Policies

Website Privacy Policy (last updated April 2, 2008)

Contents
1. Introduction
2. Certain General Principles, Terms, and Disclaimers
3. Who Collects Information Through the Website
4. Information We Collect and How it is Used
5.Disclosure of Your Personally Identifiable Information
6. Your Rights to View and Correct Information Submitted Voluntarily
7. Your Rights to Opt-out, Opt-in, or Limit Specific Uses and Disclosures of Your Personally Identifiable Information
8. What Security Procedures We Use to Protect Your Information
9. How the Interactive Areas of the Website Operate
10. Where You Can Get Questions Answered about the Foundation’s Privacy Policy
11. The Oncology Career Center
12. Glossary

1. Introduction

Your privacy is important to the Conquer Cancer Foundation, formerly known as The ASCO Cancer Foundation (hereafter in this Privacy Policy, “the Foundation,” “we,” or “us”). We recognize that cancer is a personal disease, and we want you to feel as comfortable as possible visiting the Foundation’s websites and using our services. To fulfill our mission, the Foundation must appropriately use information in order to better serve you. This Privacy Policy will tell you:


1. who collects information,
2. what information is collected and how this is done,
3. how the Foundation uses and discloses the information that is collected,
4. your rights to view and correct information submitted voluntarily,
5. your rights to opt-out, opt-in, or limit specific uses and disclosures of your information,
6. what security procedures we use to protect your information,
7. how the interactive areas of the Website operate,
8. how we comply with the Children’s Online Privacy Protection Act, and
9. where you can get questions answered about this Privacy Policy.
We hope that reading this Privacy Policy gives you a clear idea of how we manage information about you. Throughout this Privacy Policy, we have underlined various terms and hot-linked them to our Glossary (Section 13 of this Privacy Policy), or hot-linked to a relevant Section within this Privacy Policy, to help you better understand their meaning.


 

2. Certain General Principles, Terms, and Disclaimers

This Privacy Policy applies to the Foundation’s website (www.conquercancerfoundation.org), together with all other websites operated by the Foundation (collectively, the “Website”).

This Privacy Policy does not supersede the Terms of Use that governs your use of the Website. Any conflict between the two shall be determined in favor of the Terms of Use. The Foundation may change this Privacy Policy at any time and any changes will be effective immediately upon posting to this Site, so please check back regularly to ensure you read and understand our current privacy policies.

While information is critical to our ability to provide high-quality service to you, our most important asset is the trust that our visitors place in how we provide that service. Keeping visitor information secure, and using it only as our visitors would want us to, is a top priority for all of us at the Foundation. Consequently our privacy standards are designed to, on a commercially reasonable basis:


1.collect and use only the minimum information necessary for us to deliver high-quality service to users, to administer our business, and to let you know of products and services that are available from the Foundation,
2.protect the information our visitors share with us, maintaining strong standards of security and confidentiality,
3.require any other organization that we retain or engage to provide support services to us to conform to our privacy standards, and
4.keep visitor files, if any, complete, up to date, and accurate
Some features on the Website may require you to register as a user and to receive our authorization before you can use those particular features. Whether you are an individual or a corporation, partnership, or other form of commercial enterprise, in order for you to obtain our authorization to use those features and to be considered a registered user, you may be required to provide us with certain information about you or your business and, if a business, any or all individuals you designate to represent that business in connection with your use of the Website (e.g. names, addresses, e-mail addresses, telephone numbers, and other Personally Identifiable Information of each individual who will use the Website). Once we have authorized you as a registered user, we may provide you with a customer identification number and you will select a unique username and password. Generally, you will be able to change your password and any Personally Identifiable Information you have given us in order to protect the security of your password and reflect updates to your information (instructions on how to make these changes can be found in Section 6 of this Privacy Policy). If you are a designated representative of a business, keep in mind that a properly authorized representative of that business may revoke your status and, if we are notified of this revocation, the Foundation will immediately terminate your right to use the Website as a registered user representing that business. Please note that submitting information to us is not a guarantee or assurance that we will grant authorization to you or permit you, or anyone you designate, to use any or all of the services of the Website. If for any reason you are not granted authorization we will retain the information you submit to us only in order to communicate with you regarding your application; we may, however, request additional or follow-up information for audit purposes or as may be required by law or regulation.

