United Medical Writing Privacy Policy
INTRODUCTION
This privacy policy sets out the basis on which we will process any Personal Information that we may collect about you as a visitor to our website at www.unitedmedicalwriting.com or our customers or potential customers, or other business partners or in any other cases where we specifically state that this policy will apply. This policy further sets out how we protect your privacy and your rights in respect of our use of your Personal Information.
WHAT IS PERSONAL INFORMATION?
Personal Information is any information that relates to an identified or identifiable living individual. Different pieces of information, which collected together can lead to the identification of a particular person, also constitute Personal Information.
WHY DO WE HAVE A PRIVACY POLICY?
The Montana Consumer Data Privacy Act (“MCDPA”) and the EU's General Data Protection Regulation (“GDPR”) control how your Personal Information is used by us.
WHAT ARE THE LEGAL BASES FOR PROCESSING Personal Information
All Personal Information that we obtain from you via our website will only be processed for the purposes described in more detail below. This is done within the framework of the MCDPA and the GDPR and only if at least one of the following applies: a) you have given your consent, b) the data is necessary for the fulfillment of a contract / pre-contractual measures, c) the data is necessary for the fulfillment of a legal obligation, or d) the data is necessary to protect the legitimate interests of our company, provided that your interests are not overridden.
WHAT Personal Information DO WE COLLECT FROM YOU?
We may collect and process the following Personal Information about you:
a) Personal Information that you give us:
This is information about you that you give to us by filling in forms on our website (or other forms that we ask you to complete), or corresponding with us by telephone, post, email or otherwise. It may include, for example, your name, address, email address and telephone number; information about your business relationship with us; and information about your requirements, background and the work required.
We also process the Personal Information involved in your use of our services in order to be able to provide our contractual services. This includes in particular our support, correspondence with you, invoicing, fulfillment of our contractual, accounting and tax obligations. Accordingly, the data is processed on the basis of fulfilling our contractual obligations and our legal obligations.
b) Personal Information that our website and other systems collect about you:
If you visit our website it will automatically collect some information about you and your visit, including the Internet protocol (IP) address used to connect your device to the Internet and some other information such as the pages on our site that you visit. This is used to monitor the performance of the website and improve the experience of visitors to the website.
We use so-called cookies on our website. Cookies are pieces of information that are transmitted from our web server or third-party web servers to your web browser and stored there for later retrieval. Cookies may be small files or other types of information storage. As set out in the MCDPA and the EU`s Privacy and Electronic Communications Directive (“PECD”), we need to obtain consent for the use of Non-essential Cookies. For further information on the cookies we use, please refer to our Cookie Policy.
Our website uses a cookie consent tool to obtain your consent to the storage of cookies and to document this consent. When you enter our website, the following Personal Information is transferred to us: i) Your consent(s) or revocation of your consent(s); ii) Your IP address; iii) Information about your browser; iv) Information about your device; v) Time of your visit to our website.
c) Other information:
We may also process aggregated data such as statistical or demographic data for any purpose including improving our website and services. Aggregated data could be derived from your Personal Information but is not considered Personal Information in law as this data will not directly or indirectly reveal your identity. However, if we combine or connect aggregated data with your Personal Information so that it can directly or indirectly identify you, we treat the combined data as Personal Information which will be used in accordance with this privacy policy.
DATA PROCESSING THROUGH THIRD-PARTY SERVICES
We use content or service offers of third-party providers on the basis of our legitimate interests in order to integrate their content and services ("content"). This always requires that the third-party providers of this content are aware of the IP address of the user, as without the IP address they would not be able to send the content to their browser. The IP address is therefore necessary for the display of this content.
The following provides an overview of third-party providers and their content, together with links to their privacy policies, which contain further information on the processing of data and so-called opt-out measures, if any: a) Hosting: Joomla; b) Content Management System: Joomla; b) Analytics: Google Analytics by Google; c) Fonts: Google Fonts by Google and Font Awesome of Fonticons;
HOW WILL WE USE YOUR Personal Information?
We may collect, store and use your Personal Information for the following purposes:
-
to operate, manage, develop and promote our business and, in particular, our relationship with you and related transactions including, for example:
-
marketing purposes (when we have either gathered prior opt-in consent and/or have a legitimate interest to send you communications which we believe to be relevant and of use to you);
-
accounting and billing / payment purposes;
-
to operate, administer and improve our website and other aspects of the way in which we conduct our business and operations;
-
to offer you our services;
-
to provide you with services or information that you may have requested; and
-
to keep you informed and updated on relevant or services you may be interested in.
