The Wyanoke Group Privacy Policy
Updated November 21, 2024
Our Privacy Policy
This Privacy Policy (“Privacy Policy”) discloses the privacy practices for The Wyanoke Group, Healio, Healio Strategic Solutions, Healio Live, Vindico Medical Education, SLACK Incorporated or any website within The Wyanoke Group’s network. Within this policy, these organizations might sometimes be referred to as “We,” “Our” or “Us”; users or customers of the websites might be referred to as “You” or “Your” or “Their.”
The Wyanoke Group and its subsidiary companies of Healio, Healio Strategic Solutions, Healio Live, Vindico Medical Education and SLACK Incorporated are committed to protecting the privacy of our visitors and wishes to be transparent in how we handle their personal information. The following privacy policy applies only to information collected on The Wyanoke Group websites or mobile applications where this privacy policy is posted.
Contact Us
If you have any questions or would like more detailed information regarding The Wyanoke Group’s privacy policy, please contact us by email at [email protected].
Information That We Collect
In this section of our Privacy Policy, we discuss the information we may collect about you in connection with your use of The Wyanoke Group’s websites. Please note, that in compliance with the General Data Regulation Policy (“GDPR”), if your IP address identifies you as being from the European Union (EU), we will ask you for your consent to collect this information. Additionally, in compliance with existing various US state legislations, we will ask you for your consent to collect this information. This may be asked multiple times in the event that you access a Wyanoke Group website on multiple devices (tablet, mobile) or erase your cookie history on any device. If you do not consent, your personal information will not be stored. You will still be able to browse the website, but your experience will not be personalized based on your browsing behavior and certain features of the websites may not function as expected. Details of the information we may collect and how it will be utilized can be found below.
Registration. We may request personal information from visitors to our websites who are interested in obtaining various products and services from us. This includes registering to become a user of a Wyanoke Group website and automatically signing you up for potential email correspondence. Personal information is information that can be used to identify or contact you. It includes but is not limited to: log-in credentials (user name, password), name, postal address, email address, NPI number, year of medical school graduation, and telephone number. We may also collect other types of information, such as profession and professional interests, as well as your communication preferences. We will store all personal information in a customer record until you instruct us to remove it from our databases. Registered users of the websites are able to control their communication preferences at any time by accessing the “My Account” page.
We may combine information collected about you with information from third-party sources. For example, upon registration, some health care professionals will be matched against the publicly available NPI Registry to append and include their NPI number to their registration profiles.
Please note that the Network registration/log-in system may be different from the registration/log-in used by the website for other products and services. To the extent that anything in this privacy policy conflicts with the policy for the Network technologies, the conflict will be resolved in favor of protecting our EU users’ personal information.
Anonymous Users. We may collect information about your usage of a Wyanoke Group website whether or not you have registered for it. We collect this information through the use of cookies, which are bits of information that a website sends to your computer while you are viewing a webpage. These items may include:
- The time and date of your request
- The internet address of your computer
- The browser and operating system you are using
- The webpage that you are viewing
- The website that referred you to a Wyanoke Group website
Continuing Medical Education (CME, CNE and CE). In many cases, registration is required to take continuing medical educations tests (or CNE or CE) and to claim your completion certificate(s). You will be asked to provide personal information as required by that particular activity. As with registration, personal information is defined as information that can be used to identify or contact you.
Cookies. The Wyanoke Group’s subsidiary companies collect information through a variety of technical methods, including cookies. We collect information through such technology to make our websites more relevant and useful, and to deliver information about products and services to our users. The Wyanoke Group’s subsidiary companies use third-party marketing services, such as Google, to advertise on third-party websites across the internet. These services use cookies to serve ads to you based on your past visits to a Wyanoke Group website. You may opt out of Google’s use of cookies by visiting Google’s Ads Settings. You may opt out of all of marketing programs of a Wyanoke Group subsidiary company by emailing your name and National Provider Identifier (NPI) number to [email protected]. You may learn more about interest-based advertising and opt out of interest-based advertising from members of the Digital Advertising Alliance (DAA) or the Network Advertising Initiative (NAI). In the event you don’t want to be served ads that are tailored to you, you may “opt out” of many campaigns by going to https://www.aboutads.info, https://preferences-mgr.truste.com/ or https://www.youronlinechoices.eu. If you decide to opt out, you will continue to be served ads, but they will not be served based on your personal internet activity.
The “Help” function in your web browser explains how to manage cookies while using the internet. As previously noted, some services will not function properly if your browser does not accept cookies.
