TI Health Privacy Policy

Last Updated: April 16, 2020

The purpose of this privacy statement is to inform you about the types of information (personal, behavioral, etc.) we might collect about you including but not limited to when you visit our websites  (the “Our Sites”) that are owned and operated by Halyard MD Opco, LLC, d/b/a TI Health and/or our Affiliates (“TI Health”, “we,” “our,” or “us”) and how we may use that information.

BY VISITING OUR SITES or SUBMITTING REGISTRATION OR LOGIN INFORMATION TO ANY OF OUR SITES, YOU AGREE TO BE BOUND BY THIS PRIVACY POLICY, TI HEALTH ACCEPTABLE USE POLICY, TI HEALTH TERMS AND CONDITIONS, AND ANY RELATED TERMS OF USE (COLLECTIVELY “TERMS OF USE”). YOUR USE OF OUR SITES IS SUBJECT TO THIS PRIVACY POLICY AND YOUR CONTINUED USE INDICATES THAT YOU HAVE READ, UNDERSTAND, AND AGREE TO THE SAME. IF YOU DO NOT AGREE TO BE SO BOUND, DO NOT VISIT OR LOG IN TO OUR SITES OR LOG IN AS A GUEST.

We reserve the right to modify this Privacy Policy, or any site-specific addendum hereto, at any time without notice. For example, we do not need to provide notification if we modify our practices regarding the collection or use of information. We will revise our “Last Updated” date to reflect any revisions to this Privacy Policy. Your continued use of Our Sites after any such revision shall constitute your consent to be bound by such revised Privacy Policy.

What Information Do We Collect?

• We may collect certain personally identifiable information (“PII”) and other personal information you voluntarily submit as part of your registration/login into Our Sites or your choice to opt-in to any marketing campaigns or other links to Our Sites whether through emails or other communications sent by TI Health . The types of PII we may collect include your name, email address, device ID, telephone number and other similar contact data. This information may be combined with information already in our possession or made available to us through United States federal and state medical professional databases, other files we are licensed to receive, and/or information we obtain from other sources. We may also collect information as a result of your interaction with any of Our Sites, a TI Health owned and operated newsletter, or any communication received directly or indirectly from us, partner sites, or partner mobile applications. This means we may collect information from you through multiple locations, not just the initial one of Our Sites through which you register. We do not, however, collect any sensitive PII, such as sexual orientation or mental health conditions.
• We may capture certain device identified information (“DII”) based on your usage, device and location information automatically on or through one or more of Our Sites, partner sites, or partner mobile applications, regardless of whether you provide us with personal information. This information DII may include your device and/or network information (e.g., Internet protocol (IP) address, user agent strings, device identification number (e.g., IMEI), mobile ad identifiers (e.g., IDFA, Google AdID), geolocation data, browser type, page access history, linking information, click stream data, page visits, page views, and/or website log files). We do not collect any precise location information without your opt-in consent. If we identify that you are accessing Our Sites through multiple devices, we will associate each such device with your profile.
• We will use operational data (e.g., cookies, log files, clear GIFs, pixels and/or similar devices, standard header data) to identify our users and their device(s) in order to track our users’ interactions with Our Sites and communications; we use this operational data to enhance certain activities available on Our Sites or applications. You can remove or reject persistent cookies by following the directions provided in your Internet browser’s “Help” file. If you remove a persistent cookie, you may be requested to reregister or log in again upon returning to Our Sites or when opting-in to any of our other campaigns via email or newsletters. If you reject persistent cookies, the functionality of Our Sites or other communications (like our newsletters), or any part thereof, may be impaired or unavailable.

How Do We Use Your Information?

We may use the information we collect from you in the following ways:

• To identify and verify your professional medical status by checking your information against the information we acquire from third parties or public sources, including those made available by the AMA, NPI , and/or state licensing boards.
• To personalize and enhance your experience while interacting with Our Sites, partner sites, or partner mobile applications and applications..
• To deliver the type of content and services that we believe may be of interest to you, including emails, newsletters, alerts, and advertising targeted to your professional experience and/or interests, based on your professional activities and/or other information we possess.
• To monitor usage and interaction statistics on Our Sites and/or through responses to our communications.
• To establish your online account and authenticate you during a registration or login to any of Our Sites or our other communications.
• To allow us to respond quickly and efficiently to your questions and your requests for information.
• To administer a contest, promotion, survey, or other feature.
• To send you advertising, information and/or promotional material geared to your profession. If you would no longer like to receive promotional email communications from us, please refer to the “How Can You Manage Your Email and Mobile Marketing Preferences” section below.
• To share your response information to our communications with the sponsor(s) of the professionally relevant program with which you interact.
• To disclose your information to the extent permitted by law, as described more fully below.
• To conduct Audience-Matched Advertising to associate offline data with online data.
• To perform Cross-Device Linking to ensure you receive relevant information across all your devices.

