ProEd Logo

PRACTICES



MEDICAL AFFAIRS &
PUBLICATIONS

ProEd ensures sound science and strategy through effective communications and operational excellence

REGULATORY
COMMUNICATIONS

ProEd Regulatory helps you transform your data into a compelling case for approval
 

ProEd By the Numbers



PROED LEADERSHIP



Mary Rofael, MD

President

Greg Connel

EVP, Strategic Communication

Kristen Oeltjen-Bruns, CMPP

SVP, Client Services

Sandi Harris, PhD, CMPP

SVP, Scientific Services

Dan Hutta, PhD, CMPP

SVP, Scientific Services

Healthcare Consultancy Group logo

WE ARE A MEMBER OF THE HEALTHCARE CONSULTANCY GROUP

ProEd is part of the Healthcare Consultancy Group of companies within the Omnicom Healthcare Group. Healthcare Consultancy Group is a network of agencies with specialties in medical education, medical affairs and publications, market access, and regulatory communications.

ProEd Culture



Smart. Diligent. Loyal to a fault.

That’s how people describe us, and it’s no surprise. It’s what you get when you build a scientifically driven agency in a hard-working town like Cleveland. Whether they’re in our office or across the 10+ states they call home, our people bring pride, passion, and team spirit to everything we do.

Employee Spotlight

REQUEST MORE INFORMATION

ProEd Careers



BECOME A PART OF OUR TEAM

If you’d like to grow your career in an intellectually stimulating environment with a family atmosphere, click the link below to see our current open positions.

Our Locations



ProEd Communications, Inc.

Ohio

25101 Chagrin Blvd. Suite 230 Beachwood, OH 44122
216-595-7919

New Jersey

104 Carnegie Center, Suite 300 Princeton, NJ 08540

Connecticut

1055 Washington Blvd. 7th Floor Stamford, CT 06901

Healthcare Consultancy Group

New York

488 Madison Avenue, 5th Floor New York, NY 10022
203-992-6703


Updated: April 2020

We at HCG (“we”, “us” or “our”) respect your privacy.

HCG is a company located in the United States. Chameleon Communications International Ltd, Chameleon Communications International Inc, ProEd Communications Inc, Health Science Communications (HSC) Inc, The Scienomics Group (TSG) Inc, Synergy Medical Communications Ltd, Synergy Medical Communications Inc, are affiliates of HCG.

This privacy policy applies to the processing of personal data by HCG in the United States.

Please see our GDPR Privacy Policy for how we (to the extent we are subject to the General Data Protection Regulation) and our European affiliates process your personal data.

If you are a California consumer and would like information about our online and offline privacy practices and your privacy rights, please see the section of this Privacy Policy called “California Consumer Privacy Statement.”

 

PURPOSE OF THIS POLICY

This privacy policy (“Policy”) explains our approach to any personal information that we might collect from you using this website (the “Site”) and in other situations or interactions with us, as well as the purposes for which we process your personal information. This Policy also sets out your rights in respect of our processing of your personal information.

This Policy will inform you of the nature of the personal information about you that is processed by us and how you can request that we delete, update, transfer and/or provide you with access to it or otherwise cease processing it for a specific purpose. This Policy is intended to assist you in making informed decisions when using this Site or otherwise providing personal information to us or in other situations where we may process your personal information.

This privacy notice is not intended to apply to the processing of personal information of HCG employees which is dealt with under our separate workplace privacy policy.

We respect your concerns about privacy. We participate in the EU-U.S. Privacy Shield framework (“Privacy Shield”) issued by the U.S. Department of Commerce. We commit to comply with the Privacy Shield Principles with respect to any personal information that we receive from the European Union.

 

TYPE OF PERSONAL INFORMATION COLLECTED

Personal information is information that identifies you as an individual. Categories of personal information we collect include:

  • contact information (e.g. name, physical address, telephone number, email address),

  • information about your interests or affiliations,

  • information for hiring and human resources (e.g. employment and education history, work eligibility status, date of birth, financial account information, government-issued identification information), and

  • additional information you submit to us.

Additional information about the personal information we collect is described in the section HOW WE USE PERSONAL INFORMATION below.

 

WAYS OF OBTAINING PERSONAL INFORMATION

We may collect and receive your personal information using different methods:

Personal information you provide to us. You may give us your personal information directly. This will be the case when, for example, you contact us with enquiries, complete forms on our Site or in hard copy or participate in a survey, subscribe to receive our marketing communications or provide feedback to us otherwise through your interactions with us.

Personal information received from third parties. From time to time, we will receive personal information about you from third parties. Such third parties may include analytics providers, payment providers, hotel and transport providers and third parties that provide technical services to us so that we can operate our Site and provide our services.

Publicly available Personal information. From time to time we may collect personal information about you from publicly available sources or personal information about you that you or a third party may make publicly available to us (for example through speaking at events or publishing articles or other news stories).

 

HOW WE USE PERSONAL INFORMATION

Our primary goal in collecting personal information from you is to:

  • verify your identity,

  • provide our services to clients;

  • help us improve our products and services and develop and market new products and services,

  • carry out requests made by you to us,

  • investigate or settle inquiries or disputes,

  • comply with any applicable law, court order, other judicial process, or the requirements of a regulator,

  • enforce our agreements with you,

  • protect the rights, property or safety of us or third parties, including our other clients and users of the Site,

  • provide support for the provision of our Services, and

  • use as otherwise required or permitted by law.

 

We set out in more detail the specific ways in which we may use your personal information below. Please note that these examples are non-exhaustive and may be subject to local rules and restrictions – we will only carry out these activities to the extent permitted by local law. If local law requires us to obtain consent in order to process the personal information as described then we will do so.

 

  • Client administration.

If an individual visits any of our premises we may collect contact information as part of our sign in process.  We may also capture their image on our surveillance camera or CCTV.

Who do we share personal information with for this purpose?

We may share such personal information with our clients, group companies, affiliates, recruitment partners or agents, third party vendors (such as our IT providers) or advisers or law enforcers or such other third parties as indicated in the SHARING YOUR INFORMATION section below in connection with this purpose.

 

  • Informational enquiries.

We may collect information for requests for information about our company. We may also provide you with the opportunity to sign up for newsletters or to receive copies of blogs and other information that we make available. Contact information may be requested in each case, together with details of other personal information that is relevant to these inquiries. This information is used in order to enable us to respond to your requests.

Who do we share personal data with for this purpose?

We may share such personal data with our clients, group companies, affiliates, or agents, third party vendors (such as our IT providers) or professional advisers or such other third parties as indicated in the SHARING YOUR INFORMATION section below in connection with this purpose.

 

  • Surveys and voting.

We may collect personal information from you via surveys or voting polls. Participation is voluntary and you will have the opportunity to decide whether or not to disclose information. At times, you may have to register to vote or to take part in a survey. We would use that information to report the results of the survey or vote.

Who do we share personal information with for this purpose?

We may share such personal information with our clients, group companies, affiliates, survey partners or agents, third party vendors (such as our IT providers) or professional advisers or such other third parties as indicated in the SHARING YOUR INFORMATION section below in connection with this purpose.

 

  • Industry information.

We may collect, and maintain databases containing, information about Healthcare Professionals, allied Healthcare Professionals, subject matter experts and other professionals in the medical communications, pharmaceutical, healthcare, or media industry collected by us or by our trusted third party service providers. Such information may include an individual’s name, business contact details, professional interests and affiliations. This information may be information that is voluntarily supplied to us by those individuals through our Site or in other situations (such as public speaking events), or information that is public or available in third party databases or via third party content platforms (including social media platforms). Further we may collect and/or review other publicly available media and other content including content made available through scientific literature, public news sites and social media sites to understand what people are saying about a particular therapeutic area, us and our clients. We use this information to inform the provision of our services to our clients. We may also use this information for our own internal administrative and promotional purposes. We make efforts to minimize the use of this information to that which is strictly necessary for our legitimate business interests.

