on our websites, or on other websites (e.g., social media platforms, search engines, etc.).

You can opt-out of receiving advertising based upon your browsing behavior from some network advertising companies by going to the Network Advertising Initiative (https://www.networkadvertising.org/) and the Digital Advertising Alliance (https://digitaladvertisingalliance.org/) websites. See our Cookies Policy for more information.

Email Interconnectivity

If you receive email communications from us, we may use certain tools to capture data related to when you open our messages, click on hyperlinks or banners it may contain, and make purchases. We use this information to enhance and support our marketing and sales operations.

Employment

If you apply for a job through our Website, or become our employee, we collect personal information necessary to process your application or employment. This may include, among other things, your contact information, social security number, employment history, etc.

Mailing Lists, Newsletters, and Marketing

When you sign up for one of our mailing lists, newsletters, or other marketing lists, we collect your contact information, such as your full name and email address, when necessary to contact you in the way(s) that you request.

Events and Conferences

When you sign up for or attend an event or conference hosted or sponsored by us, we collect contact and payment information necessary to support your attendance at the event and conference and its programs, as well as arrange travel and accommodations, as requested by you.

Mobile Devices

We may collect information from your mobile device such as unique identifying information broadcast from your device or hardware and software specifications.

Surveys, Questionnaires, Social Media

When you submit a survey, questionnaire, contest entry, or similar form by using the Website, social media, or other online survey tools and platforms accessible via our Website, we or third parties operating those tools, platforms, or social media websites may collect your social media handle or profile, or any other identifier that you use to be contacted online or offline. This information may also include personally identifiable and business information, but only to the extent that you voluntarily provide it to us.

Sensitive Personal Information

We do not collect sensitive personal information from you. In the event we inadvertently receive sensitive personal information from you, without your consent or a lawful basis to store it, we will promptly delete it.

*Note: The above list contains examples of information we may have concerning you and it does not necessarily mean that we do hold this information about you.

How Do We Use Your Personal Information?

Wherever possible, we seek your express consent before we collect your personal information, especially with regard to our online marketing and advertising activities. The form of consent we seek from you may vary depending on the circumstances and the type of information being requested. When determining the appropriate form of consent, we take into account the sensitivity of the personal information, the reasons we are collecting it, and your reasonable expectations.

When using personal information for a new purpose, we will document that new purpose and ask for consent again.  We will not use your personal information without your consent unless it is either for the same purpose for which the information was originally collected or compiled, consistent with that purpose, or for a purpose that permits disclosure under applicable law.

In addition to the specific categories of data use previously outlined, we may with your express consent and/or under recognized legal grounds, also use your personal information for the following purposes:

  • To provide you with products and services you have requested and to manage our relationship with you, including administering your user account, accounting, auditing, billing and collection and taking other steps necessary to the performance of our business relationship with you;
  • To present and improve Website contact and functionality;
  • To determine user interests, needs, and preferences;
  • To provide notice of changes to our Website or the services we offer or provide through it;
  • To conduct research and analysis;
  • To develop new products and services;
  • To manage and maintain the security of our Website and services;
  • To market our services to you.  We will only provide you with marketing-related information after you have, where legally required to do so, opted in to receive those communications and having provided you with the opportunity to opt-out of such communications at any time. 
  • To comply with our legal and compliance obligations, including maintaining records, performing compliance audits, etc.
  • For insurance purposes;
  • To exercise and defend our legal rights, or to comply with court orders;
  • To respond to requests from public and government authorities;
  • For any other purpose related to and/or ancillary to any of the purposes and uses described in this Policy for which your personal information was provided to us;
  • In any other way we may describe when you provide the information; and
  • For any other purpose to which you have expressly consented.

We may process your personal information in connection with any of the purposes and uses set out in this Policy on one or more of the following legal grounds:

  • because we have a necessary and legitimate interest in doing so to perform the services you have requested, to comply with your instructions or other contractual obligations between you and us;
  • to comply with our legal obligations as well as to keep records of our compliance processes;
  • because our legitimate interests, or those of a third party recipient of your personal information, makes the processing necessary, provided those interests are not overridden by your interests or fundamental rights and freedoms;
  • because you have chosen to publish or display your personal information on a public area of the Website, such as blog or comment area;
  • because it is necessary to protect your vital interests;
  • because it is necessary in the public interest; or
  • because you have expressly given us your consent to process your personal information in a particular manner.

We do not use your personal information for making any automated decisions affecting or creating profiles other than as described above.

Disclosure of Your Personal Information?

We do not sell, rent, or lease your personally identifiable or business information to third parties.  We may, however, share your personal information in the following contexts:

Category

Disclosure Contexts

Affiliates and Entity Changes

We may share your personal information with our affiliates, when necessary to support our business operations. In addition, we may disclose your personal information in the event of a sale or transfer of some or all of our company assets, whether as a going concern or as part of bankruptcy, liquidation, or similar proceeding, in which personal information held by us about our website users is among the assets transferred.

 

Disclosures With Your Consent

We may ask if you would like us to share your personal information with other unaffiliated third parties who are not described elsewhere in this Policy. We will only disclose your personal information in this context with your consent.

