Privacy Policy

Last Updated: August 3, 2018

The Lockwood Group, LLC (collectively, “we”, “us” or “our”) is providing this privacy notice (this “Privacy Notice”) to help you make informed decisions when using our services and when visiting our website (www.thelockwoodgrp.com) (our “Website”). This Privacy Notice describes how and why we process any personal data that we collect from or about you, and describes your rights in respect of our processing of your personal data.

I. Who We Are

We are a medical communications firm. With respect to the personal data we collect directly from you, we will typically be the data controller. In some cases, we may process personal data on behalf of other parties, such as our clients. In those cases, we will typically be the data processor.

II. Types of Personal Data We Process

We may collect, use, store, transfer and otherwise process various types of personal data about you, including:

  • identity data, including first name, last name or similar identifier, details about your education, professional accreditations, job title, company name and job description;
  • Social security number or national identification number;
  • contact data, including home and business mailing addresses, email addresses, telephone numbers and fax numbers;
  • username and password when you register on our Website;
  • technical data, including internet protocol (IP) address, login data, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform, device identifiers, geolocation information, and other technology on the devices you use to access our Website;
  • information about how you use our Website and our services;
  • your preferences in receiving marketing from us and from third parties, as well as your communication preferences; and
  • any other personal data that you may provide to us; and
  • any other personal data about you that is provided to us by our clients.

We may collect personal data about you from our clients. When you provide your personal data to our clients, our clients may share that personal data with us.

We also may collect your personal data from third parties, such as eTouch Systems (“eTouch”), which is a third party vendor that collects personal data from individuals on our behalf on its website. After you provide your personal data to eTouch, eTouch then provides such personal data to us.

“Personal data” does not include anonymous data (i.e., information that does not relate to an identified or identifiable natural person, or personal data rendered anonymous in such a manner that the individual is no longer identifiable.)

We may process aggregated data such as statistical or demographic data for any purpose. For example, we may aggregate your usage data to calculate the percentage of users accessing a specific Website feature. If we combine or connect aggregated data with your personal data so that it can directly or indirectly identify you, we treat the combined data as personal data that will be used in accordance with this Privacy Notice.

III. Our Purposes For Processing Personal Data

Below is a non-exhaustive list of our purposes for processing personal data.

A. Using Our Website and Providing Services to You

We collect and maintain personal data that you submit to us during your use of our Website or our services. In addition, we may contact you to request feedback about our services in the form of online or postal communications. We use your feedback to monitor the quality of our services.

Our lawful basis for processing your personal data for this purpose are (a) performance of any contract we are about to enter into or have entered into with you, and (b) it is necessary for our legitimate interests.

B. Insight and Analysis

We analyze your personal data that we collect from your interactions with our Website, our email communications to you, and in connection with our services. The data we collect and analyze may include IP addresses; session ID information, information regarding your personal or professional interests, demographics, your experience with our services, and your contact preferences.

By collecting and analyzing this data, we seek to measure the effectiveness of our content and how visitors use our Website and use our services. We also use this information for marketing purposes.

Our lawful basis for processing your personal data for this purpose is that it is necessary for our legitimate interests.

C. Protecting Our Rights and Responding to Legal Requests

We may process and disclose any personal data without your consent if we believe in good faith that such action is necessary (i) to protect and defend the rights, property or safety of us or our employees, affiliates, or the public; or (ii) to satisfy any applicable law, regulation, legal process, court order, subpoena, or other governmental or regulatory (including law enforcement) request.

Our lawful basis for processing your personal data for this purpose are (a) it is necessary for our legitimate interests, and (b) we need to comply with a legal or regulatory obligation.

D. For Purposes Directed By Our Clients

When you provide your personal data to our clients, our clients may share that personal data with us. We may process that personal data for the particular purposes that our clients have directed. For example, our clients may provide personal data about you to us in connection with a particular conference or other event that we host.

