Top Menu

General Data Protection Regulation


Last Updated: March 25, 2020

The Association for Research in Otolaryngology (“ARO” or “we” or “our” or “us”) respects your, the user (“you” or “your”) privacy and is committed to protecting it at all times. This online privacy policy (“Privacy Policy”) explains how ARO collects, uses and safeguards information on its various websites and applications that link to this Privacy Policy (the “Sites”), how we use the information we collect, and the choices we offer regarding your ability to access and update your information.

We collect information about our users in three ways: directly from the user, from our Web server logs and through cookies and other similar technologies described in this Privacy Policy. We use the information primarily to provide you with a personalized Internet experience that delivers the information, resources, and services that are most relevant and helpful to you or that you have requested. We don’t share any of the information you provide with others, except as set forth in this Privacy Policy, or when we believe in good faith that the law requires it. Please note that ARO is located and managed from the United States and that the information you provide to us will be stored in the United States. You should carefully review this Privacy Policy as it discusses how we collect, use, and share your information. By accessing our Sites and using our services, you agree to the terms of this Privacy Policy and to be bound by our Terms of Use, which are incorporated into this Privacy Policy by this reference. If you do not agree to the Terms of Use and this Privacy Policy, you should end this session now and refrain from using our Sites and services now and in the future.

Changes to the Privacy Policy
As our organization, membership and benefits change from time to time, we expect this Privacy Policy to change as well. We reserve the right to amend this Privacy Policy at any time, for any reason, and will signal a change by revising the “Last Updated” date at the top of this page and by providing notice you which may include by email, pop-up notifications our Sites, and other means. Where required by applicable law, we will not reduce your rights under this Privacy Policy without your explicit consent. We will also keep prior versions of this Privacy Policy for your review upon request. Please make any such request to headquarters@ARO.org.

Our contact information
If you have any questions about this Privacy Policy or our information collection, use, or sharing practices, please contact us at:

Association for Research in Otolaryngology
5034A Thoroughbred Lane
Brentwood, TN 37027
headquarters@ARO.org.

What information we collect and how we use it
Information we collect — When you browse our Sites, for example, and do not interact with the website for any online service or product from ARO, you browse anonymously. Information that identifies you personally–such as your name, address, phone number and email address–is not collected as you browse.

When you create an account to become a registered user on our Sites, or choose to interact with us in other ways, such as subscribing to ARO publications, purchasing an ARO product, applying for ARO membership, participating in online surveys, submitting questions or comments or requesting information or materials, we will collect certain personal information from you that you submit to us as described below. The type will vary but may include name, address, phone number, birth date, gender, ethnicity/race, billing and delivery information, email address, credit card information, user name, password, and other demographic information. We use such information we collected from you for our business purposes to provide you with a further personalized experience on our Sites and to provide you with services and as described below. While we do collect data on gender and ethnicity to track our advances in becoming a more inclusive society, we do not collect personal data regarding religious or philosophical beliefs, sexual history, sexual orientation, political opinions, trade union membership, information about your health and genetic biometric data, nor we do collect any information about any criminal convictions or offenses. The way you use the Sites or the product or service that you request will ultimately determine the personal information we collect.

How we use personal information — Once collected, we may use your personal information for the following purposes:

• Register you for programs and services you have requested
• Process, fulfill and follow up on your orders or membership application
• Provide access to journal content
• Answer your emails or on-line requests
• Send information you request
• Send and process surveys
• Ensure ARO Sites are relevant to your needs
• Deliver ARO services such as newsletters, meetings or events
• Recommend content that suits you
• Alert you when fresh content is posted or released
• Notify you about new products/services, special offers, upgrades and other related information from ARO and approved third parties
• To comply with all applicable legal requirements

We will ask for your consent before using information for a purpose other than those set out in this Privacy Policy.

How you can access and change your information
If you are a registered user of an ARO website, subscriber to ARO publications, purchaser of ARO products or an ARO member, you may review and update or correct your information online or by contacting the Executive Office at headquarters@ARO.org and as set forth below.

