Dermsquared Privacy Policy - Protecting Your Personal Information

DERMSQUARED DATA Privacy Policy

Effective Date

This Policy is effective as of: October 18, 2023.

Purpose

This Privacy Policy describes what personal information dermsquared (“Company” or “our” or “we”) collects, uses, shares, and otherwise processes about individuals (“you” or “your”) and non-public, personal identifying information (“PII” or “Personal Information”) and what choices you have around this activity. If you have any questions, please don’t hesitate to contact us.

We may change this Privacy Policy from time to time, including as required to keep current with applicable laws and regulations, new technologies, and security standards. When we do, we will post the updated policy on our Sites. If we change the policy in a material and retroactive manner, we will provide appropriate notice to you.

Applicability of this Privacy Policy

This Privacy Policy applies to the following websites:

https://www.dermsquared.com	https://www.dermsquared.org	https://jofskin.org
https://projectLEAD.health	https://PANPemerge.com	https://PANPleap.com
https://pediatrics360.health	https://melanomafellowship.net	https://pc360.health
https://pediatricfoundation.health	https://www.nscm.health	https://360meded.health
https://fallclinical.health

our mobile sites, mobile application, our use of social media sites (collectively, the “Sites”), and any other Personal Information obtained when you call, email, or otherwise communicate or interact with our Company. By accessing the Sites on any computer, mobile phone, tablet, or other devices (collectively, “Device”) or otherwise interacting with our Company, you agree to the terms of this Privacy Policy. If you do not agree to the policy, please do not use the Sites. We encourage you to periodically review our Privacy Policy to stay informed about how we are using the information we collect.

Information We Collect and Receive

For the 12-month period prior to the date of this Privacy Policy, we explain here what categories of Personal Information we have collected, the source of the Personal Information, and with whom we have shared it:

Category of Personal Information Collected	Source	Purpose for Collection	Categories of Recipients
Contact information: such as name, email address, personal or business address, phone number, and other information you provide.	From visitors to the Sites who register and create an account, contact us, sign-up for emails, continuing medical education courses, events, conferences, or other services, or otherwise interact with us.	To communicate with and respond to visitors and our customers, about our course offerings, continuing medical education, conferences, including verification of identity or to meet legal obligations.	We may share this information with select marketing, information technology, sponsors, pharmaceutical affiliates, or other service providers and partners.
Browsing information: such as your IP address, MAC address or other device identifier, HTTP Referrer information, the kind of browser or device you use, pages and content that you visit on the Sites, what you click on, the state and country from which you access the Sites, date and time of your visit, and web pages you linked to our Sites from.	Our Sites and your interactions with the Sites, including through the use of cookies, tracking pixels, and other tracking technologies explained further below.	To evaluate usage of the Sites and improve performance and our services; to protect the security and integrity of the Sites and our business, such as preventing fraud, hacking, and other criminal activity or to meet legal obligations.	The service providers that help us with fraud protection and website analytics.
Occupational and Degree Information: such as employer, primary specialty, degree, and National Provider Number (NPI).	Visitors of the Sites provide us with this information when they register and create an account.	To provide and recommend continuing medical education, course offerings, events, and conference relevant to you; to let our partners and sponsors know the CME related courses, events, or conference you attended.	We may share this information with select marketing, information technology, sponsors, pharmaceutical affiliates, or other service providers and partners.
Posts and comments on our Communications Platform, including saved drafts, audio or video you share, articles you post, your messages with other users, and your reports and other communications with moderators and with us. Your content may include text, links, images, gifs, audio, and videos.	From Visitors to the Sites who register an account and post and submit content to the public communications platform on the Sites.	To provide a public forum for medical professionals to communicate and to moderate the communications platform on the Sites to ensure users abide by the terms of use and applicable law.	Other Visitors to the Sites who register an account and view, access, or use the communications platform on the Sites. We may also share this information with select marketing, information technology, sponsors, pharmaceutical affiliates, or other service providers and partners.

In some jurisdictions, such as the European Union and the United Kingdom, individuals may have the right to opt in or withdraw consent for certain uses. If you reside in such jurisdictions, you may have additional rights which are detailed in “Access, Correction, & Deletion."