Our lawful basis for processing your personal data for this purpose are (a) it is necessary for our legitimate interests, and (b) either our client or we may have obtained your consent.

E. Job Recruitment

We may process your personal data to assess your suitability for any position of employment for which you may apply with us. Such data may include education history, employment history and professional designations, information regarding your work authorization status, and other information about your background and qualifications.

You may communicate with us or apply for a job with us via a third party service (e.g., LinkedIn or Indeed) or via recruiting firms or staffing firms. In these instances, such third parties will share your personal data with us.

Our lawful basis for processing your personal data for this purpose are (a) performance of any contract we are about to enter into or have entered into with you, (b) when we have obtained your consent, and (c) it is necessary for our legitimate interests.

F. Other Purposes

In addition to the above, we may use personal data for other purposes for which either we or our client(s) will provide notice to you at the time of collection.

Our lawful basis for processing your personal data for this purpose may include (a) it is necessary for our legitimate interests, (b) we need to perform the contract we are about to enter into or have entered into with you, (c) we need to comply with a legal or regulatory obligation, and (d) we may have obtained your consent.

IV. If You Fail to Provide Personal Data to Us

If you fail to provide personal data to us when requested, we may not be able to provide services to you. We may also not be able to perform any contract we have (or are trying to enter into) with you.

V. Our Sharing of Personal Data With Third Parties

Our clients may provide personal data about you to us in connection with a particular conference or other event that we host. We may share that personal data about you with other participants in that event.

Additionally, we use third party service providers (our “Service Providers”) to assist us in operating our business. Service Providers provide a wide range of services to us, including legal and compliance, accountancy, investment banking, marketing, data analytics, telecommunications (including telephone and video conferencing), website administration, information technology, courier, human resources, security services and catering services.

From time to time, we may share your personal data with our Service Providers, and those Service Providers may process your personal data on our behalf and at our direction in connection with the services they provide to us. The types of personal data we may share with our Service Providers include:

  • your name;
  • your contact data (including home and business mailing addresses, email address, telephone numbers and fax numbers);
  • your national identification number or Social Security number;
  • technical data, including internet protocol (IP) address, login data, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform, device identifiers, geolocation information, and other technology on the devices you use to access our Website;
  • information about how you use our Website and our services;
  • your preferences in receiving marketing from us and from third parties, as well as your communication preferences;
  • your dietary requirements or restrictions; and
  • your frequent flyer numbers, hotel rewards program numbers, and your travel preferences.

We may also share anonymous / aggregated information with third parties, including our Service Providers, to facilitate our business operations.

We only permit our Service Providers to process your personal data for specified purposes and in accordance with our instructions. Our Service Providers are also required to treat personal data confidentially and to keep it secure.

Our Website may include links to third party websites, plug-ins and applications. Clicking on those links or enabling those connections may allow third parties to collect or process personal data about you. We do not control third-party websites, plug-ins or applications, and we are not responsible for their privacy and security policies and practices. When you leave our Website, we encourage you to read the privacy notice of each other website you visit.

We may also share personal data with third parties (including governmental or regulatory authorities) if we are legally required or authorized to do so. For example, we may share personal data in connection with a subpoena, search warrant or other court order, or pursuant to the requirements of any regulatory body having jurisdiction over us.

VI. Cookies and Similar Technologies

Our Website and our emails contain cookies, pixels, beacons, log files and other technologies (collectively, “Tags”) that allow us to collect certain information by automated means. The information we collect in this manner includes your IP address, network location, browser characteristics, device characteristics, operating system, referring URLs, information on actions taken on our Website, and dates and times of visits to our Website. This information allows us to, among other things, track receipt of an email to you, to count users that have visited a web page or opened an email and collect other types of aggregate information.

Once you click on an email that contains a Tag, your contact information may subsequently be cross-referenced to the source email and the relevant Tag. In some of our email messages, we use a “click-through URL” linked to certain website administered by us or on our behalf.