You can also manage your account, limit alerts or opt-out of some or all future communications. All e-mail communications contain an “unsubscribe” option in case you want to discontinue the communication at any time. Contact us via the phone number or contact form on our Sites and included above under “Our contact information” at any time to:

• See what data we have collected about you, if any, and where we are required by applicable law, you may receive a copy of the personal information we maintain about you (provided that we have successfully verified your identity to ensure that we maintain privacy of our users);
• Change/correct any data we have about you (provided that we have successfully verified your identity);
• Ask us to delete any data we have about you unless we have to keep the information for legitimate business purposes or legal purposes (provided that we have successfully verified your identity);
• Where required by applicable law, ask us to stop using your information or sharing your information with third parties for a specific purpose (provided that we have successfully verified your identity); and/or
• Opt out of some or all future communications from us.

We aim to maintain our services in a manner that protects information from accidental or malicious destruction. Because of this, after you direct us to delete information from our services, we may not immediately delete residual copies from our active servers and may not remove information from our backup systems. Please note that if you ask us to delete or stop using your personal information, it may prevent or restrict our ability to provide you certain services, including canceling services you have previously requested. We will attempt to notify you if we are unable to provide you any services because of your changed information preferences. We try to respond to all legitimate requests within one month. Occasionally it may take us longer than a month if your request is particularly complex or you have made a number of requests.

You will not have to pay a fee to access your personal information or to exercise any of your other rights regarding your personal information. However, we may charge a reasonable fee if your request is clearly unfounded, repetitive or excessive. Alternatively, we may refuse to comply with your request in these circumstances.

Your California privacy rights — Pursuant to Section 1798.83 of the California Civil Code, residents of California have the right to request from a business with whom the California resident has an established business relationship, certain information with respect to the types of personal information the business shares with third parties for direct marketing purposes by such third party and the identities of the third parties with whom the business has shared such information. California residents may opt-out of our disclosing personal information about them to third parties for their marketing purposes. If you do not want us to disclose information to other companies for their marketing purposes, please contact us by email at headquarters@ARO.org.

How to opt out of email — To opt out of future emails and newsletters, email headquarters@ARO.org or click the “unsubscribe” link at the bottom of any email or other content sent from/by ARO and we will honor your request.

With whom we may share information — With your consent (when required by applicable law), ARO may share personal information (except your email address) with our business partners in order to provide them an opportunity to offer products or services that may be of interest to you. ARO also occasionally hires other companies to provide limited services on our behalf including, but not limited to, processing credit card transactions, packaging, mailing and delivering purchases, answering customer questions about products or services, consulting services, data modeling, printing, sending postal mail and processing membership and event registration. We will only provide those companies the information they need to deliver the service to us. They are contractually prohibited from using that information for any other purpose and are required to comply with our Privacy Policy and other appropriate confidentiality and security measures. When we hire vendors to deliver emails to you on our behalf, they are under contractual agreement to comply with this Privacy Policy and are limited from using your email address and other personal information for any other purpose other than to provide emails to you. Except as described in this section, third parties may not collect personally identifiable information about your online activities over time or across different websites when you use our websites.

ARO, in accordance with applicable law, may disclose your personal information to a third party if (1) reasonably necessary to perform a service or deliver a product or publication; (2) you have provided consent; (3) permitted under this Privacy Policy; (4) required by statue or regulation; or (5) in the good-faith belief that such action is necessary to: (a) conform to legal requirements or comply with legal process served on ARO; (b) protect and defend the rights or property of ARO; (c) protect the personal safety of ARO personnel or members of the public in urgent circumstances; or (d) enforce ARO’s Privacy Policy or Terms of Use.

We may share non-personally identifiable information publicly and with our partners – like advertisers or connected websites. For example, we may share information publicly to show trends about our products and services.

If we are involved in a merger, acquisition or asset sale, we will continue to ensure the confidentiality of any personal information and give affected users notice before personal information is transferred or becomes subject to a different privacy policy.

