The American College of Physicians (ACP) is committed to protecting the privacy of its members and customers. This document describes the information we collect from our web sites and digital products such as our mobile applications, how we use it and your rights in connection with such use.
What personal information do we collect?
Information you provide to us:
When you sign up for our services, we ask you for information such as:
- Your name and contact information (phone, mailing address, email)
- Date of birth
- Education and professional information such as medical school, residency training information, specialty, type and size of practice
- Information you post to online forums or in our customer support web chat console
- Purchasing and payment information (though credit card information is not stored)
- Authentication data (your username and password)
- Author and peer review information
When you use our websites/online services without signing in, you will not be able to access certain restricted content and features. A small amount of information is still collected automatically, though, in order for us to personalize your experience and to learn about the usage of our websites and online services so we can make improvements. This information includes:
- Information about the device(s) you use to access our websites, such as operating system, web browser, and mobile device manufacturers
- Location information
- Information about service usage, such as the amount of time you spend on each page
This information is necessary for us to provide you the Services. If you do not provide this information we would not be able to provide the Services to you.
Information we collect about you:
- Location Information: Information about your estimated location which may be deduced by various technologies including: IP address.
- Activity data: This includes information, such as the time and date of your request; the internet address of your computer; the browser and operating system you are using; the page which you are viewing; and the previous page that you visited (the referrer)
- Device Information: Information about the device you are using such as, hardware model, operating system, application version number and browser, mobile network information, IP addresses, user names, real names, email addresses and other custom properties.
If you have logged into password-protected areas of our web sites, we also record your username.
Cookies and other Technologies
ACP web sites send all visitors a cookie (small computer file) that contains a unique serial number. Each time our web server receives a request for a page, it checks to see if the cookie is present, which enables us to determine the traffic patterns of visitors as well as to identify repeat visitor traffic.
DMD Healthcare Communications Network Participation Disclosure
This website is a member of the DMD Healthcare Communications Network (the “HCN”). HCN is owned and managed by DMD Marketing Corp (“DMD”) and is designed to enable DMD and HCN members to provide medically relevant business communications to authenticated health care professionals.
Sign On Once to Access ACP Content
Single Sign-On allows ACP customers to log in across ACP's websites with a single username and password.
Log in to any ACP website using your ACP username and password. You will remain logged in to ACP’s websites via your current web browser for 90 days (unless your browser settings disable this functionality). Every time you access a controlled ACP website as a logged-in user, your browser authentication is renewed and that 90-day "clock" resets. If 90 days pass in which you don't access a controlled ACP website, you will need to log in again. Please note that regardless of login status, some ACP websites and ACP content are available exclusively to ACP members. If you are using a shared computer, always remember to log out.
Important: Usernames and passwords are case-sensitive. You must type them exactly as when you registered. Example: If you chose the password MySecret, then MYSECRET or mysecret will not work.
How We Use Your Information
We process your information for the following purposes as necessary to provide the services to you and perform our contract with you:
To process transactions. ACP uses personal information such as name, physical address, telephone number, email address, and company/institution to engage in interactions with you, including contacting you about your order, subscription, meeting participation, or membership. We use financial/credit card and payment information to process your order and may need to share some of this information with delivery services, credit card clearing houses, and other third parties to complete the transaction.
To provide support or other services. ACP may use your personal information to provide you with support or other services that you have ordered or requested. ACP may also use your personal information to respond directly to your requests for information, including registrations for newsletters, meetings or courses, or other specific requests, or pass your contact information to the appropriate ACP distributor or reseller for further follow-up related to your interests.
To provide information based on your needs and respond to your requests. ACP may use your personal information to provide you with notices of new product releases and service developments.
We process your information for the following purposes as part of our legitimate interest in the improvement and marketing of our services as well in the security of our services. We apply appropriate safeguard to protect your information as described below in the "Security and e-commerce" section.
To assess usage of ACP products and services. ACP may track your usage of ACP products and services to determine your level of usage, and those usage statistics may be made available to ACP’s content licensors and your company/institution if we are contractually obligated to do so.