-
to protect our business from fraud, money-laundering, breach of confidence, theft of proprietary materials and other financial or business crimes;
-
to comply with our legal and regulatory obligations and bring and defend legal claims and assert legal rights; and
-
if the purpose is directly connected with an assigned purpose previously made known to you.
We will only process your Personal Information as necessary so that we can pursue the purposes described above and where we have a legal basis for such processing. Where our lawful basis for processing is that such processing is necessary to pursue our legitimate interests, we will only process your Personal Information where we have concluded that our processing does not prejudice you or your privacy in a way that would override our legitimate interest. In exceptional circumstances we may also be required by law to disclose or otherwise process your Personal Information.
CHANGE OF PURPOSE
We will only use your Personal Information for the purposes for which we collected it as detailed above, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose. If we need to use your Personal Information for an unrelated purpose, we will notify you and we will explain the legal basis which allows us to do so.
DISCLOSURES OF YOUR PERSONAL INFORMATION
Your Personal Information will be shared internally to ensure the efficient operation of our business (for instance, by sourcing our shared services in the most cost-effective way) and to provide the highest quality of client services.
Where required, we will (subject to applicable laws, our professional obligations and any terms of business which we may enter into with you) disclose your Personal Information to:
-
any person or entity to whom we are required or requested to make such disclosure by any court of competent jurisdiction or by any governmental, taxation or other regulatory authority, law enforcement agency or similar body;
-
provide our website and service;
-
use marketing services and to advertise our services online;
-
our professional advisers or consultants, including lawyers, bankers, auditors, accountants and insurers providing consultancy, legal, banking, audit, accounting or insurance services to us;
-
any financial institutions providing finance to us;
-
service providers who provide information technology and system administration services to us; and
-
any external auditors who may carry out independent checks of your files.
We require any person or entity to whom we disclose Personal Information to respect the confidentiality and security of your Personal Information and to treat it in accordance with applicable laws and regulations. We do not allow such recipients of your Personal Information to use it for their own purposes, and we only permit them to process your Personal Information for specified purposes and in accordance with our instructions.
INTERNATIONAL TRANSFERS
We may transfer your Personal Information to other companies as necessary for the purposes described in this Privacy Policy. In order to provide adequate protection for your Personal Information when it is transferred, we have contractual arrangements regarding such transfers. We take all reasonable technical and organizational measures to protect the Personal Information we transfer.
HOW LONG DO WE KEEP YOUR PERSONAL INFORMATION?
We will delete your Personal Information when we no longer need such Personal Information, for instance where:
-
it is no longer necessary for us to retain your Personal Information to fulfill the purposes for which we had collected it;
-
we believe that your Personal Information that we hold is inaccurate; or
-
in certain cases where you have informed us that you no longer consent to our processing of your Personal Information.
Sometimes, however there are legal or regulatory requirements which may require us to retain your Personal Information for a specified period, and in such cases we will retain your Personal Information for such specified period; and we may need to retain your Personal Information for certain longer periods in relation to legal disputes, and in such cases we will retain it for such longer periods to the extent required.
HOW WE SECURE YOUR Personal Information
We take appropriate organizational, technical, and physical measures to help safeguard against accidental or unlawful destruction, loss, alteration, and unauthorized disclosure of, or access to, the Personal Information we collect and process. However, no method of collection, storage, or transmission is 100% secure. You are solely responsible for protecting your password, limiting access to your devices, and signing out of websites after your sessions.
LINKED SITES
For your convenience, there may be hyperlinks on our website that link to other websites. We are not responsible for, and this Privacy Policy does not apply to the privacy practices of any linked websites or of any companies that we do not own or control. The website links may collect information in addition to the information we collect.
We do not endorse any of these linked websites, their products, services, or any of the content on their websites. We encourage you to seek and read the privacy policy of each linked website that you visit to understand how the information that is collected about you is used and protected.
YOUR RIGHTS AND PRIVILEGES
-
Privacy rights
You can exercise the following rights:
-
The right to access;
-
The right to rectification;
-
The right to erasure;
-
The right to restrict processing;
-
The right to object to processing;
-
The right to data portability;
-
Updating your information and withdrawing your consent
If you believe that the information we hold about you is inaccurate or request its rectification, deletion, or object to legitimate interest processing, please do so by contacting us.
