Clinical Education Alliance

This privacy policy was last updated on August 14, 2023.

Clinical Education Alliance, LLC (CEA), and its affiliates Clinical Care Options, LLC; Clinical Care Solutions, LLC;  ECIR, LLC; iLuma, LLC; liV, LLC; Luminology, LLC; MDOutlook, LLC; Partners for Advancing Clinical Education, LLC; Practicing Clinician Exchange, LLC, and ProCE, LLC; (collectively “CCO”, “CCS”, “ECIR”, “iLuma”, “liV”, “Luminology”, “MDO”, “PACE”, “PCE”, and “ProCE”), is committed to protecting the privacy of information provided by and about the users of our Web sites (clinicaleducationalliance.com, clinicaloptions.com, clinical-care.org, ecirmedcom.com, ilumamed.com, livagency.ca, luminologysci.com, mdoutlook.com, partnersed.com, practicingclinicians.com, and proce.com) and mobile applications (collectively, the “Site”). This privacy policy (“Policy”) describes, among other things, what information we may collect about you, what uses we may make of it and why, with whom we share it, your rights in relation to your information, how you can contact us, and what precautions we take against unauthorized access or use of your information.

1. About This Policy

This Policy applies only to information that identifies you or is capable of doing so when taken with other data available to us (“Personal Information”) and that you either submit to CEA in connection with your use of the CEA Web sites or upon registration related to the CEA software applications (collectively, the “Clinical Education Alliance Sites”) or that we collect from other sources (see below for more details).

In using the Clinical Education Alliance Sites and/or receiving our services, you acknowledge that you have read and you understand this Policy. Please read this Policy carefully before using the Site or submitting Personal Information to us. This Policy is incorporated into and subject to the Terms of Use.

This Policy does not apply to any Personal Information that you submit directly to third-party web sites or entities other than CEA even when such sites or entities are accessible from a Clinical Education Alliance Site. You are advised to read the privacy policy of any other web site that you visit via a Clinical Education Alliance Site by clicking on any advertisement or any other link on a Clinical Education Alliance Site. We are not responsible for how other web sites or the entities that operate them treat your privacy or information. We encourage you to read the privacy statements and terms of use of linked or referenced web sites.

Except as otherwise noted in this Policy, CEA, with offices at 12001 Sunrise Valley Drive, Suite 300, Reston, VA 20191, U.S., is the data controller (as that term is used under the EU General Data Protection Regulation), which means that we decide how and for what purposes your Personal Information is processed.

2. Policy Changes

We reserve the right to make changes in this Policy at any time. We will post changes to this Policy on the Clinical Education Alliance Sites. Changes will be effective immediately upon posting to the Site and will apply to your use of the Site after the “effective date” listed above. You understand and agree that your continued use of the Site after the effective date means that the collection, use, and sharing of your Personal Information is subject to the updated Policy. Except to the extent we receive your authorization or as permitted or required by applicable law, we will handle your Personal Information in accordance with the terms of the Policy in effect at the time of the collection.

3. Types of Information Collected

This section of our Policy addresses the types of Personal Information we may collect about you and the ways in and the purposes for which we collect them. Additional information on what categories of Personal Information we process can be found in Section 19 A of this Policy.

Types of Information Collected When Visiting and Using the Sites

While all of this information can be associated with the IP address your computer had while you visited the Site, it will not be associated with you as an individual or associated with any other information you may submit through the Site, or that we may store about you for any other purposes. We may use this information to generate aggregate statistics about visitors to our Site. Please check your web browser if you want to learn what information your browser sends or how to change your settings.

Visitors can access the home pages of the Clinical Education Alliance Sites and browse some areas of these Web sites without disclosing any Personal Information. We track information provided to us by your browser, including the Web site from which you came (known as the “referring URL”), the type of browser you use, the time and date of access, and other information. We collect and store the IP address of unregistered visitors using a GeoIP service.

Unregistered visitors receive access to certain educational content by providing their medical degree and specialty.

If you submit a Contact Us form, we may collect you name and other Personal Information you choose to provide.

Additional Information Collected When Users Register

Users registering with a Clinical Education Alliance Site are asked to provide identifying information, including account information consisting of name; professional qualifications; contact information; areas of technical or medical interest and/or expertise; preference for types of information and marketing, continuing education, and other events; and other information that are Personal Information. Our registration screen clearly labels which information is required for registration and which information is optional and may be given at the user’s discretion.

In some cases, we may ask visitors to our Clinical Education Alliance Sites for information after they register, such as credit card information. Where necessary (e.g., to process a registration request), we or our authorized data processors may contact financial or credit organizations to confirm credit card data. All credit card data are secured using a secure payment gateway provided by a third party to prevent unauthorized access to that information.
In addition, we automatically gather certain information about you as you interact with the Clinical Education Alliance Sites, such as your IP address and referring URL.
If you do not provide certain information, you may be unable to register.