Tracking activity on our Sites and emails — We track how our Sites are used by both anonymous visitors and registered users who interact with a Site. One way we track is by using “cookies.” A cookie is a small file or string of text on the website user’s computer that is used to aid Web navigation. Two types of cookies are commonly used. A session cookie is created by a website when that website is accessed; that type of cookie is automatically deleted by closing the Web browser. A persistent cookie is a cookie that is stored on the hard drive of the user’s computer for a period of time chosen by the website that set the cookie, usually for a number of years, unless the user deletes it manually. This Privacy Policy distinguishes between short-lived cookies and long-lasting cookies. Short-lived cookies include all session cookies and those persistent cookies that are set to be stored for no more than one week. ARO-related websites may at times require users to accept short-lived cookies in order for the websites to function properly. Long-lasting cookies may be used on a Site to track visitor practices to help determine which Site features and services are most important and guide editorial direction. Other long-lasting cookies may make it possible for the user to access the site without requiring entry of a user name or password, allow the user to view different restricted areas of the site without reregistering, allow the user to personalize the Site for future use and provide other features and benefits. Users who do not desire the functionality created by the long-lasting cookie can disable the long-lasting cookie function, either by indicating when asked that they do not wish to have a long-lasting cookie created or by disabling the long-lasting cookie function on their Web browser. Individuals can opt out of long-lasting cookie functions at any time.

Cookies are required for some sections of the website. Cookies are essential for site administration and security. Another way we track Site activity is by using transparent electronic images called “clear GIFs,” “Web bugs,” or “Web beacons” on Web pages. These images count the number of users who visit that page from specific banner ads outside our Sites or through email links. A similar image, sometimes called a “spotlight tag,” is used on Web pages where transactions take place. The spotlight tag collects numeric information, such as the dollar amount of an online purchase, to help us understand usage of the Sites. We do not use any of these electronic images to collect personally identifiable information. This data is only used in the aggregate. We may share statistical data so that our partners also understand how often people use areas of our websites and applications, and services, so that they, too, may provide you with an optimal user experience and overall quality of service.

Email messages we send to you may contain “clear GIFs” or “Web beacons” to measure the offer’s effectiveness so we know how to serve you better. We do not collect information that identifies you personally through “clear GIFs” or “Web beacons.” You may refuse or remove the placement of these and other cookies by selecting the appropriate settings on your web browser.

Third party tracking on our websites – Third parties do not track or collect any personal information on individual visitors at our Sites, except as set out in this Privacy Policy. Ad networks and data analytics firms track and analyze traffic on ARO our Sites, in part, to determine advertising effectiveness, browser types and usage trends, and to present targeted ads based on anonymous information collected through tracking. This anonymous aggregate data on visitors and their use of our content provides business intelligence to better serve visitors, improve our content and track trends or contribute to improving health outcomes. If you open an ad, you leave our Sites and become subject to the terms and practices of that separate website, which may have different rules about tracking and data usage. Activation of cookie blocking or Do Not Track settings in your browser, or other mechanisms that block cookies or other tracking technologies, will not affect the collection or use of personal information as outlined elsewhere in this Privacy Policy. As of now the Sites do not respond to Do Not Track signals.

Children under 13 — We do not knowingly solicit data online from or market online to children under the age of 13 (or, for data subjects located within a Member State of the European Union, visitors under the age of 16) (a “Child”). If a Child has provided us with personally identifiable information, a parent or guardian of that Child may contact us to have the information deleted from our records. If you we believe that we might have any information form a Child, please contact us at [headquarters@ARO.org ]. If we learn that we have inadvertently collected the personal information of a Child, we will take steps to delete the Child’s information as soon as possible.

Retention and deletion of your information — Personally identifiable information that we process for any purpose or purposes shall not be kept for longer than is necessary for that purpose or those purposes. We will retain your personally identifiable information as follows: your name, address, phone number, birth date, gender, ethnicity and race, billing and delivery information, email address, credit card information, user name, password, and other demographic information will be retained for a minimum period of immediately following the ARO website transaction, and for an indefinite maximum period following the date of ARO website transaction. In some cases it is not possible for us to specify in advance the periods for which your personally identifiable information will be retained. In such cases, we will determine the period of retention based on the following criteria: the period of retention of your name, address, phone number, birth date, gender, ethnicity and race, billing and delivery information, email address, credit card information, user name, password, and other demographic information will be determined based on the date and time of the ARO website transaction (the time during which you maintain an account with us and have not instructed us to delete any of the applicable information)]. Notwithstanding the other provisions of this section, we may retain your personally identifiable information where such retention is necessary for compliance with a legal obligation to which we are subject, or in order to protect your vital interests or the vital interests of another natural person.