Who do we share personal information with for this purpose?

We may share such personal data with our clients, group companies, affiliates, third party vendors (such as our IT providers) or professional advisers or such other third parties as indicated in the SHARING YOUR INFORMATION section below in connection with this purpose.

 

  • Social media.

We may collect or process individuals’ personal data who engage with us through our social media channels (including by visiting our social media pages or otherwise communicating with us via social media).  We may also operate our client’s social media pages, accounts or channels acting on their behalf.

Who do we share personal information with for this purpose?

We may share such personal information with our clients, group companies, affiliates, third party vendors (such as our IT providers) or professional advisers or such other third parties as indicated in the SHARING YOUR INFORMATION section below in connection with this purpose.

 

  • Events.

From time to time, we may organize and host road shows and other industry events to promote our services or on behalf of clients. For this purpose we may process individuals’ names and contact information (including email address, postal address and telephone number) to communicate with them about such events where they have specifically requested information about such events or where we have another lawful basis for sending that information to them.

If you attend one of our events, we may use your personal information to record your attendance at the event and for related record-keeping purposes and, if relevant, we may collect and process any dietary or other requirements you may have. You may also feature in photographs taken at our events and such photographs may appear in publications we send to our clients and/or publish on our Site, in print or other media.

Who do we share personal information with for this purpose?

We may share such personal information with our clients, group companies, affiliates, event and ticketing partners or agents, third party vendors (such as our IT providers) or professional advisers or event organizers or such other third parties as indicated in the SHARING YOUR INFORMATION section below in connection with this purpose.

 

  • Insight and analysis.

We may analyse individuals’ contact details with other personal information that we observe about them from their interactions with our Site, our email communications and/or with our services.

We may use log files and other tracking technologies to collect personal information from the computer hardware and software used to access the Sites, or from mobile devices. This may include an IP address to monitor Site traffic and volume.

This information is used to create insights about our visitors’ browsing habits on our Site.

By using this information, we are able to measure the effectiveness of our content and how visitors use our Site and services. This allows us to learn what pages of our Site are most attractive to our visitors, which parts of our Site are the most interesting and what kind of features and functionalities our visitors like to see.

We also use this information for marketing purposes (see the MARKETING COMMUNICATIONS section below for further details).

Who do we share personal information with for this purpose?

We may share such personal information with our group companies, affiliates, third party vendors (such as our analytics providers or other IT providers) or professional advisers or such other third parties as indicated in the SHARING YOUR INFORMATION section below in connection with this purpose.

 

  • Marketing communications.

We may carry out marketing activities using your personal information. In particular, we may use personal information to form a view on what we think the individual may want or need, or what may be of interest to the individual.  We may use that information to provide individuals with marketing information about our events and services we feel may be of interest.

Who do we share personal information with for this purpose?

We may share your information with our group companies, affiliates, third party vendors (such as our IT providers) or professional advisers or such other third parties as indicated in the SHARING YOUR INFORMATION section below in connection with this purpose.

 

  • Receipt of services.

If we have engaged you or the organisation you represent to provide us with products or services (for example, if you or the organisation you represent provide us with services such as IT support or financial advice), we will collect and process your personal information in order to manage our relationship with you or the organisation you represent, to receive products and services from you or the organisation you represent and, where relevant, to provide our Services to others.

Who do we share personal information with for this purpose?

We may share such personal information with our clients, group companies, affiliates, partners, agents, third party vendors or professional advisers or such other third parties as indicated in the SHARING YOUR INFORMATION section below in connection with this purpose.

 

  • Recruitment

If individuals apply for a job with us or otherwise express an interest in working for us, we will collect contact details and CV or resume information from the individual.  We use such personal information for the following purposes: a) to assess the individual’s suitability for any position for which they applied (or future positions for which we think the individual may be suitable) including employment or freelancer positions, summer placements or internships and also any business support or services role whether such application has been received by us online, via email or by hard copy or in person application; b) to take any steps necessary to enter into any contract of employment (or otherwise) with the individual; c) to comply with any regulatory or legal obligations in relation to any such application; and d) to review our equal opportunity profile in accordance with applicable legislation. We do not discriminate on the grounds of gender, race, ethnic origin, age, religion, sexual orientation, disability or any other basis covered by local legislation. 

Who do we share your personal information with for this purpose?

We may share such personal information with our group companies, affiliates, third party vendors or professional advisers or such other third parties as indicated in the SHARING YOUR INFORMATION section below in connection with this purpose.

 

  • Visiting our premises.

If an individual visits any of our premises we may collect contact information as part of our sign in process.  We may also capture their image on our surveillance camera or CCTV.

Who do we share personal information with for this purpose?

We may share such personal information with our clients, group companies, affiliates, recruitment partners or agents, third party vendors (such as our IT providers) or advisers or law enforcers or such other third parties as indicated in the SHARING YOUR INFORMATION section below in connection with this purpose.

 

  • Business administration and legal compliance.

We may use your personal information for the following business administration and legal compliance purposes:

  • to comply with our legal obligations;

  • to enforce our legal rights;

  • to protect the rights of third parties; and

  • in connection with a business transition such as a merger, reorganisation, acquisition by another company, or sale of all or a portion of our assets

Who do we share personal information with for this purpose?

We may share personal information with our clients, group companies, affiliates, agents, partners, third party vendors or professional advisers, emergency service providers or law enforcers or other regulatory bodies (including tax and social security authorities) or such other third parties as indicated in the SHARING YOUR INFORMATION section below in connection with this purpose.

 

PERSONAL INFORMATION OF CHILDREN

We do not intend to or knowingly collect personal information from children.

 

SHARING YOUR INFORMATION

We may share your personal information with any of our group affiliates, or with our agents, partners, clients or contractors or professional advisers or government or regulatory bodies for the following purposes: (a) provide our services to clients or otherwise receive assistance in processing transactions; (b) fulfillment of requests for information, receiving and sending communications, updating marketing lists, analyzing data; (c) provision of IT and other support or internal administrative business services; or (d) assistance in other ancillary to the operation of tasks, from time to time. Our agents, partners and contractors will only use your information to the extent necessary to perform their functions.

We will not sell your personal information to other companies and we will not share it with other companies for them to use without your consent, except in in the circumstances listed above or in connection with the sale or merger of HCG or the division or office responsible for the services.

 

OBTAINING YOUR CONSENT

Where our use of your personal information requires your consent, you can provide such consent:

  • at the time we collect your personal information following the instructions provided; or

  • by informing us by e-mail, post or phone using the contact details set out in this Policy.

Please note that if you specifically consent to additional uses of your personal information, we may use your personal information in a manner consistent with that consent.

 

ACCESS

We provide you with reasonable access to the personal information maintained about you. We also provide you with a reasonable opportunity to correct, amend or delete the information where it is inaccurate. We may limit or deny access to personal information where the burden or expense of providing access would be disproportionate to the risks to your privacy in the case in question, or where the rights of third persons would be violated.

 

CHOICE AND MEANS

We generally offer you the opportunity to choose whether your personal information may be (a) disclosed to third-party controllers or (b) used for a purpose that is materially different from the purposes for which the information was originally collected or subsequently authorized by you. To the extent required by the Privacy Shield Principles, we obtain opt-in consent for certain uses and disclosures of sensitive data. Unless we offer you an appropriate choice, we use personal information only for purposes that are materially the same as those indicated in this Policy. To exercise your choices you may contact us as indicated in this Policy.

We may share personal information with our affiliates as described above under SHARING YOUR INFORMATION. We may disclose personal information without offering an opportunity to opt out, and we may be required to disclose such information (a) to third-party processors we have retained to perform services on our behalf and pursuant to our instructions, (b) if we are required to do so by law or legal process, or (c) in response to lawful requests from public authorities, including to meet national security, public interest or law enforcement requirements. We also reserve the right to transfer personal information in the event of an audit or if we sell or transfer all or a portion of our business or assets (including in the event of a merger, acquisition, joint venture, reorganization, dissolution or liquidation).

