Privacy Policy
DIA respects the privacy of all its members and customers. This Privacy Policy applies to all information DIA collects or processes, including information collected via the DIA website and DIA branded sites including the DIA Communities, DIA Learning Center and DIA Global Forum websites, email and other electronic communications between you and DIA, event registrations, and information you provide to DIA offline, for example with a telephone call to customer service. By accessing or using the DIA website or the DIA branded sites, you agree to our website Terms and Conditions of Use. If you do not agree with our policies, your choice is to not use our websites or provide us with your information. Please review this Privacy Policy to stay informed about DIA’s policies regarding the information we collect.
-
Information Collected by DIA:
The information that DIA receives, and how we use it, depends on what you do when visiting our website or contacting us offline.
-
Information Provided by You on our Website or on DIA Landing Pages:
The DIA website will prompt you to voluntarily provide personal information if and when it is needed by DIA to provide a service or conduct a transaction that you have requested, such as registering as a member to gain access to members-only areas of the website or the personalized features of the website, ordering publications or registering for courses or meetings and webinars, downloading DIA products, accessing My Transcript to request credit for participation in an educational program, downloading a statement of credit, submitting information, joining a DIA Community, making an awards nomination entry, making contributions to DIA and communicating with DIA through email. The types of personal information that you may be asked to provide on the DIA web site include your first and last name, home, business or other mailing address, title, company or organization, telephone number, mobile number, email address and credit card information.
You may also go to a DIA Landing page form where we collect other personal information and preferences to better tailor your preferences. This information can include both checkboxes and free form entries where you describe the services you would like to receive from DIA.
-
Automatically Collected Information on our Website:
The DIA website automatically collects certain internet usage information from its visitors, such as the date and time you access the DIA website, the pages that you view while browsing the website, browser types and versions, geographic information, and device use. This information is used to help improve the DIA website, personalize your experience, analyze trends, and administer the website. All guests on the website can use the open portions anonymously with no personal data collected prior to login. We may track the number of users who visit areas of the website for internal use, but this tracking will not identify users.
-
Cookies and Tracking Technology:
The DIA website uses cookies to track site login information, order information, and other personalization. You can accept or decline DIA’s use of cookies on the website by modifying your web browser setting. However, to use the members-only areas or personalized features and for DIA to be able to correctly process the services in the members-only area, your browser must be set to accept cookies.
Some web browsers may transmit “do not track” signals to the websites with which the browser communicates. There is no standard that governs what, if anything, websites should do when they receive these signals. We do not currently take action in response to these signals. We may revise this policy if and when a standard for responding to these signals is established.
For information on how to disable cookie collection in different leading browsers see the below links:
Some web browsers may transmit “do not track” signals to the websites with which the browser communicates. There is no standard that governs what, if anything, websites should do when they receive these signals. We do not currently take action in response to these signals. We may revise this policy if and when a standard for responding to these signals is established.
We may use web analytics services, such as Google Analytics 4, to record and analyze your activity on this website. The website or any such service may track your browsing across web sites that use the same service.
The DIA website uses Google Analytics 4, a web analytics service provided by Google, Inc. (“Google”). Google Analytics 4 uses “cookies”, which are text files placed on your computer, to help the website analyze how users use the site. The information generated by the cookie about your use of the website will be given a non-personal identifier and then transmitted to and stored by Google on servers in the United States. On behalf of the website provider, Google will use this information for the purpose of evaluating your use of the website, compiling reports on website activity for website operators and providing other services relating to website activity and internet usage to the website provider. You may refuse the use of cookies by selecting the appropriate settings on your browser. However, please note that if you do this, you may not be able to use the full functionality of this website. Furthermore, you can prevent Google’s collection and use of data by downloading and installing the browser plug-in available under https://tools.google.com/dlpage/gaoptout?hl=en-GB.
The DIA website uses Sitecore for content management. Sitecore has built-in analytics services and enables DIA to provide you with a more relevant experience by showing you content based on your recently viewed pages. For detailed information on Sitecore's GDPR compliance commitment, https://kb.sitecore.net/articles/894584. Those analytics services function substantially like the analytics services provided by Google Analytics as described in the above paragraph.
