Sponsor-page-banner-GIRO

Privacy Policy

Last Updated: September 29, 2023 

This is the privacy policy (“Privacy Policy”) for the Group for Research and Assessment of Psoriasis and  Psoriatic Arthritis, a tax-exempt 501(c)(3) organization in the United States (“GRAPPA US”), and its affiliate  non-profit organization in the European Union, the Stichting Group for Research and Assessment of  Psoriasis and Psoriatic Arthritis EU (“GRAPPA EU”) (collectively, "GRAPPA," "us," "we," or "our"). The  purpose of this Privacy Policy is to describe how GRAPPA collects, uses, and shares certain types of  information through our various online interfaces, which includes our organization’s websites at https:// www.grappanetwork.org and https://informatree.org/, the subdomains applicable to each (including  elearn.grappanetwork.org) (collectively referred to herein as the "Site"), and our mobile application  (available through Google Play and the Apple Store) (collectively referred to herein as the “Application”). 

This Privacy Policy sets forth the terms between GRAPPA and visitors and users of the Site and/or the  Application, as well as members of GRAPPA, (collectively “you” or “your”) regarding the collection, use,  and sharing of information from or about you through the Site and/or the Application. 

Please read this Privacy Policy carefully before using our Site or the Application. If you are a visitor from  the European Economic Area, Switzerland, and/or the United Kingdom, you may be entitled to additional  rights regarding your privacy and personal data in addition to the rights provided below. Please refer to  the section titled “Rights of Site Users in Europe” below

DEFINITION OF PERSONAL DATA 

As used in this Privacy Policy, "Personal Data" means information that can be used to identify you under  applicable data privacy laws. The term “Personal Data” can include information such as your name,  address, telephone number, and e-mail address, but can also include indirect identifiers such as your IP  address or device identifier. 

The term “Personal Data” does not include aggregate information, which is data we collect about the use  of the Site or categories of such users unless it is linked with your other Personal Data. Such aggregate  data is not subject to the terms of this Privacy Policy. 

WHEN WE COLLECT DATA 

Some functions of the Site and the Application can be used without requiring that you provide any  information that would personally identify you. 

At this time, we do not collect any Personal Data through the Application. Any data that you enter into the  Application will not be retained within the Application, and will immediately be deleted as soon as your  session is closed. As the developer of the Application, however, GRAPPA may receive certain data sets  from Google Play and the Apple Store, comprising non-personally identifiable aggregated user data about  the persons who download the Application. Because this data cannot be de-aggregated, used to identify  you, or otherwise linked back to you, we do not treat such data as Personal Data. 

In order to access certain features and benefits on our Site, you may need to submit, or we may collect,  certain Personal Data from you. We use varying methods to collect Personal Data on the Site. Some  types of Personal Data are collected through automated technologies, while others are provided directly  by users of the Site. We discuss these methods below in the section titled “Data That We Collect”. 

DATA THAT WE COLLECT 

From time to time, you may provide various types of information about yourself to us through the Site.  Our purposes for using or otherwise processing Personal Data are described in the section titled “Our  Uses of Personal Data” below. 

Except as set forth in this Privacy Policy, or with your consent, GRAPPA will not disclose any of your  Personal Data to any third parties. In the interest of clarity: for organizational purposes, GRAPPA US

may, from time to time, share information about organization members and users of the Site with  GRAPPA EU, and vice versa. Any Personal Data shared between GRAPPA US and GRAPPA EU will be  treated according to the terms of this Privacy Policy. 

Generally, you may provide us with two categories of data: User Data and Site Usage Data. The types of  information that you may provide in each category, along with the technologies that we use to collect such  information, are generally described in the sub-sections below: 

User Data 

“User Data” is the Personal Data that you provide to us directly when you sign up to receive  informational e-mails from us, register for a membership account, provide your curriculum vitae as part of  the membership application process, update or change information for your account, apply for project  grant applications through our Site, send us e-mail messages, and/or otherwise participate in other  services on our Site. 

Any User Data that we receive about you is provided directly by you, or on your behalf, on a voluntary  basis. We describe the most common types of User Data that you may expect to provide below: 

Account Registration. If you register for an account on our Site, you may be required to  provide us with Personal Data such as your name, your e-mail address. As part of the  process of becoming a member of GRAPPA, you may also be required to provide other  Personal Data, including (without limitation) your mailing address, the name of your  current and past employer(s), your field(s) of specialization, your industry, your education  history, your organizational sponsor, and any other Personal Data that you elect to  include in your curriculum vitae

Subscription To Receive Notices. GRAPPA offers users and members the ability to  subscribe and to receive updates about organization meetings as well as GRAPPA related events and projects via e-mail. Such events and projects include, without  limitation, current research and data relating to diagnosis, treatment and pathogenesis of  psoriasis and psoriatic arthritis. In order to subscribe to these services, you may be  required to provide us with Personal Data such as your name and e-mail address. 