 

SECURITY

HCG takes reasonable and appropriate measures to protect personal data from loss, misuse and unauthorized access, disclosure, alteration and destruction, taking into account the risks involved in the processing and the nature of the personal data. Also see CONFIDENTIALITY AND SECURITY OF YOUR PERSONAL INFORMATION below.

 

THIRD PARTY LINKS AND SERVICES

Our Site contains links to third party websites and services. Please remember that when you use a link to go from our Site to another website or you request a service from a third party, this Policy no longer applies.

Your browsing and interaction on any other websites, or your dealings with any other third-party service provider, is subject to that website’s or third party service provider’s own rules and policies. We do not monitor, control, or endorse the privacy practices of any third parties.

This Site may integrate with social networking services. You understand that we do not control such services and are not liable for the manner in which they operate. While we may provide you with the ability to use such services in connection with our Site, we are doing so merely as an accommodation and, like you, are relying upon those third-party services to operate properly and fairly.

This Policy does not apply to these third-party websites and third party service providers.

 

COOKIES

We use cookies and similar technologies to collect personal information from the computer or other device you use to access the Site. “Cookies” are pieces of information that may be placed on your device for the purpose of collecting data to facilitate and enhance your communication and interaction with our Site. We may also allow certain third parties to place cookies as described below.

We use cookies and other technologies on all our sites to ensure the best possible experience on our Site. These uses include:

  • analytical cookies to recognize and count users of our Site, measure the effectiveness of our content, and understand how visitors use our Site. We currently use Google Analytics for this purpose; or
  • placing, or allowing a third party to place, functional cookies to make a website easier to use, such as cookies that maintain a user’s session.

You can review your Internet browser settings to exercise choices you have for certain cookies. If you disable or delete certain cookies in your Internet browser settings, you might not be able to access or use important functions or features of this Site, and you may be required to re-enter your log-in details.

For more information about how we use cookies please see our COOKIE POLICY available on the Site.

 

OPT OUT AND UNWANTED COMMUNICATIONS

To opt-out of any future promotional or marketing communications or any other communications from us, you should send a request to us at the contact information in the section entitled CONTACT DETAILS. We will process your request within a reasonable time after receipt. Please note that if you opt out in this manner, certain aspects of this Site may no longer be available to you.

 

CONFIDENTIALITY AND SECURITY OF YOUR PERSONAL INFORMATION

We are committed to keeping the personal information you provide to us secure. We take reasonable and appropriate measures to protect your personal information, including but not limited to sophisticated software and hardware that prevent personal information from loss, misuse and unauthorized access, disclosure, alteration and destruction, taking into account the risks involved in the processing and the nature of the personal information.

Information regarding job applications is encrypted and transmitted in a secure way. You can verify this by looking for a closed lock icon at the bottom of your web browser, or looking for “https” at the beginning of the URL. Only employees or third parties who need the information to process a specific request are granted access to personally identifiable information.

 

ONWARD TRANSFERS

We might receive personal information under the Privacy Shield and subsequently transfer to a third party acting as an agent on our behalf. In such case, we remain liable if our agent processes such personal information in a manner inconsistent with the Privacy Shield Principles, unless we are able to prove that we are not responsible for the event giving rise to the damage.

 

COMPLIANCE WITH THE PRIVACY SHIELD

HCG complies with the EU-U.S. Privacy Shield Framework as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal information transferred from the European Union to the United States. HCG has certified to the Department of Commerce that it adheres to the Privacy Shield Principles. If there is any conflict between the terms in this Policy and the Privacy Shield Principles, the Privacy Shield Principles shall govern. To learn more about the Privacy Shield program, and to view our certification, please visit https://www.privacyshield.gov/.

 

CHANGES TO THIS PRIVACY POLICY

We may make changes to this Policy from time to time. This Site includes a date on which it was last updated.

To ensure that you are always aware of how we use your personal information, we will update this Policy from time to time to reflect any changes to our use of your personal information. We encourage you to review this Policy periodically to be informed of how we use your personal information.

 

HOW LONG DO WE KEEP YOUR PERSONAL INFORMATION?

Where applicable law imposes restrictions on the length of time for which personal information can be retained, we will generally comply with this by retaining personal information only for as long as is necessary for the purposes described in this Policy, after which it will be deleted from our systems. The principle may be departed from where required by law.

If any personal information is only useful for a short period (e.g. for a specific event or marketing campaign or in relation to recruitment), we may delete it at the end of that period.

If you have opted out of receiving marketing communications from us, we will need to retain certain personal information on a suppression list indefinitely so that we know not to send you further marketing communications in the future.

 

RECOURSE ENFORCEMENT AND LIABILITY

We are subject to the investigatory and enforcement powers of the Federal Trade Commission. We have mechanisms in place designed to effect compliance with the Privacy Shield Principles. We conduct an annual self-assessment of personal information handling practices to verify that the attestations and assertions we make about our Privacy Shield privacy practices are true and that such privacy practices have been implemented as represented and in accordance with the Privacy Shield Principles.

Consumer Recourse: You may file a complaint concerning our processing of your personal information. We will take steps to remedy issues arising out of any alleged failure to comply with the Privacy Shield Principles. You may contact us as specified below about complaints regarding our personal information handling practices.

 

CONTACT DETAILS

For questions or concerns about this Policy, or to ask questions or express concerns about our collection, management and processing of personal information, Consumers may by contact us by:

Attn: Compliance Team

Healthcare Consultancy Group

488 Madison Avenue, 5th Floor

New York, NY, 10022 

 

ALTERNATIVE DISPUTE RESOLUTION

If a Consumer’s complaint cannot be resolved through our internal processes, we will cooperate with the alternative dispute resolution provider JAMS (Judicial Arbitration and Mediation Services) pursuant to the JAMS International Mediation Rules, available on the JAMS website at: https://www.jamsadr.com/eu-us-privacy-shield.

JAMS mediation may be commenced as provided for in the relevant JAMS rules. The mediator may propose any appropriate remedy, such as deletion of the relevant personal information, publicity for findings of noncompliance, payment of compensation for losses incurred as a result of noncompliance, or cessation of processing of the personal information of the Consumer who brought the complaint. The mediator or the Consumer also may refer the matter to the U.S. Federal Trade Commission, which has Privacy Shield investigatory and enforcement powers over us. Under certain circumstances, Consumers also may be able to invoke binding arbitration to address complaints about our compliance with the Privacy Shield Principles.

In addition to the above and under certain conditions, the individual may invoke binding arbitration for complaints that have not been resolved by any of the other Privacy Shield mechanisms. See Annex 1 of the Privacy Shield framework for further information: https://www.privacyshield.gov/servlet/servlet.FileDownload?file=015t00000004qAg.


California Consumer Privacy Statement

Effective: March 2020

This California Consumer Privacy Statement supplements the HCG Privacy Policy (General) and applies solely to California consumers. This section provides information about our online and offline privacy practices. This Statement does not apply to our personnel.

This California Consumer Privacy Statement uses certain terms that have the meaning given to them in the California Consumer Privacy Act of 2018 and its implementing regulations (the “CCPA”).

