Last Revised: 10/5/2022
You may be reviewing this Policy because you received a notice that Within3 is processing your Personal Information (as defined below). We would like to take this opportunity to tell you how we collect your Personal Information, how we share your Personal Information, and ways in which you may take action with respect to the Personal Information we have, including opting out of future processing.
This Policy describes:
- The types of information we collect about you from our website available at https://within3.com (our “Website”), directories, subscription lists, or other sources through our services (collectively, our “Services”).
- Our practices for collecting, using, maintaining, protecting, and disclosing that information.
This Policy applies to information we collect through third-party resources, both online and offline, as well as information we collect through the Services or in emails and other electronic messages between you and us.
Please read this Policy carefully to understand our practices regarding your information and how we will treat it. If you do not agree with our policies and practices, then please opt out of our Services by emailing us at [email protected]. By choosing not to opt out, you agree to the terms of this Policy. This Policy may change from time to time (see below, “Changes to this Policy”). Your continued decision to not opt out of our Services after we make changes is deemed to be acceptance of those changes, so please check the Policy periodically for updates.
2. What We Collect and How We Collect It
To ensure that we provide our customers with the best possible experience, we will store, use, and share Personal Information about you in accordance with this Policy. Personal Information is information that identifies, relates to, describes, references, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular user, household or device (“Personal Information”). In particular, the Services have collected the following categories of Personal Information from individuals within the last 12 months:
|Identifiers.||A real name, postal address, unique personal identifier, country of residence, online identifier, email address, account name, telephone number, healthcare specialty, and practice name.||YES|
|Biometric information.||Genetic, physiological, behavioral, and biological characteristics, or activity patterns used to extract a template or other identifier or identifying information, such as, fingerprints, faceprints, and voiceprints, iris or retina scans, keystroke, gait, or other physical patterns, and sleep, health, or exercise data.||NO|
|Internet or other similar network activity.||Browsing history, search history, information on a consumer’s interaction with a website, application, or advertisement.||YES|
|Professional or employment-related information.||Current or past job history or performance evaluations.||YES|
|Geolocation data.||Physical location or movements.||NO|
|Sensory data.||Audio, electronic, visual, thermal, olfactory, or similar information.||NO|
|Inferences drawn from other Personal Information.||Profile reflecting a person’s preferences, characteristics, predispositions, behavior, attitudes, abilities, and aptitudes.||YES|
We obtain the categories of Personal Information listed above from the following categories of sources:
- Directly from you. For example, when you:
- register yourself with the Services;
- place an online order;
- subscribe to one of our e-newsletters;
- review or comment on one of our products;
- submit a job application; or
- communicate with us, such as request information.
- From Third-Party Websites and Services. For example, we may collect information about you from third-party websites, directories, subscription lists, and other resources regardless of whether you have subscribed to the Services or not.
- Directly and indirectly from activity on our Services. For example, from Website usage details that are collected automatically. For more information on automatic information collection, please review the “Automated Information Collection” section below.
The information that we collect in each case will vary. In some cases, you may be able to provide Personal Information via email or free text boxes, such as contacting the Company to request further information. When providing your Personal Information, please provide only relevant information and do not provide unnecessary sensitive information, such as Social Security numbers, credit card information or other sensitive personal data, unless required for our services.
3. Automated Information Collection
In addition to the information that you provide to us, we may also collect information about you during your visit to our Website. We collect this information using automated tools that are detailed below. These tools may collect information about your behavior and your computer system, such as your internet address (IP Address), the pages you have viewed, and the actions you have taken while using the Website. Some of the tools we use to automatically collect information about you may include:
- Cookies. A “cookie” is a small data file transmitted from a website to your device’s hard drive. Cookies are usually defined in one of two ways, and we may use either (or both) of them:(1) session cookies, which do not stay on your device after you close your browser, and(2) persistent cookies, which remain on your device until you delete them or they expire.
Of course, if you do not wish to have cookies on your devices, you may turn them off at any time by modifying your internet browser’s settings. However, by disabling cookies on your device, you may be prohibited from full use of the Website’s features or lose access to some functionality.
- Web Beacons. A Web Beacon is an electronic image. Web Beacons can track certain things from your computer and can report activity back to a web server allowing us to understand some of your behavior. If you choose to receive emails from us, we may use Web Beacons to track your reaction to our emails. We may also use them to track if you click on the links and at what time and date you do so. Some of the third-party marketers we engage with may use Web Beacons to track your interaction with online advertising banners on our Website. This information is only collected in aggregate form and will not be linked to your Personal Information. Please note that any image file on a webpage can act as a Web Beacon.
- Embedded Web Links. Links provided in our emails and, in some cases, on third-party websites may include tracking technology embedded in the link. The tracking is accomplished through a redirection system. The redirection system allows us to understand how the link is being used by email recipients. Some of these links will enable us to identify that you have personally clicked on the link and this may be attached to the Personal Information that we hold about you. This data is used to improve our service to you and to help us understand the performance of our marketing campaigns.