Information from Outside Sources

We may also collect information about physicians or other healthcare professionals who register for the Clinical Education Alliance Sites through other sources in order to verify their licensure status and identity.

4. Cookies and Similar Technologies

We use web technologies, such as cookies, which may automatically collect certain information from you (“cookies”). We use these cookies for various purposes including activity that is strictly necessary for the Site to function as well as for analytics and advertising. We may use this information for purposes included but not limited to helping us recognize you when you return to the Site, improving the quality of our service when you visit our Site, diagnosing problems with the Site, and administering the website. We may also use cookies to track your usage across all of our Web sites. This allows us to evaluate utilization of the various programs on our Sites and report aggregated and anonymized data to grant funders so that we can evaluate the use and effectiveness of CEA programs.

If you are a registered user, we may associate your registration information with the cookies that our Web site places on your computer’s hard drive. Associating a cookie with your registration data allows us to offer increased personalization and functionality. For example, our Web site uses cookies to “remember” your username to ease the sign-in process on each visit to the site. Without cookies, this functionality is not possible.

Certifying institutions and third-party advertisers may also use cookies on our site. Because of the way advertisements are served, we do not have control over how advertisers use cookies. If you become aware that a Clinical Education Alliance Site advertiser is placing an unwanted cookie on your hard drive, please email customersupport@clinicaloptions.com to enable us to assist you in resolving the problem.

Embedded Content. The Site contains embedded content (e.g., videos, podcast). Embedded content may place third party cookies on your device that track your online activity to enhance your experience or assess the success of their application. We have no direct control over the information these cookies collect, and you should refer to their website privacy policy for additional information.

Social Media Plugins. With your consent, we collect Personal Information through social media plugins on our Site (e.g., Facebook, Twitter, LinkedIn) to enable you to easily share information with others. When you visit our Site, the operator of the social plugin may place a cookie on your computer, enabling that operator to recognize individuals who have previously visited our Site. If you are logged into the social media website while browsing our Site, the social plugins allow that social media website to share data about your activities on our Site with other users of their social media website. We may act as joint controllers with these social media providers, for the processing of Personal Information in context of insight information. For this purpose, a joint controllership arrangement has been concluded which may be viewed at the following link: https://www.facebook.com/legal/terms/page_controller_addendum. As we have no control over the information once collected and transmitted to social media networks through their plugins, we encourage you to read their applicable privacy and data/information sharing statements/policies.

Cookie Settings. You may set your cookie preferences, including preventing or stopping the installation and storage of cookies, through your browser settings and via our cookie banner. Most browsers will allow you to block or refuse cookies. However, you may need to manually adjust your preferences each time you visit a site. For more information, see the Help section of your browser. Please note that if you block certain cookies, some of the services and functionalities of our Site may not work.

Click here https://clinicaleducationalliance.com/privacypolicy# to receive a full overview of our cookies and to set your preferences.

5. Do Not Track

“Do Not Track” is a privacy preference that you can set in your Internet search browser that sends a signal to a website that you do not want the website operator to track certain browsing information about you. However, because our Site is not configured to detect Do Not Track signals from a user’s computer, we are unable to respond to Do Not Track requests. We do not track Site users over time and across third party websites.

6. Use of Information

In general, we will use the Personal Information we collect only for the purpose it was collected, for compatible purposes, as permitted or required by law, as necessary to carry out our contractual duties and obligations, and as otherwise provided in this Policy. For example, we may use your Personal Information in the following ways:

  • To respond to your requests for information relating to our products and services.
  • To process and manage your registration and account.
  • To maintain and update our records.
  • To track your usage of our products and services.
  • For helping you receive accreditation.
  • For applying for and receiving grants.
  • To communicate with you. We will send you messages about the availability of our Site, security, or other service-related issues. You may change your communication preferences at any time. Please be aware that you cannot opt-out of receiving service messages from us, including security and legal notices.
  • For our research and development efforts. We use data, including public feedback, to conduct research and for the development of the Site and the services and products we provide to you.
  • For other everyday business purposes. By way of example, payment processing and financial account management, product development, contract management, IT and website administration, security, fulfillment, analytics, fraud prevention, corporate governance, reporting and legal compliance.
  • To provide you with the products and/or services you have purchased or requested.
  • To ensure your information is accurate and to personalize our products and services.
  • For monitoring and assessing compliance with our policies and standards.
  • To contact you about the services and products we offer (where we have received your consent to do so or we believe that you may be interested in the material as it relates to similar products or services you have previously acquired, or indicated your interest in acquiring, from us and have not opted out).
  • As otherwise permitted or required by any applicable law or regulation.