When you visit the Sites, we may collect certain information from you, including your Internet Protocol (IP) address, MAC address, browser type, operating system, device-identifying information, the specific web pages visited immediately preceding your connection, and the domain name from which you accessed the Sites. In addition, we may collect information about your browsing behavior, such as the date and time you visit the Sites, the areas or pages of the Sites that you visit, the amount of time you spend viewing the Sites, the number of times you return to the Sites and other clickstream data. We may also use non-personal or aggregated information for statistical analysis, research, and other purposes.

Cookie Policy

As further described in our Cookie Policy, we analyze how visitors use our Sites through the use of cookies and similar tracking technologies and tools (e.g., tracking pixels and web beacons) to collect data (e.g., device IDs) as described in our Cookie Policy.

Terms of Use

Please read the Terms of Use carefully before accessing or using any part of the Sites. BY ACCESSING OR USING THE SITES, YOU AGREE THAT YOU HAVE READ, UNDERSTAND, AND AGREE TO BE BOUND BY THESE TERMS OF USE, AS AMENDED FROM TIME TO TIME. If you do not wish to agree to these Terms of Use, do not access or use any part of the Sites.

Interest-based advertising

You can opt out of interest-based advertising from third-party providers who follow the Digital Advertising Alliance's Self-Regulatory Principles for Online Behavioral Advertising at www.aboutads.info/choices.

Your Choices

You may at any time:

Stop receiving marketing or promotional emails, direct mail, phone, and mobile marketing communications;
Update and correct your Personal Information; and
Request the removal of information you post on our digital properties; in some cases, we may not be able to remove your content or Personal Information, in which case we will let you know if we are unable to do so and why.

To do any of these, let us know by one of these methods:

Follow the directions in a marketing email, direct mail, or mobile communication that you receive from us; and
Provide your request and current contact information through one of the contact methods listed under "contact us" below

Disclosure of Information

We may disclose information collected from and about you as follows: (1) to our related companies and service providers, to perform a business, professional, or technical support function for us; (2) to our business, sales, and marketing partners and affiliates, advertisers or other third parties, who may contact you with their own offers; (3) as necessary if we believe that there has been a violation of the Sites’ Terms of Use or our rights or the rights of any third party; (4) to respond to legal process (such as a search warrant, subpoena or court order) and provide information to law enforcement agencies or in connection with an investigation on matters related to public safety, as permitted by law, or otherwise as required by law; and (5) in the event that our Company or substantially all of its assets are acquired, or there is a re-structuring, your Personal Information may be one of the transferred assets. We may also disclose your Personal Information with your express consent. We may share aggregate, non-personally identifiable information about Sites users with third parties.

Please note that if you voluntarily submit any Personal Information for posting on the Sites, such as a review or a blog post, the information becomes publicly available and can be collected and used by others, so you should use care before posting information about yourself online.

Retention of Personal Information

We retain the Personal Information that we receive for as long as necessary to fulfill the purpose(s) for which the information was collected, to provide our services and products, to pursue legitimate business purposes, to enforce our agreements, and comply with all applicable laws.

Security

We maintain reasonable and appropriate measures designed to maintain the information we collect in a secure manner. We have taken certain physical, electronic, and administrative steps to safeguard and secure the information we collect from visitors to the Sites.

Unfortunately, however, no data transmission over the Internet, nor any data storage system, is 100% secure. While we strive to protect your information, we cannot ensure or warrant the security of such information on our or third-party sites. If you have reason to believe that your interaction with us is no longer secure, please immediately notify us using the contact options on our Contact Us page.

Children’s Privacy

The Sites are not directed to children, nor do we knowingly solicit or collect any Personal Information from children under the age of thirteen without verifiable parental consent. If you believe that a child has provided Personal Information to us, please contact us promptly using the contact information detailed in the “Contact Us” section below, and we will promptly investigate and then delete such information from our systems if warranted.

Basis for Processing Personal Information

We may process Personal Information under the following conditions:

Consent: You provided your consent for one or more specific purposes.
Performance of a contract: Provision of Personal Information is necessary for the performance of an agreement with you and/or for any pre-contractual obligations.
Legal obligations: Processing Personal Information is necessary for compliance with a legal obligation to which the Company is subject.
Legitimate interests: When we have a business or commercial reason to use your information, so long as this is not overridden by your own rights and interests

In any case, we will gladly help to clarify the specific legal basis that applies to the processing, and whether the Personal Information is a statutory or contractual requirement, or a requirement necessary to enter into a contract.