-
Access Request
In the event you want to make a Data Subject Access Request, please contact us. We will respond to requests regarding access and correction as soon as reasonably possible. Should we not be able to respond to your request within thirty (30) days, we will tell you why and when we will be able to respond to your request. If we are unable to provide you with any Personal Information or to make a correction requested by you, we will tell you why.
-
What we do not do
-
We do not request Personal Information from minors and children;
-
We do not process special category data without obtaining prior specific consent;
-
We do not process Health Insurance Portability and Accountability Act (HIPAA) Data without obtaining prior specific consent; and
-
We do not use Automated decision-making including profiling;
USA SPECIFIC PROVISIONS
The following applies to users located in other parts of the United States. While we understand and appreciate that privacy and consumer data protection laws differ as they are subject to each state's legislature and that no data protection framework exists on a federal level, we are committed to follow and apply the for your state relevant privacy rules and regulations.
As of the day of drafting, the following states had enacted privacy and consumer data protection laws:
-
California Consumer Privacy Act (“CCPA”) including its subsequent amendments from the California Privacy Rights and Enforcement Act (“CPRA”);
-
Colorado Privacy Act (“CPA”);
-
Connecticut Data Privacy Act (“CTDPA”);
-
Delaware Personal Data Privacy Act (“DPDPA”);
-
Indiana Consumer Data Protection Act (“ICDPA”);
-
Iowa Consumer Data Protection Act (“ICDPA”);
-
Oregon Consumer Privacy Act (“OCPA”);
-
Tennessee Information Protection Act (“TIPA”);
-
Texas Data Privacy and Security Act (“TDPSA”)
-
Utah Consumer Privacy Act (“UCPA”); and
-
Virginia Consumer Data Protection Act (“VCDPA”).
Further and under consideration of the similarities of the above provisions, no conflict should arise pursuing a uniform approach in granting all users in the USA the same rights and privileges as set out above. However, should ambiguity occur the most stringent provision is chosen to ensure the most comprehensive approach when it comes to protecting your Personal Data.
Further, the following also apply
-
“Shine the Light”
“Shine the Light” law (Civil Code Section 1798.83) requires us to respond to requests from California asking about the business’s practices related to disclosing Personal Data to third parties for the third parties’ direct marketing purposes. You may make a request about our collection and disclosure of your Personal Data using the contact details provided.
-
COPPA (Children Online Privacy Protection Act)
When it comes to the collection of Personal Data from children under the age of 13 years old, the Children’s Online Privacy Protection Act (COPPA) puts parents in control. The Federal Trade Commission, United States’ consumer protection agency, enforces the COPPA Rule, which spells out what operators of websites and online services must do to protect children’s privacy and safety online. We do not specifically market to children under the age of 13 years old.
-
CAN SPAM Act
The CAN-SPAM Act is a law that sets the rules for commercial email, establishes requirements for commercial messages, gives recipients the right to have emails stopped from being sent to them, and spells out tough penalties for violations. To be in accordance with CAN SPAM, we agree to the following: If at any time you would like to unsubscribe from receiving future emails, you can email us, and we will promptly remove you from ALL correspondence.
-
Telephone Consumer Protection Act (TCPA)
If we process your Personal Data for the purpose of sending you SMS marketing communications, you may manage your receipt of marketing and non-transactional communications from us by replying or texting ‘STOP’ if you receive our SMS communications. In this respect, the data processing is carried out solely on the basis of our consent in personalized direct advertising per SMS.
-
Controls For Do-Not-Track Features
Most web browsers and some mobile operating systems and mobile applications include a Do-Not-Track ('DNT') feature or setting you can activate to signal your privacy preference not to have data about your online browsing activities monitored and collected. At this stage no uniform technology standard for recognizing and implementing DNT signals has been finalized. As such, our website does not currently respond to DNT browser signals or any other mechanism that automatically communicates your choice not to be tracked online. If a standard for online tracking is adopted that we must follow in the future, we will inform you about that practice in a revised version of this Notice.
-
Right to complain
Finally, and in regard to the right to complain to a supervisory authority. You have the right to lodge a complaint about our processing of Personal Data with a supervisory authority responsible for data protection. Users based in the above mentioned States may lodge a complaint with the relevant district attorney or attorney general office. However, we would appreciate the opportunity to address your concerns before you contact any supervisory authority.
HELP AND COMPLAINTS
If you have any questions about this policy or the information we hold about you please call us on .(970) 388-2577 or use our Contact Form.
CHANGES
The first version of this policy was issued on Thursday July 11th 2024 and is the current version. Any prior versions are invalid and if we make changes to this policy, we will revise the effective date.