Comments and Forums. When you post a comment on the websites of The Wyanoke Group’s subsidiary companies, your name or username will be displayed. Information that you post will be publicly available and may be used by us and third parties. However, we reserve the right not to post any comments with unsolicited information about medical devices or other products. At no time should a Wyanoke Group website be used to provide medical advice to patients.
Mobile Applications (Apps). To access mobile device applications (apps), you may or may not be required to register. We will collect information about you and your use of our apps in the same way we do on our websites. This may or may not include URLs that have been clicked on, time on our websites and information about the device that you were using when you accessed our websites.
Surveys and Polls. A Wyanoke Group subsidiary company may request feedback regarding your use of our services through polls, educational surveys and other types of market research. We may collect personal information about you when a response is necessary or to fulfill contests, honoraria, giveaways, etc. In surveys that involve an educational component, individuals’ personal information including name, NPI and specialty as well as their responses may be shared with grantors. In other instances, data are collected in aggregate form only.
Widgets. Social media icons, widgets and other sharing buttons may be present on our websites. When you consent to using our websites, please be aware that these widgets may be connected with third-party websites, such as Facebook or Twitter. These sites track your sharing behaviors and identity (through your social media handles) by utilizing cookies. Your interactions with these websites are administrated by the privacy policies of those third parties. Accessing content that is promoted by TrendMD on a Wyanoke Group website is covered by TrendMD’s privacy policy, which monitors usage using primarily anonymized data. For more information on their practices, contact [email protected].
Why we collect this information
We may use the personal information collected for many purposes, including delivering content, tracking, reporting, marketing, delivering ads and analyzing the traffic patterns on our websites. Information we collect is aggregated into reports that enable us to monitor usage and security. Aggregated and individual usage statistics are distributed within The Wyanoke Group’s subsidiary companies to improve website or service performance and deliver relevant educational and promotional content. The Wyanoke Group‘s subsidiary companies may collect and share both aggregated and personally identifiable information tied to IP addresses or cookie information with third parties (including advertisers and institutional subscribers) interested in communicating with you about information or products relevant to your profession.
Personal information such as names, addresses and email addresses may be shared with accredited CME providers in order to award users CME (CNE, CE) credit(s). Names, NPI numbers and specialties of individual users who have interacted with some promotional messages we deliver may be shared with or used with advertisers and sponsors.
The Wyanoke Group and its subsidiary companies do not endorse and are not responsible for the privacy practices or GDPR-compliance of any third-party websites to which it provides the personal information of its users, although we make our best efforts to collaborate only with those who follow Internet/GDPR best practices.
We reserve the right to review the use of our websites by individual user’s accounts associated with 1) attempts to violate the security of our computer networks; 2) activity that degrades the performance of our websites; 3) activity that may be related to copyright violations; or 4) if we are required to disclose this information by law.
The Wyanoke Group and its subsidiary companies may also release personal information to third parties: 1) to comply with valid legal requirements such as a law, regulation, search warrant, subpoena, or court order; or 2) in special cases, such as a physical threat to you or others. In the event that we are legally compelled to disclose your personal information to a third party, we will notify you unless doing so would violate the law or court order.
IQVIA Healthcare Communications Network Participation Disclosure. This website is a member of the IQVIA Healthcare Communications Network (the “HCN”). HCN is owned and managed by IQVIA Inc. (“IQVIA”) and is designed to enable IQVIA and HCN members to provide medically relevant business communications to authenticated U.S.-based health care professionals.
If you are a U.S.-based healthcare professional, your registration at this website includes registration with HCN. As a result, your contact and other professionally relevant information will be disclosed to IQVIA and each HCN member to provide you medically relevant content as described in the HCN privacy policy available at https://HCN.health/privacy-policy/. The HCN privacy policy provides details on how to manage your information, including opting out of participation in the HCN.
To the extent that this site’s privacy policy conflicts with the HCN privacy policy, with respect to the use of this information by HCN, the conflict will be resolved in favor of the HCN policy.
General Linking Information. Please note that some links on our websites, such as advertisements, services, or contextual links may connect to other websites. Any information you disclose on or through those websites is not subject to this privacy policy. The Wyanoke Group and its subsidiary companies do not endorse and are not responsible for the privacy practices or GDPR-compliance of any third-party websites to which we link.