We will only disclose or share your Personal Information as detailed below. We may send you promotional or informational messages by email, fax, or text messaging, for products or services similar to those you have previously acquired, or with your consent.

We may also use aggregate data about users for program and/or product use analysis, program development, and site improvement. We may also use it for market analysis and provide information from our Web sites in aggregate form, with identifying information removed to third parties. For example, we may tell a grant funder what percentage of our registered users resides in a particular geographical area or their practice specialty. Depending on our agreements with third parties, we may or may not charge for this information.

7. Mobile Apps

We provide mobile apps that can be downloaded to your smartphone or mobile device. In addition to providing the ability to use, purchase, or request our products and services, our apps may collect personal and other information that will be used or disclosed in accordance with this Policy. We provide a link to this Policy to persons prior to their downloading of any of our apps.

If you allow our mobile apps to access your location information on your device, our mobile apps may use your mobile device’s Global Positioning System (GPS) technology and other technology (such as wireless transmitters known as beacons) to provide you with information and offers based on the location of your device. Beacons allow us to collect information about your location within participating properties by communicating with mobile devices that are in range. We may use this location information to enhance your experience by delivering push notifications and other content to your mobile device, providing navigation assistance as you move around our locations, and sending you information and offers about products, services, or activities we believe may be of interest to you.

We may share this information with third parties, including business partners and service providers, to provide information, offers, and services that may be of interest to you. You may prevent or limit collection of location information by changing the settings in the app, or by changing your device’s settings.

8. Disclosure of Information

We do not and will not sell, rent out, or trade your Personal Information. We will only disclose your Personal Information in the ways set out in this notice and, in particular, to the following recipients:

  • To any group company of CEA.
  • To companies who work with us including third parties who process your Personal Information on our behalf and upon our instructions (such as our systems providers including cloud providers); see below for further information.
  • To third parties who process your Personal Information on their own behalf but through providing us or your employer with a service on our behalf (such as our suppliers).
  • To any third party to whom we assign or novate any of our rights or obligations.
  • To accrediting bodies and grant funders.
  • To third parties that provide a variety of medical education and communications services.
  • To any prospective buyer in the event we sell any part of our business or assets.
  • To any government, regulatory agency, enforcement, or exchange body or court where we are required to do so by applicable law or regulation or at their request.
  • To any third party necessary to assist us with investigating and defending ourselves against any third-party allegations or claims; protecting the rights and safety of others; or investigating, preventing, or taking action regarding suspected or actual illegal activities.

CEA may also disclose Personal Information about users to accrediting bodies as is required by them in order to grant users continuing education credit or other forms of credit for programs successfully completed. We may also disclose Personal Information in aggregated form to grant funders to analyze the demographics and practice patterns of healthcare professionals visiting the funded programs.

We contract with other companies and individuals to help us provide our services to you. Such persons act as our data processors and act only on our instructions. For example, we may host some of our Sites on another company’s computers, hire technical consultants, or work with companies to remove repetitive information from customer lists, analyze data, provide marketing assistance, and provide customer service. In addition, as a healthcare professional, we may validate your licensure status and other information against available databases that list licensed healthcare professionals. In order to perform their jobs, these other companies may need to have access to your Personal Information. We require our employees and all such companies and contractors to comply with the terms of our privacy policies, to limit their access to any information to the minimum necessary to perform their obligations, and not to use such information for any purpose other than fulfilling their responsibilities to us or servicing orders or requests you have made.

We partner with various companies that provide a variety of medical education and communications services. We share Personal Information about our users with these partner companies to contact you concerning medical education services that may be of interest with your consent. Any communications you receive from our partner companies will provide a method for declining further communications.

We reserve the right to transfer all databases and information, including your Personal Information, to any successor entity or company that acquires all or the relevant part of CEA operations or business.

9. Marketing and Advertising

We may contact you about the services and products we offer where we have received your consent to do so or we believe that you may be interested in the material as it relates to similar products or services you have previously acquired from us, provided that you have not opted out. In no case in such circumstances will the advertiser or grant funder have access to any Personal Information about a specific user.

We may also personalize Clinical Education Alliance Sites based on your interests. For example, you may be provided with content based on information you have shared with us, your previous Web site browsing behavior, or information we may have gained from your interactions with a third party that shares information with us. In addition, we may use information for our own internal marketing, research, and related purposes.

We may send offers to selected groups of users on behalf of other groups. When we do this, we do not disclose your Personal Information to such groups or to other users in the same group. We provide a variety of mechanisms for you to tell us you do not want to receive such communications.