- Third-party Websites and Services. We work with a number of service providers of marketing communications technology. These service providers may use various data collection methods to improve the performance of the marketing campaigns we are contracting them to provide. The information collected can be gathered on our Website and also on the websites where our marketing communications are appearing. For example, we may collect data where our banner advertisements are displayed on third-party websites.
4. How We Use Your Information
The information we gather and that you provide is collected to provide you information and the services you request, in addition to various other purposes, including, but not limited to:
- providing the information, products and Services our customers request;
- security, credit, or fraud prevention purposes;
- providing our customers with effective customer service;
- selling your Personal Information to interested third parties, including pharmaceutical companies and other life science industry organizations;
- contacting our customers with special offers and other information we believe will be of interest to them (in accordance with any privacy preferences you have expressed to us);
- contacting our customers and prospective customers with information and notices related to their use of the Services;
- better understanding our customer’s needs and interests;
- improving the content, functionality, and usability of the Services;
- improving our Services and additional Within3 products such as Connect and Discover;
- improving our marketing and promotional efforts; and
- any other purpose identified in an applicable privacy notice, click-through agreement or other agreement between you and us.
5. How We Share Your Information
We may share your Personal Information by disclosing it to a third party for a business purpose, including, in some cases, selling your Personal Information to interested third parties, such as pharmaceutical companies and other life science industry organizations.
In the preceding 12 months, we have disclosed the following categories of Personal Information for one or more business purposes:
- Internet or other similar network activity;
- Professional or employment-related information; and
- Inferences drawn from other Personal Information.
We disclose your Personal Information for a business purpose to the following categories of third parties:
- Our affiliates;
- Pharmaceutical companies;
- Life science industry organizations; and
- Third-party vendors who provide services that enhance our Services.
In addition, Within3 will share your Personal Information with itself to enhance and improve additional Within3 products. Except as described in this Policy, we will not share your information with third parties without your notice and consent, unless it is under one of the following circumstances:
- We believe that disclosure is reasonably necessary to comply with any applicable law, regulation, subpoena, or court order;
- To respond to duly authorized information requests from law enforcement or other governmental authorities;
- To investigate and prevent security threats, fraud, or other malicious activity; or
- To respond to an emergency that we believe in good faith requires us to disclose such information to assist in preventing the death or serious bodily injury of any person or Company employee.
Sale of Business or Merger. There are circumstances where the Company may decide to buy, sell, or reorganize its business in selected countries. Under these circumstances, it may be necessary to share or receive Personal Information with prospective or actual partners or affiliates. In such circumstances, the Company will ensure your information is used in accordance with this Policy.
In addition, we may publicly post through our websites or products, Personal Information that we have obtained through publicly available sources. This Personal information may incidentally match Personal Information you have provided to Within3. We will not post Personal Information you share with us that is not already publicly available through websites, directories, or forums where you have already shared Personal Information to third parties.
6. Your Choices and Selecting Your Privacy Preferences
We want to provide you with relevant information that you have requested. When possible, we will always provide options as to what information we collect and how you can manage any preferences that pertains to such information.
If we provide subscription-based services, such as email newsletters, we will allow you to make choices about what information you provide at the point of information collection or at any time after you have received a communication from us while you are subscribed. Transactional or service-oriented messages, such as delivery confirmation messages, are usually excluded from such preferences, as such messages are required to respond to your requests or to provide goods and services, and are not intended for the purposes of marketing.
We will not intentionally send you email newsletters and marketing emails unless you consent to receive such marketing information. After you request to receive these emails, you may opt out of them at any time by selecting the “unsubscribe” link at the bottom of each email. Please note that by opting out or unsubscribing you may affect other services you have requested we provide to you, in which email communication is a requirement of the service provided.
7. Accuracy and Access to Your Personal Information
We strive to maintain and process your information accurately. We have processes in place to maintain all of our information in accordance with relevant data governance frameworks and legal requirements. We employ technologies designed to help us maintain information accuracy on input and processing.
Where we can provide you access to your Personal Information in our possession, we may ask you for information to authenticate your identity. To view and change the Personal Information that you have provided to us, you can contact us directly for assistance.
8. Information of Minors
We do not intentionally seek to gather information from individuals under the age of 18. We do not target the Services to minors, and would not expect them to be engaging with our Services. We encourage parents and guardians to provide adequate protection measures to prevent minors from providing information unwillingly on the internet. If we are aware of any Personal Information that we have collected about minors, we will take steps to securely remove it from our systems.
9. Third-party Websites
10. Your California Rights
Shine the Light Law. California Civil Code Section 1798.83 permits California residents whose Personal Information is collected through our Services to request certain information regarding our disclosure of Personal Information to third parties for their direct marketing purposes. To make such a request, please send an email to [email protected], or write us at P.O. Box 450679, Westlake, Ohio 44145 .