The table below explains what we use (process) your Personal Information for and our reasons for doing so:

How We Process Your Personal Information	Our reasons
To prevent and detect fraud against you or our Company.	For our legitimate interests or those of a third party, i.e. to minimize fraud that could be damaging for us and for you.
Gathering and providing information required by or relating to audits, inquiries or investigations by regulatory bodies.	To comply with our legal and regulatory obligations.
Operational reasons, such as improving efficiency, training, and quality control.	For our legitimate interests or those of a third party, i.e. to be as efficient as we can.
Ensuring the confidentiality of commercially sensitive information.	For our legitimate interests or those of a third party, i.e. to protect trade secrets and other commercially valuable information. To comply with our legal and regulatory obligations.
Statistical analysis to help us manage our business.	For our legitimate interests or those of a third party, i.e. to be as efficient as we can.
Preventing unauthorized access and modifications to systems	For our legitimate interests or those of a third party, i.e. to prevent and detect unauthorized and/or criminal activity that could be damaging for us and you. To comply with our legal and regulatory obligations.
Updating and enhancing user records.	For the performance of our contract(s) with you or to take steps at your request before entering into a contract. To comply with our legal and regulatory obligations. For our legitimate interests or those of a third party.
Corporate Filings/Statutory returns	To comply with our legal and regulatory obligations.
Ensuring safe working practices, staff administration, and assessment.	To comply with our legal and regulatory obligations. For our legitimate interests or those of a third party, e.g. to make sure we are following our internal procedures and working efficiently.
Marketing our existing and new courses, conferences, products and services and those of selected third parties to: existing and former users and customers; third parties who have previously expressed an interest in our products or services; third parties with whom we have had no previous dealings.	For our legitimate interests or those of a third party, i.e. to promote our business to existing and former customers.
External audits and quality checks, e.g. for Internal Company for Standardization (ISO) or Investors in People accreditation and the audit of our accounts.	For our legitimate interests or those of a third party i.e. to maintain our accreditations. To comply with our legal and regulatory obligations.

Communications Platform

The Sites may contain message boards, chat rooms, personal web pages or profiles, forums, bulletin boards, and other interactive features (collectively “Communications Platform”) that allow you to communicate with other registered users of the Sites, post information (e.g., questions, discussion topics, information about your practice, share articles, audio, videos, and professional experiences or antidotes), content, images, photos or videos, post your opinions on surveys, or submit reviews or ratings (collectively, “Your Content").

Your Content will be associated with your registered user profile (“Your Profile”). Your Profile and Your Content are unencrypted and can be viewed by other registered users of the Sites, and therefore, there can be no expectation of privacy or confidentiality, except if the terms of use of the Sites specifically limit the use of Your Content or Your Profile. This means Your Content and Your Profile can be read and viewed by others, including advertisers. We are not responsible for the information you choose to submit or that you access from other users of the Communications Platform. Any personal information you submit in the course of interacting or using our Communications Platform can be read, collected, or used by other users. Prior to posting in these areas, we encourage you to read our Terms of Use, as we are not responsible for the personal information you choose to make public in any of these areas and strongly recommend against sharing any personal health or other sensitive information that could directly or indirectly be traced to any individual, including yourself.

Please note that in the event you wish to delete Your Profile, all of the content you submitted prior to deleting your Profile (i.e. Your Content), which includes your communications, posts, and content published on the Communications Platform, will still be visible to others unless you first delete the specific content from the Communications Platform. We may also retain certain information about you as required by law or for legitimate business purposes.

The Communications Platform and any content shared, published, posted, or any communications by other registered users of the Sites is not medical or health advice. The medical and health information provided on the Communications Platform is provided for general informational and educational purposes only and is not a substitute for professional advice. Accordingly, before taking any actions based on such information, we encourage you to consult with the appropriate professionals. We do not provide any kind of medical or health advice. THE USE OR RELIANCE OF ANY INFORMATION ON THE COMMUNICATIONS PLATFORM OR THE SITES IS SOLELY AT YOUR OWN RISK.

