- Your Rights and Choices
- Contact and Electronic Communications
- Mission of ASH
- Information We Collect About You
- Log Information.
- How We Use Information
- Sharing and Disclosure
- Credit Card Information
- Controlling Your Information
- Opt Out and Opt In
- Cookies and Tracking
- Third-Party Links and Websites
- Social Media and Community Platforms
- How We Protect Your Information
- California Residents Rights (As provided by California Civil Code Section 1798.83)
- Information Regarding Commercial Electronic Messages ("CEM") in Canada
- General Data Protection Regulations (GDPR)
Your Rights and Choices
You may have certain rights regarding the PII we maintain about you. We offer you certain choices about what personally identifiable information we collect from you, how we use that information, and how we communicate with you. You may refrain from submitting information directly to us, although doing so may impact our ability to provide the products, services, and information you request.
Contact and Electronic Communications
By providing your information on our Sites and/or registering to become a member you agree that we can communicate with you electronically regarding any legal, regulatory, technical, security, privacy, administrative or consumer notification obligation relating to your use of the Sites or regarding your membership. We may use your email address to confirm your request, to send you notice of payments, to send you information about changes to our products and services, and to send notices and other disclosures as described above or as required by law. Generally, users cannot opt-out of these communications, but they will be primarily informational in nature rather than promotional.
American Society of Hematology
Attn: Privacy Officer
2021 L Street NW, Suite 900
Washington, DC 20036
You also may contact the ASH Customer Relations Department by phone at 866-828-1231 (U.S. toll free) or 001-202-776-0544 (for International callers), Monday through Friday from 8:30 a.m. to 5:00 p.m. Eastern time.
Mission of ASH
With more than 17,000 members from nearly 100 countries, the American Society of Hematology is the world's largest professional society serving both clinicians and scientists around the world who are working to conquer blood diseases. ASH's mission is to further the understanding, diagnosis, treatment, and prevention of disorders affecting the blood, bone marrow, and the immunologic, hemostatic and vascular systems, by promoting research, clinical care, education, training, and advocacy in hematology.
Information We Collect About You
Here are some examples and explanations of the ways in which we may collect, store, transfer, share or otherwise make your PII available to ASH.
- Participation and Engagement History. When you use our services and/or become a member of ASH we track your participation and engagement history and in some circumstances make this information available to other members of ASH or to the general public. Participation history may include information about your committee membership and participation generally in the mission of ASH. We maintain PII on all of our members that can be accessed through a secure online member directory. Inclusion in this directory is AUTOMATIC unless you OPT OUT in the membership options account settings. Inclusion in this directly means your information may be accessed only by other current ASH members through a password-protected, members-only area of the Sites.
- We also offer a voluntary, publicly accessible online directory of members through a section on our Site called "Find a Hematologist". Inclusion in this directory is based upon an affirmative OPT IN selection in address field table in your account settings. The Find a Hematologist directory allows patients and other members of the public to search for hematologists and provides users with contact information for members who have chosen to be listed in the directory. You may choose to OPT OUT of this directory at any time by accessing their membership profile and adjusting your account settings accordingly.
- Survey Data. The gathering of this information may include analysis and sharing of online surveys for which you may choose to participate.
- Contribution and Payment Information. We collect information on the amount of contributions you have made to ASH and your purchase history from the Sites.
- Award and Grant Recipient Data. When you accept an award or grant from ASH, we track your acceptance and engagement with the award/grant program and with your permission we may make your name, institution, and in some cases, your project topic, available to the general public.
"NPII" can be technical information or it can be demographic information, such as your age, gender, or interests. Non-personally identifiable information may also mean aggregated, non-identifiable or anonymized information. Non-personally identifiable information does not identify you personally. If you do provide us with non-personally identifiable information, we may use it for the purposes described in this statement or where it is collected, or any other legal purpose.
When you use our services or view content provided by ASH we automatically collect and store certain information in our server logs. This type of information includes details of how you used our service, IP address information described below, web pages that have been viewed by a visitor, domain type, device event information such as crashes, system activity, hardware, settings, browser type or version, browser language, the date and time of your request and referral URL.
- Internet Protocol (IP) address.
Your "IP address" is a number that lets computers attached to the Internet know where to send you data, such as the screens and pages of our services that you view. We use this information to deliver our screens and pages to you upon request, to tailor our services to the interests of you and our other visitors, and to measure traffic to and within our services.
- Demographic Information.