To communicate with you about a meeting, conference, or event. We may communicate with you about a meeting, conference, or event hosted by ACP or one of our local chapters. This may include information about the event's content, event logistics, payment, updates, and additional information related to the event. ACP may contact you after the event about the event, subsequent iterations of the event and related events. Please note that ACP conference, meeting or event organizers, exhibitors, and other third parties may directly request your personal information at their conference booths or presentations. Providing your information to them is optional, and you should review their privacy policies to address your particular needs and concerns about how they will treat your personal information. Learn how to opt out of these communications.
To consider you for a higher member class or an ACP award. ACP may use personal information such as your name, education, work history, and volunteer activities to consider you for a higher member class or for an ACP award. ACP may need to share this information with your nominators, references, judges, and others parties involved in evaluating your eligibility. You may opt out of such sharing by contacting us at www.acponline.org/contact. Please note that this will prevent you from being evaluated, being classified in a higher class or receiving an award.
To assist in your participation in ACP activities. ACP will communicate with you, if you are participating in certain ACP activities such as ACP conferences, or authoring or reviewing ACP content. ACP may send you information such as newsletters related to those activities. Learn how to opt out of these communications.
To update you on relevant ACP benefits, programs, and opportunities. ACP may communicate with you regarding relevant ACP benefits, programs, and opportunities available to you, through your membership(s) with ACP. Learn how to opt out of these communications.
To include you in the ACP Member Directory. If you are an active member of ACP, we will include your information in the ACP Member Directory. The information in this database is drawn from membership applications, dues payment forms, product orders and other transactions between ACP and its members. If you choose not to have your information shared in the Member Directory, we will remove your data from the directory. To request exclusion from the Member Directory, please submit your request via www.acponline.org/contact.
How We Share Your Information
We share your information with our service providers, in connection with a business transaction, to comply with the law and to protect our legal rights. The legal basis for this is our legitimate interest in providing our services, complying with the law and protecting our rights and those of others. We apply appropriate safeguards for this sharing of your information as described below.
To engage with service providers. We share your personal data with third parties in connection with services that these individuals or entities perform for or with ACP. These third parties are restricted from using this data in any way other than to provide services for ACP or for the collaboration in which they and ACP are contractually engaged (for example, hosting an ACP database or engaging in data processing on ACP's behalf, or mailing you information that you requested, as well as operations and maintenance contractors). These third parties are carefully selected by ACP, their access to your personal information is limited to the information reasonably necessary in order for them to perform their services for ACP and they are obligated to keep your data secure and not use or disclose your personal information for any purpose other than providing us with products and services.
To protect ACP content and services. We use your information to prevent potentially illegal activities and to enforce our terms and conditions. We also use a variety of technical systems to detect and address anomalous activity and to screen content to prevent abuse, such as spam. These efforts may, on occasion, result in a temporary or permanent suspension or termination of some functions for some users.
To comply with legal requirements and to protect your rights. ACP may release personal information to third parties: (1) to comply with valid legal requirements such as a law, regulation, search warrant, subpoena or court order, including to meet national security or law enforcement requirements; or (2) in special cases, such as a physical threat to you or others. In the event that we are legally compelled to disclose your personal information to a third party, we will notify you unless doing so would violate the law or court order.
In the context of business reorganization. ACP will share your information if we are involved in a merger, acquisition, consolidation, change of control or sale of all or a portion of our assets or if we undergo bankruptcy or liquidation.
How You Can Control Your Information
Online interest based Advertising: You can manage or turn off ad personalization by Google by accessing your ad settings while logged into your Google account (https://adssettings.google.com). To opt out of interest-based advertising or to learn more about the use of this information by our Service Providers you can visit the Network Advertising Initiative (www.networkadvertising.org/managing/opt_out.asp) or the Digital Advertising Alliance (www.aboutads.info/choices/). If you choose to opt out, we will place an "opt-out cookie" on your computer. The "opt-out cookie" is browser specific and device specific and only lasts until cookies are cleared from your browser or device. The opt-out cookie will not work for some cookies that are important to how our websites and mobile apps work ("essential cookies"). If the cookie is removed or deleted, if you upgrade your browser or if you visit us from a different computer, you will need to return and update your preferences.
