TI Health Privacy Policy

Last Updated: April 16, 2020

The purpose of this privacy statement is to inform you about the types of information (personal, behavioral, etc.) we might collect about you including but not limited to when you visit our websites  (the “Our Sites”) that are owned and operated by Halyard MD Opco, LLC, d/b/a TI Health and/or our Affiliates (“TI Health”, “we,” “our,” or “us”) and how we may use that information.

What Information Do We Collect?

• We may collect certain personally identifiable information (“PII”) and other personal information you voluntarily submit as part of your registration/login into Our Sites or your choice to opt-in to any marketing campaigns or other links to Our Sites whether through emails or other communications sent by TI Health . The types of PII we may collect include your name, email address, device ID, telephone number and other similar contact data. This information may be combined with information already in our possession or made available to us through United States federal and state medical professional databases, other files we are licensed to receive, and/or information we obtain from other sources. We may also collect information as a result of your interaction with any of Our Sites, a TI Health owned and operated newsletter, or any communication received directly or indirectly from us, partner sites, or partner mobile applications. This means we may collect information from you through multiple locations, not just the initial one of Our Sites through which you register. We do not, however, collect any sensitive PII, such as sexual orientation or mental health conditions.
• We may capture certain device identified information (“DII”) based on your usage, device and location information automatically on or through one or more of Our Sites, partner sites, or partner mobile applications, regardless of whether you provide us with personal information. This information DII may include your device and/or network information (e.g., Internet protocol (IP) address, user agent strings, device identification number (e.g., IMEI), mobile ad identifiers (e.g., IDFA, Google AdID), geolocation data, browser type, page access history, linking information, click stream data, page visits, page views, and/or website log files). We do not collect any precise location information without your opt-in consent. If we identify that you are accessing Our Sites through multiple devices, we will associate each such device with your profile.
• We will use operational data (e.g., cookies, log files, clear GIFs, pixels and/or similar devices, standard header data) to identify our users and their device(s) in order to track our users’ interactions with Our Sites and communications; we use this operational data to enhance certain activities available on Our Sites or applications. You can remove or reject persistent cookies by following the directions provided in your Internet browser’s “Help” file. If you remove a persistent cookie, you may be requested to reregister or log in again upon returning to Our Sites or when opting-in to any of our other campaigns via email or newsletters. If you reject persistent cookies, the functionality of Our Sites or other communications (like our newsletters), or any part thereof, may be impaired or unavailable.

How Do We Use Your Information?

We may use the information we collect from you in the following ways:

• To identify and verify your professional medical status by checking your information against the information we acquire from third parties or public sources, including those made available by the AMA, NPI , and/or state licensing boards.
• To personalize and enhance your experience while interacting with Our Sites, partner sites, or partner mobile applications and applications..
• To deliver the type of content and services that we believe may be of interest to you, including emails, newsletters, alerts, and advertising targeted to your professional experience and/or interests, based on your professional activities and/or other information we possess.
• To monitor usage and interaction statistics on Our Sites and/or through responses to our communications.
• To establish your online account and authenticate you during a registration or login to any of Our Sites or our other communications.
• To allow us to respond quickly and efficiently to your questions and your requests for information.
• To administer a contest, promotion, survey, or other feature.
• To send you advertising, information and/or promotional material geared to your profession. If you would no longer like to receive promotional email communications from us, please refer to the “How Can You Manage Your Email and Mobile Marketing Preferences” section below.
• To share your response information to our communications with the sponsor(s) of the professionally relevant program with which you interact.
• To disclose your information to the extent permitted by law, as described more fully below.
• To conduct Audience-Matched Advertising to associate offline data with online data.
• To perform Cross-Device Linking to ensure you receive relevant information across all your devices.

How Do We Protect Personal Information?

Although we cannot guarantee the security of personal information that is transmitted over the Internet or stored on Our Sites, we have established and implemented reasonable physical, electronic, and administrative procedures designed to safeguard and secure the personal information we collect and maintain online. We protect your transactions involving your PII over the Internet using Secure Sockets Layer (SSL) technology. We restrict access to your PII in our database to our authorized employees, our agents, and certain of our authorized partners.

Please note that we do not have any control over or responsibility for information you share about yourself on or through any websites outside of Our Sites; including any third-party websites accessed or linked through Our Sites. All such sharing of information and content is done at your own risk. Any concerns over the sharing of information on or with a particular website not owned by TI Health should be handled by dealing directly with that website.

We are a member of NAI and we voluntarily comply with the NAI Code of Conduct, you may opt out of any contact from us by contacting us below or through the NAI at https://optout.networkadvertising.org/.

Retention 

We may retain information collected by TI Health for a period of twenty-four (24) months or the minimum required time period defined by law where applicable. Information retained may include, but not limited to, device and operational information through such as mobile ad identifiers (e.g., IDFA, Google AdID) and cookies.

Children’s Privacy

Our Sites, applications, and services are not intended for use by children under the age of thirteen (13). We will not knowingly collect any personal information from users under the age of thirteen (13) online through Our Sites. If you think that we have collected personal information from a visitor under the age of thirteen (13), please contact us at us privacy@tihealth.com.

