+

At The CM Group we are committed to partnering with our clients to facilitate connections and deliver education to their physician and patient communities. With the COVID-19 pandemic continuing to be a part of our everyday lives, we are constantly evolving our thinking and how we approach each collaboration.

We all need to think differently.

We think differently.

Let’s talk.

Privacy Policy

THE CM GROUP’S PRIVACY POLICY

The CM Group respects your privacy. This Privacy Policy (the “Privacy Policy”) is intended to describe how The CM Group, including Px Group, a division of CM Group (collectively “The CM Group”), collects, uses, and shares information that you submit to us and that we collect through the provision of our Services and through our website and applications, including www.thecmgroup.com, www.thepxgroup.com, and our Px Portal (collectively, the “Sites” or “Websites”).

1. INFORMATION WE COLLECT

The CM Group provides service offerings for the biopharmaceutical industry in four key areas, including Strategic Meeting Services, Congress Management, Patient Experience, and Speaker Bureau Management (collectively, the “Services”). As described in this Privacy Policy, we may collect certain Personal Data from or about you in connection with your use of, or your submissions to, the Sites and the provision of the Services.

You are not required to provide all Personal Data identified in this Privacy Policy; however, please be advised that if you do not provide the Personal Data requested, we may be unable to provide some or all of the Services to you.

1.1 Personal Data. “Personal Data,” for purposes of this Privacy Policy, means information relating to an identified or identifiable natural person. The Personal Data we collect may include your name, company, address, telephone number, and email address.

1.2 Special Categories of Personal Data. When you choose to participate in our events or programs or otherwise utilize our Services, we may collect certain special categories of Personal Data, such as health information, in order to provide a specific Service to you. For example, when you choose to participate in a program to share your experiences related to a particular medical condition, we may collect information regarding your journey to diagnosis as well as your experiences on particular treatments. We may also collect your social security number in order to administer payments related to certain programs. Participation in our programs is voluntary. In the event we collect or you choose to submit data that would constitute special categories of Personal Data in order to provide a specific service to you, we will obtain your consent as required by law.

1.3 Cookies and Similar Technologies. We may collect certain Personal Data using cookies and other technologies, such as web beacons, device IDs, HTML5 local storage, Flash cookies, and IP addresses. We specifically use browser cookies for different purposes, including cookies that are strictly necessary for functionality and cookies that are used for performance/analytics. When you visit the Sites, we may also automatically collect certain data about your device, including information about your web browser, IP address, and time zone. Additionally, as you browse the Sites, we may collect information about the individual web pages that you view, what websites or search terms referred you to the Site, and information about how you interact with the Site. Our <<Use of Cookies and Similar Technologies>> section contains more information and options to control or opt-out of certain data collection or uses related to cookies and similar technologies.

1.4 Anonymous Data. We may create de-identified or anonymous data from Personal Data by removing data components (such as your name, email address, or linkable tracking ID) that makes the data personally identifiable to you or through obfuscation or through other means. Our use of anonymized data is not subject to this Privacy Policy.

2. HOW WE COLLECT INFORMATION

We may collect Personal Data as follows:

  • When you interact with our Sites or utilize our Services. We may collect Personal Data, such as your name, address, phone number, address, email address, and company name, when you use or interact with our Sites or otherwise utilize our Services.
  • When you communicate with us or sign up for materials. We may collect Personal Data, such as your name, email address, and other contact information, when you communicate with us, including when you submit information through the Sites, submit inquiries, or request information from us. We may also collect Personal Data when you sign up to join our email list or to receive other information.
  • When you register for or participate in events or programs. We may request or otherwise collect Personal Data, such as your name, email address, address, phone number, National Provider Identifier (NPI), physician license number, and other contact information, when you register for or participate in our events, programs, conventions, or congresses, including events or programs hosted or sponsored by our customers (“Program Sponsors”). We may also collect certain health information, such as information pertaining to your diagnosis and therapy, in connection with your participation in our events or programs.
  • When you participate in surveys. We may request or otherwise collect Personal Data, such as your name, email address, and other contact information, when you participate in surveys related to our Services. Participation in these surveys is voluntary.
  • When you engage with our online communities and forums. We may collect Personal Data when you engage with our online communities and forums, including any information you may provide through your interaction with or participation in our social media pages and groups. Please note that online forums may be publicly accessible and other users may view information you post in the forums. We encourage you to exercise care in deciding what information and content you wish to disclose on the areas of the Sites that are accessible to the general public.
  • When you apply for a job with us. We may collect Personal Data from you when you apply for a job with us, including your name, address, phone number, email address, as well as details of your qualifications, skills, experience, and employment history, and other data you submit in connection with your employment application, such as resumes, covers letters, or other data for evaluation of employment. If you apply for a job through a social media or other third-party account, such as LinkedIn (“Social Media Network”), we may collect Personal Data that you have provided to that Social Media Network, such as your user ID and/or user name associated with that Social Media Network, and any information or content you have permitted the Social Media Network to share with us, as well as information you have made public in connection with your Social Media Network account. If you want to control or limit sharing data from Social Media Networks, you should adjust the privacy settings on your Social Media Network account.
  • When we collect data from Program Sponsors, other third parties, or publicly-available sources. We may obtain certain data about you from third-party sources, including Program Sponsors, to help us provide and improve the Services. We may also combine Personal Data with data we obtain from our Services, other users, or third parties to enhance your experience and improve the Services. For more information regarding the types of third parties from whom we may collect or with whom we may share Personal Data, please see the “How We May Share Information and Use of Third-Party Solutions” section of this Privacy Policy.
  • When we leverage and/or collect cookies, device IDs, data from the environment, and other tracking technologies. We may collect certain Personal Data using cookies and other technologies, such as web beacons, device IDs, HTML5 local storage, Flash cookies, and IP addresses, as further described in this Privacy Policy. Our <<Use of Cookies and Similar Technologies>> section contains more information and options to control or opt-out of certain data collection or uses related to cookies and similar technologies.
3. USE OF COOKIES AND SIMILAR TECHNOLOGIES

The Sites may use cookies and similar technologies to improve user experience, for performance and analytics, and to improve our content and Services.

A “cookie” is a small text file that a web server stores in browser software. A browser sends cookies to a server when the browser makes a connection to the server (for example, when requesting a web page from the same domain that created the cookie). The purpose of cookies is to remember the browser over time and distinguish one browser instance (or user) from all others. Some cookies and other technologies may serve to track Personal Data previously entered by a web user on the Site. Most browsers allow you to control cookies, including whether or not to accept them, and how to remove them. Cookies can remember login information, preferences, and similar information.

Cookies, as well as other tracking technologies, such as HTML5 local storage, and Local Shared Objects (such as “Flash” cookies), and similar mechanisms, may record information such as a unique identifier, information you enter in a form, IP address, and other categories of data.

We may also use web beacons or “pixels,” and in certain circumstances may collect IP address, screen resolution and browser software and operating system types, clickstream patterns, dates and times that our site is accessed, and other categories of data.

If you want to block the use and saving of cookies from the Site on to the computer’s hard drive, you should take the necessary steps within your web browser’s settings to block all cookies from the Site and its external serving vendors. Please note that if you choose to erase or block your cookies, certain parts of our Sites may not function correctly. For information on how to disable cookies, refer to your browser’s documentation. Updated 5.20.2019

4. HOW WE USE THE INFORMATION WE COLLECT

We may use Personal Data for a variety of different purposes as set out in further detail in this Privacy Policy. In some cases, we may ask for your consent so that we may process your Personal Data. However, in certain circumstances, applicable data protection laws allow us to process your Personal Data without needing to obtain your consent. Subject to applicable law, the purposes for which we use and process your Personal Data, and the legal basis for such processing, are set forth below.

4.1 For the performance of a contract. We may use Personal Data to perform our contractual obligations to you, including to fulfil your request for Services, to contact you in relation to any issues with the Services, in relation to the provision of the Services and the administration of our events and programs, including where we need to provide your Personal Data to our service providers, or to take steps in response to information or inquiries you may submit prior to entering into a contract with us.

4.2 To comply with legal obligations. We may use Personal Data in order to comply with laws, regulators, court orders, or other legal obligations, or pursuant to legal process.