Information security — ARO implements security measures to protect against unauthorized access to or unauthorized alteration, disclosure or destruction of data. We restrict access to personal information to our employees and ARO’s business partners who have a need to know that information in order to operate, develop or improve our services. These individuals are bound by confidentiality obligations and may be subject to discipline, including termination and criminal prosecution, if they fail to meet these obligations.

How we safeguard information: Site security features
SSL technology and how you benefit from it — ARO realizes the importance of security, so we’ve taken a number of steps to enhance the protection of personal information sent to or from ARO over the Internet. First, we require that a “secure session” be established, using Secure Socket Layer (SSL) technology. This is done any time you supply or access information in one of our secure online areas.

SSL technology creates a private conversation that only your computer and ARO systems can understand. The SSL technology encodes information as it is being sent over the Internet between your computer and ARO systems, helping to ensure that the transmitted information remains confidential.

User ID and password — Many areas of the Site require the use of a user ID and password as an additional security measure that helps protect your information. This allows ARO to verify who you are, thereby allowing you access to your account information and preventing unauthorized access. When you have finished using a secure area of ARO’s website, make sure you always click on the “Log Out” link which appears on every secure page. When you click on the “Log Out” link, you will be given the option to end your secure session. No further secure transactions can be conducted without re-entering your user ID and password. You should be aware that browser software often “caches” a page as you look at it, meaning that some pages are saved in your computer’s temporary memory. Therefore, you may find that clicking on your “Back” button shows you a saved version of a previously viewed page. Caching in no way affects the security of your confidential user ID or password.

No guarantee — Unfortunately, no data transmission over the Internet can be guaranteed to be 100% secure. Accordingly, and despite our efforts, ARO cannot guarantee or warrant the security of any information you transmit to us, or to or from our online products or services. Email messages sent to or from a website may not be secure. Confidential information should not be sent by e-mail. Site visitors sending e-mail accept the risk that a third party may intercept e-mail messages.
Compliance and cooperation with regulatory authorities — We regularly review our compliance with our Privacy Policy. When we receive formal written complaints, we will contact the person who made the complaint to follow up. We will work with the appropriate regulatory authorities, including local data protection authorities, to resolve any complaints regarding the processing of personal data that we cannot resolve with our users directly.

Linking to other Internet websites
You should be aware that other Internet websites that link to ARO websites or to an ARO email may contain privacy provisions that differ from those in this Privacy Policy. Our Privacy Policy does not apply to services offered by other companies or individuals, including products or websites that may be displayed to you, or other websites linked from our emails, services, or our own websites. We do not control and are not responsible for their contents or the privacy policies or other practices of such websites. Our inclusion of links to such websites does not imply any endorsement of the material on such websites or any association with their operators. To ensure your privacy is protected, we recommend that you review the privacy statements and terms and conditions of other websites you visit before using the website or any services or products they may offer.

Public Areas of the Site
ARO and the ARO Site may feature public forums where users with similar interests can share information and support one another or where users can post materials. Such communities/areas are open to the public and should not be considered private.

Any information (including your personal information) you share in any online community area including a blog, posting or online discussion is by design open to the public and is not private. You should think carefully before posting any personal information in any public forum. What you post can be seen, disclosed to or collected by third parties and may be used by others in ways we cannot control or predict, including to contact you for unauthorized purposes. As with any public forum on any website, the information you post may also show up in third-party search engines.
If you mistakenly post information in our public areas and would like it removed, you can send us an email to request that we remove it by contacting us at headquarters@ARO.org . In some cases, we may not be able to remove your personal information.

Emails You Send to ARO
This Privacy Policy does not apply to information, content, business information, ideas, concepts or inventions that you send to ARO. If you want to keep content or business information, ideas, concepts or inventions private or proprietary, do not send them in an email to ARO.

 

If you have any questions about this Privacy Policy or our information collection, use, or sharing practices, please contact us at:

Association for Research in Otolaryngology

5034A Thoroughbred Lane
Brentwood, TN 37027
P: 615-324-2365
F: 615-523-1715
E: headquarters@aro.org