10. Public Forums and Other Online Resources

CEA may make message boards, forums, and/or interest groups available to our users. Please remember that any information that is disclosed in these areas becomes public information, including any of your Personal Information you choose to share as well as comments that you may leave or alias/nickname identifiers you may use when interacting with any of our online resources. We urge you to exercise caution when deciding to disclose your Personal Information in that context.

11. Sponsored content

CEA provide sponsored content, such as webinars, expert reports, whitepapers, surveys, email distributions or events. Before being able to access any content, we ask to register and/or establish a free online account. We collect basic work contact details and other information about your company and job role.

When accessing specific content that has been sponsored by another organization, we will share basic work contact details and some of the other information you provided when you created your account or collected subsequently when accessing the specific content. We will always provide a link to the sponsor’s full privacy notice so you are fully aware of how they will process your Personal Information.

Sharing your details with the content sponsor is always your choice and you will always be provided with a clear opportunity to indicate if you would prefer us not to share this information.

12. Legal Requirements

We may process your Personal Information including by disclosing it to regulators and other authorities including the police when we believe such processing is necessary in order to comply with our legal obligations including those that are regulatory.

13. Children

The Site is not directed to children as the products and services on this Site are intended for persons 18 years of age and older. CEA does not knowingly collect, use or disclose any personal information from children.

14. Protection of Information

In this section of our Policy, we discuss the security measures we take to protect your Personal Information.

We have implemented appropriate technical and organizational security measures to protect the Personal Information that we have under our control from unauthorized access, use, disclosure and accidental loss.

When you enter Personal Information, we encrypt the transmission of that information or use TLS connections (Transport Layer Security) technology. CEA uses security methods to determine the identity of its registered users, so that appropriate rights and restrictions can be enforced for that user. You are solely responsible for maintaining the security and confidentiality of your account username and password.
We also protect your information by requiring that all our employees and others who have access to or are associated with the processing of your Personal Information respect your privacy.
Although we take appropriate precautions to protect the security of our users’ Personal Information from loss, misuse, unauthorized access or disclosure, alteration, or destruction, no method of transmission over the Internet or method of electronic storage is completely secure. Therefore, we cannot guarantee the total security of such data or that we will be immune from hacking incidents or security breaches.

Your Personal Information is stored on our database servers at CEA’s data centers or those hosted on our behalf by third parties who have entered into agreements with us that require them to observe obligations that support our Policy.

15. Choice and Control

Registered users. You can access your account information and make corrections or updates at any time via the My Profile pages. You can manage your communications preferences and interests with your account information by updating your account email and content preferences. You can also use the “opt-out” or unsubscribe mechanism or other means provided within the communications that you receive from us or you can unsubscribe by contacting us and telling us that you wish to do so at customersupport@clinicaloptions.com. We reserve the right to notify you of changes or updates to the services provided to you through the Clinical Education Alliance Sites whenever necessary.

You may also contact Customer Support and request that your registration information be updated or deleted. Note that if we delete your account, we may maintain certain de-identified information about you for internal business purposes including research, analytics and reporting.

If you request us to deactivate your account or to delete, correct, or modify your Personal Information, we will endeavor to fulfill your request, but some Personal Information may persist in backup copies for a certain period of time and may be retained as necessary for our legitimate interests or to comply with our legal obligations, resolve disputes, and perform or enforce our agreements.

To deactivate your account or to request us to delete, correct, or modify any of your Personal Information, please email customersupport@clinicaloptions.com.
Precise Location Information. You may disable the transmission of precise location information through your device settings. To change location settings on your device, please refer to your device’s official knowledge base.

Email Communications. If you no longer wish to receive a particular type of email communication from us, you may unsubscribe by clicking the “unsubscribe” link located at the bottom of the email and following the instructions. Also, you may manage your newsletter subscriptions within the newsletter subscriptions area within your account settings. Note that certain email communications that we send to members are service-related and as long as you are a member of the Clinical Education Alliance, you may not unsubscribe from such emails. Also, if you have provided us more than one email address, we may continue to contact you using the other email address not associated with the emails from which you have unsubscribed, until you unsubscribe from emails sent to that other address.

Push Notifications. We may send you push notifications from time-to-time to notify you of new Interactive Decision Support Tools we think may be relevant to you. If you no longer wish to receive these types of notifications, you may turn them off at the device level.

16. Retention of Personal Information

We will only retain your Personal Information for as long as necessary to fulfill the purpose for which it was collected or to comply with legal, regulatory, or internal policy requirements.