Communications with GRAPPA. When you send e-mail messages to GRAPPA, we  may receive Personal Data about you, and may use the information provided by you to  respond to your communication and/or as described in this Privacy Policy. We may also  archive this information and/or use it for future communications with you where we are  permitted by law to do so. Where we send you e-mails, we may track the way that you  interact with these e-mails (such as when you open an e-mail or click on a link inside an  e-mail). We use this information for the purposes of optimizing and better tailoring our  communications to you. 

Learning Modules. If you access or use the learning modules provided through our  Site, we may process your Personal Data in order to provide the modules to you. We  may also process related information in connection with your use of our learning  modules, including your course completion rate, the materials you download, the  comments that you provide, and other content. 

From time to time, we may also collect additional Personal Data when you or others provide your  curriculum vitae in the membership process, or provide content to be posted on the Site. We may use  such data for any of the foregoing items (account registration, communications, and notifications), as well  as to assess our resources, projects, and opportunities for members. 

Unless expressly requested, you should not provide any Personal Data or other information of a personal  or sensitive nature, whether relating to you or another person, either by posting such information on the  Site or by providing such information through your communications to us. 

Site Usage Data 

When users come to our Site, we automatically track and collect information about those visits in our  server logs from the user’s browser or device. This information is known as “Site Usage Data”. Information that we automatically collect may include Personal Data such as the user’s IP address,  geolocation data, device identification, browser type, and operating system, as well as the referring or  exit pages, the page(s) requested, the pages that you visit and the time of your visits, and cookie  information. Based on the user’s IP address, we may be able to obtain further Personal Data about the  user, such as the identity of their internet service provider and the geographic location of their point of  connectivity. Other types of information that we collect as Site Usage Data includes aggregate data such 

as the pages of our Site that were visited, the order in which those pages were visited, when they were  visited, and which hyperlinks were "clicked” on our Site. We do not treat Site Usage Data as Personal  Data if it falls within the category of aggregate data. 

Please see the next sub-header in this section (Cookie Policy) for a description of the technologies that  we use to automatically collect Site Usage Data. 

Cookie Policy 

We collect the information described in the sub-section titled “Site Usage Data” by using certain  technologies known as ‘cookies’ or ‘web beacons’. A cookie is a piece of data that is stored on your hard  drive and records your preferences and other data about your visit to the Site. Web beacons are small,  invisible graphic images that allow the collection of certain information and monitor user activity on the  Site. 

We may use cookies, web beacons, frames, server log analyses, and similar technologies to customize  your experience with our Site. For example, certain features of our website use WordPress cookies to  determine if a user is logged in or not. A full list of the visitor information that we collect through such  technologies can be viewed by clicking on the cookie settings button displayed at the bottom of the page. 

We do not currently enable Google Analytics, and the Google Analytics tags deployed on our Site are not  used to process your Personal Data. In the event that we enable Google Analytics in the future, however,  cookies enabled by Google Analytics may process your Personal Data when you visit or interact with the  

Site. For more information about your current cookie preferences, please click on the cookie settings  button displayed at the bottom of the page. 

Many internet browsers will allow you to erase cookies from your hard drive, block acceptance of cookies,  or receive a warning before a cookie is stored. However, if you block cookies on our Site, some portions  of the Site may not function as intended. 

Generally, all cookie and/or web beacon data is treated and used in the aggregate. We use such  aggregate data for purposes such as customizing our users' visits to our Site, and helping us to  understand trends and user needs so that we can improve the Site. Because aggregate data does not  identify you and cannot be traced back to you, it is not subject to this Privacy Policy unless it is internally  linked to your Personal Data. If we link or combine any of the aggregate data that we collect from you with  any of your Personal Data, we will treat such linked aggregate data in the same way that we treat the rest  of your Personal Data until the aggregate data is no longer linked to Personal Data. 

OUR USES OF PERSONAL DATA 

In general, we use Personal Data that we collect from you to process your requests, to facilitate your use  and our administration and operation of the Site, to provide you with information or services you request,  to inform you about events, services, research, and projects we think will be of interest to you, and to  learn more about and improve the Site and for the purpose for which information was provided. Some of  the ways in which we may use the information that we collect include: 

establishing and managing your membership in GRAPPA; 

providing you with the services you request and enable the use of features on the Site; sending you account-related e-mails; 

contacting you about our or a third party’s volunteer opportunities, initiatives, research  studies, projects, special events, or other activities; 

responding to your e-mails, submissions, comments, requests for technical support or  assistance, or complaints; 

developing, customizing, and improving the Site, the Application, and the resources  that GRAPPA provides (including without limitation diagnosing technical and service  problems, administering our Site; managing our communications; analyzing and  enhancing our services, the Application, and the Site; protecting the security of our  networks and information systems; and performing accounting, auditing, invoicing and  reconciliation activities in our capacity as a non-profit research organization); 

identifying and protecting against fraud, prohibited or illegal activities, as well  as potential third-party claims and other liabilities; and 

generally complying with applicable laws, rules, and regulations.