1.     Notice of Collection and Use of Personal Information

We may collect the following categories of personal information about you:

  • Identifiers: identifiers such as a real name, alias, postal address, unique personal identifier (such as a device identifier; cookies, beacons, pixel tags, mobile ad identifiers and similar technology; customer number, unique pseudonym, or user alias; telephone number and other forms of persistent or probabilistic identifiers), online identifier, internet protocol address, email address, account name, Social Security number, driver’s license number, passport number, and other similar identifiers

  • Additional Data Subject to Cal. Civ. Code § 1798.80: signature, physical characteristics or description, state identification card number, insurance policy number, education, bank account number, credit card number, debit card number, and other financial information, medical information, and health insurance information

  • Protected Classifications: characteristics of protected classifications under California or federal law, such as race, color, national origin, religion, age, sex, gender, gender identity, gender expression, sexual orientation, marital status, medical condition, ancestry, genetic information, disability, citizenship status, and military and veteran status

  • Commercial Information: commercial information, including records of personal property, products or services purchased, obtained, or considered, and other purchasing or consuming histories or tendencies

  • Online Activity: Internet and other electronic network activity information, including, but not limited to, browsing history, search history, and information regarding your interaction with websites, applications or advertisements

  • Geolocation Data

  • Sensory Information: audio, electronic, visual, and similar information

  • Employment Information: professional or employment-related information

  • Education Information: education information that is not publicly available personally identifiable information as defined in the Family Educational Rights and Privacy Act (20 U.S.C. Sec. 1232g; 34 C.F.R. Part 99)

  • Inferences: inferences drawn from any of the information identified above to create a profile about you reflecting your preferences, characteristics, psychological trends, predispositions, behavior, attitudes, intelligence, abilities, and aptitudes.

We may use the categories of personal information listed above for the purposes described in our Privacy Policy (General). In addition, we may use these categories of personal information for certain business purposes specified in the CCPA, as described in this table:

Purposes

Categories of Personal Information

Performing services, including maintaining or servicing accounts, providing customer service, processing or fulfilling orders and transactions, verifying customer information, processing payments, providing advertising or marketing services, providing analytics services, or providing similar services

[Identifiers; Additional Data Subject to Cal. Civ. Code § 1798.80; Protected Classifications; Commercial Information; Online Activity; Geolocation Data; Sensory Information; Employment Information; Education Information and Inferences]

Auditing related to a current interaction with you and concurrent transactions, including, but not limited to, and auditing compliance

[Identifiers; Additional Data Subject to Cal. Civ. Code § 1798.80; Protected Classifications; Commercial Information; Online Activity; Geolocation Data; Sensory Information; Employment Information; Education Information and Inferences]

Short-term, transient use

[Identifiers; Additional Data Subject to Cal. Civ. Code § 1798.80; Protected Classifications; Commercial Information; Online Activity; Geolocation Data; Sensory Information; Employment Information; Education Information and Inferences]

Detecting security incidents, protecting against malicious, deceptive, fraudulent, or illegal activity, and prosecuting those responsible for that activity

[Identifiers; Additional Data Subject to Cal. Civ. Code § 1798.80; Protected Classifications; Commercial Information; Online Activity; Geolocation Data; Sensory Information; Employment Information; Education Information and Inferences]

Debugging to identify and repair errors that impair existing intended functionality

[Identifiers; Additional Data Subject to Cal. Civ. Code § 1798.80; Protected Classifications; Commercial Information; Online Activity; Geolocation Data; Sensory Information; Employment Information; Education Information and Inferences]

Undertaking internal research for technological development and demonstration

[Identifiers; Additional Data Subject to Cal. Civ. Code § 1798.80; Protected Classifications; Commercial Information; Online Activity; Geolocation Data; Sensory Information; Employment Information; Education Information and Inferences]

Undertaking activities to verify or maintain the quality or safety of a service or device that is owned, manufactured, manufactured for, or controlled by us, and to improve, upgrade, or enhance the service or device that is owned, manufactured, manufactured for, or controlled by us

[Identifiers; Additional Data Subject to Cal. Civ. Code § 1798.80; Protected Classifications; Commercial Information; Online Activity; Geolocation Data; Sensory Information; Employment Information; Education Information and Inferences]

In addition, we may also use the following categories of personal information for purposes of managing our career opportunities: [Identifiers; Additional Data Subject to Cal. Civ. Code § 1798.80; Protected Classifications; Commercial Information; Online Activity; Geolocation Data; Sensory Information; Employment Information; Education Information and Inferences]

2.     Our Prior Collection, Use and Disclosure of Personal Information

We may have collected and used your personal information, as described in section 1 above, during the 12-month period prior to the effective date of this California Consumer Privacy Statement. For the personal information collected during that timeframe, we describe below: (a) the categories of sources from which we may have obtained the personal information, (b) the categories of third parties with whom we may have shared the information, and (c) the categories of personal information we may have disclosed for a business purpose.

a. Sources of Personal Information

We may have obtained personal information about you from various sources, as described below.

Categories of Sources of Data Collection

Categories of Personal Information

Directly from you, such as when you contact us with a question or comment

[Identifiers; Additional Data Subject to Cal. Civ. Code § 1798.80; Protected Classifications; Commercial Information; Online Activity; Geolocation Data; Sensory Information; Employment Information; Education Information and Inferences]

From your devices, such as when you visit our Site

[Identifiers; Additional Data Subject to Cal. Civ. Code § 1798.80; Protected Classifications; Commercial Information; Online Activity; Geolocation Data; Sensory Information; Employment Information; Education Information and Inferences]

Your family or friends, such as when they provide us with your contact information so we can send information that may interest you

[Identifiers; Additional Data Subject to Cal. Civ. Code § 1798.80; Protected Classifications; Commercial Information; Online Activity; Geolocation Data; Sensory Information; Employment Information; Education Information and Inferences]

Our affiliates and subsidiaries

[Identifiers; Additional Data Subject to Cal. Civ. Code § 1798.80; Protected Classifications; Commercial Information; Online Activity; Geolocation Data; Sensory Information; Employment Information; Education Information and Inferences]

Vendors who provide services on our behalf

[Identifiers; Additional Data Subject to Cal. Civ. Code § 1798.80; Protected Classifications; Commercial Information; Online Activity; Geolocation Data; Sensory Information; Employment Information; Education Information and Inferences]

Social networks

[Identifiers; Additional Data Subject to Cal. Civ. Code § 1798.80; Protected Classifications; Commercial Information; Online Activity; Geolocation Data; Sensory Information; Employment Information; Education Information and Inferences]

Government entities

[Identifiers; Additional Data Subject to Cal. Civ. Code § 1798.80; Protected Classifications; Commercial Information; Online Activity; Geolocation Data; Sensory Information; Employment Information; Education Information and Inferences]

Consumer data resellers

[Identifiers; Additional Data Subject to Cal. Civ. Code § 1798.80; Protected Classifications; Commercial Information; Online Activity; Geolocation Data; Sensory Information; Employment Information; Education Information and Inferences]

b. Sharing of Personal Information

We may have shared your personal information with certain categories of third parties, as described below.

Categories of Third Parties

Categories of Personal Information

Our affiliates and subsidiaries

[Identifiers; Additional Data Subject to Cal. Civ. Code § 1798.80; Protected Classifications; Commercial Information; Online Activity; Geolocation Data; Sensory Information; Employment Information; Education Information and Inferences]

Vendors who provide services on our behalf

[Identifiers; Additional Data Subject to Cal. Civ. Code § 1798.80; Protected Classifications; Commercial Information; Online Activity; Geolocation Data; Sensory Information; Employment Information; Education Information and Inferences]

Professional services organizations, such as auditors and law firms

[Identifiers; Additional Data Subject to Cal. Civ. Code § 1798.80; Protected Classifications; Commercial Information; Online Activity; Geolocation Data; Sensory Information; Employment Information; Education Information and Inferences]

Our business partners

[Identifiers; Additional Data Subject to Cal. Civ. Code § 1798.80; Protected Classifications; Commercial Information; Online Activity; Geolocation Data; Sensory Information; Employment Information; Education Information and Inferences]

Internet service providers

[Identifiers; Additional Data Subject to Cal. Civ. Code § 1798.80; Protected Classifications; Commercial Information; Online Activity; Geolocation Data; Sensory Information; Employment Information; Education Information and Inferences]

Data analytics providers

[Identifiers; Additional Data Subject to Cal. Civ. Code § 1798.80; Protected Classifications; Commercial Information; Online Activity; Geolocation Data; Sensory Information; Employment Information; Education Information and Inferences]