17. Applicable law

This Policy is governed by the internal substantive laws of Virginia, without regard to its conflict of laws principles. Jurisdiction for any claims arising under or out of this Policy shall lie exclusively with the state and federal courts within Virginia. If any provision of this Policy is found to be invalid by a court having competent jurisdiction, the invalidity of such provision shall not affect the validity of the remaining provisions of this Policy, which shall remain in full force and effect.

18. Note to Users Outside of the United States

When your Personal Information is submitted through our Site, it may be stored on our servers in other jurisdictions, including the United States, which may not have similar data protection laws to the country in which you reside.

19. California Residents

“Shine the Light Law”. If you are a California resident, California Civil Code Section 1798.83 permits you to request information regarding the disclosure of your Personal Information by certain members of CEA to third parties for the third parties’ direct marketing purposes. Requests may be made one time per calendar year. If applicable, this information would include the categories of customer information and the names and addresses of those businesses with which we shared customer information for the immediately prior calendar year (e.g., requests made in 2018 will receive information regarding 2017 sharing activities). You may submit your request using the contact information at the end of this Policy.

“Eraser Law”. If you are a California resident under the age of 18, and a registered user of any site where this policy is posted, California law permits you to request and obtain removal of content or information you have publicly posted. You may submit your request using the contact information at the end of this Policy. Please be aware that such a request does not ensure complete or comprehensive removal of the content or information you have posted and that there may be circumstances in which the law does not require or allow removal even if requested.

California Consumer Privacy Act (“CCPA’”) Addendum. The following California Privacy Policy Addendum (“CA Addendum”) applies solely to individuals who are residents of the State of California (“Consumer” or “you”). This CA Addendum describes our policies and practices regarding the collection, use, and disclosure of Personal Information we collect about you, including Personal Information we obtain when you access or use the Site, or through other channels including but not limited to phone and email conversations, social media interactions on our websites and other third-party websites such as social media sites, viewing our emails, or through our authorized services providers.

This CA Addendum supplements and amends the information contained in the Site Policy with respect to California residents. Any terms defined within the CCPA have the same meaning when utilized within this CA Addendum. The other provisions of the Site Policy continue to apply except as modified in this CA Addendum.

This CA Addendum does not apply to Personal Information we collect about you as a job applicant to, an employee of, owner of, director of, officer of, or contractor of CEA. This CA Addendum also does not apply to Personal Information we collect about you as an employee, owner, director, officer, or contractor of a company, partnership, sole proprietorship, non-profit, or government agency when your communications or transactions with CEA occur solely within the context of CEA conducting due diligence regarding, or providing or receiving a product or service to or from, such company, partnership, sole proprietorship, non-profit, or government agency.

Please read this CA Addendum carefully before using the Site or submitting information to us. By accessing or visiting the Site, you indicate your understanding that the collection, use, and sharing of your information is subject to the terms of this CA Addendum and our Terms of Use. Except as otherwise noted, any capitalized terms not defined in the CA Addendum have the meaning set forth in the Policy and Terms of Use.

A. Personal Information We Collect

As described below, we may collect or have collected in the preceding 12 months the following categories of Personal Information (“PI” or “Personal Information”). We may add to the categories of PI we collect and the purpose we use PI. In that case, we will inform you by posting an updated version of this CA Addendum on the Site.

  • Identifiers. Examples include real name, alias, postal address, unique personal identifier, online identifier, Internet Protocol address, email address, account name, social security number, driver’s license number, or other similar identifiers.
  • Other elements. Examples include name, signature, characteristics or description, address, telephone number, education, employment, employment history, bank account number, credit card number.
  • Characteristics of protected classifications under California or federal law. Examples include race, religion, and age.
  • Commercial information. This includes services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies.
  • Education information. This includes information that is not publicly available personally identifiable information as defined in the Family Educational Rights and Privacy Act (20 U.S.C. section 1232g, Sec. 1232g; 34 C.F.R. Part 99).
  • Internet or other electronic network activity. Examples include browsing history, search history, a consumer’s interaction with an internet website, application, or advertisement.
  • Geolocation data. This might include location information while using one of our apps.
  • Audio, electronic, visual, thermal, olfactory, or similar information. Examples of this category including identifiable information obtained about you while speaking with our customer service representatives on the telephone.
  • Professional or employment-related information.
  • Consumer profile. This includes inferences drawn from any of the information identified above to create a profile about a consumer reflecting the consumer’s preferences, characteristics, and behaviors.

PI does not include:

  1. Publicly available information from government records.
  2. Deidentified or aggregated consumer information.
  3. Information excluded from the CCPA’s scope, such as certain health or medical information and other categories of information protected by different laws.

