Home / Privacy Policy

Privacy Policy

Miami Cancer Research Center (MCRC) Privacy Policy

Effective October 29, 2018

Thank you for visiting miamicancerresearch.org. We have created this Privacy Policy to explain why we collect particular information and how we protect your personal privacy within our website (the “Site”). When using the Site you consent to the collection, transfer, manipulation, storage, disclosure and other uses of your information as described in this Privacy Policy.

In order to fully understand your rights we encourage you to read this Privacy Policy as well as our Terms of Use. Because we want to demonstrate our commitment to your privacy, this Privacy Policy notifies you:

What personally identifiable information of yours is collected through the Site; Conduct of Research; Health Insurance Portability and Accountability Act Who collects such information; The Information We Collect and Use; How such information is used; With whom your information may be shared; What choices you have regarding collection, use and distribution of your information; What kind of security procedures are in place to protect the loss, misuse or alteration of information under our control.

Conduct of Research

The clinical data to be recorded may include demographics and personal and family history of cancer, history of cancer and risk factors. Clinical information may be obtained from other institutions and doctors’ offices for data filing additional clinical data and clinical follow-up information may be requested from the participating physician’s office as needed.

Good clinical practice (GCP) is an international ethical and scientific quality standard for designing, conducting, recording, and reporting trials that involve the participation of human subjects. Compliance with this standard provides public assurance that the rights, safety, and well-being of trial subjects are protected, consistent with the principles that have their origin in the Declaration of Helsinki, and that the clinical trial data are credible. The Investigator and institution will conduct the data collection in compliance with GCP and HIPAA, with the applicable regulatory requirements, and with the protocol agreed to by the sponsor and given approval by an institutional review board (IRB).

All clinical research is conducted after approval by the IRB that has been designated by the institution to review, approve the initiation of and conduct periodic reviews of biomedical research involving human subjects. The primary purpose of such review is to assure the protection of the rights and welfare of human subjects. The IRB will provide written documentation that the registry design has been reviewed and may be conducted at the institution within the constraints set forth by the IRB and by other institutional and Federal requirements.

Health Insurance Portability and Accountability Act

The MCRC and the institutions where the clinical will be conducted are considered covered entities responsible for keeping confidential Protected Health Information (PHI) under the Health Insurance Portability and Accountability Act (HIPAA) Privacy Rule. Individually identifiable health information that is collected and used solely for research is not PHI. The collaborating Investigators agree research related monitoring, audits, IRB review and regulatory inspections by governmental agencies by providing direct access to source data and documents for up to five years post enrollment. The Investigators will permit registry related monitoring, audits, IRB review and regulatory inspection by governmental agencies as requested by the sponsor or by regulatory or governmental agencies. The Investigators and the institution complies with all of the procedures that are necessary for data recording and reporting and will retain the essential research documents. If personal data collected on the sites is protected health information,

MCRC’s use and disclosure of that information is governed by MCRC’s Notice of Privacy Practices. If you have any questions about MCRC’s Notice of Privacy Practices, please contact us at info@miamicancerresearch.org.

BY PROVIDING YOUR PERSONAL DATA TO MCRC OR OTHERWISE USING OUR SITES, YOU AGREE TO THE TERMS OF THIS WEBSITE PRIVACY POLICY AND OUR WEBSITE TERMS AND CONDITIONS.

The Information We Collect and Use

When we use the term “Personal Data” we mean information that we directly associate with a specific person, or that we can reasonably use to identify a specific person such as a name or email address. We collect and use information through your use of the Sites in the following ways.

All Website Visitors

  • If you communicate with us through the Sites, we collect the content of the communications and the metadata associated with those communications. We use this information to respond to your inquiries and facilitate communication.
  • If you sign up for newsletters, we collect your contact information and communication preferences, which we use to manage how we communicate with you.
  • If you use the “email this page” function on our Sites, we collect your contact information and the recipient’s contact information, which we use to facilitate your request.
  • If you submit identifiable comments or other content on the Sites, we collect whatever information you supply and use this information to communicate with you if requested and to otherwise fulfill the purpose of the content submission. Please be aware that any stories, comments or other information that you submit on a public forum will be publicly accessible and managed in accordance with the MCRC social media comment policy. If you connect your Facebook or Twitter account to log into any of these Sites, we collect your account information for those services, which we use to authenticate your access to these Sites.
  • If you register for any MCRC event, such as a continuing medical or nursing education course, elective program, training, lecture, seminar, workshop or open house event, we collect your contact and demographic information, including education information and medical or other professional credentials, which we use to register you in the program and facilitate and administer the event. We also may use this information to contact you about your experience and to inform you about future events that may be of interest to you.
  • If you make purchases through our Sites, we collect payment information and related shipping and contact information, which we use to complete your transaction and deliver products to you.
  • If you create a pressroom account, we collect your contact information, username and password, employment information and areas of interest, which we use to facilitate press coverage opportunities and communicate with you.
  • If you send us a message that contains information about your or a loved one’s health status, our response to you will be sent through an email system with added security controls. The initial email we send you in response will have “MCRCSECURE” in the subject line. To retrieve the full message, you will need to click on the link in that initial email and follow the instructions.