"Demographic information" may be your gender, age, zip code, and interests. We may collect such information about you through our services and use it to provide you with personalized services and to analyze trends to ensure that our services and the information on them is targeted to meet your needs. Certain demographic information may be deemed PII or otherwise receive additional protections under certain laws. Please note that we also consider aggregated information that is not personally identifiable to be non-personally identifiable information.
- Device Information.
"Device Information" may include information we collect such as your hardware model, operating system version, unique device identifiers and mobile network information including phone number. We may associate your device identifiers or phone number with your account.
- Location Information.
When you use ASH services we may collect and process information about your actual location. We use various technologies to determine location, including IP Address, Global Positioning Systems and other sensors that may provide ASH with information about nearby devices, Wi-Fi access points and cell towers.
How We Use Information
Personally Identifiable Information. If you do provide us with personally identifiable information, we will only use it for the purposes described in this statement or where it is collected.
We use personally identifiable information to provide you with services, to develop our membership and to provide members with certain opportunities, for Site troubleshooting and maintenance, to communicate with you about your membership, opportunities and our services, or to conduct marketing and fundraising research. We also use personally identifiable information in our services to:
- help us create and publish content most relevant to you;
- allow you access to certain areas of our Sites;
- register you as a Member and develop your profile and enable you to take advantage of the personalized features of our Sites;
- make our membership mailing list available to outside groups for educational purposes, including mailings about grant opportunities that could be beneficial to members, educational publications (e.g., medical textbooks, scientific journals), and educational programs or courses.
- alert you to special offers, updated information, and our other new services or those of other third-parties;
- forward promotional materials and to fulfill the terms of such promotion;
- complete a transaction or service requested by you;
- target our services to your needs;
- identify you as a poster or provider of content;
- contact you in response to sign up forms such as "Contact Us" or "Order Inquiry"; and allow you to register for meetings, submit abstracts, apply for award and grant programs, and to request additional information.
Reports. We periodically prepare analyses and reports reflecting visitor and member use of the services. In preparing these reports, we may combine and analyze the personal information you provide to us with information from other sources. However, these reports will only include aggregated information about visitors and members. The information in these reports will not identify individuals. Any business partner with whom such reports may be shared will also not be able to contact you from the information contained in the reports.
Sharing and Disclosure
Personally identifiable information. Primarily, we may share or disclose your personally identifiable information in the following instances:
- To fulfill a service to you.
- To offer you products from our affiliates, strategic partners, agents, or from third-party marketers and other unaffiliated parties that we believe may be of interest to you, or to assist such parties for research, administrative, and/or business purposes.
- These parties may contact you with an offer or advertisement related to a product or service, or they may use such information for their own research, administration or business purposes.
- To unaffiliated third-party service providers, agents, or independent contractors who help us maintain our services and with other administrative services (including, but not limited to, order processing and fulfillment, providing customer service, maintaining and analyzing data, sending customer communications on our behalf, and entry collection, winner selection and prize fulfillment for contests, sweepstakes, and other promotions). We seek to ensure that such unaffiliated third-parties will not use your personally identifiable information for any purpose other than that for which they are responsible. However, we cannot guarantee that they will not use it for any other purpose.
- To complete your purchase. If you choose to make a purchase on or through our services, we may ask you for your credit card number, billing address, and other information in connection with completing such purchase, and we may use such information to fulfill your purchase. We may also provide such information, or other personally identifiable information provided by you, to unaffiliated third-parties to complete your purchase (for example, to process your credit card).
- To comply with law, or in the good faith belief that such action is necessary to conform to the requirements of law, or comply with legal process served on us, and to protect and defend our rights or property, including our rights and property and our services, or act in urgent circumstances to protect the personal safety of you and our other visitors.
- To third parties as part of a corporate reorganization process including, but not limited to, mergers, acquisitions, and sales of all or substantially all of our assets.
- To track and analyze non-identifying, aggregate usage and volume statistical information from our visitors and customers and provide such information to third parties.
- To protect against fraud and potential fraud. We may verify the information you provide using our services through third parties. In the course of such verification, we may receive additional personally identifiable information about you from such services. In particular, if you use a credit card or debit card to purchase services with us, we may use card authorization and fraud screening services to verify that your card information and address match the information you supplied to us, and that the card has not been reported as lost or stolen.
Non-personally identifiable information. We may share and disclose your non-personally identifiable information for the purposes described in this statement or where it is collected, or any other legal purpose, including, when and where applicable, sharing and disclosing non-personally identifiable information combined with personally identifiable information.
