Last Updated: March 7, 2022
DEFINITION OF PERSONAL DATA
WHEN WE COLLECT DATA
Some functions of the Site and the Application can be used without requiring that you provide any information that would personally identify you.
At this time, we do not collect any Personal Data through the Application. Any data that you enter into the Application will not be retained within the Application, and will immediately be deleted as soon as your session is closed. As the developer of the Application, however, GRAPPA may receive certain data sets from Google Play and the Apple Store, comprising non-personally identifiable aggregated user data about the persons who download the Application. Because this data cannot be de-aggregated, used to identify you, or otherwise linked back to you, we do not treat such data as Personal Data.
In order to access certain features and benefits on our Site, you may need to submit, or we may collect, certain Personal Data from you. We use varying methods to collect Personal Data on the Site. Some types of Personal Data are collected through automated technologies, while others are provided directly by users of the Site. We discuss these methods below in the section titled “Data That We Collect”.
DATA THAT WE COLLECT
From time to time, you may provide various types of information about yourself to us through the Site. Our purposes for using or otherwise processing Personal Data are described in the section titled “Our Uses of Personal Data” below.
Generally, you may provide us with two categories of data: User Data and Site Usage Data. The types of information that you may provide in each category, along with the technologies that we use to collect such information, are generally described in the sub-sections below:
“User Data” is the Personal Data that you provide to us directly when you sign up to receive informational e-mails from us, register for a membership account, provide your curriculum vitae as part of the membership application process, update or change information for your account, apply for project grant applications through our Site, send us e-mail messages, and/or otherwise participate in other services on our Site.
Any User Data that we receive about you is provided directly by you, or on your behalf, on a voluntary basis. We describe the most common types of User Data that you may expect to provide below:
- Account Registration. If you register for an account on our Site, you may be required to provide us with Personal Data such as your name, your e-mail address. As part of the process of becoming a member of GRAPPA, you may also be required to provide other Personal Data, including (without limitation) your mailing address, the name of your current and past employer(s), your field(s) of specialization, your industry, your education history, your organizational sponsor, and any other Personal Data that you elect to include in your curriculum vitae.
- Subscription To Receive Notices. GRAPPA offers users and members the ability to subscribe and to receive updates about organization meetings as well as GRAPPA-related events and projects via e-mail. Such events and projects include, without limitation, current research and data relating to diagnosis, treatment and pathogenesis of psoriasis and psoriatic arthritis. In order to subscribe to these services, you may be required to provide us with Personal Data such as your name and e-mail address.
From time to time, we may also collect additional Personal Data when you or others provide your curriculum vitae in the membership process, or provide content to be posted on the Site. We may use such data for any of the foregoing items (account registration, communications, and notifications), as well as to assess our resources, projects, and opportunities for members.
Unless expressly requested, you should not provide any Personal Data or other information of a personal or sensitive nature, whether relating to you or another person, either by posting such information on the Site or by providing such information through your communications to us.
Site Usage Data
When users come to our Site, we automatically track and collect information about those visits in our server logs from the user’s browser or device. This information is known as “Site Usage Data”. Information that we automatically collect may include Personal Data such as the user’s IP address, geolocation data, device identification, browser type, and operating system, as well as the referring or exit pages, the page(s) requested, and cookie information. Based on the user’s IP address, we may be able to obtain further Personal Data about the user, such as the identity of their internet service provider and the geographic location of their point of connectivity. Other types of information that we collect as Site Usage Data includes aggregate data such as the pages of our Site that were visited, the order in which those pages were visited, when they were visited, and which hyperlinks were "clicked” on our Site. We do not treat Site Usage Data as Personal Data if it falls within the category of aggregate data.
We collect the information described in the sub-section titled “Site Usage Data” by using certain technologies known as ‘cookies’ or ‘web beacons’. A cookie is a piece of data that is stored on your hard drive and records your preferences and other data about your visit to the Site. Web beacons are small, invisible graphic images that allow the collection of certain information and monitor user activity on the Site.