B. Purposes for Which We Collect Your Personal Information. See section 6 above.

C. Sources of Personal Information

  • You. We may collect personal information from you when you contact us; place an order, register, or through web technologies such as browser cookies, flash cookies, and web beacons set when you visit the Site.
  • News outlets
  • Social media and related services
  • Third Parties. We may collect information about you from third parties such as through your social media services consistent with your settings on such services, or from other third-party sources that are lawfully entitled to share your data with us.

D. Sharing or Disclosing Personal Information

Of the categories of PI noted above, during the past 12 months, we shared the following:

Categories of Personal Information Disclosed Categories of Third Parties to Whom Disclosed
Identifiers
Other elements
Characteristics of protected classifications under California or federal law.
Commercial information
Education information.
Internet or other electronic network activity.
Geolocation data.
Audio, electronic, visual, thermal, olfactory, or similar information.
Biometric Information
Professional or employment-related information
Consumer profile.
Third parties as directed by you. We will share your PI with those third parties to whom you direct.
Our business partners. For example, we might share your PI with one of our busi­­­ness partners for purposes of collaborating on providing services to you, or to invite you to an event we are organizing. These business partners should also have their own privacy statements that set out the manner in which they will collect, use, and disclose PI. Where applicable, we encourage you to review each such business partner’s privacy statement before signing on with them.
Accrediting bodies.
Third parties who perform services on our behalf. For example, we share information with certain service providers, including marketing companies, professional service providers, debt collectors, information technology providers, and data storage companies. We might also authorize our service providers to collect PI on our behalf.
Governmental entities, legal service providers. We may share your PI in order to comply with the law and in the course of providing our products and services. We may also disclose information if a government agency or investigatory body submits a request.
Successors to all or portions of our business. If all or part of our business is sold, we may disclose PI in preparation for or as part of that transaction.
Third parties that provide a variety of medical education and communications services.
Categories of Personal Information Disclosed
Identifiers
Other elements
Characteristics of protected classifications under California or federal law.
Commercial information
Education information.
Internet or other electronic network activity.
Geolocation data.
Audio, electronic, visual, thermal, olfactory, or similar information.
Biometric Information
Professional or employment-related information
Consumer profile.
Categories of Third Parties to Whom Disclosed
Third parties as directed by you. We will share your PI with those third parties to whom you direct.
Our business partners. For example, we might share your PI with one of our busi­­­ness partners for purposes of collaborating on providing services to you, or to invite you to an event we are organizing. These business partners should also have their own privacy statements that set out the manner in which they will collect, use, and disclose PI. Where applicable, we encourage you to review each such business partner’s privacy statement before signing on with them.
Accrediting bodies.
Third parties who perform services on our behalf. For example, we share information with certain service providers, including marketing companies, professional service providers, debt collectors, information technology providers, and data storage companies. We might also authorize our service providers to collect PI on our behalf.
Governmental entities, legal service providers. We may share your PI in order to comply with the law and in the course of providing our products and services. We may also disclose information if a government agency or investigatory body submits a request.
Successors to all or portions of our business. If all or part of our business is sold, we may disclose PI in preparation for or as part of that transaction.
Third parties that provide a variety of medical education and communications services.

We do not sell your PI as that term is defined in the CCPA.
We do not have actual knowledge that we have sold PI of minors under age 16.

E. Consumer Rights

The CCPA provides California consumers with the following rights, subject to certain exceptions:

i. Right to Request Deletion

You have the right to request that we delete your PI from our records, subject to certain exceptions.
Upon receipt of a verifiable consumer request (see below), and as required by the CCPA, we will delete and direct any service providers to delete your PI from its records.
CEA is not required to comply with your request to delete your PI if it is necessary for CEA (or its service provider) to maintain your PI in order to:

  1. Complete the transaction for which the PI was collected, provide a good or service requested by you, or reasonably anticipated within the context of CEA’s ongoing business relationship with you, or otherwise perform a contract between CEA and you.
  2. Detect security incidents, protect against malicious, deceptive, fraudulent, or illegal activity; or prosecute those responsible for that activity.
  3. Debug to identify and repair errors that impair existing intended functionality.
  4. Exercise free speech, ensure the right of another consumer to exercise his or her right of free speech, or exercise another right provided for by law.
  5. Comply with the California Electronic Communications Privacy Act pursuant to Chapter 3.6 (commencing with Section 1546) of Title 12 of Part 2 of the Penal Code.
  6. To enable solely internal uses that are reasonably aligned with your expectations based on your relationship with CEA.
  7. Comply with a legal obligation.
  8. Otherwise use your PI, internally, in a lawful manner that is compatible with the context in which you provided the information.

ii. Right to Know

You have the right to request that we disclose the following to you as it relates to the 12-month period preceding CEA’s receipt of your verifiable consumer request (see below):

  1. The categories of PI we have collected about you.
  2. The categories of sources from which the PI was collected.
  3. The business or commercial purpose for collecting or selling PI.
  4. The categories of PI we disclosed or sold for a business purpose.
  5. The categories of third parties we disclosed or sold PI to, by the category of PI.
  6. The specific pieces of PI we collected about you.

iii. Nondiscrimination

We will not discriminate against you for exercising any of your CCPA rights. For example, we generally will not provide you a different level or quality of goods or services if you exercise your rights under the CCPA.