Donors and Fundraisers

  • If you make a donation through the Sites, we collect your contact information, billing and payment information, and donation frequency and preferences. If you make the donation in someone else’s honor or memory, we will collect that individual’s name, contact information and in some circumstances, a message to the honoree. We use this information to complete your donation, notify honorees of your gift and to communicate our thanks to you. Please be aware that information about your donations may become publicly accessible unless you request to make the donation anonymously.
  • If you register for one of our fundraiser events, we collect your and your team’s contact and demographic information, username, password, the name of any honoree, fundraising goals, and any other information that you choose to submit, which we use to facilitate your participation in the fundraiser event.
  • If you create a personalized fundraising page, such as a Giving Page, or a Community Event, we collect your contact information, username, password, the name of any honoree, fundraising goals, and any other information that you choose to submit. We use this information to establish and administer your page and to communicate with you with updates and event or donation announcements. Please be aware that any fundraising page you create will become publicly accessible. Potential Patients or Research Participants
  • If you request an appointment through the Sites, we collect information including your contact details, diagnosis history, family history and insurance information, which we use to facilitate your appointment request and send you appointment reminders. Please note that appointment data is protected health information, which is also governed by MCRC’s Notice of Privacy Practices.
  • If you provide information through the Sites related to your potential participation in research studies, we collect information that may include your contact details, diagnosis history, family history, and any other information that you choose to submit, which we use to determine your potential eligibility for research studies and to contact you for further information, as appropriate. Please note that any protected health information we collect for this purpose is also governed by MCRC’s Notice of Privacy Practices. Job or Program Applicants
  • If you submit an application for a job, fellowship, postdoctoral position, observership or other MCRC program using the Sites, we collect your contact and demographic information, education, work and research history, employment needs and interests, health history, and any other information relevant to your application. We use this information to evaluate your eligibility and candidacy, communicate with you during, before and after the relevant application process or program, and to facilitate your application, employment, or participation in the program. Information We Collect Automatically

Information We Collect Automatically and Applicable Technology

We collect personally identifiable information in order to supply you with the products or services you request, process payment, perform internal analytics, communicate with you and comply with any legal requirements. The term “personally identifiable information” means information that you voluntarily provide to us and which personally identifies you, such as your name, phone number, physical address, and any other data or information that would allow someone to personally identify you.

To make a purchase, we require you to supply us with personally identifiable information. If you supply us with personally identifiable information, you may later access, update, and modify any inaccuracies. Please note, we generally keep a copy of the previous personally identifiable information for our records. If you would like to review or change your personally identifiable information, you may do so at any time by contacting us at info@miamicancerresearch.org. You may also choose not to provide personally identifiable information; however, you will not be able to purchase products. You may also provide us with information you authorize us to make public, such as a screen name, short biography, your location, your website, or a picture. Providing this additional information is entirely optional. In some areas of the Site, you may have the ability to post or publish personally identifiable information. You should take care and consider the possible consequences of posting or publishing personally identifiable information.

We use “cookie” technology to collect additional website usage data and to improve the Site. A cookie is a small data file that is transferred to your computer’s hard disk. We may use both session cookies and persistent cookies to better understand how you interact with our Site, to monitor usage and Web traffic, and to customize and improve the Site. Most Internet browsers automatically accept cookies. You can instruct your browser, by changing its settings, to stop accepting cookies or to prompt you before accepting a cookie from the websites you visit. It is possible some of the Site’s features may not function properly if you disable cookies. We also collect certain non-personally identifiable information when you visit the Site such as the type of browser you are using, the type of operating system you are using, and the domain name of your Internet service provider.

The Site is not directed to children under the age of 13, and we do not knowingly collect any information from such persons. If you become aware that your child has provided us with personal information without your consent, please contact us at info@miamicancerresearch.org.

How Your Information is Used

We use the information described above to communicate with you, to customize your experience on the Site, and to maintain the security of your information and submissions. If you choose to submit material as described in Paragraph 4(a) of the Terms of Use, it may be linked to your screen name when published. We use the non-personally identifiable information that we collect to improve the design and content of our site and to enable us to personalize your experience. We also may use this information in the aggregate to analyze site usage, as well as to offer you products, programs, or services.

