KASS (the “KS” or “we” or “our”) respects your privacy and is committed to protecting the privacy of your personal data. The purpose of this policy is to provide you with information about what personal data we collect, why we collect it, how we use and handle it, how an individual could exercise his/her rights with regard to such personal data collected.
This policy also describes a point of contact within KS where requests regarding an individual’s personal data and/or complaints about KS’s handling of personal data can be directed and requests for information about how KS is held accountable for safeguarding any personal data, should it be stored or transferred by KS, will be handled.
I. HOW WE RECEIVE PERSONAL DATA & TYPES OF PERSONAL DATA RECEIVED
A. Ways in which We Receive Personal Data. The main avenue through which KS receives personal data is through our relationships with our clients. In addition, we also receive personal data through the following sources:
- Through our website (kassmd.org/)(our “Website”), including, without limitation, your requests for information, trials, demonstrations or subscriptions to our blogs through the functionality of the Website;
- Through your application for employment with KS, whether written through written communication, email, our Website or our third-party service provider(s);
- In communications with our clients or potential clients, whether through written communication, email, text, telephone, or other electronic messages between an individual or his/her employer or business and KS; or
- Our third-party providers and other business partners (including, without limitation, our marketing consultants).
B. Types of Personal Data. Your personal data that may be collected or processed by KS includes:
- first and last names;
- address and past addresses;
- phone number;
- email address;
- date of birth and/or age;
- date of death;
- ethnicity and/or race;
- credit card information;
- IP address;
- non-academic titles, academic qualifications, and academic titles;
- firm/business/employer name, organizational titles, and departments;
- work experience, including job titles, company names, and dates of employment;
- education and education degree(s), including, majors, minors and dates of school attendance;
- veteran status;
- voluntary self-identification of disability;
- financial information, such as that which could be used to process invoices and payments; and
- any other information that might be used to identify you by another person.
C. Cookies and Other Tracking Technologies. As you navigate through and/or interact with our Website, we may use automatic data collection technologies to collect certain information about your equipment, browsing actions and patterns, including:
- Details of your visits to our Website, including traffic data, location data, logs, and other communication data and the resources that you access and use on the Website; and/or
- Information about your computer and internet connection, including your IP address, operating system, and browser type.
The information we collect automatically is statistical data and does not include personal data, but we may maintain it or associate it with personal data we collect in other ways or receive from third parties. It helps us to improve our Website and to deliver a better and more personalized service, including by enabling us to:
- Estimate our audience size and usage patterns;
- Store information about your preferences;
- Speed up your searches;
- The technologies we use for this automatic data collection may include:
- Flash Cookies. Certain features of our Website may use local stored objects (or Flash cookies) to collect and store information about your preferences and navigation to, from, and on our Website. Flash cookies are not managed by the same browser settings as are used for browser cookies. For information about managing your privacy and security settings for Flash cookies, see the Subsection entitled Individual Rights under the SECURITY, CHOICE AND ACCESS Section below.
- Web Beacons. Pages of our Website and our e-mails may contain small electronic files known as web beacons (also referred to as clear gifs, pixel tags, and single-pixel gifs) that permit KS, for example, to count users who have visited those pages or opened an email and for other related website statistics (for example, recording the popularity of certain website content and verifying system and server integrity).
We do not collect personal data automatically, but we may tie this information to personal data about you that we collect from other sources or you provide to us.
Do Not Track (“DNT”) is a privacy preference that users can set in their web browsers. Our Website does not support DNT codes, but our Websites limit tracking to the internal uses described above. Except in the case of analytics cookies, remarketing and other features of Google Display Advertising described above, our Website does not track your use across multiple websites, however, other websites to which we link may. We do not control these third parties’ tracking technologies or how they may be used. If you have any questions about an advertisement or other targeted content, you should contact the responsible provider directly. Also, if you wish to opt out of interest-based advertising, please visit http://optout.aboutads.info to manage your preferences. Alternatively, if you are located in the European Union, you may visit http://www.youronlinechoices.eu/. Please note that you may continue to receive generic ads.
D. Childen under the Age of 18. Our Website is not intended for children under 18 years of age. No one under age 18 may provide any information to or on the Website. We do not knowingly collect personal data from children under 18. If you are under 18, do not use or provide any information on the Website or on or through any of its features/register on the Website, make any purchases through the Website, use any of the interactive or public comment features of the Website or provide any information about yourself to us, including your name, address, telephone number, email address, or any screen name or user name you may use. If we learn we have collected or received personal data from a child under 18 without verification of parental consent, we will delete that information. If you believe we might have any information from or about a child under 18, please contact us at firstname.lastname@example.org.