F. Submitting Consumer Rights Requests

To submit a California Consumer Rights request as outlined in this CA Addendum, please contact us at customersupport@clinicaloptions.com or at 703-674-3501

G. Verifiable Requests

We reserve the right to only respond to verifiable consumer requests. A verifiable consumer request is one made by any individual who is:

  1. the consumer who is the subject of the request,
  2. a consumer on behalf of the consumer’s minor child, or
  3. by a natural person or person registered with the Secretary of State authorized to act on behalf of a consumer.

If we request, you must provide us with sufficient information to verify your identity and/or authority to act on behalf of a consumer. In general, we may ask you to provide identifying information that we already maintain about you or we may use a third-party verification service. In either event, we will try to avoid asking you for sensitive PI to verify your identity. We may not be able to respond to your request or provide you with PI if we cannot verify your identity or authority to make the request and confirm the PI relates to you. However, making a verifiable consumer request does not require you to create an account with us.

Additionally, you will need to describe your request with sufficient detail to allow us to review, understand, assess, and respond. We will not use the PI we collect from an individual to determine a verifiable request for any other purpose, except as required by law.
If you have an account with us, we will deliver our written response to that account. If you do not have an account with us, we will deliver our written response by mail or electronically, at your option. Any disclosures we provide will only cover the 12-month period preceding the receipt of your verifiable consumer request. The response we provide will also explain the reasons we cannot comply with a request, if applicable. To the extent permitted by the CCPA, we will respond to no more than two requests during any 12-month period.

H. Authorized Agents

You may authorize a natural person, or a business registered with the California Secretary of State to act on your behalf with respect to the right under this CA Addendum. When you submit a Request to Know or a Request to Delete, unless you have provided the authorized agent with a qualifying power of attorney, you must provide your authorized agent written permission (signed by you) to act on your behalf and verify the authorized agent’s identity with us. We reserve the right to deny requests from persons or businesses claiming to be authorized agents that do not submit sufficient proof of their authorization.

To submit the above requests, each of which is subject to our verification, you may contact us at customersupport@clinicaloptions.com.

20. Individuals in the European Economic Area (“EEA”)

The following European Economic Area Addendum (“EEA Addendum”) applies solely to individuals who are located in the EEA (“Data Subjects”). This EEA Addendum describes our policies and practices regarding the collection, use, and disclosure of Personal Information we collect about you when you access or use the Site.
This EEA Addendum supplements and amends the information contained in the Site Policy with respect to data subjects in the EEA. Any terms defined within the European General Data Protection Regulation (“GDPR”), including personal data/Personal Information, have the same meaning when utilized within this EEA Addendum. The other provisions of the Site Policy continue to apply except as modified in this EAA Addendum.

For purposes of applicable data protection laws, CEA is the data controller of Personal Information we collect through this Site. As data controller, we process your Personal Information in accordance with this EEA Addendum. If you have any questions, you may contact us at customersupport@clinicaloptions.com. Our EU GDPR representative is Vivenics, located at Kloosterstraat 9, 5349 AB Oss The Netherlands.

In addition to the information provided in the Site Policy, individuals located in the EEA should be aware of the following:

A. Rights

You may have certain additional rights, subject to limitations, regarding the processing of your Personal Information. These include the right to:

  • Access and request a copy of your Personal Information
  • Correct any inaccuracies relating to your Personal Information
  • Restrict the processing of your Personal Information
  • Object to the processing of your Personal Information, including where the data is used for marketing purposes
  • Request the erasure of your Personal Information
  • Receive the Personal Information you have provided us with in a commonly used machine-readable format and have that data transmitted to a data controller of your choosing (data portability).
  • Withdraw your consent to the processing of your Personal Information where processing is based on consent and exercise your right to ask us not to process your Personal Information for marketing purposes
  • Lodge a complaint with the appropriate authority in your jurisdiction.

To exercise any of these rights, you can email us at the address set out below. We endeavor to respond to such requests within a month or less, although we reserve the right to extend this period for complex requests.

In any of the situations listed above, we may request additional information to verify your identity in order for us to comply with our security obligations and to prevent unauthorized disclosure of data.