Cookies: You may use the ACP's web sites without accepting cookies. The "Help" function in your web browser explains how to manage cookies while using the Internet. Please note, however, that some services, such as the Internal Medicine Meeting Day Planner, the Shopping Cart, MyACP, and the SSO system will not work if your browser will not accept cookies.
Email promotional communications: To delete your name from our email contact lists you can change the preferences directly via MyACP (www.acponline.org/myacp), by contacting Member and Product Support directly at: www.acponline.org/contact or by clicking the "unsubscribe" link found in every email sent to you.
Removal from Member Directory: To request exclusion from the ACP Member Directory, please submit your request via www.acponline.org/contact.
Security and e-commerce
All of our websites are delivered via standard secured HTTPS protocols, ensuring that your data is safely encrypted. Our secure server certificate is issued by VeriSign. All of our databases and systems storing any personal information are governed by a Data Protection Policy and we routinely engage security auditors to ensure that our systems remain secure in accordance with privacy and security standards.
Our secure server enables you to transmit a credit card number to us with confidence. We do not store your credit card number after your transaction has been processed and we strictly adhere to current Payment Card Industry Data Security Standards (PCI DSS) and routinely engage auditors to verify this compliance.
Your Rights Under EU and U.S. State(s) Data Protection Laws
If EU data protection laws or U.S. state legislation in your state apply to our processing of your information, you may be entitled by law to access, correct, amend, or delete personal information about you that we hold. A list of the rights under the EU GDPR law is below and additional information is available in our message about GDPR.
Rights under U.S. state laws vary by state, so in order to facilitate proactive compliance, we invite your questions at www.acponline.org/contact or you may specifically make data removal requests via this form.
You can control the information we have about you and how we use it in several ways. If you are a registered user, you can review, revise, and correct the personal data that you have provided to ACP directly via MyACP (www.acponline.org/myacp), or by contacting us directly at: www.acponline.org/contact. You can request that data be deleted or make another request in connection with the rights below by contacting us via this same link.
In the event that we refuse a request under rights of access, we will provide the individual with a reason as to why. Individuals in the EU have the right to complain as outlined in the "Complaints" section.
A list of your rights as defined by the GDPR is below:
- Right of access – the right to request a copy of the information that we hold about the you.
- Right of rectification – the right to correct data that we hold about you that is inaccurate or incomplete.
- Right to be forgotten – in certain circumstances you can ask for the data we hold about you to be erased from our records.
- Right to restriction of processing – where certain conditions apply to have a right to restrict the processing.
- Right of portability – the right to have the data we hold about you transferred to another organization.
- Right to object – the right to object to certain types of processing such as direct marketing.
- Right to object to automated processing, including profiling – the right to not be subject to the legal effects of automated processing or profiling. We do not currently engage in any automated processing or profiling of individuals we know reside in the EU.
How Long We Keep Your Information
You can deactivate your account or request that we remove personally identifiable information by contacting us at www.acponline.org/contact.
We may temporarily retain some information after you request deactivation for specific purposes to the extent that we are obliged to do so in accordance with applicable laws and regulations and/or as necessary to protect our legal rights or for certain business requirements. For example, when we process your payments, we will retain this data for longer periods of time as required for tax or accounting purposes. Some of the specific reasons we would retain some data for longer periods of time include:
- Security, fraud and abuse prevention – i.e. to protect you, other people, and us from fraud, abuse, and unauthorized access.
- Financial record-keeping - when you make a payment to us we are often required to retain this information for long period of time for purposes of accounting, dispute resolution and compliance with tax, anti-money laundering, and other financial regulations
- Complying with legal or regulatory requirements – to meet any applicable law, regulation, legal process or enforceable governmental request, as required to enforce our terms of service, including investigation of potential violations
- Direct communications with us - if you have directly communicated with us, through a customer support channel, feedback form, or a bug report, we may retain reasonable records of those communications.
Even if you request that your account be deactivated, the deletion of your data by our third party providers may not be immediate and some of the deleted information may persist in backup copies for a reasonable period of time. For any privacy or data-protection-related questions, please contact us.