Please note that our Site is not designed to respond to "do not track" requests from browsers. SHARING OF PERSONAL DATA 

GRAPPA does not sell or rent Personal Data to third parties, and does not share Personal Data with third  parties except as described in this Privacy Policy, as revised from time to time: 

We may share Personal Data with third parties when you request that we do so or  otherwise give your consent. 

o For example, contract research organizations and biopharmaceutical companies  that wish to receive training modules from GRAPPA for their clinical trial  

investigators may be required to provide Personal Data to Trifecta Clinical, which  assists us in structuring clinical research trials. 

From time to time, we may share Personal Data with consultants, vendors, and service  providers (“Service Providers”) who assist us in providing our services. These Service  Providers may include vendors and suppliers that provide us with technology, services,  and/or other content related to the operation and maintenance of the Site. Our Service  

Providers may have limited access to your Personal Data in the course of providing their  products or services to us. These third parties are not authorized by us to use or disclose  the information except as necessary to perform services on our behalf or comply with  legal requirements

o One example of a Service Provider is Lemonhead Design, which assists  

GRAPPA in managing and administering the Site. 

GRAPPA may share your Personal Data with various government authorities: 

o if we are required to do so by law, regulation, or legal process (such as a court  order or subpoena); 

o in response to requests by government agencies, such as law enforcement  authorities; 

o when we believe disclosure is necessary or appropriate to prevent physical harm  or financial loss in connection with an investigation of suspected or actual illegal  activity; and/or 

o if we have a good faith belief that the disclosure is necessary or appropriate to  comply with law or legal process. 

In such cases, we reserve the right to raise or waive any legal objection or right available  to us at our discretion. 

We also may share your Personal Data when we believe it is appropriate to investigate,  prevent, or take action regarding illegal or suspected illegal activities; to protect and  defend the rights, property, or safety of GRAPPA, the Site, our members, our users, or  others; to prevent and protect GRAPPA and its users from fraudulent, abusive, unlawful,  or unauthorized use of the Site; to otherwise enforce our rights and agreements; and  otherwise in connection with our Terms of Use and other agreements. 

We reserve the right to disclose or transfer any information we have about you as part of,  or during negotiations of, any merger, sale of company assets, or acquisition, or in any  other situation where Personal Data may be transferred as one of GRAPPA’s assets. 

PROTECTING PERSONAL DATA 

We strive to protect your Personal Data while it is under our control. Your account information is  accessible online only through the use of a password. GRAPPA uses commercially reasonable  administrative, technical, and physical safeguards to protect Personal Data against accidental or unlawful  destruction or loss, or unauthorized disclosure, access, or use, such as weekly code updates, DDOS  mitigation protection from Cloudflare, firewalls, and encryption. 

You should be aware, however, that "perfect security" does not exist on the Internet or in any method of  storage. To help protect the confidentiality of your Personal Data, you must keep your password  confidential and not disclose it to any other person. You are responsible for all uses of the Site by any  person using your password. Please advise us immediately if you believe your password has been  compromised or misused.

YOUR RESPONSIBILITIES; OPTING OUT OF COMMUNICATIONS 

You are responsible for verifying the accuracy of the Personal Data you submit to GRAPPA and ensuring  that any Personal Data that you provide is kept up to date for the purposes for which you provide it. Inaccurate information may affect your ability to use the Site, the information you receive when using the  Site, and our ability to contact you. For example, your e-mail address should be kept current because that  is one of the primary methods that we use to communicate with you. 

We only send e-mails to persons who have provided their e-mail addresses directly to us and who have  consented to receive communications from us. If you do not wish to receive e-mails from GRAPPA, you  may opt out by logging in to your account settings online and updating your contact preferences

Please note, even if you opt out of receiving promotional e-mails from GRAPPA, you may still receive  relationship e-mails from us, including responses to e-mails that you sent to us prior to opting out, notices  of updates or changes to our policies and procedures, or other messages relating to your account, your  membership in GRAPPA, and/or your use of the Site. 

Additionally, because our system for processing opt-out requests is not automatic, your request may not  be processed immediately. You may continue to receive some communications from us during the  processing period. 

If you are a visitor from the European Economic Area, Switzerland, and/or the United Kingdom, you may  be entitled to additional rights regarding your privacy and personal data in addition to the rights provided  below. Please refer to the section titled “Rights of Site Users in the European Union” below. 