Legal Disclosure. We may disclose information about you and your use of services if we believe that such disclosure is reasonably necessary to:
- Comply with the law and/or legal process where a formal request has been made (e.g. request from an administrative oversight agency, civil suit, subpoena, court order or judicial or administrative proceeding);
- Protect or defend our rights and/or property or the rights and property of others;
- Respond to claims that the content(s) of a communication violates the rights of another.
Credit Card Information
Users may be prompted to enter their credit card information, including, for example, when making purchases, renewing membership, or making a donation online. Any credit card information you may provide to us is secured during transmission over the Internet using industry-standard secure socket layer (SSL) encryption. We use your credit card information only to bill you for the products and services you order from us. We do not share your credit card information with anyone except as may be necessary or expedient to process your transactions or comply with law.
Controlling Your Information
As a convenience to our members, we provide a number of different opportunities to review and change information in your profile and to unsubscribe from our Services. For example, you can go to the website and log into your profile page to make desired changes.
Upon request we will attempt to delete such information, where technically feasible, after we receive a request from you to delete information. Please be advised that by requesting that your data be removed from our database, you will be unsubscribed from our services.
Please be advised that we may reject requests that are unreasonably repetitive, require disproportionate administrative or technical efforts, risk the privacy of other individuals or would be commercially unreasonable or impracticable.
We will retain your information for as long as your account is active or as needed to provide you services and as required by law, required for legal or operational purposes, to resolve disputes, or in accordance with our document retention policies and practices.
Please contact us if you wish to cancel your account or request that we no longer use your information to provide you services. We will retain and use your information as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements.
Opt Out and Opt In
Opt-Out of Communications:
You may choose not to receive promotional email communications from us and can opt-out of:
- receiving other types of communication from us, such as emails or updates regarding new services and products offered on or through our services and any new features or services on our services;
- sharing or disclosing your personally identifiable information with third parties.
You may exercise your opt-out by ticking or un-ticking the appropriate box, if there is a checkbox where such information is collected, or by contacting us. You also may opt-out of receiving such emails by clicking on the "unsubscribe" link within the text of the applicable email. We will process your unsubscribe request as soon as possible, but please be aware that in some circumstances you may receive a few more messages until your request is processed.
Opt-Out of Third Party Mailings
While we make our membership mailing list available to outside groups for educational purposes, including mailings about grant opportunities that could be beneficial to members, educational publications (e.g., medical textbooks, scientific journals), and educational programs or courses, ASH members who do not wish to have their mailing addresses shared with outside parties in this manner may opt-out by contacting ASH Member Services at 202-776-0544 or CustomerService@hematology.org.
The Sites and services are not intended for use by children. We do not intentionally gather personally identifiable information about visitors who are under the age of 13. If a child has provided us with personally identifiable information, a parent or guardian of that child may contact us to have the information deleted from our records. If you believe that we might have any information from a child under age 13, please contact us at CustomerService@hematology.org. If we learn that we have inadvertently collected the personal information of a child under 13, or equivalent minimum age depending on jurisdiction, we will take steps to delete the information as soon as possible.
Cookies and Tracking
Your browser may offer you a “Do Not Track” option, which allows you to signal to operators of websites and web applications and services (including behavioral advertising services) that you do not wish such operators to track certain of your online activities over time and across different websites. Our Services do not support Do Not Track requests at this time, which means that we collect information about your online activity while you are using our Services. We do not collect online activity after you leave our Services.
Third-Party Links and Websites
Social Media and Community Platforms
How We Protect Your Information
ASH maintains reasonable and appropriate measures to protect your information from loss, misuse and unauthorized access, disclosures, alterations and destruction taking in to account the risk involved in the processing and the nature of PII. Unfortunately, no site, server or database is completely secure or "hacker proof." We therefore cannot guarantee that information about you will not be disclosed, misused or lost by accident or by the unauthorized acts of others.
California Residents Rights (As provided by California Civil Code Section 1798.83)
A California resident who has provided personal information to a business with whom he/she has established a business relationship for personal, family, or household purposes ("California customer") is entitled to request information about whether the business has disclosed personal information to any third parties for the third parties' direct marketing purposes. In general, if the business has made such a disclosure of personal information, upon receipt of a request by a California customer, the business is required to provide a list of all third parties to whom personal information was disclosed in the preceding calendar year, as well as a list of the categories of personal information that were disclosed.