We reserve the right to charge you a reasonable administrative fee for any manifestly unfounded or excessive requests concerning your access to your Personal Information and for any additional copies of the Personal Information you request from us.

B. Lawful Basis for processing

We may process your Personal Information for a variety of purposes as outlined in this EEA Addendum. In general, we will process your Personal Information based on our legitimate interests or those of a third party taking into consideration your interests and rights, for performance of a contract with you or to meet legal obligations, or based on your consent for promotional marketing.

This chart identifies the purpose for collecting and processing the Personal Information listed in Sections 3 and 19 A above, and the lawful basis for processing.

Purpose for processing Legal basis for processing
To respond to your requests for information, products, and services;
To process and manage your registration and account;
To process orders for products, and services;
To grant continuing education credit or other forms of credit.
Performance of a contract.
Profiling, including to send you marketing. Our legitimate interests to create a profile about a consumer reflecting the consumer’s preferences, characteristics, and behaviors for targeted advertisement and marketing.
Record keeping and to ensure your information is accurate. Our legitimate interests to keep our records up to date.
To comply with applicable foreign laws different from EEA laws. Our legitimate interest to comply with foreign law.
To track your usage of our products and service;
To personalize our products and services;
To evaluate the use and effectiveness of our products and services, including our Sites;
To administer our Sites;
For research and development; and
To diagnose and solve problems with our products and services, including our Sites.
Our legitimate interest to improve our products and services.
To investigate and defend against any third-party allegations or claims; protect the rights and safety of others; or investigate, prevent, or take action regarding suspected or actual illegal activities. Our legitimate interest to defend CEA.
Subject to applicable law and regulations, in the event of a sale, merger, consolidation, change in control, transfer of substantial assets, reorganization, or liquidation, to transfer, sell, or assign to third parties information concerning your relationship with us, including, without limitation, Personal Information that you provide and other information concerning your relationship with us. Our legitimate interest to share Personal Information with our business partners in the event of a sale, merger, consolidation, change in control, transfer, reorganization or liquidation.
To comply with applicable legal and regulatory requirements (e.g., fraud, security), including to monitor and to assess compliance with our policies and standards. Compliance with legal and regulatory requirements.
Purpose for processing
To respond to your requests for information, products, and services;
To process and manage your registration and account;
To process orders for products, and services;
To grant continuing education credit or other forms of credit.
Profiling, including to send you marketing.
Record keeping and to ensure your information is accurate.
To comply with applicable foreign laws different from EEA laws.
To track your usage of our products and service;
To personalize our products and services;
To evaluate the use and effectiveness of our products and services, including our Sites;
To administer our Sites;
For research and development; and
To diagnose and solve problems with our products and services, including our Sites.
To investigate and defend against any third-party allegations or claims; protect the rights and safety of others; or investigate, prevent, or take action regarding suspected or actual illegal activities.
Subject to applicable law and regulations, in the event of a sale, merger, consolidation, change in control, transfer of substantial assets, reorganization, or liquidation, to transfer, sell, or assign to third parties information concerning your relationship with us, including, without limitation, Personal Information that you provide and other information concerning your relationship with us.
To comply with applicable legal and regulatory requirements (e.g., fraud, security), including to monitor and to assess compliance with our policies and standards.
Legal basis for processing
Performance of a contract.
Our legitimate interests to create a profile about a consumer reflecting the consumer’s preferences, characteristics, and behaviors for targeted advertisement and marketing.
Our legitimate interests to keep our records up to date.
Our legitimate interest to comply with foreign law.
Our legitimate interest to improve our products and services.
Our legitimate interest to defend CEA.
Our legitimate interest to share Personal Information with our business partners in the event of a sale, merger, consolidation, change in control, transfer, reorganization or liquidation.
Compliance with legal and regulatory requirements.

You are not required to provide any Personal Information; however, if you choose not to provide certain requested information, you may be unable to use or access some of the services, offers, and content on the Site.

We will only use your Personal Information for the purpose for which we collect it, or for a purpose that we reasonably believe is compatible with the original purpose where we collected the Personal Information.

C. International Transfers

If you are in the European Economic Area (EEA), we will only transfer your Personal Information to a country with an EU Commission Adequacy decision or pursuant to appropriate safeguards, as required by applicable law. For further information about the transfer mechanisms we use, please contact customersupport@clinicaloptions.com.

21. Privacy Questions or Concerns

For privacy questions or concerns about the way in which CEA processes your Personal Information or Data or about the Clinical Education Alliance Sites, please contact customersupport@clinicaloptions.com.

Clinical Education Alliance, LLC
Attention: Chief Operations Officer
12001 Sunrise Valley Drive
Suite 300
Reston, VA 20191