Last updated: May 22, 2018
1. INTRODUCTION
1.1 This Privacy Policy describes the practices of The Medical Letter, Inc. (“TML”) in connection with information collected through services provided by our website, medicalletter.org and subdomains such as secure.medicalletter.org, and m.medicalletter.org (“our website”). By using our website, you agree to the terms and conditions of this Privacy Policy.
1.2 Our goal is to provide our visitors with quality and focused content while maintaining personal privacy. Please forward any comments you may have regarding this policy or our procedures to our customer service department at custserv@medicalletter.org.
1.3 By browsing our website, registering with us, or acquiring a subscription, you signify that you understand and agree to the collection and use of your information (including your personal data) under the terms of this policy. If you do not accept, or do not wish to be bound by this policy, please do not utilize medicalletter.org or any of its associated pages.
1.4 “Personal data” is any information that enables us to identify you, directly or indirectly, such as your email address, name, shipping and billing address, telephone number, account number, and username and password.
1.5 For the purposes of the EU General Data Protection Regulation, the data controller is The Medical Letter, Inc., a New York State non-profit corporation, with a principal place of business at 145 Huguenot St. Ste 312; New Rochelle, NY 10801.
2. INFORMATION WE COLLECT FROM YOU
2.1 When you access our website, we collect different types of information as described below.
3. ACCESS INFORMATION
3.1 Log file information: When you access and interact with our website, we may collect certain information about those visits. For example, our servers receive and record information about your computer, device, and browser, your IP address, browser type, and other software or hardware information. If you access our website from a mobile or other device, we may collect a unique device identifier assigned to that device, geolocation data, or other transactional information for that device. Currently we do not respond to browser ‘Do Not Track’ signals.
3.2 Log files visit information: We may also keep details of your visits to our website, including pages viewed, referring web pages, the resources that you access, and the date and time of access, etc. We use this information and the information in 3.1 for system administration, troubleshooting, customer support, and to produce web usage reports.
3.3 Our website uses cookies. By continuing to browse our website, you signify that you understand and agree to the use of cookies in accordance with our Cookies Policy at http://secure.medicalletter.org/cookiesPolicy.
4. CONTACT INFORMATION
4.1 When you contact us via our website or other methods (for example, by clicking a link to send us a web submission or if you telephone or write to us), you may provide certain personal data about yourself including your name, contact details, and address which will be stored.
4.2 You may also give us information about you by filling in forms on our website. This includes personal data you provide when you register to use our website or subscribe to our services. The personal data you provide may include your name, address, email address, phone number, your place of employment, year of graduation, and professional specialty. When you enter credit card information to make a purchase, you are directed to our credit card processor. We only keep the last four digits of your credit card for customer service processes.
4.3 When you make a purchase, you create a customer account. Your account information includes your name, address, customer number, earned continuing education credits, renewal information, and purchases history.
5. THIRD PARTY LINKS
5.1 Some third parties link to us, but do not provide us with personal information (only general information such as a search term) and we do not return any personal information to these third parties.
6. THE WAY WE USE PERSONAL DATA
6.1 We use your personal data according to the terms of the privacy policy in effect at the time of our use. We will process your personal data where:
6.1.1 the processing is necessary for the performance of a purchase, subscription, continuing medical education exam (CME), or reporting to CME accreditation agencies to which you are a party or to perform services you have requested;
6.1.2 we are required by law;
6.1.3 processing is required to protect your vital interests or those of another person; or
6.1.4 the processing is necessary for the purposes of our legitimate commercial interests, except where such interests are overridden by your rights and interests.
6.2 Your subscription information is used to route the requested web page to your computer or mobile device for viewing. It enables us to provide you with access to our website content. Your access and log file information is used as described in 3.2. We use this information in line with our legitimate commercial interests to administer our website and for internal operations, including troubleshooting, site analysis, testing, and to improve our website.
6.3 Your “contact information” enables us to provide services tailored more specifically to your needs, or to forward your message or enquiry to another entity that is better able to do so. As such, it may enable us or our selected partners to contact you, for example, to respond to a query you have submitted to us. We will also use and analyze the information we collect so that we can administer, support, improve, and develop our business, customer service and the features of our website and our services.
6.4 We will use the personal data you provide to us to contact you by email, telephone, mail, and/or fax to notify you occasionally about important changes or developments to our website, your subscription, or closely related products to your subscription. For the purposes of the EU General Data Protection Regulation 2016/679 (the GDPR), personal data of expired or non-active European accounts will be used for providing marketing information only after receiving consent from the account owners. We may exchange personal data of European accounts only after receiving consent from the account owners.