California customers may request further information about our compliance with this law by e-mailing CustomerService@hematology.org. Please note that we are only required to respond to one request per customer each year, and we are not required to respond to requests made by means other than through this e-mail address.
Information Regarding Commercial Electronic Messages ("CEM") in Canada
Canada's Anti-Spam Law requires that the Company obtain the express consent of Canadian citizens before sending an electronic message such as an email that contains a promotion about our products. We will ask you for your explicit consent when you provide us with your email address or other personal information through which we intend to encourage your participation in a commercial activity, such as a promotion for our products.
If you explicitly consent to receiving CEM, each communication sent to you will contain an option to unsubscribe to the communications or to revoke your consent to receive CEM. Alternatively, you can contact us at the address or email provided below in the "Contact Us" section to be removed from our mailing lists.
General Data Protection Regulations (GDPR)
Identification of Data Controller:
The Data Controller is the American Society of Hematology. ASH is located at 2021 L Street NW in Washington, DC. You may contact the ASH Customer Relations Department by phone, please call 866-828-1231 (U.S. toll free) or 001-202-776-0544 (for International callers), Monday through Friday from 8:30 a.m. to 5:00 p.m. Eastern time.
Identification of Data Protection Officer and Contact Details
You may contact the Data Privacy Officer by phone, 001-202-776-0544, Monday through Friday from 8:30 a.m. to 5:00 p.m. Eastern time, by email: firstname.lastname@example.org or by mail at 2021 L St., NW, Suite 900, Washington, DC 20036.
Identification of Primary Member State Supervisory/Data Protection Authority
You have the right to lodge a complaint regarding the processing of your Personal Data with us by contacting our Data Protection Officer listed above. You also may lodge a complaint with the Data Protection Authorities in the Member State where you habitually reside, work, or where an infringement occurred. You can find a list of Data Protection Authorities here.
Identification of Data Protection Representative
We have appointed DPR Group as our Data Protection Representative in the European Union so that you can contact our Representative directly in your home country. DPR Group has locations in each of the 28 EU countries.
If you want to raise a question to ASH, or otherwise exercise your rights in respect of your personal data, you may do so by contacting our Data Protection Officer listed above or by:
- sending an email to DPR Group at email@example.com,
- contacting DPR Group on its online webform at www.dpr.eu.com/ hematology, or
- mailing your inquiry to DPR Group at the most convenient of the addresses set forth below.
PLEASE NOTE: when mailing inquiries, it is ESSENTIAL that you mark your letters for “DPR Group” and not “American Society of Hematology” or your inquiry may not reach us. Please refer clearly to American Society of Hematology in your correspondence. On receiving your correspondence, ASH is likely to request evidence of your identity to ensure your personal data and information connected with it is not provided to anyone other than you.
If you have any concerns about how DPR Group will handle the personal data it will require to undertake its services, please refer to DPR Group’s privacy notice at https://www.dpr.eu.com/legal-privacy.
|Austria||DPR Group, City Tower, Brückenkopfgasse 1/6. Stock, Graz, 8020, Austria|
|Belgium||DPR Group, Place de L'Université 16, Louvain-La-Neuve, Waals Brabant, 1348, Belgium|
|Bulgaria||DPR Group, 132 Mimi Balkanska Str., Sofia, 1540, Bulgaria|
|Croatia||DPR Group, Ground & 9th Floor, Hoto Tower, Savska cesta 32, Zagreb, 10000, Croatia|
|Cyprus||DPR Group, Victory House, 205 Archbishop Makarios Avenue, Limassol, 3030, Cyprus|
|Czech Republic||DPR Group, IQ Ostrava Ground floor, 28. rijna 3346/91, Ostrava-mesto, Moravska, Ostrava, Czech Republic|
|Denmark||DPR Group, Lautruphøj 1-3, Ballerup, 2750, Denmark|
|Estonia||DPR Group, 2nd Floor, Tornimae 5, Tallinn, 10145, Estonia|
|Finland||DPR Group, Luna House, 5.krs, Mannerheimintie 12 B, Helsinki, 00100, Finland|
|France||DPR Group, 72 rue de Lessard, Rouen, 76100, France|
|Germany||DPR Group, 3rd and 4th floor, Altmarkt 10 B/ D, Dresden, 01067, Germany|
|Greece||DPR Group, 24 Lagoumitzi str, Athens, 17671, Greece|