“Cookies” (such as HTTP, HTML5 and Flash cookies) are text files that websites send to a visitor’s computer or other Internet-connected device to uniquely identify the visitor’s browser or to store information or settings on the device. Cookies are then sent back to the originating website on each subsequent visit, or to another website that recognizes that cookie. Cookies allow a website to recognize a visitor’s device and to target the content displayed to the visitor’s interests. We use cookies to understand your preferences based on previous or current activity on our Website, which enables us to provide you with improved services, and allows us to compile aggregate data about site traffic and site interaction so that we can offer better site experiences and tools in the future.

These technologies are used in analyzing trends, administering our Website, tracking users’ movements around our Website and to gather demographic information about our user base as a whole. We may receive reports based on the use of these technologies by these companies on an individual as well as an aggregated basis.

You can choose to have your computer warn you each time a cookie is being sent, or you can choose to turn off all cookies. If you disable cookies, some features of our Website may become disabled, and some aspects of our Website may not function properly. Deleting cookies does not necessarily delete Flash objects. You can learn more about Flash objects – including how to control and disable them – through the Adobe interface. If you choose to delete Flash objects from our Website, then you may not be able to access and use all or part of our Website or benefit from the information and services offered.

We also may use pixel tags to tell us what parts of our Website that you have visited, to measure the effectiveness of any searches you may do on our Website, or to interact with analytical tools or other marketing tools that gather data and customer usage information.

VII. “Do Not Track” Signals

Our Website does not respond to “do not track” signals or similar mechanisms – where a visitor to our Website would request that we disable the collection of information about the visitor’s online activities. We may also permit third parties to collect aggregate usage information on our Website, and they also may not respond to “do not track” signals.

VIII. Retention of Personal Data

We may retain your personal data for as long as it is necessary to fulfill the purposes for which we have collected such data, including for the purposes of satisfying any legal, regulatory, accounting, reporting, insurance, professional indemnity, internal policy or other requirements. We may anonymize your personal data (so that it can no longer be associated with you) for research or statistical purposes. In such cases, we may use this information indefinitely without further notice to you.

IX. Personal Data of Children

Our Website and our services are not intended for children, and we do not knowingly process data relating to children under the age of 13 (or age 16 within the European Economic Area).

X. Security Measures

We have implemented appropriate technical and organizational measures to ensure a level of security of personal data appropriate to the risk.

XI. Specific Rights of Individuals in the European Economic Area (“EEA”)

This section applies only to individuals in the European Economic Area.

Under the General Data Protection Regulation (the “GDPR”), individuals in the European Economic Area (“EEA Individuals”) have certain rights in relation to their personal data, which are summarized below. These rights are subject to your exercising them in good faith and are subject to our legitimate interests or other valid basis to continue processing your personal data, in accordance with our policies and applicable law.

EEA Individuals who wish to exercise any of the rights they have under the GDPR should contact us in writing by mail or email. Our mailing and email addresses are shown at the end of this Privacy Notice. We may need to request specific information to help us confirm your identity, so that your personal data is not disclosed to any person who has no right to receive it. We may also contact you to ask you for further information in relation to your request.

Generally, EEA Individuals will not have to pay a fee to exercise the rights described below. However, we may charge a reasonable fee if your request is unfounded, repetitive or excessive. Alternatively, we may refuse to comply with the request in such circumstances.

EEA Individuals may lodge a complaint with the appropriate regulatory body or supervisory authority in the country where they reside, where they work, or in the place of the alleged infringement of the law.

A. Access

If asked by an EEA Individual and if we are obligated to do so under applicable law, we will inform that individual about whether we are processing his/her personal data. If we are processing such EEA Individual’s personal data, we will provide access to the personal data that we have about that individual. If you request additional copies of your personal data, we may charge you a reasonable fee.

B. Rectification (i.e., Correction)

If the personal data we hold about an EEA Individual is inaccurate or incomplete, that individual may ask us to have it corrected.