SPECIAL NOTICES 

Regarding Use of the Site by Children 

The Site is not designed for use by children under the age of 16, nor do we knowingly collect any  Personal Data from children under the age of 16. 

Regarding Links to Other Websites 

From time to time, we may provide links to third-party websites on the Site. Reasons that we may link to  third-party websites include (without limitation): to provide you with additional research resources, training  modules and seminar recordings that are hosted off-site, and as part of our agreements with our  corporate supporters. Any such links from the Site to third-party websites are provided for your  convenience. Personal information you provide on the linked pages is provided directly to that third party  and is not subject to this Privacy Policy. Please review the third party’s privacy policy to better understand  its privacy practices. 

Regarding Our Exemption from the California Consumer Privacy Act 

As a non-profit organization, GRAPPA does not constitute a “business”, as the term is defined under the  California Consumer Privacy Act (“CCPA”) or its successor the California Privacy Rights Act (“CPRA”).  GRAPPA is not required to respond to consumer requests provided under the CCPA or the CPRA. Users  of the Site in California are entitled to all of the rights granted to users in this Privacy Policy, apart from  those expressly stated as rights specific to users in the European Union. 

RIGHTS OF SITE USERS IN EUROPE 

This section provides details about the Personal Data we collect about users of the European Economic  Area, Switzerland, and/or the United Kingdom, (collectively the “EU”), and the rights afforded to them  regarding the processing of their Personal Data under their respective data privacy laws, including the EU  General Data Protection Regulation and the U.K. General Data Protection Regulation (collectively, the  GDPR”). 

Personal information. For details about the Personal Data we collect, please see the section titled “Data  That We Collect” above. 

Lawful grounds. If you reside in the EU, we rely on the following lawful grounds to collect, store, use, and  otherwise process your Personal Data: 

  • Processing of your Personal Data is necessary to perform our obligations under any  contract with you (for example: to comply with the terms of use of our Site);
  • Processing of your Personal Data is necessary for the legitimate business interest  of GRAPPA or a third party;
  • You have consented to the processing of your Personal Data pursuant to this Privacy  Policy; and/or 
  • Processing of your Personal Data is necessary for complying with our legal obligations.

Transfer to the United States. While we have offices based in the Netherlands, GRAPPA’s headquarters  is located in the United States. As such, we will transfer your Personal Data for processing in the United  States from time to time. We make the transfer to the United States in the absence of an adequacy  decision (after July 16, 2020) because it is necessary for the performance of a contract with you, or with  your explicit consent. We take appropriate measures to provide adequate protection for the transfer and  processing of your Personal Data in the United States

Individual rights and requests. If you reside in Europe, Switzerland, or the U.K., you may send data  subject requests to admin@grappanetwork.org to take any of the following actions: 

To withdraw your consent for the processing of your Personal Data at any time; 

To notify us that you wish to access, transfer, rectify or erase your Personal Data, or to  restrict or object to the processing of your Personal Data; or 

To request access to, transfer of, and rectification or erasure of your Personal Data, or  restriction of processing, or to object to processing of your Personal Data. 

Please specify the nature of your request and the information that is the subject of your request. We may  require you to submit additional information necessary to verify your identity and status as a data  subject. We will respond to your request directly within 30 days. 

Note, however, that if we are processing your personal data based upon the lawful ground of your  consent, you have the right to withdraw your consent for such processing at any time without affecting the  lawfulness of the processing based on consent before it is withdrawn. 

Retention. We retain your Personal Data for as long as necessary for the purpose in which it was  collected to either perform a contract, or for our or a third party’s legitimate interest, or for the purpose for  which you consented. 

CHANGES TO THIS POLICY 

We may revise and update this Privacy Policy at any time. If we make such revisions, we will provide  notice that changes have been made by posting the revised Privacy Policy on the Site and updating the  revision date at the top of the Privacy Policy. We encourage you to review our Privacy Policy whenever  you visit the Site to make sure that you understand how your Personal Data is being treated. 

CONTACT US 

Your privacy is important to us. If you have any questions, concerns, or complaints regarding our Privacy  Policy or practices, please contact us using the information provided below. 

We will endeavor to respond to your complaint, inquiry, or information request to the extent possible, in a  timely and efficient manner. 

Online Form: 

Available here

United States: 

Group for Research and Assessment of Psoriasis and Psoriatic Arthritis (GRAPPA)  3213 W. Wheeler St. #35 

Seattle, WA 98199  

admin@grappanetwork.org 

European Union: 

Stichting Group for Research and Assessment of Psoriasis and Psoriatic Arthritis EU  (GRAPPA EU) 

Thorbeckeplein, 8  

5301 NB Zaltbommel  

The Netherland

admin@grappanetwork.org