Do Not Track Signals. Other than as disclosed in this Policy, the Services do not track users over time and across third-party websites to provide targeted advertising. Therefore, the Services do not operate any differently when it receives Do Not Track (“DNT”) signals from your internet web browser.
11. For Services Users or Visitors Outside of the United States
We do not warrant or represent this Policy or the Services’ use of your Personal Information complies with the laws of any particular jurisdiction around the world. Furthermore, to provide you with our services, we may store, process, and transmit information in the United States and other locations around the world, including countries that may not have the same privacy and security laws as yours. Regardless of the country in which such information is stored, we will process your Personal Information in accordance with this Policy.
12. For Services Users or Visitors in the European Union (“EU”)
Under the General Data Protection Regulation (Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016, or “GDPR”), individuals in the EU are afforded specific rights with respect to their Personal Information, or “personal data” as defined under the GDPR. For the purposes of this Policy, the Company operates as a data controller. Any personal data we collect from you is processed in the United States and under the terms of this Policy.
Any personal data we collect from you is processed in the legitimate interest of our business and providing our services to you as the lawful means of such processing. You may always withdraw your consent to our use of your personal data as described below. We will only retain your personal data for the time necessary to provide you the information and services to which you have consented, to comply with the law and in accordance with your rights below.
The Data Controller is:
NAME: Within3, Inc.
ADDRESS: P.O. Box 450679, Westlake, Ohio 44145
EMAIL ADDRESS: [email protected]
You can exercise any of the following rights, subject to verification of your identity, by notifying us as described below:
- Access. You may email us at [email protected] to request a copy of the personal data our Services databases currently contain.
- Automated Processing and Decision-Making. You may email us at [email protected] to request that we stop using your personal data for automated processing, such as profiling. In your email, please explain how you wish us to restrict automated processing of your personal data. When such restrictions are not possible, we will advise you accordingly. You can then choose to exercise any other rights under this Policy, to include withdrawing your consent to the processing of your personal data.
- Correction or Rectification. You can correct what personal data our Services database currently contains by emailing us at [email protected] to request that we correct or rectify any personal data that you have provided to us or that we have collected. We may not accommodate a request to change information if we believe the change would violate any law or legal requirement or cause information to be incorrect. Where applicable, we will ensure such changes are shared with trusted third parties.
- Restrict Processing. When applicable, you may restrict the processing of your personal data by submitting a request via email to [email protected] In your email, please explain how you wish us to restrict processing of your personal data. When such restrictions are not possible, we will advise you accordingly. You can then choose to exercise any other rights under this Policy, to include withdrawing your consent to the processing of your personal data. Where applicable, we will ensure such changes are shared with trusted third parties.
- Object to Processing. When applicable, you have the right to object to the processing of your personal data by submitting a request via email to [email protected]. When such objections are not possible, we will advise you accordingly. You can then choose to exercise any other rights under this Policy, to include withdrawing your consent to the processing of your personal data. Where applicable, we will ensure such changes are shared with trusted third parties.
- Portability. Upon request and when possible, we can provide you with copies of your personal data. You may submit a request via email to [email protected]. When such a request cannot be honored, we will advise you accordingly. You can then choose to exercise any other rights under this Policy, to include withdrawing your consent. Where applicable, we will ensure such changes are shared with any trusted third parties.
- Withdraw Consent. At any time, you may withdraw your consent to our processing of your personal data through the Services by notifying us via email at [email protected]. Please type the words “WITHDRAW CONSENT” in the subject line of your email. Upon receipt of such a withdrawal of consent, we will confirm receipt, take steps to authorize your identity, and proceed to stop processing your personal data. Where applicable, we will ensure such changes are shared with trusted third parties.
- Erasure. If you should wish to cease use of our Services and have your personal data deleted from our Services, then you may submit a request by emailing us at [email protected]. Upon receipt of such a request for erasure, we will confirm receipt, proceed to authorize your identity, and we will confirm once your personal data has been deleted. Where applicable, we will ensure such changes are shared with trusted third parties.
- Submit Complaints or Questions. If you wish to raise a complaint on how we have handled your personal data, you can contact us as described below. If you reside in a European Union member state, you may also lodge a complaint with the supervisory authority in your country.
13. Safeguarding the Information We Collect
We use reasonable technical, administrative, and physical safeguards in order to protect your Personal Information against accidental loss and from unauthorized access, use, alteration, and disclosure. However, we can never promise 100% security. Please also notify us of any actual or suspected unauthorized use of your Personal Information.
14. Changes to this Policy
15. How to Contact Us
We value your opinions and welcome your feedback. To contact us about this Policy or your Personal Information, please contact us by email at [email protected].