European Union Privacy Statement

ADVANCED HEALTH MEDIA, L.L.C.

UNITED STATES-EUROPEAN UNION PRIVACY SHIELD PRIVACY STATEMENT

Introduction

Advanced Health Media, LLC (“AHM” or the “Company”) is a limited liability company formed under the laws of the State of Delaware in the United States of America. The Company has its principal place of business located at 420 Mountain Avenue, New Providence, NJ 07974. This statement sets forth the privacy standards that AHM utilizes to collect, retain, and use personal information obtained from individuals located within the European Union (“EU”) and the European Economic Area (“EEA”). This statement (“Privacy Shield Statement”) is published in accordance with the requirements set forth in the framework adopted between the European Commission and the United States (“US”) Department of Commerce establishing the EU-US Privacy Shield Framework for data privacy and security standards. It is AHM’s policy to respect, and protect, personally identifiable information from individuals in the EU as set forth in this Privacy Shield Statement.

AHM and the AHM Entities comply with the EU-US Privacy Shield Framework as set forth by the US Department of Commerce regarding the collection, use, and retention of personal information transferred from the European Union to the United States. AHM has certified to the Department of Commerce that it and the AHM Entities adhere to the Privacy Shield Principles. If there is any conflict between the terms in this privacy policy and the Privacy Shield Principles, the Privacy Shield Principles shall govern. To learn more about the Privacy Shield program, and to view our certification, please visit https://www.privacyshield.gov/

What Is the Scope of this Statement?

This Privacy Shield Statement sets forth the principles under which AHM collects, uses, processes, retains, and discloses Personal Data and/or Sensitive Data in the US from individuals located within the EU/EEA. AHM has general privacy policies which apply to information which is not received from individuals within the EU. AHM’s general privacy policy can be viewed at http://www.ahmdirect.com/privacypolicy. This statement covers information received in electronic or other formats.

Definitions:
 
“Data” means Personal Data (as defined below) and Sensitive Data (as defined below) collectively which is received from, or about, persons located within the EU.

“Personal Data” means information received from, or about, persons located in the EU that relates to an identified or identifiable individual, including information that can be linked to an identified or identifiable individual. Personal Data may also include “Sensitive Data.” Personal Data can include information supplied to us by you, or which is received from other sources.

“Sensitive Data” is a subset of Personal Data that is information from, or about, persons located in the EU relating to medical or health status; racial or ethnic background; political opinions, religious or philosophical beliefs, trade union membership, information relating to sex life or sexual orientation, and information relating to actual or alleged criminal history. Sensitive Data also includes any information that you (or the person/entity from which the information was obtained) advise(s) us that the Data is sensitive and the Data is treated as sensitive.

“Transfer” or “Transferred” includes communicating, disclosing, or accessing by electronic or other means, whether at the premises where the information is physically located, by remote access, or otherwise.

“we,” “our,” “us,” or the “AHM Entities” means AHM, Cogenix, LLC, Insite Research, LLC, Promedix, LLC, Advanced Health Media Services, LLC, AHM-RGB Holdings, LLC, AHM Genesis Healthcare, LLC, Advanced Health Media Services, Ltd., AHM-Centeon Management Group, LLC, AHM-Novus Communications, LLC, AHM Logistics, Inc., AHM Global Services, LLC, AHM Solutions, LLC, AHM Pharmasource Meeting Services, LLC.

Privacy Principles:

General: The Privacy Shield Framework was designed by the US Department of Commerce and European Commission to provide companies on both sides of the Atlantic with a mechanism to comply with EU data protection requirements when transferring personal data from the EU to the US. The Privacy Shield Framework establishes several Privacy Shield Principles and Supplemental Principles (the “Principles”). More information on the Principles can be found at https://www.privacyshield.gov/EU-US-Framework.

Notice: If you are asked to submit Data to us, we will advise you of the types of Data we may collect about you, the purposes for which we collect and use your Data, and the types of third-parties to which we may disclose your Data. Notice will be provided in clear and conspicuous language at the time of collection, or as soon thereafter as is practicable before disclosing it to a third-party. We will also advise you of any new uses for which we may collect and use your Data as soon thereafter as is practicable. Depending upon the type of Data which you are asked to submit, we may advise you in different ways, including electronically if you are asked to submit information via e-mail or through a website or portal of ours. We will also advise you how to contact us with any inquires or complaints about the collection, use, or handling of your Data.

Consistent with the Principles, we may not be in a position to be able to provide you with notice prior to disclosing your Data under certain limited circumstances such as, if we have to respond to a subpoena or other legal process, if disclosure is allowed under law, or if we need to disclose such information for other legitimate purposes which might include preventing fraud, protecting the Data, and/or guarding against or defending any potential liability.