If you log in to the DIA website, we can associate the details of your interactions recorded by the web analytics service provided by Google, Sitecore and our marketing system with your profile. If you start interacting with the website anonymously and then log in, the details of your interactions prior to the login will be associated with your profile. We may then tailor your interactions based on the data gathered but will not share the data outside of DIA. If you are logged in, your first name, last name and email address are stored in the Sitecore content management system. This information is only retrieved on the web site when you return in order to provide personalized content and is not otherwise shared.
If you receive emails from DIA, and you follow links within those emails to our website, you will be identified due to the code within the links and your interactions with our site will be recorded in our marketing system.
-
Purposes of Collection of Information on our website:
In support of the uses described above, DIA may use personal information for the following purposes:
- to respond to your requests;
- to render its services and/or deliver its products in according with its contractual obligations towards you;
- to contact you with information about upcoming events, programs, products and services of DIA and to provide updates and other notifications;
- for analytical purposes and to research, develop and improve DIA’s programs, products, and services and content, including the DIA website; and
- to enforce this Privacy Statement and the other rules regarding use of this website.
-
Photography, Audio and Video Recording at DIA Events:
If you attend a DIA event, we may take photographs of you at the event. We may also make video and audio recordings of events (both face to face and online) that may include your participation in the event, including your image, questions, and comments. DIA uses photography and recorded video and audio to promote our events and to make them available for later use to support DIA's mission to improve health and well-being worldwide by promoting the exchange of vital information and issues related to healthcare products, technologies and services. If our use of a recording requires consent by law, we will obtain that consent from you prior to any such use. Events go by extremely quickly. Attendees, speakers and exhibitors cannot attend all sessions and discussions. Photography and recordings are essential to allow attendees, speakers and exhibitors to learn from sessions and discussions they couldn't attend, capture the energy and atmosphere outside the official sessions, and allow persons who could not attend to view what transpired and learn from the event.
-
Security of Personal Information:
The security of personal information is important to DIA, and DIA employs various security measures and procedures to protect you against the unauthorized access, improper use, or loss of information that is collected through the DIA website and other means. DIA secures access to all transactional areas of the DIA website using ‘https’ technology. Credit card information is converted to encrypted tokens which provide secure access to payment gateways for recurring payments.
The security measures further include firewalls and other software and hardware protecting DIA sites and data from intrusion. DIA also controls access to its network by requiring credentials for DIA staff users. DIA has standard procedures for granting and revoking credentials. DIA enforces rules for length of passwords and characters included and requires users to change their passwords on a regular schedule. Within the applications storing personal information, DIA staff users are placed into security groups that limit their access to the information associated with performing their job functions.
However, those providing personal information to DIA should keep in mind that the DIA website, network, and information management system are run on software, hardware and networks, any component of which may, from time to time, require maintenance or experience problems or breaches of security. No method of transmission over the Internet or method of electronic storage is one hundred percent secure and we cannot guarantee its absolute security. Users of the website are solely responsible for maintaining the confidentiality of their username and password and are responsible for any unauthorized use.
-
Disclosures to Third Parties:
DIA will not sell, rent, exchange, publish or otherwise share your personal information with any third parties except as otherwise described in this Privacy Policy. In the ordinary course of business, DIA may engage third parties to provide services on its behalf, such as
- website hosting,
- packaging,
- payment services,
- mailing,
- customer service functions,
- online learning,
- job listings,
- podcasts,
- news aggregation,
- online community platforms,
- customer surveys,
- conference management partners,
- housing services.
DIA will only provide those companies the personal information necessary to perform the service and require such third parties to maintain the confidentiality of such information and to prohibit them from using that information for any other purpose. Such third parties may be located in inside or outside the EU/EEA or Switzerland. For information about the protection mechanisms in place for such transfers, see the below section "Disclosure to Third Countries".
DIA constantly strives to provide members and registered users of the DIA website with up-to-date webinars and white papers that are relevant for them and allow staying abreast of the latest developments. While these webinars and white papers are provided at no charge to the members and registered users, producing and providing them can be costly. DIA may invite third parties to create or pay for the creation or provision of such webinars and white papers. In these cases, persons registering for the webinar or downloading the white paper provide consent at the time of download for webinar and third party providers to contact them with messages asking to consider use of their products or services.
Member names and business contact information are made available to other members in DIA online communities to the extent the user agrees to share this information in privacy settings they control. DIA Communities are online forums that enable members to interact and form cross-disciplinary teams as they share information, raise concerns, mentor one another, and publish their shared work—accomplishing more as a group than any one person could alone. If you have a DIA account, you can review the Communities privacy settings here (login required).