Many internet browsers will allow you to erase cookies from your hard drive, block acceptance of cookies, or receive a warning before a cookie is stored. However, if you block cookies on our Site, some portions of the Site may not function as intended.
OUR USES OF PERSONAL DATA
In general, we use Personal Data that we collect from you to process your requests, to facilitate your use and our administration and operation of the Site, to provide you with information or services you request, to inform you about events, services, research, and projects we think will be of interest to you, and to learn more about and improve the Site and for the purpose for which information was provided. Some of the ways in which we may use the information that we collect include:
- establishing and managing your membership in GRAPPA
- providing you with the services you request and enable the use of features on the Site
- sending you account-related e-mails
- contacting you about our or a third party’s volunteer opportunities, initiatives, research studies, projects, special events, or other activities
- responding to your e-mails, submissions, comments, requests for technical support or assistance, or complaints
- developing, customizing, and improving the Site, the Application, and the resources that GRAPPA provides (including without limitation diagnosing technical and service problems, administering our Site; managing our communications; analyzing and enhancing our services, the Application, and the Site; protecting the security of our networks and information systems; and performing accounting, auditing, invoicing and reconciliation activities in our capacity as a non-profit research organization)
- identifying and protecting against fraud, prohibited or illegal activities, as well as potential third-party claims and other liabilities
- generally complying with applicable laws, rules, and regulations
Please note that our Site is not designed to respond to "do not track" requests from browsers.
SHARING OF PERSONAL DATA
- We may share Personal Data with third parties when you request that we do so or otherwise give your consent.
- For example, contract research organizations and biopharmaceutical companies that wish to receive training modules from GRAPPA for their clinical trial investigators may be required to provide Personal Data to Trifecta Clinical, which assists us in structuring clinical research trials.
- From time to time, we may share Personal Data with consultants, vendors, and service providers (“Service Providers”) who assist us in providing our services. These Service Providers may include vendors and suppliers that provide us with technology, services, and/or other content related to the operation and maintenance of the Site. Our Service Providers may have limited access to your Personal Data in the course of providing their products or services to us. These third parties are not authorized by us to use or disclose the information except as necessary to perform services on our behalf or comply with legal requirements.
- One example of a Service Provider is MemberClicks, which assists GRAPPA in managing and administering the Site.
- GRAPPA may share your Personal Data with various government authorities:
- if we are required to do so by law, regulation, or legal process (such as a court order or subpoena)
- in response to requests by government agencies, such as law enforcement authorities
- when we believe disclosure is necessary or appropriate to prevent physical harm or financial loss in connection with an investigation of suspected or actual illegal activity; and/or
- if we have a good faith belief that the disclosure is necessary or appropriate to comply with law or legal process.
In such cases, we reserve the right to raise or waive any legal objection or right available to us at our discretion.
- We also may share your Personal Data when we believe it is appropriate to investigate, prevent, or take action regarding illegal or suspected illegal activities; to protect and defend the rights, property, or safety of GRAPPA, the Site, our members, our users, or others; to prevent and protect GRAPPA and its users from fraudulent, abusive, unlawful, or unauthorized use of the Site; to otherwise enforce our rights and
- We reserve the right to disclose or transfer any information we have about you as part of, or during negotiations of, any merger, sale of company assets, or acquisition, or in any other situation where Personal Data may be transferred as one of GRAPPA’s assets.
PROTECTING PERSONAL DATA
We strive to protect your Personal Data while it is under our control. Your account information is accessible online only through the use of a password. For more information regarding the security of the Site, please click here.
To help protect the confidentiality of your Personal Data, you must keep your password confidential and not disclose it to any other person. You are responsible for all uses of the Site by any person using your password. Please advise us immediately if you believe your password has been compromised or misused.