How Do We Protect Personal Information?

Although we cannot guarantee the security of personal information that is transmitted over the Internet or stored on Our Sites, we have established and implemented reasonable physical, electronic, and administrative procedures designed to safeguard and secure the personal information we collect and maintain online. We protect your transactions involving your PII over the Internet using Secure Sockets Layer (SSL) technology. We restrict access to your PII in our database to our authorized employees, our agents, and certain of our authorized partners.

Please note that we do not have any control over or responsibility for information you share about yourself on or through any websites outside of Our Sites; including any third-party websites accessed or linked through Our Sites. All such sharing of information and content is done at your own risk. Any concerns over the sharing of information on or with a particular website not owned by TI Health should be handled by dealing directly with that website.

We are a member of NAI and we voluntarily comply with the NAI Code of Conduct, you may opt out of any contact from us by contacting us below or through the NAI at https://optout.networkadvertising.org.

Retention

We may retain information collected by TI Health for a period of twenty-four (24) months or the minimum required time period defined by law where applicable. Information retained may include, but not limited to, device and operational information through such as mobile ad identifiers (e.g., IDFA, Google AdID) and cookies.

Children’s Privacy

Our Sites, applications, and services are not intended for use by children under the age of thirteen (13). We will not knowingly collect any personal information from users under the age of thirteen (13) online through Our Sites. If you think that we have collected personal information from a visitor under the age of thirteen (13), please contact us at us privacy@tihealth.com.

Do We Disclose the Information We Collect to Outside Parties?

Except as provided for in this Privacy Policy, we will not sell, trade, or otherwise transfer your PII to third parties. We may use your information without advance notice, including our right to disclose to trusted third parties, in the following circumstances:

• Provision of Information. Because some of our programs are targeted toward medical professionals only, advertisers or agencies have asked us to restrict access to certain information, products, and services to medical professionals only. To ensure that we are delivering the information, products, and services as may be required by law, we may be required to disclose your information with third-party sources to meet legal requirements (e.g., Certified Medical Education and PDMA) and determine your eligibility to receive the materials.
• Subsidiaries and Affiliates. We may transfer PII to our subsidiaries and corporate affiliates.
• Website Consultants and Service Providers. We may disclose personal information to third-party consultants and service providers (e.g., hosting/support/maintenance providers, third-party payment processing agencies, and remedial/repair services) to the extent that they require such access in order to perform services for us. We require all such third party providers to comply with privacy terms equivalent to this Privacy Policy.
• Third-Party Advertising. We typically do not provide PII to any third party for marketing/advertising purposes but may disclose for internal analytics and user targeting confirmation only. We may disclose information about you to third parties, such as a TI Health ID tied to a unique record, an NPI or email address, so that these parties may verify that our programs were targeting specific users on target list or specialty programs.
• Enforcement of Rights/Security. We reserve the right to release personal information (i) when we are under legal compulsion to do so (e.g., we have received a subpoena) or we otherwise believe that the law requires us to do so; (ii) when we believe it is necessary to protect and/or enforce the rights, property interests, or safety of TI Health, Our Sites, our users, clients, or others; or (iii) as we deem necessary to resolve disputes, troubleshoot problems, prevent fraud, and otherwise enforce the Privacy Policy and other Terms of Use.
• Reorganization or Sale of the Company. In the event that we are merged with or become part of another organization, we are sold, we sell all – or substantially all – of our assets, or we are otherwise reorganized, all of our information, including your information may be one of the transferred assets to the acquiring or reorganized entity.
• As Otherwise Allowed by Law. We may transfer personal information to third parties where we are expressly authorized or required by applicable law to do so.
• Disclosure of Pseudonymous Information. In addition to you providing us with PII, you may also provide us with, or we may otherwise acquire non-PII or Pseudonymous information (i.e., information which does not personally identify you). We reserve the right to use and/or disclose such non-PII as we choose, including to third parties, for any reason (e.g., marketing and advertising).  This includes information that has been de-identified.
• Aggregated Information. We may aggregate information that you provide or is otherwise collected from or about you with information provided by other individuals in such a manner that the information is not personally identifiable or pseudonymous to you. Once such information is non-PII or pseudonymous, we reserve the right to use and/or disclose such non-PII as we choose, including to third parties, for any reason (e.g., marketing and advertising).
• Sponsors. We may share your voluntary responses to communications with the sponsor(s) of the professionally relevant program with which you interact.

