This policy sets out how the International Pain and Spine Intervention Society (IPSIS) handles your personal information.
The Type of Personal Information IPSIS Collects
IPSIS collects certain personal information about
visitors and users of our sites. The most common type of information IPSIS collects includes things like: user-names, names, email addresses, other contact details, survey responses, photos, payment information, content you direct us to make available
on our sites (such as job postings), and web analytics data.
How IPSIS Collects Personal Information
IPSIS collects personal information directly when you provide it to the Society, automatically as you navigate through
the sites, or through other people when you use services associated with the sites.
We collect your personal information when you provide it to us when you complete a membership application and buy items or services on our sites, subscribe
to our email list, submit feedback, fill out non-anonymous surveys, or communicate with IPSIS.
Personal Information IPSIS Collects About You from Others
Although we generally collect personal information directly from
you, on occasion we also collect certain categories of personal information about you from other sources. In particular: financial and/or transaction details from payment providers in order to process payments and third-party service providers like
Your Membership (association software platform), Facebook (social networking platform), and Gather Digital (mobile app platform), which may provide information about you when you link, connect, or login to your accounts with the third-party provider.
The information varies and is controlled by that service provider or as authorized by you via your privacy settings with those service providers.
How IPSIS Uses Personal Information
IPSIS will use your personal information
to provide you information about: IPSIS educational offerings, news about advocacy and research, and membership dues. IPSIS also makes member contact information available through the IPSIS Membership Directory to other members using its sites and
to those who register for conferences.
IPSIS also will use your personal information where this is necessary for purposes which are in our, or third parties, legitimate interests. These interests include:
- operating the sites;
- providing you with services described on the sites;
- verifying your identity when you sign in to any of our sites;
- customizing our services and websites, where this involves the use of cookies or similar technologies in order to provide a more personalized experience.
- helping facilitate the resolution of any questions;
- updating you with operational news and information about our sites and services, e.g., to notify you about changes to our sites;
- carrying out technical analysis to determine how to improve the sites and services we provide;
- managing our relationship with you, e.g., by responding to your comments or queries submitted to us on the sites or gathering data from survey instruments to produce CME certificates;
- training IPSIS staff about how to best serve our user community;
- improving our products and services;
- advertising our products and services; and
- providing general administrative and performance functions and activities.
When IPSIS Discloses Your Personal Information
IPSIS will disclose personal information to the following recipients:
- subcontractors and service providers who assist us in connection with the ways we use personal information (as set out above); badge production/management contractors; and payment processing, accounting, bookkeeping, and audit services. (IPSIS does
not maintain credit card payment information; however, subcontractors and services providers maintain credit card, check, and wire transfer details for audit purposes.);
- exhibitors, on a limited (email address only) single-use basis, only after review by the IPSIS staff for appropriateness; and
- other recipients where we are authorized or required by law to do so.
Where IPSIS Transfers and/or Stores Your Personal Information
IPSIS takes care to work with subcontractors and service providers who we believe maintain an acceptable standard of data security compliance.
How IPSIS Keeps Your Personal Information Secure
IPSIS stores personal information on secure servers that are managed by us and our service providers and occasionally hard copy files that are kept in a secure location. Personal information that we store or transmit is protected by security and
access controls, including username and password authentication, two-factor authentication, and data encryption where appropriate.
How You Can Access Your Personal Information
You can access some of the personal information
that we collect about you by logging in to your account. You also have the right to make a request to access other personal information we hold about you and to request corrections of any errors in that data. You can also close the account you have
with us for any of our sites at any time. To make an access or correction request, contact the IPSIS staff using the contact details at the end of this policy.
Marketing Choices Regarding Your Personal Information
Where
we have your consent to do so (e.g., if you have subscribed to one of our email lists or have indicated that you are interested in receiving offers or information from us), we send you marketing communications by email about products and services
that we feel may be of interest to you. You can âopt-outâ of such communications if you would prefer not to receive them in the future by using the âunsubscribeâ facility provided in the communication itself.
You also have choices about
cookies, as described below. By modifying your browser preferences, you have the choice to accept all cookies, to be notified when a cookie is set, or to reject all cookies. If you choose to reject cookies, some parts of our sites may not work properly
in your case.
Cookies and Web Analytics
When you visit our sites, or open our emails, certain information is recorded:
- your IP address or proxy server IP address;
- the domain name you requested;
- the date and time of your visit to the website;
- the length of your session;
- the pages which you have accessed;
- the file URL you look at and information relating to it;
- the website which referred you to our sites; and
- the operating system which your device uses.
Information about Children
IPSIS does not knowingly collect personal data online from or market online to children. Any guest badges a meeting attendee may purchase for a child will result in that name being utilized only for purposes
of event admission.
How Long IPSIS Keeps Your Personal Information
SIS retains your personal information for as long as is necessary to provide services to you and others and to comply with our legal obligations.
If you no longer want us to use your personal information or to provide you with services, you can request that we erase your personal information and close your IPSIS membership account. Please note that if you request the erasure of your personal
information we will retain information from deleted accounts as necessary for our legitimate business interests, to comply with the law, prevent fraud, collect fees, resolve disputes, troubleshoot problems, assist with investigations, enforce the
terms of service, and take other actions permitted by law. The information we retain will be handled in accordance with this Privacy Policy.
Updates to This Policy
IPSIS will need to change this policy from time to
time in order to make sure it stays up to date with the latest legal requirements and any changes to our privacy management practices. We reserve the right to amend the Privacy Policy at any time, for any reason. When this policy does change, we will
make sure to notify you about such changes where required. The date of the latest revision to the Privacy Policy will be indicated by the date at the bottom of this page.
Data Security
We have put in place appropriate
security measures to prevent your personal information from being accidentally lost, used or accessed in an unauthorized way, altered, or disclosed. In addition, we limit access to your personal information to those employees, agents, contractors,
and other third parties who have a business need to know. They will only process your personal information on our instructions and they are subject to a duty of confidentiality.
We have put in place procedures to deal with any suspected
data security breach and will notify you and any applicable regulator of a suspected breach where we are legally required to do so.
How You Can Contact Us
If you have any questions about our privacy practices or
the way in which we have been managing your personal information, please contact the IPSIS in writing at 120 E. Ogden Ave. Ste. 202, Hinsdale, Illinois 60521or membership@IPSISmed.org.
If You Are A User or Visitor in the European Economic Area These Rights Also Apply to You:
For the purposes of applicable EU data protection law (including the General Data Protection Regulation 2016/679 (the âGDPRâ), IPSIS
is a âdata controllerâ of your personal information.
How You Can Access Your Personal Information
You are entitled to ask IPSIS to provide you with a copy of your personal data, to erase it, or restrict its processing.
You also have rights to object to some processing that is based on our legitimate interests, such as profiling that we perform for the purposes of direct marketing, and, where we have asked for your consent to process your data, to withdraw this consent
as more fully described below.
These rights are limited in some situations; for example, we can demonstrate that we have a legal requirement to process your personal information. In some instances, this means that we may retain some data
even if you withdraw your consent. Where we require your personal information to comply with legal or contractual obligations, the provision of such data is mandatory; if such data is not provided, then we will not be able to manage our contractual
relationship with you or to meet obligations placed on us. In all other cases, provision of requested personal information is optional.
If you have unresolved concerns, you also have the right to complain to data protection authorities. The relevant data protection authority will be the data protection authority of the country: (i) of your habitual residence; (ii) of
your place of work; or (iii) in which you consider the alleged infringement has occurred.
Both personal information and personal data have the same meaning in the context of this Privacy Policy.
IPSIS Privacy Policy effective date September 11, 2023