Disclosures Without Your Consent

We may disclose your personal information in response to subpoenas, warrants, court orders or other legal process, or to comply with relevant laws or regulatory investigations when we believe in good faith that applicable law requires it. We may also share your personal information in order to establish or exercise our legal rights, to defend against a legal claim, to investigate, prevent, or take action regarding possible illegal activities, suspected fraud, safety of person or property or a violation of our Terms of Use.

Third Parties

We may provide personal information about you to third parties that offer products and services specifically requested by you.

Service Providers

We may share your personal information with our service providers. Among other things, service providers may help us to administer the Website, support our provision of services requested by you, provide technical support, send marketing, promotions and communications to you about our services, payment processing (which requires the use of financial data submitted by you upon payment), and other legitimate purposes permitted by law.

Aggregated Data

We may disclose aggregated information about our users, and information that does not identify any specific individual, such as groupings of demographic data and customer preferences, for new product and marketing development.

 

How Long Do We Store Your Personal Information?

We will retain your personal information as needed to fulfill the purposes for which it was collected.  We will retain and use your personal information as long as necessary to comply with our business requirements, legal obligations, resolve disputes, protect our assets, provide our services, and enforce our agreements.

When we no longer have a purpose to retain your personal information, we will security destroy your personal information in accordance with applicable law and our policies. We take reasonable steps to delete the personal information we collect if your registration to use our Website lapses and you opt out of receiving further communications from us, or if you ask us to delete your information, unless we determine that doing so would violate our existing, legitimate legal, regulatory, dispute resolution, contractual, or similar obligations.  We may retain and use anonymous and aggregated information for performance reporting, benchmarking, and analytic purposes and for product and service improvement.

Choices

If you no longer wish to receive communications from us via email, you may opt-out by contacting us at info@chronicdisease.org and provide the name of the service for which information was provided, your full name, email address, zip code, and telephone or cell phone number, so that we may identify you in the opt-out process. Once we receive your instruction, we will promptly take corrective action.

Security

We have put in place reasonable and appropriate security measures to protect the personal information that you share with us from being accidentally lost, used or accessed in an unauthorized manner, altered or disclosed.  While our security measures seek to protect your personal information in our possession, no security system is perfect and we cannot promise that your personal information will remain absolutely secure in all circumstances.

The safety and security of your personal information also depends on you. Where you use a password for access to restricted parts of the Website, you are responsible for keeping the password confidential.  Do not share your password with anyone.

If a security breach causes an unauthorized intrusion into our Website or systems that compromises your data, we will notify you and any applicable regulator when we are required to do so by applicable law.

Updating Your Personal Information

If any of the personal information you have provided to us changes, please let us know.  For instance, if your email changes, you wish to cancel any request you have made of us, or if you become aware of inaccurate personal information about you, use our "Contact Us" details provided at the end of this Policy to update your information. You may also edit your account details if you have a user account through our Website.

We are not responsible for any losses arising from any inaccurate, inauthentic, deficient or incomplete personal data that you provide to us.

Your Rights To Access And Control Your Personal Information

Please use the "Contact Us" details at the end of this Policy to exercise your rights and choices under this Policy. 

Right of Access.  If required by law (e.g., under the GDPR), upon request, we will grant reasonable access to the personal information that we hold about you. 

Accuracy.  Our goal is to keep your personal information accurate, current and complete.  Please contact us if you believe your information is not accurate or changes. 

Right to Object. In certain circumstances, as permitted under applicable law, you have the right to object to processing of your personal information and to ask us to erase or restrict our use of your personal information.  If you would like us to stop using your personal information, please contact us, and we will let you know if are able to agree to your request.

Right to Erasure and Deletion of Your Personal Information. You may have a legal right (for instance, if you are located in the EU, the EEA, or the UK) to request that we delete your personal information when it is no longer necessary for the purposes for which it was collected, or when, among other things, your personal information has been unlawfully processed.  All deletion requests should be sent to the address noted in the "Contact Us" section of this Policy. 

We may decide to delete your personal information if we believe it is incomplete, inaccurate or that our continued storage of your personal information is contrary to our legal obligations or business objectives.  When we delete personal information, it will be removed from our active servers and databases and our Site, but residual information, such as access logs or other records, may remain in our archives when it is not practical or possible to delete it.  The residual information will not be used for commercial purposes. We may also retain your personal information as needed to comply with our legal obligations, resolve disputes, or enforce any agreements.

Right to Withdraw Consent.  If you have provided your consent to the collection, processing and transfer of your personal information, you have the right to fully or partially withdraw your consent.  To withdraw your consent, please notify us using the information in the "Contact Us" section of this Policy and you may follow opt-out links on any marketing communications sent to you. 

Once we have received notice that you have withdrawn your consent, in whole or in part, we will no longer process your information for the purpose(s) to which you originally consented and have since withdrawn unless there are compelling legitimate grounds for further processing that override your interests, rights and freedoms or for the establishment, exercise or defense of legal claims. 

Withdrawal of consent to receive marketing communications will not affect the processing of personal information for the provision of our services.