Government entities

[Identifiers; Additional Data Subject to Cal. Civ. Code § 1798.80; Protected Classifications; Commercial Information; Online Activity; Geolocation Data; Sensory Information; Employment Information; Education Information and Inferences]

Operating systems and platforms

[Identifiers; Additional Data Subject to Cal. Civ. Code § 1798.80; Protected Classifications; Commercial Information; Online Activity; Geolocation Data; Sensory Information; Employment Information; Education Information and Inferences]

Social networks

[Identifiers; Additional Data Subject to Cal. Civ. Code § 1798.80; Protected Classifications; Commercial Information; Online Activity; Geolocation Data; Sensory Information; Employment Information; Education Information and Inferences]

Consumer data resellers

[Identifiers; Additional Data Subject to Cal. Civ. Code § 1798.80; Protected Classifications; Commercial Information; Online Activity; Geolocation Data; Sensory Information; Employment Information; Education Information

 

c. Disclosure of Personal Information for a Business Purpose

We may have disclosed to third parties the following categories of personal information for a business purpose:

  • Identifiers such as a real name, alias, postal address, unique personal identifier (such as a device identifier; cookies, beacons, pixel tags, mobile ad identifiers and similar technology; customer number, unique pseudonym, or user alias; telephone number and other forms of persistent or probabilistic identifiers), online identifier, internet protocol address, email address, account name, Social Security number, driver’s license number, passport number, and other similar identifiers

  • Signature, physical characteristics or description, state identification card number, insurance policy number, education, bank account number, credit card number, debit card number, and other financial information, medical information, and health insurance information

  • Characteristics of protected classifications under California or federal law, such as race, color, national origin, religion, age, sex, gender, gender identity, gender expression, sexual orientation, marital status, medical condition, ancestry, genetic information, disability, citizenship status, and military and veteran status

  • Commercial information, including records of personal property, products or services purchased, obtained, or considered, and other purchasing or consuming histories or tendencies

  • Internet and other electronic network activity information, including, but not limited to, browsing history, search history, and information regarding your interaction with websites, applications or advertisements

  • Geolocation Data

  • Audio, electronic, visual, and similar information

  • Professional or employment-related information

  • Education information that is not publicly available personally identifiable information as defined in the Family Educational Rights and Privacy Act (20 U.S.C. Sec. 1232g; 34 C.F.R. Part 99)

  • Inferences drawn from any of the information identified above to create a profile about you reflecting your preferences, characteristics, psychological trends, predispositions, behavior, attitudes, intelligence, abilities, and aptitudes.

3.     California Consumer Privacy Rights

You have certain choices regarding our use and disclosure of your personal information, as described below.

Access: You may have the right to request, twice in a 12-month period, that we disclose to you the personal information we have collected, used, disclosed and sold about you during the past 12 months.

Deletion: You have the right to request that we delete certain personal information we have collected from you.

We do not sell, and have not sold in the previous 12 months, consumers’ personal information.

How to Submit a Request: To submit an access or deletion request, contact Privacy@hcg-int.com or call us at 1-833-520-0506.

Verifying Requests: To help protect your privacy and maintain security, we will take steps to verify your identity before granting you access to your personal information or complying with your request If you request access to or deletion of your personal information, we may require you to provide us with information about you to verify your identity. The type of information that we ask for may vary depending on the type and sensitivity of the personal information we hold about you or that you request. If additional information is required to verify your request, we may contact you to provide us with that information before responding to your request for access or deletion. In addition, if you ask us to provide you with specific pieces of personal information, we will require you to sign a declaration under penalty of perjury that you are the consumer whose personal information is the subject of the request. If you designate an authorized agent to make an access, deletion or opt-out of sale request on your behalf (1) we may require you to provide the authorized agent written permission to do so, and (2) for access and deletion requests, we may require you to verify your own identity directly with us (as described above).

Additional Information: If you choose to exercise any of your rights under the CCPA, you have the right to not receive discriminatory treatment by us. To the extent permitted by applicable law, we may charge a reasonable fee to comply with your request. This Statement is available in alternative formats upon request. Please contact Privacy@hcg-int.com to request this Statement in an alternative format.

Updated: March 2020

HCG and our HCG-affiliated companies (“we”, “us” or “our”) respect your privacy. We are committed to safeguarding your privacy and protecting your information against unauthorized use.

This privacy policy (“Policy”) is intended to meet the requirements of the Regulation (EU) 2016/79 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (known as “GDPR”).

 

WHO PROCESSES YOUR PERSONAL DATA

This Policy applies to the processing of personal data by Chameleon Communications International Ltd and Synergy Medical Communications Ltd, and to the following HCG-affiliated companies located in the United States to the extent these non-European entities are subject to the GDPR;  Chameleon Communications International Inc, ProEd Communications Inc, Health Science Communications (HSC) Inc, The Scienomics Group (TSG) Inc, Synergy Medical Communications Inc.

For the purpose of this Policy and the GDPR, to the extent any of the above entities process your personal data in connection with use cases identified in this Policy, each will be considered a “data controller” of your personal data.  Please note that in some cases we may carry out the activities referred to in this Policy in our capacity as a data processor acting on behalf of our clients. We have made this distinction clear in the Policy.

 

PURPOSE OF THIS POLICY

This Policy explains our approach to any personal data that we might collect from you using this website (the “Site”) and any personal data about you we might collect/process in other situations or interactions with us, and the purposes for which we process your personal data.

This Policy also sets out your rights in respect of our processing of your personal data.

This Policy will inform you of the nature of the personal data about you that is processed by us and how you can request that we delete, update, transfer and/or provide you with access to it or otherwise object to our processing of it for a specific purpose. This Policy is intended to assist you in making informed decisions when using the Site or otherwise providing personal data to us or in other situations where we may process your personal data.

Please note this Policy is not intended to apply to our processing of HCG staff personal data which is dealt with under our separate workplace privacy policy.

 

TYPE OF PERSONAL DATA WE COLLECT/PROCESS

When we talk about personal data we mean any information which relates to an identified or identifiable living individual. Individuals might be identified by reference to a name, an identification number, location data, an online identifier (such as an IP address) or to other factors that are specific to them, such as their physical appearance. Categories of personal data we may collect and process about you include:

  • contact information (i.e. name, physical address, telephone number, email address);

  • your date of birth;

  • information about your employment or education history;

  • information about your interests or affiliations or publicly stated positions on political matter, corporate matters and similar;

  • information about articles (or similar) that you may have published;

  • information for hiring talent and human resources (g. work eligibility status, financial account information, government-issued identification information or dietary requirements);

  • your image;

  • any additional data that may identify you which you submit to us.

For more information about the personal data we collect please refer to section HOW WE USE PERSONAL DATA below.

 

PERSONAL DATA OF CHILDREN

We do not intend to or knowingly collect personal data from children.

 

WAYS OF OBTAINING PERSONAL DATA

We may collect and receive your personal data using different methods:

  • Personal data you provide to us. You may give us your personal data directly. This will be the case when, for example, you contact us with enquiries, complete forms on our Site or in hard copy or participate in a survey, subscribe to receive our marketing communications or provide feedback to us, provide services to us or otherwise through your interactions with us.

  • Personal data received from third parties. From time to time, we may receive personal data about you from third parties. For example, we may receive your contact details from an industry contact or our client or we may receive your CV or resume from your agent or recruitment service provider or we may receive information about your dietary requirements from your agent or our hospitality provider. We may also use third parties to collect personal data about your interactions with our Site.

  • Publicly available personal data. From time to time we may collect personal data about you (including your contact details, biography, interests or affiliations) from publicly available sources (including open source data sets) or personal data about you that you or a third party may make publicly available (for example through speaking at events or publishing articles or other news stories or posting on social media platforms).