|Hungary||DPR Group, EMKE Building, Rákóczi Út 42, Budapest, 1072, Hungary|
|Ireland||DPR Group, Phoenix House, Monahan Road, Cork, T12 H1XY, Republic of Ireland|
|Italy||DPR Group, BPM 335368, Via Roma 12, 10073 , Ciriè TO, Italy|
|Latvia||DPR Group, 4th & 5th floors, 14 Terbatas Street, Riga, LV-1011, Latvia|
|Lithuania||DPR Group, Vilniaus g.31, Vilnius, LT- 01402, Lithuania|
|Luxembourg||DPR Group, BPM 335368, Banzelt 4 A, 6921, Roodt-sur-Syre, Luxembourg|
|Malta||DPR Group, Tower Business Centre, 2nd floor, Tower Street, Swatar, BKR4013, Malta|
|Netherlands||DPR Group, Cuserstraat 93, Floor 2 and 3, Amsterdam, 1081 CN, Netherlands|
|Poland||DPR Group, Budynek Fronton ul Kamienna 21, Krakow, 31-403, Poland|
|Portugal||DPR Group, Torre de Monsanto, Rua Afonso Praça 30, 7th floor, Algès, Lisbon, 1495-061, Portugal|
|Romania||DPR Group, World Trade Centre, Piata Montreal no 10, Entrance F, 1st Floor, Sector 1, Bucharest, 11469, Romania|
|Slovakia||DPR Group, Apollo Business Centre II, Block E / 9th floor, 4D Prievozska, Bratislava, 821 09, Slovakia|
|Slovenia||DPR Group, Trg. Republike 3, Floor 3, Ljubljana, 1000, Slovenia|
|Spain||DPR Group, Puerta de las Naciones, Ribera del Loira 46, Madrid, 28042, Spain|
|Sweden||DPR Group, S:t Johannesgatan 2, 4th floor, Malmo, SE - 211 46, Sweden|
|United Kingdom||DPR Group, BPM 335368, 372 Old Street, EC1V 9AU, London, United Kingdom|
ASH processes your Personal Data for the following lawful purposes and based upon the legal justification set forth in the parenthetical:
Your submission of Personal Data to complete your membership application. (CONSENT)
Your submission of Personal Data to complete the sale of ASH publications, Webcasts and to obtain CME Test Credit. (CONTRACT)
Processing Personal Data associated with your participation as a Speaker or in association with your submission of content for ASH’s annual meeting (CONSENT)
Your submission of Personal Data for Registration at ASH’s annual meeting. (CONSENT)
Your submission of abstracts for ASH’s “Blood” publication (CONSENT)
Your submission of Personal Data to our third party vendors for enrollment in our awards program (CONSENT, CONTRACT)
Your submission of Personal Data to our third party vendors for services like our Resume Listing Feature. (CONSENT)
Legal Basis for Processing:
We process your Personal Data with your consent or subject to the performance of a contract to which you as the data subject are a party or alternatively in order to take steps at your request to enter into an agreement with ASH. You have the right to withdrawal your consent at any time. The Personal Data collected by ASH originates from the individual providing his/her Personal Data (either directly or through a clinical site) or, in the cases of the submission of abstract data, from such individual and other publically available sources.
Categories of Personal Data:
Generally, we collect the following data elements from you when we process your Personal Data for the purposes we described in this policy. We process:
- Your first and last name
- Date of birth
- A description of your professional associations and affiliations
- Your clinical and research interests
- Partial credit card information as part of a tokenized payment transaction
- Abstract text and image data from abstracts you submit or share with ASH
Recipients of Personal Data:
We share your Personal Data with our third party vendor partners on the basis of the consent you provide to us or in order to fulfil our contractual obligations as part of the services we provide to you when you decide to engage with us. The recipients of your Personal Data include our third party data processors, which include but are not limited to our software as a service partners consisting of our third-party database administrators, lead management vendors, third party application developers, attendee, exhibitor and registration vendors, and third party digital content managers. When we share your Personal Data with these third party vendors, we do so subject to a Data Protection Agreement to ensure that they are in compliance with the requirements of the GDPR.
These recipients process Personal Data for the below purposes:
- To fulfill a service to you in furtherance of your choices in order to fulfil the terms of a contractual agreement between you and ASH.
- Subject to your choices, in order to offer you products from our affiliates, strategic partners, agents, or from third-party marketers and other unaffiliated parties that we believe may be of interest to you, or to assist such parties for research, administrative, and/or business purposes.