Information Specific to Other Products & Services
For the following items, we will collect personal information that may include but is not limited to your name, address, email, credentials, specialty interests, IP address, date of medical school graduation and credit card information. Braintree Payments and PayPal provide us with an online e-commerce platform that allows you to transmit a credit card number to us with confidence. The Wyanoke Group and its subsidiary companies do not personally store any of your credit card or PayPal information. We will store all other personal information from the transaction, with your consent.
Depending on your payment method, your data is stored through the Braintree Payments or PayPal data storage and databases behind a firewall. Your information is encrypted through the Payment Card Industry Data Security Standard (PCI-DSS).
Complementary Book Requests. In the context of a request for a book comp or desk copy, you may provide personal information, such as the type outlined above, to a Wyanoke Group subsidiary company. The information may be used to provide you and/or your institution with product information by email or direct mail that could be useful to faculty and/or students. You will always have the opportunity to unsubscribe from all e-mail correspondence and can notify us if you wish to be taken off of our mailing list.
Paid Content (Newspapers and Journal Subscriptions, Books) In the context of paid content, regardless of type, you may provide personal information, such as that outlined above, to a Wyanoke Group subsidiary company. You reserve the right to rescind your consent for a Wyanoke Group subsidiary company to store your personal information, without incurring financial penalty. Standard return policies will apply.
Single Article Purchases/Single Journal Purchases. Due to the single-use nature of these content types, an email address is required to be submitted and stored in order to make a purchase.
Live Meetings. When you register to attend a live meeting, you may provide personal information related to the transaction, such as the type outlined above, to a Wyanoke Group subsidiary company and then stored (exception: we do not store credit card information). Regardless of how you register for a meeting (online, phone, print form, in person), we will request all attendees provide consent for us to store personal information so we can manage your transaction, continue to update you on information relevant to the meeting as well as prepare your pre/post/onsite meeting experiences.
Healio Jobs. Healio Jobs is powered by a third-party firm. Please see their privacy policy to learn more about how your personal information may or may not be used.
Controlling the Use of Your Personal Information
Under GDPR, and various US State legislations, we respect the rights of our users to obtain information on how we store and access the personal information we hold about them. They may amend and/or delete personal information at any time. Some of these rights may be subject to some exceptions or limitations. We will respond to the request to exercise these rights within a reasonable timeframe. Other rights users of The Wyanoke Group websites may be eligible for include:
Right of Portability. For users whose IP addresses are located in the EU or the United States of America who request to see how their information has been used, whether it is for amending, deleting or for informational purposes, we will provide it to you upon request in an easy-to-read, transmittable format within 30 days of the request.
Unsubscribe/Right to Be Forgotten. If at any time you wish to stop receiving marketing or content communications from us, you may unsubscribe at the bottom of your email(s) or contact The Wyanoke Group and its subsidiary companies at [email protected].
According to your rights under Article 17 of the GDPR, and in compliance with various US State legislations, if you wish to entirely opt out of having your personal information utilized by our websites, you may contact us and we will purge this information from our databases, cease its dissemination and, to the best of our ability, notify all third parties who have been provided with your information that your right to be forgotten and/or erased has been exercised. To exercise your data rights, please use the button below.
Right to Notified of a Breach in Information. To ensure the safety of your personal information on the servers and websites of The Wyanoke Group and its subsidiary companies, we have implemented the current appropriate technical, administrative, physical and organizational measures to protect that information from loss, destruction, and unauthorized access, whether accidental or intentional. Since these protections change as technology evolves, we cannot assume any liability in this regard. In the event of a breach in personal information security, The Wyanoke Group will notify affected users within 72 hours of its discovery.
Internal security measures
In order to support its business activities or services, which may include analyzing lists of personal information for behavioral trends and internal emailing of unencrypted personal information (among other actions), only authorized employees of The Wyanoke Group and its subsidiary staff, or our clients’ authorized staff (who have contractually agreed to keep all information secure) may have access to your personal data. All staff of The Wyanoke Group and its subsidiary companies who have access are required to adhere to staff confidentiality agreements with regard to personal information, which are held on file.
Contact Information for Privacy & Personal Data Inquiries
If you have any questions regarding The Wyanoke Group Privacy Policy, or would like to exercise your rights regarding your privacy and data as it pertains to this website, please contact us via:
Postal mail:
The Wyanoke Group
Attn: Privacy and Data Protection
6900 Grove Road
Thorofare, NJ 08086 USA
Email:
[email protected]
Conclusion
These statements convey the current privacy policy of The Wyanoke Group and its subsidiary companies. We reserve the right to alter this policy at any time without advance notification. Any changes to this privacy policy will be reflected on this webpage. If you have any questions or would like more detailed information regarding the privacy policy, please contact us by email at [email protected].