As stated in our Terms of Use, the Communications Platform may contain links and content posted by other registered users to other websites, content belonging to or originating from third parties, or links to websites or advertisements. Such external links are not investigated, monitored, or checked for accuracy, adequacy, validity, reliability, availability, or completeness by us. WE DO NOT WARRANT, ENDORSE, GUARANTEE, OR ASSUME RESPONSIBILITY FOR THE ACCURACY OR RELIABILITY OF ANY INFORMATION OFFERED BY THIRD-PARTY WEBSITES LINKED THROUGH THE COMMUNICATIONS PLATFORM OR ANY WEBSITE. WE WILL NOT BE A PARTY TO OR IN ANY WAY BE RESPONSIBLE FOR MONITORING ANY TRANSACTION BETWEEN YOU AND THIRD-PARTY PROVIDERS OF PRODUCTS OR SERVICES.

Promotional Communications
We may use your Personal Information to send you updates (by email, text message, or post) about our courses, conferences, products, and services, including exclusive offers, promotions, or new courses, conferences, products, and services.

We have a legitimate interest in processing your Personal Information for promotional purposes (see above “Basis for Processing Personal Information.” This means we do not usually need your consent to send you promotional communications. However, where consent is needed, we will ask for this consent separately and clearly.

You have the right to opt out of receiving promotional communications at any time by contacting us by using the contact information detailed in “Contact Us” below.

Third-Party Websites

The Sites may contain links to third-party websites, such as social media sites like Facebook and Twitter, which may have privacy policies that differ from our own. We are not responsible for the activities and practices that take place on these websites. Accordingly, we recommend that you review the privacy policy posted on any external site before disclosing any Personal Information. Please contact those websites directly if you have any questions about their privacy policies.

Where Your Personal Information is Held

Personal Information may be held at our offices and those of our third-party service providers, representatives, and agents as described above (see “Disclosure of Information”).

Some of these third parties may be based outside the European Economic Area. For more information, including on how we safeguard your Personal Information when this occurs, see “Transferring Your Personal Information Out of the EEA”.

Transferring Your Personal Information Out of the EEA

We may transfer your Personal Data to countries other than the one in which you live, including transfers to the United States. To the extent that Personal Information is transferred abroad, we will ensure compliance with the requirements of the applicable laws in the respective jurisdiction in line with our obligations.

To deliver services to you, it is sometimes necessary for us to share your Personal Information outside the European Economic Area (EEA), e.g.: Your information, including Personal Information, is processed at the Company's operating offices and in any other places where the parties involved in the processing are located. It means that this information may be transferred to — and maintained on — computers located outside of Your state, province, country, or other governmental jurisdiction where the data protection laws may differ from those of Your jurisdiction.

Your consent to this Privacy Policy followed by your submission of such information represents your agreement to that transfer.

The Company will take all steps reasonably necessary to ensure that your data is treated securely and in accordance with this Privacy Policy and no transfer of your Personal Information will take place to an organization or a country unless there are adequate controls in place including the security of your data and other Personal Information.

If you would like further information, please contact us or our Data Protection Officer (see “Contact Us” below).

Access, Correction, & Deletion

We respect your right to access and correct your Personal Information. You may exercise your rights, subject to applicable laws, to request that we delete or restrict access to your Personal Information. We may need to retain it for legally permitted purposes and this will be explained to you if necessary.

If you need assistance correcting or updating your Personal Information or would like to request that we delete your Personal Information, please contact us using the contact information detailed in the “Contact Us” section below.

California Privacy Rights Disclosure

California law permits our customers who are California residents to request certain information about our disclosure of Personal Information to third-parties for their direct marketing purposes during the preceding calendar year. This request is free and may be made twice a year. To make such a request, please write to us at the following address:

ATTN: Data Privacy Officer

Ashlee Sarah Rigel

201 Tom Hall Street, PO Box 1299, Fort Mill, SC 29715-2313

acaldwell@hcesquared.com

214.970.7411

If you are a California resident, California law provides you with the following additional rights concerning your Personal Information:

The right to know what Personal Information we have collected, used, disclosed, and sold about you. You may submit a request to know by using the contact information detailed in this Section. You also may designate an authorized agent to request access on your behalf.
The right to request that we delete any Personal Information we have collected about you. You may submit a request for deletion by using the contact information detailed in this Section. You also may designate an authorized agent to request deletion on your behalf.