C. Erasure

EEA Individuals may request that we erase (i.e., delete or remove) their personal data in certain circumstances. If you are legally entitled to erasure, and if we have shared such personal data with third parties, we will take reasonable steps (taking into account available technology and the cost of implementation) to inform such third parties of your request, to the extent we are required to do so by applicable law.

D. Restriction of Processing

EEA Individuals have the right to restrict the processing of their personal data in certain circumstances, such as if they contest the accuracy of that personal data, if the processing of the personal data is unlawful, or if we no longer need the personal data for our business purposes. If you are legally entitled to restriction, and if we have shared your personal data with others, we will use reasonable efforts to inform such third parties of your request, if we are required to do so.

E. Data Portability

EEA Individuals may ask to receive their personal data from us, where the legal basis of our processing is their consent, and where we carry out the processing of their personal data by automated means. If EEA Individuals so request, we may transmit their personal information directly to another organization if it would be technically feasible to do so.

F. Objection to Processing

EEA Individuals may object to the processing of their personal data where we are relying on a legitimate interest (or those of a third party). As noted above, you also have the right to object (i.e., opt out of) our processing of your personal data for direct marketing purposes.

G. Automated Decision-Making and Profiling

EEA Individuals have the right not to be subject to a decision when it is based on automatic processing, including profiling, if it produces a legal effect or similarly significantly affects you, unless such profiling is necessary for entering into, or the performance of, a contract between you and us.

We do not engage in decision-making based solely on automated processing, including profiling, which produces legal effects concerning an individual or similarly significantly affects an individual.

H. Processing of Special Categories of Personal Data and of Personal Data Relating to Criminal Convictions and Offenses

There are certain types of personal data that require a higher level of protection, known as “special categories” of personal data under the GDPR. We do not process special categories of personal data unless (a) we have obtained such individuals’ explicit consent or (b) we are otherwise legally permitted to do so. For example, we may collect special categories of personal data of EEA Individuals in the context of dietary requirements or restrictions for events and meetings that such individuals voluntarily provide to us.

We do not collect personal data about criminal convictions and offenses, unless revealed by due diligence conducted to comply with a legal or regulatory obligation or unless we are authorized to do so under applicable law.

I. Withdrawing Consent

In certain circumstances, EEA Individuals have the right to withdraw their consent to our processing of their personal data. However, withdrawal of consent will not affect the lawfulness of any processing that had been carried out before consent is withdrawn. Moreover, if we rely on another legal basis (e.g., performance of a contract or legitimate interest) to process your personal data, we may continue to process your personal data in accordance with such other legal basis even after you withdraw your consent. If you decide to withdraw your consent, we may not be able to provide services to you.

XII. Information Regarding International Data Transfers

We are based in the United States and our computer servers are located in the United States. Accordingly, all personal data in our possession and control is collected and processed by us in the United States. Any party that provides personal data to us is thereby transferring such data to the United States, and is consenting to the transfer of their personal data to the United States. Individuals who access the Website from outside the United States do so on their own initiative and are responsible for compliance with local laws, rules and regulations.

XIII. Change of Control

Personal data may be shared or transferred in connection with a sale, merger, acquisition, divestiture, reorganization or other disposition (whether of assets, stock or otherwise), or in the event of our bankruptcy or other insolvency proceeding.

XIV. Revisions to This Privacy Notice

This version of the Privacy Notice is effective as of the date set forth above, and supersedes all earlier versions. We may update this Privacy Notice from time to time, and any subsequent versions of this Privacy Notice will be posted on our Website. You are responsible for periodically visiting our Website to check for any updates to this Privacy Notice.

XV. Questions or Concerns

If you have any questions or concerns about our use of your personal data, you may contact us using our contact information below.

XVI. Our Contact Information

The Lockwood Group
1055 Washington Boulevard
Stamford, Connecticut 06901
U.S.A.
Telephone: (203) 883-8747
Email: IT@thelockwoodgrp.com