Right to Complain. If you believe that your rights relating to your personal information have been violated, or we have not processed your personal information in accordance with applicable Data Protection Laws, you have a right to lodge a complaint with your local data protection authority, your applicable supervisory or enforcement authority (if you are a resident of the EU, the EEA, or the UK), or seek a remedy through the courts. 

We would appreciate it, however, if you would first give us an opportunity to address your complaint by making use of the "Contact Us" section that appears at the end of this Privacy Policy.

Online Tracking. We do not currently recognize browser settings or signals of tracking preferences, which may include "Do Not Track" instructions.  Do Not Track" is a web browser setting that seeks to disable the tracking of individual users’ browsing activities.  It is a standard that is currently under development. We do not currently respond to “Do Not Track” signals.

California Residents. California residents may be entitled under California Civil Code Section 1798.83 to ask us for a notice describing what categories of personal information (if any) we share with third parties or affiliates for those parties to use for direct marketing.  If you are a California resident and would like a free copy of such notice, please submit a written request to us using the information in the “Contact Us” section of this Policy.

Cross Border Transfers of Personal Information

We are located and established in the United States of America and, therefore, your personal information may be transferred to, stored or processed in the United States by us and/or our domestic affiliates, service providers, and other third parties described in this Policy.  While the data protection, privacy and other laws of the United States might not be as comprehensive as those in your country, we take necessary and appropriate steps to protect the privacy and security and privacy of your personal information.  By using our Website or requesting services from us, you understand and consent to the collection, storage, processing and transfer of your information to our facilities in the United States and those third parties with whom we share it as described in this Policy.

Residents of the EU, the EEA, or the UK. When storing, hosting, or otherwise processing your information (including personal data), we may send such data outside of the European Union (EU), the European Economic Area (EEA), or the UK. When we transfer information to the United States of America or other countries, we do so for the purposes set forth in this Privacy Policy and in accordance with applicable law.  We rely on recognized legal bases to lawfully conduct cross-border/international transfers of personal information outside of the EU, the EEA, or the UK, such as your express informed consent to do so (as noted above), when transfer is necessary for us to deliver services pursuant to an agreement between us and you, or when the transfer is subject to safeguards that assure the protection of your personal information, such as the European Commission’s approved standard contractual clauses.

Links To Other Sites

This Website may contain links to, media, and/or other content from, external, third party websites.  Because of the dynamic media capabilities of the Website, it may not be clear to you which links are to the Website and which are to external, third party websites who we do not control.  If you click on an embedded third-party link, media, or content feature, you may be redirected away from this Website.  You can check the URL to confirm that you have left this Website. 

We cannot and do not (i) guarantee the adequacy of the privacy and security practices, content, or media provided by third parties or their websites, (ii) control third parties’ independent collection or use or your personal information, or (iii) endorse any third party information, products, services or websites that may be reached through embedded links on this Website.

Any personal information provided by you or automatically collected from you by a third party will be governed by that party’s privacy policy and terms of use.  If you are unsure whether a website is controlled, affiliated, or managed by us, you should review the privacy policy and practices applicable to each linked website.

Children

The Children's Online Privacy Protection Act ("COPPA"), as well as other data privacy regulations, restrict the collection, use, or disclosure of personal information from and about children on the internet.  Our Website and the services are not directed to children aged 18 or younger, nor is information knowingly collected from children under the age of 18.  No one under the age of 18 may access, browse, or use the Website or provide any information to or on the Website.  If you are under 18, please do not use or provide any information on the Website.  If we learn that we have collected or received personal information from a child under the age of 18 without a parent's or legal guardian's consent, we will take steps to stop collecting that information and delete it.

For more information about COPPA, please visit the Federal Trade Commission's website at: https://www.ftc.gov/enforcement/rules/rulemaking-regulatory-reform-proceedings/childrens-online-privacy-protection-rule.

Changes to our Privacy Policy

We reserve the right to update and change this Policy from time to time in order to reflect any changes to the way in which we treat your personal information or in response to changes in law.  Should the Online Privacy Policy change, we will post all changes we make to this Policy on this page.  if we make material changes to how we treat your personal information, we will also notify you through a notice posted prominently on our the home page of our website for a reasonable period of time.  The date this Policy was last revised is identified at the top of this Policy.

Contact Us

For more information, or if you have questions or concerns regarding this Privacy Policy, wish to access or update any personal information we hold about you, or wish to lodge a complaint with us about how we have handled your personal information, you may contact us by any of the methods below and we will do our best to assist you:

National Association of Chronic Disease Directors

325 Swanton Way

Decatur, GA 30030

 Email:  info@chronicdisease.org

Monday through Friday between 8 a.m. and 4:30 p.m. (EST)

National Association of Chronic Disease Directors
325 Swanton Way
Decatur, GA 30030
info@chronicdisease.org
Hours of Operation: Mon. - Fri., 8 a.m. - 4:30 p.m.

This website uses cookies to store information on your computer. Some of these cookies are used for visitor analysis, others are essential to making our site function properly and improve the user experience. By using this site, you consent to the placement of these cookies. Click Accept to consent and dismiss this message or Deny to leave this website. Read our Privacy Statement for more.