Processing in the United States
Browser Do Not Track
The Services do not support Do Not Track at this time. Do Not Track (DNT) is a privacy preference you can set in your web browser to indicate that you do not want certain information about your webpage visits collected across websites when you have not interacted with that service on the page. For all the details, including how to turn on Do Not Track, visit donottrack.us.
Protecting Children's Privacy
You must be 18 years or older to use our Services We do not knowingly accept personal information from any child under the age of 16. If it is brought to our attention that we have inadvertently received personal information from a child under 16, we will immediately remove all personal and identifiable information from our records or seek parental consent as may be required.
Questions and Complaints
If you have any questions or complaints about our privacy practices, please contact us directly at: www.acponline.org/contact or in writing to:
American College of Physicians, Inc.
Member and Product Support
190 N. Independence Mall West
Philadelphia, PA 19106
If you reside in the EU, in the event your concerns in connection with how we process your information are not addressed you can file a complaint with the data protection supervisory authority in the country of your residence.
Digital Millennium Copyright Act: Notice and Take Down Procedure for Making Claims of Copyright Infringement by ACP on ACPOnline.org
If you ("Copyright Owner") believe copyrighted work is available on this website in a way that constitutes copyright infringement, you may notify the following designated agent of the American College of Physicians, Inc. ("Operator") in writing. While you are welcome to phone with queries, we cannot process take down requests made telephonically.
American College of Physicians, Inc.
Office of Legal Services
DMCA Agent: April Oeffler
190 N. Independence Mall West
Philadelphia, PA 19106
(p) 215-351-2791 (f) 215-351-2449 (e) firstname.lastname@example.org
Your written notification (the "Notification") to the above-referenced designated agent must include substantially all of the following:
- Identification of the copyrighted work that is the subject of the claimed infringement or, if multiple copyrighted works are involved, a representative list of such works;
- Identification of the allegedly infringing material, together with information reasonably sufficient to permit Operator to locate such material (for example, the URL of web page on which the material appears with optional screenshot);
- Information reasonably sufficient to permit Operator to contact you, such as your full name, address, telephone number and email address;
- A statement by you that you have a good faith belief that the copyrighted work identified in the Notification is being used in a manner that is not authorized by the copyright owner, its agent or the law;
- A statement by you, signed under penalty of perjury, that the information contained in the Notification is accurate and that you are authorized to act on behalf of the owner of the copyrighted work that is allegedly being infringed; and
- A physical or electronic signature of the owner of the copyrighted work or a person authorized to act on its behalf.
Upon receipt of a Notification containing substantially all of the foregoing, Operator may take the following steps:
- Remove or disable access to the allegedly infringing material;
- Forward the Notification to the alleged infringer (the "Impacted Party"); and
- Take reasonable steps to promptly notify the Impacted Party that Operator has removed or disabled access to the allegedly infringing material.
The Impacted Party may submit a counter notification in writing to the above-referenced designated agent of Operator. The written counter notification (the "Counter Notification") must include substantially all of the following:
- Identification of the allegedly infringing material that was removed or disabled by Operator and the location where the material appeared before it was removed or access to it was disabled;
- A statement under penalty of perjury that the Impacted Party has a good faith belief that the allegedly infringing material was removed or disabled as a result of mistake or misidentification of the material to be removed or disabled;
- The Impacted Party's name, address and telephone number and a statement that the Impacted Party consents to the jurisdiction of the United States federal district court for the judicial district in which the address provided by the Impacted Party is located and will accept service of process from you. If the Impacted Party is located outside the United States, the Impacted Party must include a statement that it consents to the jurisdiction of any United States federal district court in which Operator may be found; and
- A physical or electronic signature of the Impacted Party.
Upon receipt of a Counter Notification containing substantially all of the foregoing, Operator will take the following steps:
- Send you a copy of the Counter Notification;
- Inform you that it will replace the allegedly infringing material or cease disabling access to it within ten (10) business days; and
- Replace the removed allegedly infringing material or cease disabling access to it not less than ten (10) nor more than fourteen (14) business days following receipt of the Counter Notification; provided you have not supplied the designated agent with evidence that you have filed an action seeking a court order to restrain the Impacted Party from engaging in the infringing activity that was the subject of the Notification.
Operator's policy is to terminate the online privileges of individuals who repeatedly violate the copyrights of others.