UK and EU GDPR Privacy Statement

Supplemental UK and EU GDPR Privacy Statement (“Supplemental Statement”)

As the data controller, AACMEPlus™, American Association of CME, 1309 Coffeen Ave., Suite 1200 – Sheridan, Wyoming 82801 – USA is required to provide additional and different information about its data processing practices to data subjects in the European Economic Area (“EEA”) and the United Kingdom (“UK”). This is on account of the European Union Regulation 2016/679 of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (“EU GDPR”) and the UK General Data Protection Regulation (“UK GDPR “).

1. Who Does This Supplemental Statement Apply To?

This Supplemental Statement applies to Users who access the Services from a member state of the EEA or the UK. The Supplemental Statement applies to you in addition to the Privacy Policy.

2. What Are the Contact Details of the GDPR Representative or DPO?

AACMEPlus™ has appointed a data protection officer. Their contact details are as follows: GDPR [at] aacme plus [dot] com

3. What Are the Legal Bases for Processing Personal Data?

We process your personal data on several different legal bases, as follows:
  • Contractual Necessity (see Article 6(1)(b) of the EU GDPR): When you access, use or register for Service, you form a contract with AACMEPlus™. This contract is based on the applicable terms of use or terms of service. We need to process your personal clata to discharge our obligations in any such contract, fulfill your requests and orders, answer questions and requests from you, and provide tailored customer support.
  • To pursue our legitimate interests (see Article 6(1)(f) of the EU GDPR): We process your personal data to send you invitations to relevant continuing medical education activities (unless you have opted out), medical newsletters (unless you have opted out), invitations to relevant educational needs assessment surveys (unless you have opted out), to understand which products and services may be relevant to you, and to generally improve our products, services and business practices.
  • To comply with legal obligations (see Article 6(1)(c) of the EU GDPR): We may need to process your personal data to comply with relevant laws, regulatory requirements, and to respond to lawful requests, court orders, and legal process to which We are subject.
  • Your consent (see Article 6(1)(a) of the EU GDPR): We process your personal data on the basis of your consent in various instances, such as with respect to cookies that are not strictly necessary. Your consent can be withdrawn at any time, but this does not affect the lawfulness of processing based on consent before such withdrawal.

Purposes of Use or Disclosure

Legal Bases of Processing and, if applicable, Legitimate Interests

Manage our relationship with you, including to:

  • Create an account for you for the Services upon request;
  • Respond appropriately to your inquiries;
  • Update you regarding your account;
  • Provide you with, maintain, secure, and improve our Services;
  • Provide you with a customized experience in connection with our Services;
  • Collect personal data about you from public resources, such as national or local registries of physicians, national or local medical associations, the public websites of hospitals, medical offices, clinics and educational institutions, academic journals, and professional social networking platforms such as LinkedIn, to validate your identity and better understand which medical news, education activities and surveys may be of most interest to you.
  • Improve the accuracy and relevance of the results you see when you interact with the search engine and the search engine’s integrated chatbot functionality that is part of our Services.
  • If we are contractually obligated to perform the processing based on the terms that apply to the applicable Service, Contract Performance Legal Basis.
  • If the GDPR requires us to perform the processing to comply with the GDPR, Legal Obligations Legal Basis.
  • In all other cases, Legitimate Interest Legal Basis—namely, to provide you and our other users with a good experience with our Services, prevent fraud and illegal conduct, administer and enforce our contractual and legal rights, and manage and improve our business operations and relationships with third parties.
Discharge our contractual obligations to you.
  • Contract Performance Legal Basis
Comply with any legal obligations that apply to us.
  • If you are in the UK and the legal obligation emanates from UK law, or if you are in the EEA and the legal obligation emanates from a law of a Member State or the EEA, Legal Obligations Legal Basis. An example is to comply with the GDPR.
  • Otherwise, Legitimate Interest Legal Basis-namely, to ensure that our Services comply with all applicable laws.
Send you invitations, newsletters and other related information as part of our Services, including:
  • Invitations to participate in online medical education activities, including accredited continuing medical education activities, and information about medical activities and promotional communications;
  • Invitations to learn more about and request information from us about patient assistance resources, such as sample activities and co-pay incentive activities;
  • Medical newsletters including the top medical news in your field of interest and medical alerts; and
  • Invitations to complete market research surveys, typically in exchange for honoraria.
  • If consent is not legally required and you would reasonably expect to receive such information, Legitimate Interest Legal Basis-namely, to deliver to you invitations, newsletters and other related information that we believe may be relevant to you, to help pharmaceutical and other life sciences companies reach a greater audience, and increase medical professionals’ awareness of relevant education activities, patient assistance resources, and medical news.
  • Otherwise, Consent Legal Basis.
Use cookies, web beacons and similar technologies to customize your experience with our Services and track who is opening our electronic communications
  • If consent is not legally required and you would reasonably expect us to engage in such processing, Legitimate Interest Legal Basis-namely, to provide you with a better experience on our Services, to help us improve our Services, and to take steps to confirm whether an individual wishes to continue to receiving our electronic communications if they are not opening them and potentially delete their personal data if appropriate.
  • Otherwise, Consent Legal Basis.
If you respond to a survey, we process your personal data to: (i) verify your eligibility to participate in a study; (ii) validate your identity and responses; (iii) process your honoraria payment; (iv) provide anonymized survey results to third parties; and (v) identify a particular respondent to comply with applicable legal requirements, such as adverse events reporting requirements.
  • Where we are contractually obligated to perform the processing based on the terms that apply to our administration of the survey, Contract Performance Legal Basis.
  • If you are in the UK and the legal obligation emanates from UK law, or if you are in the EEA and the legal obligation emanates from a law of a Member State or the EEA, Legal Obligations Legal Basis. An example is to comply with local adverse event reporting laws as applicable.
  • In all other cases, Legitimate Interest Legal Basis-namely, to prevent duplicate or fraudulent responses, to maintain the integrity of the responses to the survey, to provide anonymized survey results to third parties to help inform their business activities, and to comply with legal requirements outside of your jurisdiction, such as adverse event reporting requirements, as applicable.
If you participate in a medical education activity that we publish and thereby obtain a continuing medical education or similar certificate, we may disclose the fact that you participated in the activity to the medical school or institute that accredited the activity for the purposes of complying with professional accreditation recordkeeping requirements.
  • Legitimate Interest Legal Basis-namely, to allow the medical school or institute to comply with professional accreditation recordkeeping requirements and to assist you in meeting your professional accreditation recordkeeping requirements.
If we publish an activity from another medical education provider, and thereby obtain a continuing medical education or similar certificate, we may disclose the fact that you participated in the activity to the medical education provider for the purposes of complying with professional accreditation recordkeeping requirements.
  • Legitimate Interest Legal Basis—namely, to allow the medical education provider to comply with professional accreditation recordkeeping requirements and to assist you in meeting your professional accreditation recordkeeping requirements.
Disclosures of personal data to courts and public authorities to protect you, us, or third parties from harm, such as fraud.
  • Legitimate Interest Legal Basis—namely, to protect you, us or third parties from harm, such as fraud or the effects of illegal conduct. These circumstances are rare and we may provide you with additional information prior to such processing where required by applicable law
Disclosures of personal data to our agents and service providers for the purposes described above.
  • See the legal bases and, where applicable, the legitimate interests described above.
Disclosures of personal data to courts and public authorities to protect you, us, or third parties from harm, such as fraud.
  • Legitimate Interest Legal Basis—namely, to protect you, us or third parties from harm, such as fraud or the effects of illegal conduct. These circumstances are rare and we may provide you with additional information prior to such processing where required by applicable law
Disclosures of personal data to our agents and service providers for the purposes described above.
  • See the legal bases and, where applicable, the legitimate interests described above.