Healio Community – Privacy Policy
This Privacy Policy is edited by PNS & WSS Incorporated, dba Healio (Healio), a wholly owned subsidiary of The Wyanoke Group, having its registered office at 6900 Grove Road, Thorofare, NJ 08086.The Data Controller offers a platform, Healio Community, a gated daily destination for health care professionals, (hereafter, the “Platform”) to its users which have subscribed on the Platform and as such have a user account (hereafter, the “Users”). The Platform is available at the following url address: https://community.healio.com.
The Data Controller uses a solution called “Hivebrite,” which enables the import and export of user lists and data, the management of content and events, the organization of emailing campaigns, and opportunity research and sharing.
In this regard, the Data Controller collects and processes Users’ personal data in accordance with the Privacy and Cookie policy.
The Data Controller is particularly aware and sensitive with regard to the respect of its Users’ privacy and personal data protection. The Data Controller commits to ensure the compliance of the processing it carries out as data controller in accordance with the Data Protection Law.
Data Protection Law refers to the General Data Protection Regulation (EU Regulation n°2016/679) dated April 27, 2016, for individuals within the European Union, known as the 'GDPR.' Additionally, we adhere to all applicable United States state privacy laws, including the California Consumer Privacy Act (CCPA), the Virginia Consumer Data Protection Act (VCDPA), and other relevant state laws that govern data privacy and protection.
The Data Controller has put in place an appropriate privacy and cookie policy to be fully transparent on how the personal data of Users are processed within the use of the Platform and services provided.
This privacy policy is intended for the Users of the Platform of the Data Controller.
Data Controller is not established in the European Union and has designated a representative: [email protected].
Date of last update: 09/27/2024.
-
COLLECTED PERSONAL DATA
1.1 When subscribing on the Platform
When subscribing to the Platform, the User is informed that its following personal data is collected for the purpose of creating a user account:
Mandatory data:
-
First name
-
Last name
-
Email address
-
Zip/Postal Code
-
Profession
-
NPI (if applicable)
Optional data:
-
Year of medical school graduation
-
Specialty.
The User is informed that it is not possible to access the Platform without providing the mandatory data strictly necessary to create an account and authenticate the User.
1.2 During the use of the Platform
The User may validly publish, at its own initiative, any content on the Platform which shall be kept by the Company:
-
Posts on discussion boards, forums and within groups
-
Events, including webinars, “Ask Me Anythings” and other group events
-
Mentorship profile and application letters
-
News
The User is aware that when using the Platform, the User may decide to provide “sensitive data” within the meaning of Data Protection Law; for example, data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, sexual orientation, etc. By providing such sensitive data, the User agrees to their processing by the Platform in the conditions set forth in this Privacy Policy.
-
THE PURPOSE OF THE DATA PROCESSING
The Data Controller and its subcontractors process personal data that are freely transferred by the User when accessing the services proposed by the Platform for the following purpose:
Purpose |
Legal basis |
Creation and management of a user account |
The data subject has given consent to the processing of his or her personal data for access to and interaction with the platform
|
Providing the User with all functionalities of the Platform, meaning:
|
|
Management of data subjects’ rights according to the Personal Data Legislation
|
|
Storage of User personal data
|
|
Management of prospection operations:
|
|
Making statistics in order:
|
|
Making statistics regarding the effective use of the Platform
|
|
Making statistics regarding the different levels of activity on the Platform. |
-
DATA RETENTION PERIOD
The Data Controller informs the User that the personal data related to the User Account is retained only during the length of the User’s subscription on the Platform.
Following the termination of said subscription, the data collected upon the subscription as well as the content published by the User on the Platform shall be deleted after a period of 30 days.
-
DATA TRANSFERS
The Users’ data are stored in the European Economic Area (EEA) by the Data Controller, and its trusted service providers. However, depending on the processing, the Users’ data may also be transferred in a country outside the EEA, to Healio’s data server in the United States.
When transferring data outside the EEA, the Data Controller ensures that the data are transferred in a secured manner and with respect to the Data Protection Law. When the country where the data are transferred does not have a protection comparable to that of the EU, the Data Controller uses “appropriate or suitable safeguards.”
When the service providers to whom personal data are transferred are located in the United States, these transfers are governed by the standard data protection clauses adopted by the Commission.