When you exercise these rights and submit a request to us, we may need to verify your identity. We also may use a third-party verification provider to verify your identity. Your exercise of these rights will have no adverse effect on the price and quality of our products or services.

Your Rights

We want you to be in control of how your Personal Information is used by us. Please note that our ability to access or control your Personal Information will be limited, as required or permitted by applicable law. Depending on your jurisdiction, you may have the right to be informed of, and request access to, the Personal Information we process about you; update and correct inaccuracies in that information; have the information restricted or deleted; object or withdraw your consent to certain uses of data; and lodge a complaint with your local data protection authority. You may also have the right not to be subject to automated decision-making, including profiling, where it would have a legal or similarly significant effect on you; and the right to data portability with regard to the data you provided to us. We will not discriminate against you for the exercise of these rights.

If you would like to exercise any of the rights described above, please send us a request by using the contact information in “Contact Us” below. In your message, please indicate the right you would like to exercise and your jurisdiction. We may ask you for additional information to confirm your identity and for security purposes before disclosing the Personal Information requested to you. We reserve the right to charge a fee where permitted by law, for instance, if your request is manifestly unfounded or excessive. We may not always be able to fully address your request, for example, if it would impact the duty of confidentiality we owe to others, or if we are legally entitled to deal with the request in a different way.

How to Exercise Your Rights

If you would like to exercise any of your rights as described in this Privacy Policy, please contact us using the contact information detailed in the “Contact Us” section below.

Please note that you may only make a CCPA-related data access or data portability disclosure request twice within a 12-month period.

If you choose to contact us directly by phone, email, or in writing, you will need to provide us with:

Enough information to identify you (e.g., your full name, address, etc.);
Proof of your identity and address (e.g., a copy of your driving license or passport); and
A description of what right you want to exercise and the information to which your request relates.

We are not obligated to make a data access or data portability disclosure if we cannot verify that the person making the request is the person about whom we collected information, or is someone authorized to act on such person’s behalf.

Any Personal Information we collect from you to verify your identity in connection with your request will be used solely for the purposes of verification.

Right to Lodge Complaints

We are transparent about the ways in which we collect and use Personal Information, and welcome your questions and concerns. We hope that we or our Data Protection Officer can resolve any query or concern you raise about our use of your information.

If you have any concerns or complaints about the way we handle your Personal Information, please contact us using the contact information detailed in the “Contact Us” section below. To the extent you believe we have not addressed your concerns or otherwise choose to do so, you have the right to lodge a complaint with a supervisory authority in the country where you reside.

If you are a United States resident, you may contact the US Federal Trade Commission regarding your concerns. For more information, please see: https://www.ftc.gov/faq/consumer-protection/submit-consumer-complaint-ftc

The General Data Protection Regulation also gives you the right to lodge a complaint with a supervisory authority, in the European Union (or European Economic Area) state where you work, normally live, or where any alleged infringement of data protection laws occurred.

Visitors from Outside the United States—Cross-Border Transfer

The Sites are hosted in the United States. If you are visiting the Sites from outside the United States, your information may be transferred to, stored, and processed in the United States or other countries in accordance with this Privacy Policy. The data protection and other applicable laws of the United States or other countries may not be as comprehensive as those laws or regulations in your country or may otherwise differ from the data protection or consumer protection laws in your country. Your information may be available to government authorities under lawful orders and laws applicable in such jurisdictions. By using the Sites and/or providing Personal Information to us, you consent to the transfer of your information to our facilities as described in this Privacy Policy.

Contact Us

If you live in the United States or any other country outside of the European Union, EFTA States, or the United Kingdom, the data controller responsible for your Personal Information is the dermsquared and the Data Privacy Officer is Sarah Ashlee whose information appears below.

If you have questions about this Privacy Policy or our practices, or if you are seeking to exercise any of your statutory rights, you can contact us at the following address:

ATTN: Data Privacy Officer

Ashlee Sarah Rigel
201 Tom Hall Street, PO Box 1299, Fort Mill, SC 29715-2313

acaldwell@hcesquared.com

214.970.7411

If you would like this notice in another format (i.e. audio, large print, braille) please contact us at the above.