If you are submitting Personally Identifiable Information on behalf of others in your family, business or other organization for registration purposes or otherwise, you represent that you have their permission, agreement and full authorization to provide this information to us. We reserve the right (i) to ask you to provide evidence of your authority at any time during, or even after, the submission process and (ii) to contact those individuals to confirm your authority at any time. If we determine that your authority has not been properly obtained, we may immediately and without notice to you discontinue your authorized use of those features of the Website for which you have registered.

 

3. Who Collects Information Through the Website

Subject to this Privacy Policy, the Terms of Use, and any other rules or policies applicable to the Website, the Foundation collects and is the sole owner of information collected through the Website.

The Foundation has provided links to other websites in order to provide those who use the Website with a better, more fulfilling experience. Once you enter another website (whether through an advertisement, service, or content link), be aware that the Foundation is not responsible for the privacy practices of such other sites (see also Section 10 of the Terms of Use). We encourage you to look for and review the privacy statements of each and every Web site that you visit through a link or sponsorship notice.

If you use the Website without registering, we will only collect anonymous “Non-Personal Information”, or “NPI”, about you through the use of Cookies and other technical means (described in more detail in this Section 4). If you choose to register with the Website to use interactive or other specific services, we require you to submit “Personally Identifiable Information”, or “PII”. While you may use some of the functionality of the Website without registration, many specific tools and services on the Website require registration and your submission of PII.

The following list provides examples of how we may use your Non-Personal Information (NPI) and Personally Identifiable Information (PII).


1.To display content we think may be of interest to you and otherwise help us customize what you see when you visit the Website.
2.To solicit user feedback to assess user-satisfaction or other needs and interests.
3.To help us in creating new tools, features, and services.
4.To provide you with notice of new features or other changes relating to the Website.
5.To contact you with regard to any registration you may have with the Website.
6.To confirm or fulfill an order you have made through the Website.
7.To send you materials on behalf of our partners.
8.To assess and monitor usage of the Website and specific features or services.
9.To monitor compliance with the Terms and Conditions, this Privacy Policy, and any other rules, agreements, or policies governing your use of the Website.
How we collect NPI. We collect Non-Personal Information about your use of the Website through our use of Cookies and through other technical means (e.g. Click Stream Information such as log files, Web Beacons, etc.). We encourage you to research online resources and learn about not only Cookies but also the other technical means through which information about you may be collected through Web sites you visit. Your browser software can be set to reject all Cookies. A “help” section of most browsers’ toolbar usually offers instructions on how to reset the browser to reject Cookies. If you reject our Cookies, certain functions and conveniences of the Website may not work properly, but we believe you do not have to accept our Cookies in order to productively use the Website.

Anonymous nature of NPI; linking of NPI and PII. Generally, the NPI we collect about you is attached to arbitrary, anonymous system names that are assigned to visitors when then enter the Website. Please note, however, that during the registration process, or at other times during your use of the Website, we may ask for your permission to link your NPI with your PII.

 

Examples of how we may use NPI. The anonymous, NPI we obtain from you is generally used to render, administer, and improve the Website, our services, and our business. We may use NPI to do any of the following (please note that this list is representative and provided only to assist you in understanding how we might use the NPI we collect).


1.To help dynamically generate content on web pages or in newsletters.
2.To statistically monitor how many people are using the Website.
3.To track generic user behavior (see, for example, the definition of “Click Stream Information”).
4.To monitor how many people open our emails.
5.To help us evaluate the purpose our users undertake certain activities, including those listed immediately above.
6.To determine the popularity of certain content.
7.To facilitate users’ log-in and navigation and as session timers.
8.To restrict underage use of our services.
Disclosure of Aggregate Information. The Foundation may provide Aggregate Information to third parties. For example, we might inform third parties regarding the number of users of the Website and the activities they conduct while on the Website. We might for example inform a pharmaceutical company (that may or may not be a sponsor of the Website) that “30% of our users live east of the Mississippi” or that “25% of our users have tried alternative medicine.” We require parties with whom we share Aggregate Information to agree that they will not attempt to make this information Personally Identifiable Information, such as by combining it with other databases.