7. DISCLOSURE OF YOUR PERSONAL DATA
7.1 Where necessary, we will share your personal data for the purposes described in this privacy policy with:
7.1.1 Company personnel, such as customer service;
7.1.2 Suppliers and sub-contractors who require access to personal data to assist in the performance of any service we enter into with them or you, such as mailers, tech support, storage providers, and fulfillment operations;
7.1.3 Analytics providers that assist us in the improvement and optimization of our website.
7.2 We may also disclose your personal data to third parties:
7.2.1 where we are required to do so by law;
7.2.2 If TML sells all or part of its business or makes a sale or transfer of its assets or is otherwise involved in a merger or transfer of all or a material part of its business, TML may transfer your information to the party or parties involved in the transaction as part of that transaction.
7.3 We may exchange personal data with third parties for providing similar interest products to our subscribers.
8. PROVIDING INFORMATION IS YOUR CHOICE
8.1 There is no legal requirement for you to provide any information at our website. However, our website will not function properly without certain “access information” described above. Failure of your browser to accept “cookies” will prevent your use of our website effectively.
8.2 Failure to provide the required subscription information, such as your username and password, will make certain services or content associated of our website unavailable to you.
9. HOW LONG WE STORE YOUR PERSONAL DATA
9.1 We will retain your personal data, in a form which permits us to identify you, for as long as necessary to fulfill the purposes we collected it for. This includes historical records, such as credits for continuing medical education and personal subscription information. We will retain and use your personal data as necessary to satisfy any legal, accounting, or reporting requirements, to resolve disputes or to enforce our agreements and rights. We save log file backups discussed in 3.2 for as long as we think we may need it for web usage reports or system administration.
9.2 Cancelling your account. To cancel your account or to be completely forgotten, please contact customer service at (914) 235-0500 or email custserv@medicalletter.org.
10. OUR COMMITMENT TO DATA SECURITY
10.1 The transmission of information via the Internet is not completely secure. Although we will do our best to protect your personal data and implement appropriate technical and organizational security measures, we cannot guarantee the security of your data transmitted to our website. The Medical Letter, Inc. uses commercially reasonable administrative, technical, personnel, and physical measures to safeguard information in its possession against loss, theft, and unauthorized use, disclosure, or modification.
10.2 Our website may, from time to time, contain links to and from related articles or websites with drug information of interest to our customers. If you follow a link to any of these websites, please note that these websites have their own privacy policies and that we do not accept any responsibility or liability for these policies.
11. YOUR EUROPEAN PRIVACY RIGHTS
11.1 For individuals within the EEA only. Under the GDPR, in certain circumstances, you have the right to (a) request access to any personal data we hold about you and related information, (b) obtain without undue delay the rectification of any inaccurate personal data, (c) request that your personal data is deleted provided the personal data is not required by us for compliance with a legal obligation under European or Member State law or for the establishment, exercise or defense of a legal claim, (d) prevent or restrict processing of your personal data, except to the extent processing is required for the establishment, exercise or defense of legal claims; and (e) request transfer of your personal data directly to a third party where this is technically feasible.
11.2 In addition, where you believe that we have not complied with its obligation under this privacy policy or European law, you have the right to make a complaint to an EU Data Protection Authority.
11.3 If you would like to exercise any of these rights, please contact TML customer service.
12. EMAIL POLICY
12.1 TML offers delivery of an electronic table of contents (ETOCs) via email. If you no longer wish to receive such emails, follow the “unsubscribe” instructions located within each email. TML also sends renewal and other subscription-related notices to customers by email.
13. CHILDREN UNDER 16
13.1 Our website is not intended for children under 16 years of age. No one under age 16 may provide any information to or on our website. The Medical Letter, Inc. does not knowingly target advertising to, or collect information from, children under the age of 16. If you are under 16 years of age, do not use or provide any information on our website or on or through any of its features, register on our website, use any of the interactive or public comment features on our website, or provide any information about yourself to us, including your name, telephone number, email address or any screen name or username you may use. If we learn we have collected or received personal information from a child under age 16 without verification of parental consent, we will delete the information. If you believe we may have any information from or about a child under age 16, please contact TML customer service.
14. GENERAL
14.1 This policy may be edited from time to time. Please check this policy regularly for any changes.
14.2 Should you have other questions or concerns about our privacy policies and practices, please contact us at custserv@medicalletter.org.