4.3 Legitimate Interests. We may use Personal Data in order to operate our organization and provide the Services, other than in performing our contractual obligations to you, for our “legitimate interests” for the purposes of applicable law, except where our interests are overridden by the interests or fundamental rights and freedoms of the data subject. Our legitimate interests may include:

  • To maintain the Sites and provide the Services, including for technical support;
  • To administer events and programs, verify your age or identity, and to authenticate and authorize access to the Sites and the Services;
  • To communicate with you regarding the Services or your participation in events and programs, including to provide you important notices regarding this Privacy Policy;
  • To address and respond to your requests, inquiries, and complaints;
  • To protect the confidentiality or security of information;
  • To develop, provide, and improve the Sites and Services, including to better tailor the features, performance, and support of the Sites and Services, and for statistical and analytics purposes;
  • For our direct marketing purposes;
  • To send surveys in connection with our Services;
  • For fraud, loss, and other crime prevention purposes, to assist in the investigation of suspected illegal or wrongful activity, and to protect and defend our rights and property, or the rights or safety of third parties;
  • To enforce this Privacy Policy or agreements with third parties;
  • To comply with laws, regulators, court orders, or other legal obligations, or pursuant to legal process.

4.4 To protect data subjects’ vital interests. We may use Personal Data where we believe it is necessary to protect the vital interests of you or of another person.

4.5 Consent. In some cases where we are not already authorized to process the Personal Data under applicable law, we may ask for your consent to process your Personal Data, including:

  1. Marketing. Where we are not relying on our legitimate interests or another legal basis for processing Personal Data, we or our Program Sponsors may ask for your consent to contact you by telephone, SMS, post and/or email about other offers, events, developments, or services which we think may be of interest to you and for other marketing purposes. We may also ask for your consent to share your Personal Data with our Program Sponsors in order for the Program Sponsors to contact you for their own marketing purposes or to otherwise provide you with information about the Program Sponsors’ products or services.
  2. Special Categories of Personal Data. As indicated above, when you choose to participate in our events or programs or otherwise utilize our Services, we may collect certain special categories of Personal Data, such as health information, in order to provide a specific Service to you. We may also collect your social security number in order to administer payments related to certain programs. In the event we may need to collect or you choose to submit data that would constitute special categories of Personal Data in order to provide a specific service to you, we will obtain your consent as required by law. In certain circumstances, subject to applicable law, we may process or otherwise disclose special categories of Personal Data without consent, such as to protect the vital interests of you or of another person.
5. HOW WE MAY SHARE INFORMATION AND USE OF THIRD-PARTY SOLUTIONS

We may share your Personal Data as described in this Privacy Policy, including:

Affiliates. We may disclose some or all of your Personal Data to our subsidiaries, joint ventures, and other companies under our common control (collectively, “Affiliates”), for the purposes described in this Privacy Policy. Where we share Personal Data with our Affiliates, we will require our Affiliates to honor this Privacy Policy.

Service Providers, Business Partners, and Third-Party Solutions. We may engage third parties to perform certain functions on our behalf. To do so, we may disclose Personal Data to our third-party business partners, as well as service providers and vendors, in order to maintain and operate the Sites and provide, improve, and personalize the Services, including to fulfill requests for the Services, and to administer events and programs. We may also share Personal Data for other technical and processing functions, such as sending e-mails on our behalf or on behalf of our Program Sponsors, fulfilling orders, technical support, and for analytics. For example, we may disclose Personal Data to, or otherwise utilize solutions from, the following types of third parties:

Customer Service and Marketing Communications. We utilize third-party solutions and systems to manage our contacts, customers, events, and related information and for customer service and marketing purposes. For example, we use third-party solutions for customer relationship and event management. In addition, we use third-party solutions to collect and manage contact information for conference participants and data collected at conference exhibitor booths.

We may also use and disclose Personal Data to communicate with you via third-party marketing platforms, which we use to distribute communications and to send information on behalf of Program Sponsors. You can unsubscribe from our marketing communications by following the unsubscribe instructions that appear in these e-mail communications. Alternatively, you may contact us at info@thecmgroup.com to opt-out of direct marketing. For more information regarding opting out of marketing communications, please see the “Withdrawing Your Consent” section of this Privacy Policy.

Registration and Administration of Events and Programs. We use third-party solutions to assist with our event and program management activities, such as event scheduling, participant registration, and participant communications. For example, we use third-party solutions to manage our event registration, contacts, and related information. We also use third-party solutions to manage payment and registration for conventions and congresses. In addition, we use third-party travel agencies for travel management services in connection with managing participants’ travel for our events and programs.