DIA may also provide attendee lists to other attendees, speakers, or exhibitors of a DIA event. If provided, an attendee list will include publicly available information such as name, company, job title and country, but will not include personal data needed for communication such as email or phone number. Exhibitors receiving such a list check a box stating that information is for internal purposes only and not for any means of solicitation and will not be provided to other sources.
DIA may further disclose your personal information to the relevant authority if required to do so by law, or in the good faith belief that such action is necessary to comply with legal process, to protect the rights of DIA and its website or, in certain circumstances, to protect the health, safety or welfare of DIA or its employees, users of DIA’s products and services or members of the public.
-
Networking and Data Sharing:
DIA may offer events in a virtual delivery mode, meaning that the event is delivered via the internet and participants are accessing via internet enabled devices.
DIA may offer a networking application with a virtual event or as a mobile application with a face-to-face event. The primary purpose of this application is to collect contact information and to connect individuals for communication via the application. Participants, including exhibitors and sponsors, will be restricted to communication via the application during the event and for the period after the event when participants can return and view recorded sessions. Other participants, including exhibitors, must have your permission to communicate with you outside the application, for example by email. If you do not wish to engage in networking in which your contact information is shared with others for networking purposes, you may configure the application not to share your information.
Virtual and face to face events may also include areas and events which are sponsored by exhibitors. Language will indicate when this is the case. You will be asked for consent before providing contact information to the exhibitor. If you provide consent, the exhibitor may contact you subject to the terms of their privacy policy.
-
User Contributions:
You also may provide information to be published or displayed on DIA discussion boards, online forums, online communities, or other public areas of the website, or transmitted to other uses of the website or third parties (collectively, “User Contributions”). You provide User Contributions and transmit them to others at your own risk. We cannot control the actions of other users of the website with whom you may choose to share your User Contributions. Therefore, we cannot and do not guarantee that your User Contributions will not be viewed by unauthorized persons.
-
Disclosure to Third Countries:
Personal data collected in Switzerland and/or inside the EU/EEA, which is transferred to countries that have not been recognized by both the European Commission and the Swiss Federal Data Protection Commissioner as providing an adequate level of data protection, will only be transferred outside Switzerland and EU/EEA based on Standard Contractual Clauses adopted by the European Commission.
The servers DIA uses to collect and store information reside in the European Union. DIA may also process your personal data at its offices in the US, China, Japan, India and other countries outside the EU/EEA, including when DIA staff is working remotely and accesses your personal information from these other countries.
-
Your rights to your personal information:
You may review, update, or delete/anonymize the information and contact preferences you provided to DIA through the website by visiting the customer account area or contacting us at the email address below. In the customer account area, you may view and edit your personal information, opt-out of DIA mailings and other marketing information.
You have the right to opt-out of marketing communications we send you at any time. You can exercise this right by clicking on the “unsubscribe” or “opt-out” link in the marketing e-mails we send you. Please note that some non-marketing communications, such as product download and sales transactions, are not subject to general opt-out.
Members and other customers have the option to determine how they receive their various communications from DIA (i.e., whether they prefer to receive communications at their home email address rather than their work email address, etc.). After registration, members can change how they wish to receive their membership benefits and other customers can change how they wish to receive communications from DIA, through the My Subscriptions feature of their customer account area.
You have the right to request a copy from DIA about what personal data is held about you. For such a request, please send an email with the subject line: “Subject Access Request” to Privacy@DIAglobal.org. You also have the right to rectification, erasure, restriction of processing or objection to processing of personal data.
You further have the right to request that we stop processing your personal data for direct marketing (either through specific channels, or all channels).
If we have collected and process your personal information with your consent, then you can withdraw your consent at any time. Withdrawing your consent will not affect the lawfulness of any processing we conducted prior to your withdrawal, nor will it affect processing of your personal information conducted in reliance on lawful processing grounds other than consent.
-
Credit Card Account Information:
DIA does not use or disclose credit card account information provided by customers except as described in the “Disclosures to Third Parties” section of this Privacy Policy. We submit only the information needed to obtain payment to the appropriate clearinghouse. Credit card information is stored with an encrypted token within our association management system. By March 31, 2024, DIA will introduce a payment process that enables customers to start payments in an offline call or with a registration form submission and complete entry of credit card information in a secure online form. This will remove occasions where credit card information is shared with DIA staff prior to input.