How we collect PII. The PII that we collect and store generally consists of information gathered when you register with the Website for specific services and/or when you update any registration or profile information, but may also include other data input, forms, and information you provide to us whether electronically, by phone, by telecopier, in writing, in person, or by any other means. Your PII may also include information about your transactions and experiences with the Foundation, including account balances and purchasing activity. If you provide us with PII through the Website, we will give you the opportunity to “Opt-Out” of receiving future communications from us related to the specific service for which we requested that information. Section 7 of this Privacy Policy more specifically describes how to Opt-Out from and Opt-In to communications from us.

How we use PII. We use PII, and any data, personal or otherwise, that you provide and which may be saved on the Website, to provide our products and services. In addition to the ways in which we may use Non-Personal Information, examples of the ways in which we may use PII include but are not limited to: responding to your questions, providing to you the services you select, contacting you regarding the Foundation events or other news, advising you of products or services that may be available through the Foundation, sending you email about website maintenance and updates, contacting you as needed to address a suspected violation of the Terms of Use, this Privacy Policy, or any other rules or policies applicable to the Website, informing you of significant changes to this Privacy Policy, and otherwise rendering, administering, and improving the Website, our services, and our business. We may also use PII to contact users regarding sponsorship opportunities. The Foundation does not provide any of your PII to third parties without your permission or sell or market your PII to unaffiliated organizations.

If you are registered to use particular services, you acknowledge and also consent to our tracking activities and use of the Website under your username in connection with those services (e.g., in order to confirm and fill orders, maintain quality control and contact you concerning your orders, transactions, or subscriptions, should it be necessary or appropriate to do so).

Our (a) use of your PII and (b) handling of any e-mail sent to us by you through the Website (with regard to communications from clients and the public), will in each case be in a manner consistent with the Terms of Use, this Privacy Policy, any other rules or policies applicable to this Website, and all applicable laws, rules, and regulations.


 

5. Disclosure of Your Personally Identifiable Information

The Foundation will not disclose your Personally Identifiable Information to any third party other than: (i) to the American Society of Clinical Oncology (ASCO; www.asco.org), (ii) at your request, (iii) to outsource one or more of our internal functions, products, or services, or (iii) to private entities and law enforcement or other government officials as we, in our sole discretion, believe necessary or appropriate (a) to investigate or resolve possible problems or inquiries, (b) to protect our own business and assets, or (c) in special cases, such as a physical threat to you or others. If the Foundation does disclose your PII to third parties, we will make commercially reasonable efforts to require that the recipients thereof apply the terms of this Privacy Policy to that information as if they were the Foundation.

Despite the Foundation’s efforts to protect your PII, there is always some risk that an unauthorized third party may find a way around our security systems or that transmissions of information over the Internet will be intercepted. The Foundation is not responsible or liable for any loss or damage of any sort arising from or relating to any breach of our security or interception of your transmissions (see Terms of Use).

6. Your Rights to View and Correct Information Submitted Voluntarily

In most cases, the tools that collect and store Personally Identifiable Information allow you to correct, update or review that information (and any preferences) by logging-in to the specific service and making the desired changes to your registration information. In most cases you may also withdraw your registration by sending us an email at privacy@ascocancerfoundation.org. If you withdraw a registration with the Website your PII may not be deleted from our records and we may use that data for internal purposes.

7. Your Rights to Opt-out, Opt-in, or Limit Specific Uses and Disclosures of Your Personally Identifiable Information

When you register, you may be asked whether you want to receive special announcements and future newsletters by email. If you check “yes” but change your mind at any time in the future and no longer wish to receive our newsletter and other special announcements by email you will be able to Opt-Out of these services by: (a) going to your profile page within the applicable the Foundation service; (b) following the directions included at the bottom of any newsletter issue; and/or (c) sending us an email at privacy@ascocancerfoundation.org, and we will take you off the applicable list. You may also Opt-In to receive communications from us and our partners at the point of registration or by similarly following the instructions above.