Our third-party service providers include:

  • Third-Party Service Providers. We may engage vendors who perform services on our behalf, including helping us manage the Sites, manage our communication and donation channels and conduct analysis of your use of the Sites.
  • IT service and support providers, including those providers involved in hosting and monitoring the Sites; Analytics providers;
  • Marketing and advertising providers, including those providers involved in our newsletter emails and digital advertising campaigns;
  • Payment and e-commerce providers, including those providers facilitating the fundraising, donation, and event pages;
  • Recruitment and applicant support providers, including those providers involved in the management of our hiring and student management platforms;
  • Providers of tools, widgets or buttons on the Sites, including those providers facilitating blog comments, sharing tools, forums and questionnaires; and
  • Learning management platform providers, including those providers involved in the provision of virtual education and continuing learning programming.
  • Affiliates. We also may share Personal Data with legal entities that are affiliated with us for purposes and uses that are consistent with this Website Privacy Policy and applicable law.
  • Donor Information. MCRC may share its donor names and postal mailing addresses with other non-profit organizations. You may use our online form to opt-out of sharing your donor information with third parties and request that MCRC not contact you in the future.
  • Legal Process, Safety and Terms Enforcement. We may disclose your Personal Data to legal or government regulatory authorities in response to a search warrant, subpoena, court order or other request for such information or to assist in investigations. We may also disclose your Personal Data to third parties in connection with claims, disputes or litigation, when otherwise required by law, if we determine such disclosure is necessary to protect the health and safety of us or our users or to enforce our legal rights or contractual commitments that users have made.
  • Business Transfers. Personal Data may be disclosed as a part of a corporate business transaction, such as a merger, acquisition, reorganization, joint venture or financing or sale of our assets, and could be sold or transferred to a third party as part of such a transaction. Personal Data also may be disclosed to a successor hospital, provider or other legal entity in the event of insolvency, bankruptcy or receivership.

Your Choices

You may choose not to use the portions or features of the site that collect personally identifiable information. You may take technological steps to limit the non-personally identifiable information we collect. You may take legal action to prevent our disclosure of your information in response to a third party request, court order, or subpoena.

At some places on the Site, we may ask your permission to disclose personally identifiable information about you to companies whose practices are not covered by this Privacy Policy (e.g., other authorized licensees, marketers, magazine publishers, retailers, participatory databases and non-profit organizations) that want to market products or services to you. If at some point you grant us permission to transfer your information for these purposes and later decide that you no longer want us to do so, simply send us an email at info@miamicancerresearch.org and we will edit your preferences accordingly.

Security

Children and Teens

We are committed to protecting privacy of young people using our Sites. We do not knowingly collect Personal Data on the Sites from children under age 13. We believe children should get their parents’ or guardians’ consent before giving out any Personal Data. If you become aware that we have collected Personal Data from a child without parental consent, please notify us promptly. If we become aware that a child under age 13 has provided us with Personal Data without parental consent, we will take steps to remove it.

If you are a California resident under age 18 and are a registered user of the Sites, then you may request that we remove any submissions you publicly posted on the Sites. To request removal of a submission, please send a detailed description of the specific submission to cmsdigitalteam@mskcc.org. We reserve the right to request that you provide information to enable us to confirm that you created and posted the submission you want removed. We will make a good faith effort to delete or remove your submission from public view as soon as reasonably practicable. But the submission may remain on backup media, cached or otherwise retained by us for administrative or legal purposes. Your submission also may remain publicly available if you or someone else has forwarded or re-posted your submission on another website or service prior to its deletion. And the law also may require that we not remove or allow removal of your submission.

Links to Other Websites or Mobile Applications

The Sites may contain links to websites or mobile applications owned and operated by third parties. A link to another website or mobile application does not imply an endorsement of that website’s or mobile application’s content or services. This Website Privacy Policy does not apply to, and we are not responsible for, the privacy practices of third-party websites or mobile applications that are not owned by us. We encourage you to read privacy statements of any third-party websites or mobile applications to learn about their information practices.

Notice to Individuals Located in the EU/EEA

This Website Privacy Policy describes ways in which you may provide information to MCRC using the Sites. Personal Data about individuals located in the European Union or European Economic Area (generally referred to here as the “EU”) are subject to special protections under EU law when the processing of those data are within the scope of the European Union’s General Data Protection Regulation (“GDPR”). This Website Notice to Individuals Located in the EU/EEA (the “EU Website Notice”) applies to MCRC’s processing of Personal Data that is within the scope of the GDPR, which we call collectively the “EEA Processing Activities.” The EU Website Notice applies only to EEA Processing Activities involving Personal Data collected through the Sites. When you use the Sites to transfer your Personal Data to MCRC in the United States for EEA Processing Activities, MCRC is a controller of this Personal Data.

Please be aware that if you use the Sites to transfer your Personal Data to MCRC in order to seek care at an MCRC facility or a second opinion at MCRC, you will be provided a copy of our EU Patient Notice and our Notice of Privacy Practices, which will govern our use of protected health information. The EU Website Notice will not apply to MCRC’s use of such information.