4. Disclosure of Personal Data to Affiliates.

Over the preceding 12 months, we disclosed certain categories of California residents’ personal information to the categories of third parties as shown in the table above.
We do not sell California residents’ personal information. We do not have actual knowledge that we sell the personal information of minors under 16 years of age.

4. Your Right to Request Deletion of Personal Information

You have a right to request the deletion of personal information that we collected from you. To submit a request to delete personal information, please submit an email request to: privacy [at] aacmeplus [dot] com or mail a written request to: 1309 Coffeen Ave., Suite 1200 – Sheridan, Wyoming 82801 and include “California Request to Delete” in the subject line. Please specify in your request the personal information about you that you would like to have deleted, which can be all of the personal information we have collected from you as required by the CCPA.
We will ask that you provide certain information to verify your identity, such as a code sent to an email address we may have on file for you. If you have a password-protected account with us, we may verify your identity through our existing authentication practices for your account. The information that we ask you to provide to verify your identity will depend on your prior interactions with us and the sensitivity of the personal information at issue. Once we have verified your identity, we may ask you to confirm that you wish to have your personal information deleted. Once confirmed, we will respond to your request in accordance with the CCPA. If we deny your request, we will explain why.

5. Your Right to Opt-Out of the Sale of Personal Information

You have the right to opt-out of the sale of your personal information by a business. We do not sell your personal information.

6. Your Right to Non-Discrimination for the Exercise of CCPA Rights

You may not be discriminated against because you exercise any of your rights under the CCPA.

7. Authorized Agent

  • The authorized agent is a natural person or a business entity registered with the Secretary of State of California; and
  • You sign a written declaration that you authorize the authorized agent to act on your behalf.

If you use an authorized agent to submit a request to exercise your right to know or your right to request deletion, please have the authorized agent take the following steps in addition to the steps described in Sections 1 and 4 above:

  • Mail a notarized copy of your written declaration authorizing the authorized agent to act on your behalf to AACMEPlus™, American Association of CME, 1309 Coffeen Ave., Suite 1200, Sheridan, Wyoming 82801 (we will reimburse you for the costs of notarizing the declaration and mailing it to us if you provide a receipt showing the costs paid and they are reasonable); and
  • Provide any information we request in our response to your email to verify your identity and that you provided the authorized agent permission to submit a request under the CCPA on your behalf. The information that we ask you to provide to verify your identity will depend on your prior interactions with us and the sensitivity of the personal information at issue.

If you provide an authorized agent with power of attorney pursuant to Probate Code sections 4000 to 4465, it may not be necessary to perform these steps and we will respond to any request from such authorized agent in accordance with the CCPA.

8. Contact for More Information

If you have questions or concerns regarding our Privacy Policy or practices, you may email us at: privacy [at] aacmeplus [dot] com 

Scroll to Top