- Subject to the execution of a data protection agreement, to unaffiliated third-party service providers, agents, or independent contractors who help us maintain our services and with other administrative services (including, but not limited to, order processing and fulfillment, providing customer service, maintaining and analyzing data, sending customer communications on our behalf, and entry collection, winner selection and prize fulfillment for contests, sweepstakes, and other promotions).
- To comply with law, or in the good faith belief that such action is necessary to conform to the requirements of law, or comply with legal process served on us, and to protect and defend our rights or property, including our rights and property and our services, or act in urgent circumstances to protect the personal safety of you and our other visitors. To the extent permitted, ASH will inform Data Subjects before making such disclosure and provide it with a reasonable opportunity to object to such disclosure.
- To third parties as part of a corporate reorganization process including, but not limited to, mergers, acquisitions, and sales of all or substantially all of our assets. To the extent permitted, ASH will inform Data Subjects before making such disclosure and provide it with a reasonable opportunity to object to such disclosure.
- Subject to your choices and your consent to track and analyze non-identifying, aggregate usage and volume statistical information from our visitors and customers and provide such information to third parties.
ASH will not disclose Personal Data to a third party except as stated below:
ASH may disclose Personal Data to subcontractors and third-party agents. Before disclosing Personal Data to a subcontractor or third-party agent, ASH will obtain assurances by contractual agreement from the recipient that it will: (i) transfer such data only for limited and specified purposes; (ii) ascertain that the subcontractor or third-party agent is obligated to provide at least the same level of privacy protection as is required by the GDPR; (iii) take reasonable and appropriate steps to ensure that subcontractors and third-party agents effectively process the personal information transferred in a manner consistent with the organization’s obligations under the GDPR; (iv) require subcontractors and third-party agents to notify the organization if it makes a determination that it can no longer meet its obligation to provide the same level of protection as is required by the GDPR; (v) upon notice, including under (iv), take reasonable and appropriate steps to stop and remediate unauthorized processing; and (vi) provide a summary or a representative copy of the relevant privacy provisions of its contract with subcontractors and third-party agents to the Supervisory Authorities upon request.
ASH may also be required to disclose, and may disclose, Personal Data in response to lawful requests by public authorities, including for the purpose of meeting national security or law enforcement requirements, or in the event of a merger or acquisition.
ASH is responsible for ensuring that (a) Personal Data collected is accurate, complete, current and reliable for its intended uses; and (b) Personal Data is retained only for as long as is necessary to accomplish the legitimate business purposes disclosed to the Data Subject and for any compatible purposes. ASH will cooperate with reasonable requests for assistance in meeting these obligations.
Retention of Personal Data:
Right of Access to your Personal Data
Data Subjects have the right to access the Personal Data an organization holds about them. If such Personal Data is inaccurate or processed in violation of the GDPR, a Data Subject may also request that Personal Data be corrected, amended, or deleted. When ASH receives Personal Data, it does so on behalf of the individual submitting such Personal Data. To request access to, or correction, amendment or deletion of, Personal Data, Data Subjects should contact ASH’s Data Protection Officer. ASH will cooperate with all reasonable requests to assist Data Subjects to exercise their rights under the GDPR.
Data Subjects have the right to opt out of (a) disclosures of their Personal Data to third parties not identified at the time of collection or subsequently authorized, and (b) uses of Personal Data for purposes materially different from those disclosed at the time of collection or subsequently authorized. Data Subjects who wish to limit the use or disclosure of their Personal Data should submit that request to ASH’s Data Protection Officer. ASH will cooperate with the Data Subjects’ instructions regarding Data Subjects’ choices.
See “How We Protect Your Data” above for further information about our security practices.
Transfers to the United States from the European Union:
ASH is a 501(c)(3) non-profit organization under Massachusetts law and is not subject to the jurisdiction of the Federal Trade Commission and is therefore ineligible to participate in the Privacy Shield. In using the Sites, your Personal Data will be transferred to the United States, which is not recognized as a country having adequate safeguards for the protection of Personal Data. ASH relies on Article 49 of the GDPR for transfers data collection from Data Subject in the EU and EEA. Transfers are made to ASH only if the data subject has explicitly consented to the proposed transfer after having been informed of the possible risks of such transfers. Additionally, ASH transfers data as necessary for the performance of a contract between you as the data subject and ASH as the Controller, to data processors who have an agreement with ASH that includes protecting your privacy and the security of your data, and in cases where your Personal Data is necessary for the implementation of pre-contractual measures taken in accordance with your requests. Finally, ASH transfers Personal Data in order to advance the science of Hematology, which is important to the interests of the public.
Last Modified: April 22, 2019.