Do We Disclose the Information We Collect to Outside Parties?

Except as provided for in this Privacy Policy, we will not sell, trade, or otherwise transfer your PII to third parties. We may use your information without advance notice, including our right to disclose to trusted third parties, in the following circumstances:

• Provision of Information. Because some of our programs are targeted toward medical professionals only, advertisers or agencies have asked us to restrict access to certain information, products, and services to medical professionals only. To ensure that we are delivering the information, products, and services as may be required by law, we may be required to disclose your information with third-party sources to meet legal requirements (e.g., Certified Medical Education and PDMA) and determine your eligibility to receive the materials.
• Subsidiaries and Affiliates. We may transfer PII to our subsidiaries and corporate affiliates.
• Website Consultants and Service Providers. We may disclose personal information to third-party consultants and service providers (e.g., hosting/support/maintenance providers, third-party payment processing agencies, and remedial/repair services) to the extent that they require such access in order to perform services for us. We require all such third party providers to comply with privacy terms equivalent to this Privacy Policy.
• Third-Party Advertising. We typically do not provide PII to any third party for marketing/advertising purposes but may disclose for internal analytics and user targeting confirmation only. We may disclose information about you to third parties, such as a TI Health ID tied to a unique record, an NPI or email address, so that these parties may verify that our programs were targeting specific users on target list or specialty programs.
• Enforcement of Rights/Security. We reserve the right to release personal information (i) when we are under legal compulsion to do so (e.g., we have received a subpoena) or we otherwise believe that the law requires us to do so; (ii) when we believe it is necessary to protect and/or enforce the rights, property interests, or safety of TI Health, Our Sites, our users, clients, or others; or (iii) as we deem necessary to resolve disputes, troubleshoot problems, prevent fraud, and otherwise enforce the Privacy Policy and other Terms of Use.
• Reorganization or Sale of the Company. In the event that we are merged with or become part of another organization, we are sold, we sell all – or substantially all – of our assets, or we are otherwise reorganized, all of our information, including your information may be one of the transferred assets to the acquiring or reorganized entity.
• As Otherwise Allowed by Law. We may transfer personal information to third parties where we are expressly authorized or required by applicable law to do so.
• Disclosure of Pseudonymous Information. In addition to you providing us with PII, you may also provide us with, or we may otherwise acquire non-PII or Pseudonymous information (i.e., information which does not personally identify you). We reserve the right to use and/or disclose such non-PII as we choose, including to third parties, for any reason (e.g., marketing and advertising).  This includes information that has been de-identified.
• Aggregated Information. We may aggregate information that you provide or is otherwise collected from or about you with information provided by other individuals in such a manner that the information is not personally identifiable or pseudonymous to you. Once such information is non-PII or pseudonymous, we reserve the right to use and/or disclose such non-PII as we choose, including to third parties, for any reason (e.g., marketing and advertising).
• Sponsors. We may share your voluntary responses to communications with the sponsor(s) of the professionally relevant program with which you interact.

How Do I Ask Questions and Provide Feedback Regarding Privacy?

We welcome your questions, comments, and concerns about privacy. Please contact us at privacy@tihealth.com with any questions or comments you may have regarding this Privacy Policy or the privacy of your information.

Where We Store and Process Personal Data

Personal data collected by us may be stored and processed in your region, in the United States, or in any other country where we or our service providers maintain facilities. Generally, the primary storage location is in the United States, however, unless otherwise requested by our clients, backups made from locations within the European Economic Area remain within the European Economic Area.  The storage location(s) are chosen in order to operate efficiently, to improve performance, and to create redundancies in order to protect the data in the event of an outage or other problem. We take steps to ensure that the data we collect under this Privacy Policy is processed according to the provisions of Privacy Policy and the requirements of applicable law wherever the data is located.

We may transfer personal data from the European Economic Area and Switzerland to other countries, some of which have not been determined by the European Commission to have an adequate level of data protection. When we do, we use a variety of legal mechanisms, including contracts, to help ensure your rights and protections travel with your data; such contracts will conform to the standard clauses specified under the GDPR and we will remain liable for the protection of such personal data.  

Privacy Shield

We are committed to and complies with the EU-U.S. Privacy Shield Framework and Swiss-U.S. Privacy Shield Framework as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal information transferred from the European Union and Switzerland to the United States. We have self-certified to the Department of Commerce that we adhere to the Privacy Shield Principles. If third-party agents process personal data on our behalf in a manner inconsistent with the principles of either Privacy Shield framework, we remain liable unless we prove we are not responsible for the event giving rise to the damage. 

If there is any conflict between the terms in this Privacy Policy and the Privacy Shield Principles, the Privacy Shield Principles shall govern. To learn more about the Privacy Shield program, and to view our certification, please visit www.privacyshield.gov.

In compliance with the Privacy Shield Principles, TI Health commits to resolve complaints about our collection or use of your personal information.  EU and Swiss individuals with inquiries or complaints regarding our Privacy Shield policy should first contact us at privacy@tihealth.com. If you have an unresolved privacy or data use concern that we have not addressed satisfactorily, please contact our U.S.-based third party dispute resolution provider (free of charge) at https://feedback-form.truste.com/watchdog/request.