Surveys. We use third party services to administer surveys related to our Services.

Analytics. We use third-party solutions like Google Analytics to help us understand how visitors use the Sites and to evaluate usage trends. You can read more about how Google uses Personal Data here. You can also opt-out of Google Analytics here.

Social Media. We may use widgets and tools from social networks to enable sharing and other functions through social networks. For additional information regarding social network sharing, please see the “Social Network Widgets” section of this Privacy Policy.

Program Sponsors. Where you have agreed to participate in a particular program, or where you have provided or requested information regarding a particular product or service offered by our Program Sponsors, we may share Personal Data with those Program Sponsors. For example, if you visit a Program Sponsor’s exhibit booth at a conference, we may collect your Personal Data on behalf of the Program Sponsor and share that information with the Program Sponsor.

Pursuant to Legal Process. We may also disclose Personal Data to comply with applicable laws and regulations, to respond to a subpoena, search warrant, or other lawful request for information we receive, or as otherwise pursuant to legal process.

Protection of Rights and Interests. We may also use and disclose Personal Data to establish or exercise our legal rights, to enforce this Privacy Policy or agreements with third parties, to assert and defend against legal claims, or if we believe such disclosure is necessary to investigate, prevent, or take other action regarding actual or suspected illegal or fraudulent activities or potential threats to the physical safety or well-being of any person.

Business Transactions. Subject to applicable law, we reserve the right to transfer some or all Personal Data in our possession to a successor organization in the event of a merger, acquisition, bankruptcy, or other sale or transfer of all or a portion of our assets. If any such transaction occurs, the purchaser will be entitled to use and disclose the Personal Data collected by us in the same manner that we are able to, and the purchaser will assume the rights and obligations regarding Personal Data as described in this Privacy Policy.

6. DO-NOT-TRACK

Do-Not-Track is a public-private initiative that has developed a “flag” or signal that an Internet user may activate in the user’s browser software to notify websites that the user does not wish to be “tracked” by third-parties as defined by the initiative. Please note that our Sites do not alter their behavior or use practices when we receive a “Do Not Track” signal from browser software.

7. SOCIAL NETWORK WIDGETS

Our Sites may include social network sharing widgets that may provide information to their associated social networks or third-parties about your interactions with our web pages that you visit, even if you do not click on or otherwise interact with the plug-in or widget. Information is transmitted from your browser and may include an identifier assigned by the social network or third party, information about your browser type, operating system, device type, IP address, and the URL of the web page where widget appears. If you use social network tools or visit social networking sites, we encourage you to read their privacy disclosures to learn what information they collect, use, and share.

8. LINKS TO OTHER SITES

Our Sites may contain links or otherwise provide access to another website, mobile application, or Internet location (collectively “Third-Party Sites”). For example, when you register for an event or program, we may utilize a third-party site to manage and administer the registration process. Please note that we have no control over and are not responsible for Third-Party Sites, their content, or any goods or services available through the Third-Party Sites. Our Privacy Policy does not apply to Third-Party Sites. We encourage you to read the privacy policies of any Third-Party Site with which you choose to interact, including any Third-Party Sites utilized for event registration.

9. DATA SUBJECT RIGHTS

Data subjects in the European Economic Area, European Union, and certain other jurisdictions have certain rights under applicable data protection law, including the right to request confirmation from us as to whether or not we are processing your Personal Data. Where we are processing your Personal Data, subject to applicable law, you also have the right to:

  • Request access to, modification or rectification, or deletion. You have the right to request access to, modification of, or deletion of your Personal Data we maintain.
  • Request restriction of processing. You have the right to request that we restrict processing of your Personal Data in certain circumstances, such as where you believe that the Personal Data we hold about you is inaccurate or our processing is unlawful.
  • Object to processing. In certain circumstances, you may have the right to request that we stop processing your Personal Data, such as a request to stop sending you direct marketing communications. To opt-out of direct marketing communications, please see the instructions in the WITHDRAWING YOUR CONSENTsection of this Privacy Policy.
  • Data portability. In certain circumstances, you may have the right to receive the Personal Data concerning you that you provided to us or to request that we transmit your Personal Data to another data controller.
  • Lodge a Complaint. You have the right to lodge a complaint with a supervisory authority.