How Do I Ask Questions and Provide Feedback Regarding Privacy?

We welcome your questions, comments, and concerns about privacy. Please contact us at privacy@tihealth.com with any questions or comments you may have regarding this Privacy Policy or the privacy of your information.

What Are Your Rights?

You may have certain rights under federal or state laws and regulations in the event that we have any personally identifiable information about you. You may contact us at any time with regards to your rights. Under applicable law, you may have the right to request that we:

• Provide a detailed explanation regarding the personal information we have collected about you and how we use that information.
• Receive a copy of the personal information we have collected about you.
• Request correction of any inaccurate personal information that we have about you.
• Erase or delete any of your personal information.
• Request to opt-out of certain marketing communication from us. You may request to opt-out by contacting us below or visiting https://optout.networkadvertising.org.
• You can make these requests by contacting us at privacy@tihealth.com.

You may also easily manage your marketing preferences by not providing information to us. However, to the extent that you choose to provide your PII to us, to a TI Health client, you can opt out of having your PII used for certain purposes.

When conducting browser based opt out, it is necessary to perform the opt out activity on each browser or device you which to opt out from TI Health advertising.

• You may opt out of receiving email communications by following the method stated in the privacy policy, or by utilizing the opt-out mechanism found in each email sent by us or a verified third-party sending emails on our behalf to you. This will remove you from the email list or the website registration list and/or the sponsor of the communication.
• You may reset your advertising ID, see your device settings for how to reset this Ad ID.
• In addition, you may remove the email pixels that may track you and communicate information to us so long as they appear in the image cache of your Internet browser. You may remove the pixels simply by deleting the cache in which the pixel is stored.
• You may delete cookies by opening your browser’s “Internet Options” folder and making the appropriate selections.
• If you are unsure of how to clean your cache or delete cookies, locate the “Help” function in the browser menu. Entering in the search bar “clean cache” and “delete browser cookies” will return instructions specific to your browser.

Where We Store and Process Personal Data

Personal data collected by us may be stored and processed in your region, in the United States, or in any other country where we or our service providers maintain facilities. Generally, the primary storage location is in the United States, however, unless otherwise requested by our clients, backups made from locations within the European Economic Area remain within the European Economic Area.  The storage location(s) are chosen in order to operate efficiently, to improve performance, and to create redundancies in order to protect the data in the event of an outage or other problem. We take steps to ensure that the data we collect under this Privacy Policy is processed according to the provisions of Privacy Policy and the requirements of applicable law wherever the data is located.

We may transfer personal data from the European Economic Area and Switzerland to other countries, some of which have not been determined by the European Commission to have an adequate level of data protection. When we do, we use a variety of legal mechanisms, including contracts, to help ensure your rights and protections travel with your data; such contracts will conform to the standard clauses specified under the GDPR and we will remain liable for the protection of such personal data.

Privacy Shield

We are committed to and complies with the EU-U.S. Privacy Shield Framework and Swiss-U.S. Privacy Shield Framework as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal information transferred from the European Union and Switzerland to the United States. We have self-certified to the Department of Commerce that we adhere to the Privacy Shield Principles. If third-party agents process personal data on our behalf in a manner inconsistent with the principles of either Privacy Shield framework, we remain liable unless we prove we are not responsible for the event giving rise to the damage.

If there is any conflict between the terms in this Privacy Policy and the Privacy Shield Principles, the Privacy Shield Principles shall govern. To learn more about the Privacy Shield program, and to view our certification, please visit www.privacyshield.gov.

In compliance with the Privacy Shield Principles, TI Health commits to resolve complaints about our collection or use of your personal information.  EU and Swiss individuals with inquiries or complaints regarding our Privacy Shield policy should first contact us at privacy@tihealth.com. If you have an unresolved privacy or data use concern that we have not addressed satisfactorily, please contact our U.S.-based third party dispute resolution provider (free of charge) at https://feedback-form.truste.com/watchdog/request.

Industry Self-Regulation

TI Health supports industry self-regulation, and endorses best practices and self-regulatory requirements that apply to our business. TI Health is a member in good standing of the Network Advertising Initiative (“NAI”) and adheres to the NAI Code of Conduct for Web and Mobile.