Users can contact the Data Protection Officer at the following address: [email protected].
-
COMMITMENT OF THE DATA CONTROLLER
The Data Controller commits to process Users’ personal data in compliance the Data Protection Law and undertake to, notably, respect the following principles:
-
Process Users’ personal data lawfully, fairly, and in a transparent manner;
-
Only collect and process the Users’ data for the strict purpose as described under article 2 of the present privacy policy;
-
Ensure that the personal data processed are adequate, relevant and limited to what is necessary in relation to the purposes for which they are processed;
-
Make the best effort to ensure that the personal data processed are accurate and, if necessary, kept up to date, and take all reasonable steps to ensure that personal data that are inaccurate, regarding the purposes for which they are processed, are erased or rectified without delay;
-
Keep personal Users’ data for no longer than is necessary for the purposes for which they are processed;
-
Put in place all necessary technical and organizational appropriate measures in order to ensure the security, confidentiality, integrity, availability and the resilience of the process systems and services;
-
Limit the access to the Users’ data to the persons duly authorized to this effect;
-
Guarantee to the Users their rights under the Data Protection Law in relation to the processing of their data and make the best efforts to satisfy any request, where this is possible.
-
EXERCISE OF THE USERS’ RIGHTS
The User is duly informed that it disposes at any time, depending on the legal basis of the processing, a right to access, to rectification, to erasure, to restriction of processing, to data portability and to object.
When processing is based on Users’ consent, the right to withdraw consent at any time, without affecting the lawfulness of the processing based on consent before its withdrawal.
The User can exercise its rights by sending an email to privacy@wyanokegroup.com or by mail at the following address: 6900 Grove Road, Thorofare, NJ 08086, USA, provided that the User justifies his/her identity.
In addition, in the event the User considers that its rights have not been respected, the User of which the personal data are collected can lodge a complaint before the competent supervisory authority. For any additional information, you can review your rights on the websites of the competent authorities.
The competent supervisory authorities are listed on the following website:
http://ec.europa.eu/justice/article-29/structure/data-protection-authorities/index_en.htm.
-
COOKIES
The Data Controller informs the User that Hivebrite, as well as its subcontractors, uses a tracking technology on its terminal such as cookies whenever the User navigates on the Platform subject to the conditions described in the Data Controller Cookie Policy: https://www.healio.com/privacy-policy
-
RECIPIENT AND PERSONS AUTHORIZED TO ACCESS THE USERS’ DATA
Only authorized persons working for the Data Controller, can access your personal data. The Data Controller makes its best effort to ensure that these groups of people remain as small as possible and maintain the confidentiality and security of Users’ personal data.
The Data Controller also uses trusted service providers to carry out a set of operations on its behalf for hosting. The Data Controller can also use service providers in the tech industry and editors of specific tools integrated in the Platform for technical purposes.
The Data Controller only provides service providers with the information they need to perform the service and ask them not to use your personal data for any other purpose. The Data Controller does its best to ensure that all these trusted service providers only process the personal data on our documented instructions and provide sufficient guarantees, in particular in terms of confidentiality, expert knowledge, reliability and resources, to implement technical and organizational measures that will meet the requirements of the applicable legislation, including for the security of processing.
The Data Controller may be required to disclose or share your personal data to comply with a legal obligation, or to enforce or apply our terms of use/sale or any other conditions you have accepted; or to protect the rights, safety or property of Healio, its customers or employees.
List of the main service providers:
Service Provider |
Service |
You can consult the privacy policy by clicking on the following link: |
KIT UNITED 44 rue la fayette 75009 Paris France |
HIVEBRITE solution
|
https://hivebrite.com/privacy-policy
|
Google Cloud Platform Gordon House, 4 Barrow St, Dublin, Ireland
|
Hosting of all data and content produced/provided by the User, as well as images, profile pictures and backups |
https://cloud.google.com/security/privacy/
|
Amazon AWS 38 Avenue John F. Kennedy, L-1855, Luxembourg
|
||
Sentry 132 Hawthorne Street San Francisco, CA 94107 USA
|
Production and storage of error logs enabling our developers to correct the code |
https://sentry.io/privacy/ |
Sendgrid 375 Beale Street, Suite 300, San Francisco, CA 94105 USA
|
Sending of emails from the Platform |
https://api.sendgrid.com/privacy.html |
Hivebrite, Inc. 16 Nassau St, New York, NY 10038, USA |
Customer support for the Platform |
https://hivebrite.com/privacy-policy
|