To exercise your rights, you may contact us as at info@thecmgroup.com. As permitted by law, certain data elements may not be subject to access, modification, portability, restriction, and/or deletion. Furthermore, where permissible, we may charge for this service. We will respond to reasonable requests as soon as practicable and as required by law. To protect your privacy and security, we may take steps to verify your identity in order to respond to your request.

10. WITHDRAWING YOUR CONSENT

In most cases, we need to process certain of your Personal Data in order to fulfil our contractual obligations to you and for our legitimate interests. Where the basis of processing is legitimate interests, you have a right to object to the processing of your Personal Data. Please note that, subject to applicable law, we may continue to process your Personal Data even where you object if there are compelling legitimate grounds for processing that override your interests and rights, or where processing is necessary to establish, exercise, or defend legal claims.

Where consent is the basis of processing, you may at any time withdraw the consent you provided for the processing of your Personal Data for the purposes set forth in this Privacy Policy by contacting us at info@thecmgroup.com provided that we are not required by applicable law or professional standards to retain such information.

If you would like to stop receiving newsletters or other promotional messages, notifications, or updates, you may do so by following the unsubscribe instructions that appear in these e-mail communications, or you may contact us at info@thecmgroup.com to opt-out of direct marketing. Please be advised that you may not be able to opt-out of receiving certain service or transactional messages from us, including legal notices.

Please note that if you do not provide consent, if you withdraw your consent or object to processing, or if you choose not to provide certain Personal Data, we may be unable to provide some or all of the Services to you.

11. INFORMATION FROM CHILDREN UNDER 13 YEARS OF AGE

We do not knowingly collect information from individuals under the age of 13 years without parental consent. If you become aware that an individual under 13 years of age has provided us with Personal Data without parental consent, please contact us at info@thecmgroup.com. If we become aware that an individual under 13 years has provided us with Personal Data without parental consent, we will take steps to remove the data as permitted by law.

12. TRANSFER OF DATA TO THE U.S.

Please note that if you are visiting the Sites from outside of the United States, your information may be transferred to, stored, and/or processed in the United States. The data protection and other laws of the United States and other countries might not be as comprehensive as those in your country. If you are located outside of the United States, the transfer of Personal Data is necessary to provide you with the requested information, products, and services and/or to perform any requested transaction. By using any portion of the Sites, you acknowledge and consent to the transfer of your information to our facilities in the United States.

13. DATA RETENTION

We will retain your Personal Data for as long as is necessary to fulfill the purposes for which we obtained the Personal Data, including to provide the Services, or for such longer period as may be required or permitted by applicable law. We will also retain your Personal Data as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements. We may use the following criteria to set our retention periods: (i) the duration of our relationship with you; (ii) the purposes for processing your Personal Data and associated legal bases; (iii) the existence of a legal obligation as to the retention period; (iv) our contractual obligations; and (v) the advisability of retaining the information in light of our legal position (for example, in light of applicable statutes of limitations, litigation, or regulatory investigations).

14. DATA SECURITY

We implement technical and organizational security measures designed to secure and protect Personal Data. Please note, however, we cannot fully eliminate security risks associated with the storage and transmission of Personal Data.

15. CALIFORNIA PRIVACY RIGHTS

Under Section 1798.83 of the California Civil Code, residents of California have the right to request from a business, with whom the California resident has an established business relationship, certain information with respect to the types of personal information (as defined by California law) the business shares with third parties for those third parties’ direct marketing purposes, and the identities of the third parties with whom the business has shared such information during the immediately preceding calendar year. To exercise your rights, you may make one request each year by emailing us at info@thecmgroup.com with “Request for California Privacy Information” in the subject line and in the body of your message. Please be sure to provide in the request sufficient information to properly identify you and/or the members of your family.

16. UPDATES TO THIS POLICY

We may update this Privacy Policy from time to time. The most recent version of the Privacy Policy is reflected by the version date located at the top of this Privacy Policy. We encourage you to review this Privacy Policy often to stay informed of how we may process your information.

17. CONTACT US

For more information about our privacy practices, if you have questions, or if you would like to make a complaint, please contact us by emailing us at info@thecmgroup.com or by mail using the details provided below:

The CM Group
25 Recreation Park, Suite 200
Hingham, MA 02043