-
Links to Non-DIA Websites:
This Privacy Policy does not apply to any other website not affiliated with DIA, and DIA is not responsible for content and privacy concerns involving non-DIA websites. Although the DIA website or e-mails sent by DIA link to other Internet websites, DIA takes no responsibility for the content or information contained on those other websites and does not exert any editorial or other control over those other websites, including their privacy practices. We recommend that you review the privacy practices of such other websites and make your own conclusions regarding the adequacy of their practices. For further information, please email DIA at Privacy@DIAglobal.org.
-
Legal Basis for Our Data Processing:
Our legal basis for collecting and using the personal information described above will depend on the personal information concerned and the specific context in which we collect it. We may collect and process your personal data, including:
(a) Consent: In specific situations, we can collect and process your data with your consent. For example, when you fill out a form to download a White Paper. When collecting your personal data, we always make clear to you which data is necessary in connection with a particular service.
(b) Contractual obligations: In certain circumstances, we need your personal data to comply with our contractual obligations. For example, if you register for an event, we collect your name to print your conference badge and your address to issue an invoice or receipt for the registration fee.
(c) Legal compliance: If the law requires us to, we may need to collect and process your data. For example, we can pass on details of people involved in fraud or other criminal activity affecting DIA to law enforcement.
(d) Legitimate interest: In specific situations, we process your data to pursue our legitimate interests in a way which might reasonably be expected as part of running our business, and which does not materially impact your rights, freedom, or interests. For example, we will use information about DIA events you attended and DIA resources you accessed to send you personalized offers. We will also use your address details to send you direct marketing information by email or postal mail, telling you about products and services that we think might interest you. You may opt out of such email communications at any time by updating your profile in the “my subscription” section. You can opt out of postal mail and email by emailing Privacy@DIAglobal.org or contacting DIA customer service.
-
Data retention:
We will retain personal information we collect from you where we have an ongoing legitimate business need to do so (for example, to provide you with a service you have requested or to comply with applicable legal, tax, or accounting requirements) and in addition with our internal data retention policies.
When we have no ongoing legitimate business need to process your personal information, we will either delete or anonymize it or, if this is not possible (for example, because your personal information has been stored in backup archives), we will securely store your personal information and isolate it from any further processing until deletion is possible.
-
Updates:
We may update this Privacy Policy from time to time in response to legal, technical, or business developments. When we update our Privacy Policy, we will take appropriate measures to inform you, which will be consistent with the significance of the changes we make. We will obtain your consent to any material Privacy Policy changes if and where this is required by applicable data protection laws.
You can see when this Privacy Policy was last updated by checking the “last updated” date displayed at the end of this Privacy Policy.
-
Protection of Children’s Personal Information:
Our website is intended for adults, such as our members. DIA does not knowingly collect any personal information from children under the age of 13. Please contact DIA at Privacy@DIAglobal.org if you suspect that DIA has collected any such information.
-
Complaints:
You have the right to lodge a complaint with the competent supervisory authority if you are under the impression that a data breach has occurred in the context of your use of the DIA website or DIA's services or about our collection and use of your personal information. Contact details for UK's data protection authority are available here. Contact details for data protection authorities in the European Economic Area are available here. Contact details for Switzerland’s data protection authority are available here.
-
Questions or Concerns:
DIA will respond promptly to resolve a data security issue when any member or individual who has provided personal information to DIA notifies DIA that he or she suspects that DIA has handled his or her information in a manner that does not comply with this Privacy Policy.
If you have any questions regarding privacy issues or suspect that DIA has handled your data in a manner that does not comply with this Privacy Policy, please contact DIA at Privacy@DIAglobal.org or call +1.202.601.8900 DIA, 1300 Connecticut Avenue NW, Suite 1000, Washington DC 20036, USA.
The designated EU/EEA representative for DIA is DataRep, Data subjects can reach DataRep directly by email at dia@datarep.com, and may also contact DataRep at any of its 27 EU contact locations and in Switzerland. For reference, the physical address of the office within the country with DIA’s greatest number of EU data subjects is DataRep, 3rd and 4th floor, Altmarkt 10 B/D, Dresden, 01067, Germany.