 

HOW WE USE PERSONAL DATA

Our primary goals in collecting personal data from you are to:

  • verify your identity;

  • provide our services to clients;

  • help us improve our Site, products and services and develop and market new products and services;

  • carry out requests made by you to us;

  • investigate or settle inquiries or disputes;

  • comply with any applicable law, court order, other judicial process, or the requirements of a regulator;

  • enforce our agreements with you;

  • protect the rights, property or safety of us or third parties, including our other clients and users of the Site;

  • provide support for the provision of our services;

  • carry out recruitment activities; and

  • use as otherwise required or permitted by law.

 

We set out in more detail below the specific ways in which we may use your personal data

Client administration.

We may collect personal data about our client and potential client contacts to enable us to respond to client requests, to administer client accounts with us, to conduct credit checks (if permitted by applicable law), and to verify and carry out financial transactions for payments made to us.

Our legal basis for processing

It is in our legitimate interests (and those of our clients) to process personal data in this way to ensure we provide the services requested by our clients in an effective and efficient way.

Who do we share personal data with for this purpose?

We may share such personal data with our third party vendors (such as our payment service providers or IT providers), financial institutions, group companies, affiliates, professional advisors, regulatory bodies or other law enforcers or such other third parties as indicated in the SHARING YOUR PERSONAL DATA section below in connection with this purpose.

 

Informational enquiries.

We may collect information for requests for information about our company. We may also provide you with the opportunity to sign up for newsletters or to receive copies of blogs and other information that we make available. Contact information may be requested in each case, together with details of other personal information that is relevant to these inquiries. This information is used in order to enable us to respond to your requests

Our legal basis for processing

It is in our legitimate interests (and those of our clients) to process personal data in this way to ensure we provide the services requested by our clients in an effective and efficient way and that we provide the right information to those who request it.

Who do we share personal data with for this purpose?>

We may share such personal data with our clients, group companies, affiliates, or agents, third party vendors (such as our IT providers) or professional advisers or such other third parties as indicated in the SHARING YOUR PERSONAL DATA section below in connection with this purpose.

 

Surveys and voting.

We may collect personal data from individuals via surveys or voting polls for the purposes of obtaining feedback on our own or our clients’ products and surveys. Participation in such polls is voluntary and individuals will have the opportunity to decide whether or not to disclose personal data. Certain personal data such as contact details may be required to register to vote or to take part in a survey. We would only use that information to report the results of the survey or vote.

Our legal basis for processing

It is in our legitimate interests (and those of our clients) to process personal data in this way to provide the services requested by our clients in an effective and efficient way and to understand how our clients and their products are received in the market. Where we do this on behalf of our clients as a data processor we do not require a legal basis for such processing.

Who do we share personal data with for this purpose?

We may share such personal data with our clients, group companies, affiliates, survey partners or agents, third party vendors (such as our IT providers) or professional advisers or such other third parties as indicated in the SHARING YOUR PERSONAL DATA section below in connection with this purpose.

 

Industry information.

We may collect, and maintain databases containing, information about Healthcare Professionals, allied Healthcare Professionals, subject matter experts and other professionals in the medical communications, pharmaceutical, healthcare, or media industry collected by us or by our trusted third party service providers. Such information may include an individual’s name, business contact details, professional interests and affiliations. This information may be information that is voluntarily supplied to us by those individuals through our Site or in other situations (such as public speaking events), or information that is public or available in third party databases or via third party content platforms (including social media platforms). Further we may collect and/or review other publicly available media and other content including content made available through scientific literature, public news sites and social media sites to understand what people are saying about a particular therapeutic area, us and our clients. We use this information to inform the provision of our services to our clients. We may also use this information for our own internal administrative and promotional purposes. We make efforts to minimize the use of this information to that which is strictly necessary for our legitimate business interests.

Our legal basis for processing

It is in our legitimate interests (or those of our client) to process personal data in this way so that we can provide the services requested by our clients in an effective and efficient way.  Where the personal data collected is considered special personal data, we rely on the fact that the personal data has been manifestly made public by the individual in order to process their personal data. Where we do this on behalf of our clients as a data processor we do not require a legal basis for such processing.

Who do we share personal data with for this purpose?

We may share such personal data with our clients, group companies, affiliates, third party vendors (such as our IT providers) or professional advisers or such other third parties as indicated in the SHARING YOUR PERSONAL DATA section below in connection with this purpose.

 

Social media.

We may collect or process individuals’ personal data who engage with us through our social media channels (including by visiting our social media pages or otherwise communicating with us via social media).  We may also operate our client’s social media pages, accounts or channels acting on their behalf.

Our legal basis for processing

It is in our legitimate interests to process personal data in this way so that we can market ourselves and engage with the public. Where we carry out this activity on behalf of our clients as a data processor we do not require a legal basis for such processing.

Who do we share personal data with for this purpose?

We may share such personal data with our clients, group companies, affiliates, third party vendors (such as our IT providers) or professional advisers or such other third parties as indicated in SHARING YOUR PERSONAL DATA section below in connection with this purpose.

  

Events.

From time to time, we may organize and host road shows and other industry events to promote our services or on behalf of clients. For this purpose we may process individuals’ names and contact information (including email address, postal address and telephone number) to communicate with them about such events where they have specifically requested information about such events or where we have another lawful basis for sending that information to them.

If you attend one of our events, we may use your personal data to record your attendance at the event and for related record-keeping purposes and, if relevant, we may collect and process any dietary or other requirements you may have. You may also feature in photographs taken at our events and such photographs may appear in publications we send to our clients and/or publish on our Site, in print or other media.

 Our legal basis for processing

It is necessary for us to use personal data in this way to perform our obligations in accordance with any contract that we may have with the individual, or it is in our or our client’s legitimate interest to use personal data in such a way to ensure that we provide our services in an effective and efficient way.

If we specifically ask your permission to use your photographs, quotes, testimonials or other content, then our processing of such personal data will be based on consent.

Where we put on events solely at the specific request of our clients we do so in our capacity as our client’s data processor and therefore do not require a legal basis to process personal data.

Who do we share personal data with for this purpose?

We may share such personal data with our clients, group companies, affiliates, event and ticketing partners or agents, third party vendors (such as our IT providers) or professional advisers or event organizers or such other third parties as indicated in the SHARING YOUR PERSONAL DATA section below in connection with this purpose.

 

Insight and analysis.

We may analyse individuals’ contact details with other personal data that we observe about them from their interactions with our Site, our email communications and/or with our services.

We may use log files and other tracking technologies to collect personal data from the computer hardware and software used to access the Sites, or from mobile devices. This may include an IP address to monitor Site traffic and volume.

This information is used to create insights about our visitors’ browsing habits on our Site.

By using this information, we are able to measure the effectiveness of our content and how visitors use our Site and services. This allows us to learn what pages of our Site are most attractive to our visitors, which parts of our Site are the most interesting and what kind of features and functionalities our visitors like to see.

We also use this information for marketing purposes (see the MARKETING COMMUNICATIONS section below for further details).

Our legal basis for processing

We will only use non-essential tracking technologies on devices with user consent.  It is in our legitimate interest to process any personal data collected via the tracking technology to ensure that we can improve our services and tailor our marketing.

Who do we share personal data with for this purpose?

We may share such personal data with our group companies, affiliates, third party vendors (such as our analytics providers or other IT providers) or professional advisers or such other third parties as indicated in the SHARING YOUR PERSONAL DATA section below in connection with this purpose.

 

Marketing communications.

We may carry out marketing activities using an individual’s personal data. In particular, we may use personal data to form a view on what we think the individual may want or need, or what may be of interest to the individual.  We may use that information to provide individuals with marketing information about our events and services we feel may be of interest.

Our legal basis for processing

We rely on our legitimate interest to process personal data in this way for marketing purposes (except where consent is required by local law in which case we will obtain consent).

We also provide individuals with opt out choices regarding personal data uses, particularly around marketing and advertising. To see how you can opt out of marketing communications, please see the section entitled OPT OUT AND UNWANTED COMMUNICATIONS.

Please note if a third party asks us to share personal data so that they can send electronic marketing communications to particular individuals, we will obtain the relevant individual’s consent prior to sharing the personal data for such purpose.