YOUR RESPONSIBILITIES; OPTING OUT OF COMMUNICATIONS
You are responsible for verifying the accuracy of the Personal Data you submit to GRAPPA and ensuring that any Personal Data that you provide is kept up to date for the purposes for which you provide it. Inaccurate information may affect your ability to use the Site, the information you receive when using the Site, and our ability to contact you. For example, your e-mail address should be kept current because that is one of the primary methods that we use to communicate with you.
We only send e-mails to persons who have provided their e-mail addresses directly to us and who have consented to receive communications from us. If you do not wish to receive e-mails from GRAPPA, you may opt out by logging in to your account settings online and updating your contact preferences.
Please note, even if you opt out of receiving promotional e-mails from GRAPPA, you may still receive relationship e-mails from us, including responses to e-mails that you sent to us prior to opting out, notices of updates or changes to our policies and procedures, or other messages relating to your account, your membership in GRAPPA, and/or your use of the Site.
Additionally, because our system for processing opt-out requests is not automatic, your request may not be processed immediately. You may continue to receive some communications from us during the processing period.
Regarding Use of the Site by Children
The Site is not designed for use by children under the age of 16, nor do we knowingly collect any Personal Data from children under the age of 16.
Regarding Links to Other Websites
Regarding Our Exemption from the California Consumer Privacy Act
RIGHTS OF SITE USERS IN THE EUROPEAN UNION
This section provides details about the Personal Data we collect about users of the European Economic Area, Switzerland, and/or the United Kingdom, (collectively the “EU”), and the rights afforded to them regarding the processing of their Personal Data under the EU General Data Protection Regulation (“GDPR”)
Personal information. For details about the Personal Data we collect, please see the section titled “Data That We Collect” above.
Lawful grounds. If you reside in the EU, we rely on the following lawful grounds to collect, store, use, and otherwise process your Personal Data:
- Processing of your Personal Data is necessary for the legitimate business interest of GRAPPA or a third party
- Processing of your Personal Data is necessary for complying with our legal obligations.
Transfer to the United States. While we have offices based in the Netherlands, GRAPPA’s headquarters is located in the United States. As such, we will transfer your Personal Data for processing in the United States from time to time. We make the transfer to the United States in the absence of an adequacy decision (after July 16, 2020) because it is necessary for the performance of a contract with you, or with your explicit consent. We take appropriate measures to provide adequate protection for the transfer and processing of your Personal Data in the United States.
Individual rights and requests. If you are a resident of the European Union, you may send data subject requests to firstname.lastname@example.org to take any of the following actions:
- To withdraw your consent for the processing of your Personal Data at any time
- To notify us that you wish to access, transfer, rectify or erase your Personal Data, or to restrict or object to the processing of your Personal Data; or
- To request access to, transfer of, and rectification or erasure of your Personal Data, or restriction of processing, or to object to processing of your Personal Data.
Please specify the nature of your request and the information that is the subject of your request. We may require you to submit additional information necessary to verify your identity and status as an EU data subject. We will respond to your request directly within 30 days.
Note, however, that if we are processing your personal data based upon the lawful ground of your consent, you have the right to withdraw your consent for such processing at any time without affecting the lawfulness of the processing based on consent before it is withdrawn.
Retention. We retain your Personal Data for as long as necessary for the purpose in which it was collected to either perform a contract, or for our or a third party’s legitimate interest, or for the purpose for which you consented.
CHANGES TO THIS POLICY
We will endeavor to respond to your complaint, inquiry, or information request to the extent possible, in a timely and efficient manner.
- Online Form:
- United States:
Group for Research and Assessment of Psoriasis and Psoriatic Arthritis (GRAPPA)
3213 W. Wheeler St. #35
Seattle, WA 98199
- European Union:
Stichting Group for Research and Assessment of Psoriasis and Psoriatic Arthritis EU (GRAPPA EU)
1435 HW Rijsenhout