We rely on separate and overlapping bases to process your Personal Data lawfully. MCRC will use the Personal Data transferred or collected on the Sites only for the purposes described in this Website Privacy Policy. MCRC’s legal bases for processing your Personal Data include providing you with the information or services that you have requested, protecting your vital interests, furthering our legitimate interests, and your consent, if applicable. When we process special categories of Personal Data, including data concerning your health, our legal bases for processing such data include protecting your vital interests, furnishing a medical diagnosis, performing preventive or occupational medicine or assessment of the working capacity of our workforce, carrying out our obligations under employment or social protection laws, and your consent, if applicable. Legitimate interests that we rely on in processing your Personal Data include (i) improving and customizing the Sites for you, (ii) understanding how the Sites are being used, (iii) exploring ways to develop and grow our operations, (iv) ensuring the safety and security of the Sites, and (v) enhancing protection against fraud, spam, harassment, intellectual property infringement, crime and security risks. Without the ability to collect and process your Personal Information, MCRC would not be able to achieve those interests. We may also use your Personal Data for purposes, including scientific research, that are compatible with the purposes for which such data were initially collected.

If our processing is based solely on consent, you have the right to withdraw your consent. You may withdraw your consent by contacting us as set forth in the “Contact Us” section below. Please note that, in certain cases, we may continue to process your Personal Data after you have withdrawn consent, if we have a legal basis to do so. For example, we may retain certain information if we need to do so to comply with an independent legal obligation, or if it is necessary to do so to pursue our legitimate interest in keeping the Sites safe and secure, or if deleting the information would undermine the integrity of a research study in which you are enrolled.

MCRC is located in the United States. When you enter your Personal Data through one of the Sites, the data is being transferred to, stored, and processed in the United States, and could be transferred to, stored and processed in another country outside of the EU. Please be aware that the European Commission has not found the United States, and possibly other countries to which your Personal Data may be transferred, to provide adequate safeguards for the protection of Personal Data. However, MCRC will take steps to maintain the privacy of your Personal Data as described in this Website Privacy Policy. If MCRC transfers your Personal Data outside the EU, we will do so in reliance on mechanisms recognized under the GDPR. This includes (i) transferring your Personal Information to countries that the European Commission has determined to provide adequate data protection, (ii) obtaining your consent to transfer your Personal Data outside the EU after first informing you about the possible risks of such a transfer, (iii) transferring your information outside the EU if the transfer is necessary to the performance of a contract between you and MCRC, including to provide treatment to you, or if the transfer is necessary to the performance of a contract between your physician or other health care provider located in the EU, and the contract was entered into in your interest, (iv) transferring your information outside the EU if necessary to establish, exercise or defend legal claims, or (v) transferring your Personal Data outside the EU to protect your vital interests.

We will retain your Personal Data for as long as is necessary for the purposes set out in this Website Privacy Policy (for example, if you have an account, for as long as your account is active), subject to your right, under certain circumstances, to have certain of your Personal Data erased, as discussed in the next paragraph, unless a longer period is required under applicable law or is needed to resolve disputes or protect our legal rights.

If your Personal Data is processed for EEA Processing Activities, you have the right to (1) see Personal Data that MCRC holds about you and receive any details required to be provided to you under applicable law, (2) correct or update your Personal Data, if inaccurate, (3) limit collection and use of your Personal Data under certain circumstances (for example, if you think it is inaccurate), (4) receive your Personal Data in an electronic format as required by law, except Personal Data that has been used for public interest purposes or for MCRC’s required legal obligations, (5) request deletion of your Personal Data, subject to MCRC’s need to keep such data to comply with legal requirements, for purposes of public health or to preserve the integrity of a research study, or to allow itself to defend itself from legal claims, and (6) file a complaint with a data protection authority (see http://ec.europa.eu/justice/data-protection/article-29/structure/data-protection-authorities/index_en.htm). If you have questions about the processing of your Personal Data or rights associated with your Personal Data, see the section “Contact Us” below.

Policy Changes

This Website Privacy Policy is subject to occasional revisions. We will notify you of changes by posting the new policy on the Sites and updating the effective date of the policy.

Any changes to this Website Privacy Policy will be effective upon thirty calendar days following our posting of notice of the changes on the Sites. If you do not wish to permit changes in our use of your Personal Data, you must notify us that you wish for us to delete your Personal Data prior to the effective date of the changes. Continued use of the Sites following such changes will indicate your acknowledgement of and agreement to be bound by the changes.

Entire Agreement

This Privacy Policy and our Terms of Use are the entire and exclusive agreement between MCRC Enterprises and you regarding your use of the Site. Effective October 29, 2018