Who do we share personal data with for this purpose?

We may share your data with our group companies, affiliates, third party vendors (such as our IT providers) or professional advisers or such other third parties as indicated in the SHARING YOUR PERSONAL DATA section below in connection with this purpose.

 

Receipt of services.

If we have engaged an organisation to provide us or our client with products or services (for example, IT support or financial advice), we will collect and process your personal data if you are a contact within the relevant organisation in order to manage our relationship or our clients’ with the organization, to receive products and services from the organisation and, where relevant, to provide our services to others including our clients.

Our legal basis for processing

It is necessary for us to use personal data in this way to perform our obligations in accordance with any contract that we may have with the organisation or it is in our legitimate interest to use personal data in such a way to ensure that we have an effective working relationship with the organisation and are able to provide our services to others in an effective way.  Where we do this on behalf of our clients as a data processor we do not require a legal basis for such processing.

Who do we share personal data with for this purpose?

We may share such personal data with our clients, group companies, affiliates, partners, agents, third party vendors or professional advisers or such other third parties as indicated in the SHARING YOUR PERSONAL DATA section below in connection with this purpose.

 

Recruitment.

If individuals apply for a job with us or otherwise express an interest in working for us, we will collect contact details and CV or resume information from the individual.  We use such personal data for the following purposes: a) to assess the individual’s suitability for any position for which they applied (or future positions for which we think the individual may be suitable) including employment or freelancer positions, summer placements or internships and also any business support or services role whether such application has been received by us online, via email or by hard copy or in person application; b) to take any steps necessary to enter into any contract of employment (or otherwise) with the individual; c) to comply with any regulatory or legal obligations in relation to any such application; and d) to review our equal opportunity profile in accordance with applicable legislation. We do not discriminate on the grounds of gender, race, ethnic origin, age, religion, sexual orientation, disability or any other basis covered by local legislation. 

What is our legal basis?
Where we use personal data in connection with recruitment and talent management it will be in connection with us entering into a legal contract with them or it is in our legitimate interest to use personal data in such a way to ensure that we can make the best recruitment and talent management decisions for HCG or it is our legal obligation to use such personal data to comply with any legal obligations imposed upon us.  We will not process any special data except where we are able to do so under applicable legislation or with the individual’s explicit consent.

Who do we share your data with for this purpose?

We may share such personal data with our group companies, affiliates, third party vendors or professional advisers or such other third parties as indicated in the SHARING YOUR PERSONAL DATA section below in connection with this purpose.

 

Visiting our premises.

If an individual visits any of our premises we may collect contact information as part of our sign in process.  We may also capture their image on our surveillance camera or CCTV.

Our legal basis for processing

It is in our legitimate interests to process personal data in this way for security reasons.

Who do we share personal data with for this purpose?

We may share such personal with our clients, group companies, affiliates, recruitment partners or agents, third party vendors (such as our IT providers) or advisers or law enforcers or such other third parties as indicated in the SHARING YOUR PERSONAL DATA section below in connection with this purpose.

 

Business administration and legal compliance.

We may use an individual’s personal data for the following business administration and legal compliance purposes:

  • to facilitate the operation or effective management of our group of businesses;

  • to comply with our legal obligations (including our obligations under legislation transposing EU/2016/1148 concerning measures for a high common level of security of network and information systems across the EU (the “Network Information Security Directive”);

  • to enforce or protect our legal rights;

  • to deal with complaints;

  • to protect the rights of third parties (including where health or security of an individual is endangered (e.g. a fire); and

  • in connection with a business transition or sale such as a merger, re-organisation, acquisition by another company, or sale of all or a portion of our assets.

Our legal basis for processing

Where we use personal data in connection with a business transition, to enforce our legal rights or to protect the rights of third parties, it is in our legitimate interest to do so. For all other purposes described in this section, we will rely on our obligation to comply with law, such as a court order, to process such personal data.

We will not process any special (or sensitive) categories of personal data or personal data relating to criminal convictions or offences except where we are able to do so under applicable legislation or with the individual’s explicit consent.

Who do we share personal data with for this purpose?

We may share personal data with our clients, group companies, affiliates, agents, partners, third party vendors or professional advisers, emergency service providers or law enforcers or other regulatory bodies (including tax and social security authorities) or such other third parties as indicated in the SHARING YOUR PERSONAL DATA section below in connection with this purpose.

 

SHARING YOUR PERSONAL DATA

We may share your personal data with any of our group affiliates, or with our agents, partners, clients, contractors, professional advisors or government or regulatory bodies for the following purposes: (a) provide our services to clients or otherwise receive assistance in processing transactions; (b) fulfillment of requests for information, receiving and sending communications, updating marketing lists, analyzing data; (c) provision of IT and other support services; (d) to facilitate the operation and effective management of our group of businesses; (e) comply with a legal obligation or in connection with a legal claim or dispute or to otherwise protect our legal rights; (f) assistance in other ancillary to the operation of tasks, from time to time. Our agents, partners and contractors will use your personal data to the extent necessary to perform their functions.  For more details about how we may share your personal data in connection with a particular use case, please refer to the relevant use case above

 We will not sell your personal data to other companies and we will not share it with other companies for them to use without your consent, except in the circumstances listed above or in connection with the sale or merger of HCG or the division or office responsible for the services.

Please note, the types of third parties we share your personal data with set out above is non-exhaustive and there may be circumstances where we need to share personal information with other third parties in order to operate our Site and to provide our services.  We will notify you of any other circumstances where we would share your information on a case by case basis.

 

OBTAINING YOUR CONSENT

Where our use of your personal data requires your consent, you can provide such consent:

  • at the time that we collect your personal data following the instructions provided; or

  • by informing us by e-mail or post using the contact details set out in this Policy.

Please note that if you specifically consent to additional uses of your personal data, we may use your personal data in a manner consistent with that consent.

 

DATA TRANSFERS OUTSIDE THE EEA

We may transmit personal data outside the EEA to certain categories of third parties (as listed above in HOW WE USE PERSONAL DATA) and more specifically to: (1) our headquarters in New York, NY, United States (“US”); (2) our different offices in the US and other locations globally; (3) our affiliated entities in the US or in other locations globally.

In particular when transferring your personal data outside the EEA, we will ensure that, where required by applicable law, at least one of the following safeguards is implemented: (1) we will only transfer your personal data to countries that have been deemed to provide an adequate level of protection for personal data by the European Commission; (2) where we use certain service providers, we may use specific contracts approved by the European Commission referred to as the “model clauses” which give personal data the same protection it has in Europe; or (3) where we have partners or suppliers based in the US, we may transfer data to them if they are part of the Privacy Shield which requires them to provide similar protection to personal data shared between Europe and the US.

 

COMPLIANCE WITH THE PRIVACY SHIELD

Please note that HCG complies with the Privacy Shield Principles of the EU-US Privacy Shield framework (“Privacy Shield”) as set forth by the U.S Department of Commerce regarding the collection, use and retention of personal data transferred from the European Union to the United States.  HCG has certified to the Department of Commerce that it adheres to the Privacy Shield Principles.  If there is any conflict between the terms in this privacy policy and the Privacy Shield Principles, the Privacy Shield Principles shall govern.  To learn more about the Privacy Shield program, and to view our certification, please visit https://www.privacyshield.gov/

Further HCG has adopted a separate General Privacy Policy describing our compliance with Privacy Shield Principles for data transferred from the EU to the US. This General Privacy Policy can be accessed at: www.hcg-int.com.

 

CONFIDENTIALITY AND SECURITY OF YOUR PERSONAL DATA

We are committed to keeping the personal data you provide to us secure and we will take reasonable precautions to protect your personal data from loss, misuse or alteration.