III. DATA INTEGRITY AND PURPOSE LIMITATION (USES OF PERSONAL DATA)
KS, generally, processes personal data for the purposes of (i) interacting with clients and/or (ii) promoting KS in its marketplaces. We may also use personal data to allow individuals access to files and computer systems that are provided as part of our services or in connection with our business development, marketing, and accounting activities. Personal data is also processed through the application for employment with KS. We use that information in considering your application and for communicating with you about such application. Additionally, personal data may be utilized to carry out our obligations and enforce our rights arising from any contracts entered into between you and us, including for billing and collection purposes or to notify you of any changes to our business, our Website or any of services.
IV. SECURITY, CHOICE, AND ACCESS
KS may be a data processor of client-controlled data and/or a data controller with regard to personal data collected through our Website but our Website is intended for North American users only. If you are from outside North America, please do not contact us through our Website. You may contact us by telephone at 630-681-1040, or by mail at 301 So. County Farm Road, Suite L, Wheaton, IL 60187, Attn: Data Protection and Privacy Officer.
A. Individual Rights. In accordance with applicable law, KS will facilitate an individual’s right to exercise his or her legal rights with regard to his or her personal information, such as a person’s (i) the right to access; (ii) the right to rectification; (iii) the right to erasure; (iv) the right to restrict processing; (v) the right to object to processing; (vi) the right to data portability; (vii) the right to withdraw consent and (viii) the right to lodge complaints. If you seek to exercise any such rights, please send your request by email to email@example.com. You also have the right to lodge your complaints with the applicable legal authorities, including, without limitation, the applicable E.U. supervisory authority(ies) (if you are an E.U. citizen).
We will respond to your reasonable requests in accordance with, and within the appropriate timeframe as determined by, the respective legal authority governing the use of the applicable personal data. In most cases, we will respond to requests within one month; provided, however, if the request is complex, we may extend its response time in accordance with applicable law and regulation.
B. Security. In addition, to protect this data and mitigate risk of a data breach and to comply with applicable law, KS employs reasonable and appropriate technical and organizational security procedures and processes designed to help protect against loss, misuse, and alteration of personal data collected and processed by KS, which include:
- Physical and logical access controls that limit who can access personal data based on business/processing need;
- Privacy policies for personal data and for employee personal data;
- Employee training on our privacy policies;
- Employees who are bound by confidentiality obligations;
- Data Protection and Privacy Incident Response Team to handle all personal data incidences or issues, including, without limitation, the handling of individual requests related to his/her personal data processed by BW; and
However, information transmitted on the Internet and/or stored on systems attached to the Internet is not 100% secure. As a result, we do not ensure, warrant or guarantee the security or integrity of such information.
C. California Privacy Rights. California Civil Code Section § 1798.83 permits users of our Website that are California residents to request certain information regarding our disclosure of personal data to third parties for their direct marketing purposes. To make such a request, please send an email to firstname.lastname@example.org or write us at: 301 So. County Farm Road, Suite L, Wheaton, IL 60187, Attn: Data Protection and Privacy Officer.
V. ACCOUNTABILITY FOR ONWARD TRANSFER
The performance of services or the other processing of your personal data may involve the transfer of certain personal data to or from third parties, including our third-party service providers. If KS transfers personal data to a third party, the recipient will have the same level of protection as required of KS. In addition, all third-party service providers engaged by KS are bound by contract to refrain from using any personal data for any purpose other than the provision of the given service for KS.
In addition to disclosures described above, we may disclose or transfer personal data to third parties in connection with, or during negotiations of, any merger, acquisition, spin-off, sale of company assets, subsidiary, any financing or any similar transaction. We may also disclose personal data to third parties in order to prevent damage or harm to us, our services or any person or property, if we believe that disclosure is required by law (including to meet national security or law enforcement requirements), or in response to a lawful request by any public or governmental authority.
KS does not sell, trade or transfer personal data to third parties. However, KS may share personal data with its subsidiaries for the purposes of providing clients with information about our subsidiary’s service offerings. For example, KS may provide emails to its subsidiary or a third-party service provider for direct email distribution of blogs, on-line surveys, or notifications.
If an individual wishes to opt out or limit the use and disclosure of their personal data to a third party or a use that is incompatible with the purpose for personal data was originally collected or authorized, the individual may send such request to email@example.com.
A. Point of Contact for Complaints or Questions. Individuals have the ability to contact KS regarding any questions or concerns related to its collection or handling of their personal data.
Data Protection and Privacy Officer
By email at firstname.lastname@example.org
By mail at 301 So. County Farm Road, Suite L, Wheaton, IL 60187, Attn: Data Protection and Privacy Officer.
VIII. CONTACT US
By email at email@example.com
By mail at Korean American Spine Soc, c/o BroadWater, 301 So. County Farm Road, Suite L, Wheaton, IL 60187, Attn: Data Protection and Privacy Officer.
We are committed and required to respond to any of your inquiries on this issue within one month of receiving the inquiry.
This Policy was last updated in August 2021.