8. What Security Procedures We Use to Protect Your Information

The Foundation is committed to keeping user information secure. Access to data and technology relating to user information is password protected and limited to authorized personnel. In addition, the Foundation uses industry standard technology to keep users’ information secure while residing on the Foundation’s servers.

Listed below are some of the security procedures that the Foundation uses to protect your privacy:


1.Requires both a personal username and a password in order for users to access their Personally Identifiable Information (PII).
2.Uses firewalls to protect information held in our servers.
3.Closely monitors the limited number of the Foundation employees who have access to your PII.
4.Requires all the Foundation employees to abide by our Privacy Policy and be subject to disciplinary action if they violate it.
5.Backs-up our systems to protect the integrity of your PII.

9. How the Interactive Areas of the Website Operate

As a service to our users, the Website may feature message boards, chat rooms, and/or other public forums where users with similar interests or medical conditions can share information and support one another or where users can post questions for experts to answer. We may also offer online discussions moderated by medical or health-care experts.

In addition, you may choose to use certain interactive content, tools, and services that ask you to voluntarily provide information about yourself. Some of these tools (like certain quizzes or calculators) do not retain information, while others may store information in accordance with the authorization you provide at the time you use the service or tool. Please be aware of this fact.

Any chat room, message board, or similar interactive service is by design open to the public and is not a private, secure service, and the Foundation is not responsible for the privacy of information voluntarily provided by a user in interactive areas. You should think carefully before disclosing any Personally Identifiable Information in any public forum because what you have written may be seen, disclosed to, or collected by third parties and may be used by others in ways we are unable to control or predict, including to contact you for purposes unauthorized by you.

10. Where You Can Get Questions Answered about the the Foundation’s Privacy Policy

If you have any questions or comments regarding this Privacy Policy, please contact: privacy@ascocancerfoundation.org. If you do not receive adequate resolution of a privacy related problem, you may write to the Foundation at: 2318 Mill Road, Suite 800, Alexandria, VA 22314, Attention: General Counsel.

11. Glossary

Aggregate Information. As a website gathers individual pieces of Non-Personal Information from its users, it may combine similar data from many or all the users of the website into one big “batch”. For example, the site may add up the total number of people in Peoria, Illinois, (but not their names) who are seeking information about pancreatic cancer and compare that to the number of people in Petaluma, California seeking the same information.

This sort of statistical information is called aggregate data because it reflects the habits and characteristics of a large group of anonymous people. Websites may use aggregate data or share it with business partners so that the information and services they provide best meet the needs of the users. Aggregate data also helps advertisers and sponsors on the Web know how effectively they are reaching and meeting the needs of their target audience.

Browser: Short for web browser, a browser is a software application used to locate and display pages of the Internet. The three most popular browsers are AOL, Microsoft Internet Explorer, and Netscape Navigator. Most modern browsers can present multimedia information, including sound and video, though they require plug-ins for some formats.

Click Stream Information. A record of all the pages you have visited during your visit to a particular website or the services you accessed from the site or from an email. Click Stream Information is associated with your browser and not with you personally. It records the archives of your browser.

Cookie. A small data file that is stored on the hard drive of the computer you use to view a website. Cookies are placed by that site or by a third party with a presence on the site, such as an advertiser using a Web Beacon and are accessible only by the party or site that placed the Cookie on the computer (i.e. a Cookie placed on your computer by the Foundation is not accessed by any other site you visit, but a Cookie placed on your computer by an advertiser may be accessed by any site on which that same advertiser has a presence). Cookies can contain pieces of Personally Identifiable Information. The Foundation encrypts any PII it stores in its Cookies. These Cookies often are used to make the site easier to use. For example, if you check a box to ask that we store your user name on your computer so that you don’t have to enter it each time you visit the site, it’s stored in a Cookie on your computer.