To safeguard against unauthorized access to personal data by third parties outside our organization, all electronic personal data held by us is maintained on systems that are protected by up-to-date secure network architectures that contain firewalls and intrusion detection devices. The data saved in servers is “backed up” (i.e. the data are recorded on separate media) to avoid the consequences of any inadvertent erasure, destruction or loss otherwise. The servers are stored in facilities with high security, access protected from unauthorized personnel, fire detection and response systems. The location of these servers is known to a limited number of our employees.

We have implemented information security policies, rules and technical measures to protect the personal data that we have under our control from:

  • unauthorized access;

  • improper use or disclosure;

  • unauthorized modification; and

  • unlawful destruction or accidental loss.

All of our employees and data processors (i.e. those who process your personal data on our behalf, for the purposes listed above), who have access to, and are associated with the processing of personal data, are obliged to respect the confidentiality of the personal data of all users of our services.

Information regarding job applications is encrypted and transmitted in a secure way. You can verify this by looking for a closed lock icon at the bottom of your web browser, or looking for “https” at the beginning of the URL. Only employees or third parties who need the information to process a specific request are granted access to personally identifiable information.

 

YOUR DATA PROTECTION RIGHTS

You have the following rights in relation to the personal data we hold about you under certain circumstances:

  • To obtain the confirmation that we process personal data about you, to access and obtain copies of the information, as well as information relating to the processing we carry out.

  • To request your personal data be corrected where appropriate.

    • If personal data we hold about you is inaccurate or incomplete, you may request that data be amended. However, please be aware that it is every person’s responsibility to provide us with accurate personal data and to inform us of any changes (e.g. new home address or change of name).

  • To request your personal data be deleted, where appropriate.

    • If you demonstrate that the purpose for which the personal data is being processed is no longer legal or appropriate, the data will be deleted, unless we can demonstrate that we are required to retain the personal data by applicable law or otherwise.

    • If we have shared your personal data with others, we will let them know about the deletion where possible. If you ask us, where it is possible and lawful for us to do so, we will also tell you who we have shared your personal information with so that you can contact them directly.

  • To request that we restrict the processing of your personal data in some circumstances, such as where you contest the accuracy of the personal data, while we investigate your concern.

    • It will not prevent us from storing your personal information.

    • We will tell you before we lift any restriction.

    • If we have shared your personal information with others, we will let them know about the restriction where it is possible for us to do so.

    • If you ask us, where it is possible and lawful for us to do so, we will also tell you who we have shared your personal information with so that you can contact them directly

  • Where processing is based on your consent, to receive your personal data in a commonly used electronic format, or ask that we move your personal data in that format to another provider, where your request relates to the personal data that you gave us directly and where technically possible.

  • To object to your personal data being processed where we are relying on ours or a third party’s legitimate interest to do so or for the purpose of direct marketing.

  • To withdraw your consent at any time when processing relies upon consent.

  • In France, to give us instructions concerning the use of your personal data after your death.

Data subjects may exercise these rights verbally or in writing using our contact information provided in the section below entitled CONTACT DETAILS.  We will endeavour to promptly respond to your requests.  Where you ask us to provide a copy of your personal data we are legally obliged to respond within one month of such request. If your request is denied, we will inform you about the reasons for denial.

Please note that in order for you to assert these rights, we may need to verify your identity to confirm your right to access your personal data.  This is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it. In order to verify your identity, we may need to gather more personal data from you than we currently have.

 

OPT OUT AND UNWANTED COMMUNICATIONS

 To opt-out of any future promotional or marketing communications or any other commercial communications from us, you should send a request to us at the contact information in the section entitled CONTACT DETAILS.

 

ENFORCEMENT RIGHTS AND MECHANISMS

We will ensure that this Policy is observed and duly implemented. Violations of the applicable data protection legislation in the EEA may lead to penalties and/or claims for damages.

If at any time you believe that your personal data has been processed in violation of this Policy, or if you have any inquiries or complaints about the use or limitation of use of your personal data, you may contact the relevant individuals in the CONTACT DETAILS section:

Please note that if you have a complaint about our privacy practices, you may contact your local EU Data Protection Authority (“DPA”).  We are committed to cooperating with DPAs and to comply with their dispute resolution procedures in cases of complaints.  We are also committed to complying with any regulations or guidelines that DPAs may issue from time to time in accordance with EEA and Member State data protection legislation. We undertake to register and/or keep our registration updated as a data controller and/or processor in all jurisdictions where we maintain entities in the EEA.

We are also subject to the investigatory and enforcement powers of the U.S. Federal Trade.

 

THIRD PARTY LINKS AND SERVICES

This Site contains links to third party websites and services. Please remember that when you use a link to go from our Site to another website or you request a service from a third party, this Policy no longer applies to these third-party websites and third-party service providers unless we are acting as joint controllers in respect of your personal data with such third party.

Your browsing and interaction on any other websites, or your dealings with any other third-party service provider, is subject to that website’s or third-party service provider’s own rules and policies. We do not monitor, control, or endorse the privacy practices of any third parties.

This Site may integrate with social networking services. You understand that we do not control such services and are not liable for the manner in which they operate.  While we may provide you with the ability to use such services in connection with our Site, we are doing so merely as an accommodation and, like you, are relying upon those third-party services to operate properly and fairly.

 

COOKIES

We use cookies and similar technologies to collect personal information from the computer or other device you use to access the Site. “Cookies” are pieces of information that may be placed on your device for the purpose of collecting data to facilitate and enhance your communication and interaction with our Site. We may also allow certain third parties to place cookies as described below.

We use cookies and other technologies on all our sites to ensure the best possible experience on our Site. These uses include:

  • analytical cookies to recognize and count users of our Site, measure the effectiveness of our content, and understand how visitors use our Site. We currently use Google Analytics for this purpose; or
  • placing, or allowing a third party to place, functional cookies to make a website easier to use, such as cookies that maintain a user’s session.

You can review your Internet browser settings to exercise choices you have for certain cookies. If you disable or delete certain cookies in your Internet browser settings, you might not be able to access or use important functions or features of this Site, and you may be required to re-enter your log-in details.

For more information about how we use cookies please see our COOKIE POLICY available on the Site.

 

HOW LONG DO WE KEEP YOUR PERSONAL DATA?

We retain personal data only for as long as is necessary for the purposes described in this Policy, after which it is deleted from our systems.

If any personal data is only useful for a short period (e.g. for a specific event or marketing campaign or in relation to recruitment), we will delete it at the end of that period.  Please note that if you are an unsuccessful candidate we may keep your information for a short period.

If you have opted out of receiving marketing communications from us, we will need to retain certain personal data on a suppression list so that we know not to send you further marketing communications in the future.

 

MODIFICATIONS TO THE POLICY

We reserve the right to modify this Policy as needed, for example, to comply with changes in laws, regulations or requirements introduced by DPAs. Changes must be approved by our privacy points of contact, the office of the corporate legal department, or their designees who will seek input as they reasonably deem appropriate from corporate executives for the amended Policy to enter into force. If we make changes to the Policy, this amended Policy will be submitted for renewed approval according to the relevant applicable provisions of the law. We will inform data subjects of any material changes in the Policy. We will post all changes to the Policy on relevant internal and external websites.

Effective with the implementation of this Policy, all existing and applicable EU company privacy guidelines relating to the collection and/or processing of personal data will, where in conflict, be superseded by the terms of this Policy. No other internal policy that conflicts with this Policy shall be applicable with respect to the protection of personal data handled by us in the EU. We encourage you to review this Policy periodically to be informed of how we use your personal data.

 

CONTACT DETAILS

For questions or concerns about this Policy, or to ask questions or express concerns about our collection, management and processing of personal data, or to exercise your rights, you may contact us by:

  • sending an e-mail to privacy@hcg-int.com; or

  • sending us a letter using the following address:

Attn: Compliance Team
Healthcare Consultancy Group
488 Madison Avenue, 5th
New York, NY, 10022 

Or if you are in Europe, please write to:

Attn: Compliance Team
Chameleon Communications International Ltd
50 Alderley road
Wilmslow
Cheshire
SK9 1NY, UK