Choice: With respect to Personal Data we gather from you, we will offer you the opportunity to decide whether your Personal Data should be disclosed to a third-party, or if your Personal Data is to be used for a purpose incompatible with the purpose for which it was originally collected. With respect to Personal Data, we will provide at least “opt-out” notice. “Opt-out” means that when you are advised of the types of Personal Data, proposed use, and types of parties to whom it may be disclosed, if you do not affirmatively take some action indicating that you do not wish us to collect, use, or disclose your Personal Data, we will deem your inaction an implicit consent to collect, use, and/or disclose your Personal Data.

In the event that the Data is, or includes, Sensitive Data, you will be given the ability to explicitly choose whether the Sensitive Data may be disclosed to a third-party, or if the Sensitive Data is to be used for a purpose incompatible with the purpose for which it was originally collected by explicit opt-in choice. “Opt-in” choice means that when you are advised of the types of Sensitive Data, proposed use, and types of parties to which it may be disclosed, if you do not affirmatively take some action indicating that you specifically consent to allow us to collect, use, or disclose your Sensitive Data, then you will not have consented to the collection, use, or disclosure of your Sensitive Data for a purpose other than those for which it was first collected or subsequently authorized by you. The opt-in notice for Sensitive Data may be limited to the extent allowed under the Privacy Shield Framework as set forth at https://www.privacyshield.gov/EU-US-Framework.

We will advise you with clear conspicuous, readily available, and affordable mechanisms to exercise your choice.

Onward Transfer: We will only Transfer your Data to third-parties if the third-parties: (a) have provided satisfactory assurances that they will adhere to privacy practices providing at least the same level of privacy protection as set forth in this statement; (b) are subject to EU data privacy laws or the data protection laws of another country which EU data protection authorities have deemed provide “adequate” data privacy protections; (c) have agreed to model contractual clauses deemed “adequate”; or, (d) have certified to the Privacy Shield Framework. If we have knowledge that a party to which we transfer information is using or sharing the Data in a way contrary to the principles set forth in this statement, we will take reasonable steps to attempt to stop or prevent the processing. If we fail to comply with these terms, we may be subject to liability.

Security: We take reasonable precautions to protect Personal Data from loss, misuse, unauthorized access, disclosure, alteration, and destruction. To the extent that we have any Sensitive Data, we will take greater care to protect the Sensitive Data from loss, misuse, unauthorized access, disclosure, alteration, and destruction.

Data Integrity: The Data we collect will be necessary for, and related to, the purposes for which it has been collected. We will not process Data in a way that is incompatible with the purposes for which it has been collected or subsequently authorized by the individual concerned. We will take reasonable steps to ensure that the Data is reliable, accurate, complete, and current for its intended use.

Access: We will provide you with reasonable access to your Data so that you may review what information we may have about you. You may request corrections, deletions, or additions as may be reasonably appropriate, except where the burden or expense of providing access would be disproportionate to the risks to your privacy, or where the rights of other persons would be violated. There may be other times when we may limit, or prevent, your access to your Data as described at https://www.privacyshield.gov/article?id=6-ACCESS.

Enforcement: We have established mechanisms to verify our ongoing compliance with these Principles. We encourage any person who has questions or complaints about our privacy practices under this statement to contact us at the contact information set forth below. We will seek to investigate any claims, address any concerns, and resolve any disputes made concerning the handling of Data in connection with the Principles of this Privacy Shield Statement. We will take steps to remedy any breaches of the Principles of this Privacy Shield Statement. If we are unable to remedy any such breaches, we may be subject to the investigatory and enforcement powers of the Federal Trade Commission.

Dispute Resolution: In compliance with the Privacy Shield Principles, AHM commits to resolve complaints about our collection or use of your personal information. Individuals in the E.U. with inquiries or complaints regarding our Privacy Shield policy should first contact AHM at:
Advanced Health Media, LLC
420 Mountain Avenue
New Providence, NJ 07974
Attn: Privacy Officer Michael J. Feldman, Esq.
e-mail: privacy(at)ahmdirect.com

AHM has further committed to refer unresolved Privacy Shield complaints to our third party alternative dispute resolution provider located in the United States. If you do not receive timely acknowledgement of your complaint from us, or if we have not addressed your complaint to your satisfaction, please contact or visit our third party dispute resolution provider at https://feedback-form.truste.com/watchdog/request for more information or to file a complaint. The services of our third party dispute resolution provider are provided at no cost to you. Under certain conditions, more fully described on the Privacy Shield website, you may be entitled to invoke binding arbitration when other dispute resolution procedures have been exhausted.

Limitation on Scope of Principles. Our adherence to these principles may be limited to the extent required to meet legal, governmental, national security, or public interest obligations.

Contact Information. Questions or comments about this statement, or any requests for access, or complaints, whether or not applying to AHM, should be submitted to the following address:
Advanced Health Media, LLC
420 Mountain Avenue
New Providence, NJ 07974
Attn: Privacy Officer Michael J. Feldman, Esq.
e-mail: privacy@ahmdirect.com