Encryption. The translation of data into a secret code. Encryption is the most effective way to achieve data security. To read an encrypted file, you must have access to a secret key or password that enables you to decrypt it. This is typically done by so called “secure computer systems”

Firewall. A system designed to prevent unauthorized access to or from a public or private network. Firewalls can be implemented in both hardware and software, or a combination of both. Firewalls are frequently used to prevent unauthorized users from accessing private portions of public networks. All messages entering or leaving the network pass through the firewall, which examines each message and blocks those that do not meet specified security criteria.

Non-Personal Information. Information that is not traceable back to any individual and cannot be used to identify an individual. For example, Click Stream Information is Non-Personal Information, as is information such as gender, age, city, and physical location, when not linked with other Personally Identifiable Information.

Opt-In. Means you are actively indicating your preference to participate in a program, email, feature, tool, or enhancement on a website. Typically, if you “Opt-in” you must provide certain information, usually Personally Identifiable Information, to the website or otherwise actively indicate your choice or preference to participate in the website program. For example, if you wish to receive a newsletter by email from The Journal of Clinical Oncology (www.jco.org), you must enter your email address and choose the type of newsletter by checking a box next to a statement such as: “Yes, I’d like to receive the JCO Newsletters.”

Opt-Out. Means that if you do not take some action you are indicating your preference to participate in a program, email, feature, tool, or enhancement on a website. Typically, if you “Opt-out” you must uncheck a box next to a stated preference or otherwise take some indicate action to indicate your preference not to participate in a program. For example, if you do not wish to receive promotional emails from the Foundation or its sponsors, you must uncheck the box in your email preference center that states: “Please send me special offers and communications from Cancer.Net and/or its partners that would interest me.”

Password. A secret series of characters, typically alphanumeric (meaning it consists of both letters and numbers) that enables a user to access a file, computer, or program. The user must enter its, his, or her password before the computer or system will respond to commands. The password helps ensure that unauthorized users do not access the system. In addition, data files and programs may require a password.

Ideally, the password should be something that nobody could guess. In practice, many people choose a password that is easy to remember, such as their name or their initials. This is one reason it is relatively easy to break into many computer systems.

Personally Identifiable Information (PII). Information that can be traced back to an individual (in contrast to Non-Personal Information and Aggregate Information ). Examples of PII include your name, home address, telephone number, email address, and Social Security number.

If other pieces of information are linked to PII, they also become PII. For example, if you use a nickname to chat online and give out your real name while chatting, your nickname becomes PII when linked with other PII.

Server. A computer that provides services to other computers. A “web server” stores web site files and “serves” them to people who request them.

SSL (Secure Sockets Layer). A security protocol developed by Netscape for transmitting private information via the Internet. SSL works by using a private key to encrypt data that’s transferred over the SSL connection. Both Microsoft Internet Explorer and Netscape Navigator support SSL, and many Web sites use the protocol to obtain confidential user information, such as credit card numbers. By convention, URLs that utilize an SSL connection start with https: instead of http. (http://www.webopedia.com/TERM/S/SSL.html)

Username. A name used to gain access to a computer system or program. Usernames, and often passwords, are required in shared systems, such as the Internet. In most such systems, users can choose their own usernames and passwords.

Web Beacons (also often referenced as “clear GIFs”, “web bugs”, “1-by-1 GIFs”, “Single-Pixal GIFs”, “1 x 1 Pixals”, or “clear Pixals”). Tiny graphic image files, imbedded in a web page in GIF, jpeg, or HTML format, that provide a presence on the web page and send back to its home server (which can belong to the host site, a network advertiser, or some other third party) information from the users’ browser, such as the IP address, the URL of the page on which the beacon is located, the type of browser that is accessing the site, and the ID number of any Cookies on the users’ computer previously placed by that server. Web Beacons can also be used to place a Cookie on the users’ browser.

www.asco.org © Copyright 2008 American Society of Clinical Oncology. All rights reserved worldwide.