Rhode Island Free Clinic (“the Clinic” or “RIFC” or “We” or “Us”) has a strong commitment to providing excellent service to all of our customers (“Users”), including respecting their concerns about privacy. We understand that visitors to our website may have questions about whether and how this website collects and uses information, and are committed to protecting your privacy. In support of this, we only use the personally identifiable information (“personal information” or “personal data”) that you provide in accordance with the terms outlined below.
NOTICE TO EU RESIDENTS
This Policy is intended to provide adequate and consistent safeguards for the handling of personal information in accordance with Directive 95/46/EC of the European Parliament and of the Council of 24 October 1995 on the protection of individuals with regard to the processing of personal data and on the free movement of such data (“the Directive”) and all the relevant transposing legislation of the Directive in the European Union/European Economic Area, the Swiss Federal Data Protection Act, as such laws may from time to time be amended and valid during the application of this Policy, the Privacy Shield, and any other privacy laws, regulations and principles concerning the collection, storage, use, transfer and other processing of personal data transferred from the European Economic Area to the United States including but not limited to the Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (“the General Data Protection Regulation”) as of its entry into force on 25 May 2018.
PRINCIPLES FOR PROCESSING PERSONAL INFORMATION
We respect your privacy and are committed to protecting your personal information in compliance with the applicable legislation. This compliance is consistent with our desire to keep you informed and to recognize and respect your privacy rights. We agree to observe the following principles when processing personal information:
- Data will be processed fairly and in accordance with applicable law.
- Data will be collected for specified, legitimate purposes and not processed further in ways incompatible with those purposes.
- Data will be relevant to and not excessive for the purposes for which they are collected and used. For example, data may be rendered anonymous if deemed reasonable, feasible and appropriate, depending on the nature of the data and the risks associated with the intended uses.
- Data subjects in the EU will be asked to provide their clear and unequivocal consent for the collection, processing and transfer of their personal data.
- Data will be accurate and, where necessary kept up up-to-date. Reasonable steps will be taken to rectify or delete personal information that is inaccurate or incomplete.
- Data will be kept only as it is necessary for the purposes for which it was collected and processed. Those purposes shall be described in this Policy.
- Data will be deleted or amended following a relevant request by the concerned data subject, should such notice comply with the applicable legislation each time.
- Data will be processed in accordance with the individual’s legal rights (as described in this Policy or as provided by law).
- Appropriate technical, physical and organizational measures will be taken to prevent unauthorized access, unlawful processing and unauthorized or accidental loss, destruction or damage to data. In case of any such violation with respect to personal data, we will take appropriate steps to end the violation and determine liabilities in accordance with applicable law and will cooperate with the competent authorities. This does not include any liabilities occurred due to Third Party Sites.
INFORMATION WE COLLECT
Users may be asked for, as appropriate:
- Email address;
- Mailing address;
- Phone number;
- Business information
Users may, however, visit our Sites anonymously. We will collect personal identification information from Users only if they voluntarily submit such information to us. Users can always refuse to supply personally identification information, except that it may prevent them from engaging in certain Sites related activities.
We may collect non-personal identification information about Users whenever they interact with our Sites. Non-personal identification information may include the browser name, the type of computer and technical information about Users means of connection to our Sites, such as the operating system and the Internet service providers utilized and other similar information.
WEB BROWSER COOKIES
We collect information about how you use our Sites by setting and accessing cookies on your computer. A cookie is a small piece of information sent by our Sites that is saved on your hard drive by your computer’s browser. The cookie holds information our Sites may need to personalize or enhance your experience and to gather statistical data, such as which pages are visited, the Internet provider’s domain name and the addresses of the sites visited immediately before coming to and immediately after leaving the Sites. The information in the cookie lets the Clinic trace “clickstream” activity (i.e., the paths taken by visitors to our Sites as they move from page to page) to enable us to better serve our customers by revealing which portions of our Sites are the most popular. We may link the anonymous visitor ID from your cookie to a user ID in our database to help us analyze web traffic and statistics. From time to time, other companies may help us with data research and analysis, but they will be prohibited from using that data for any other purpose. You may disable cookies on your browser. Please review your browser’s instructions for doing so. Note that certain features of the Sites may not be available if you delete or reject cookies.
We may use pixel tags (also called web beacons or clear gifs) on our Sites. They can help us analyze what our customers like to do on our Sites and the effectiveness of our features and advertising. They can also help us customize your browsing experience. We may use information collected through pixel tags or tracked links in combination with your personal information. We may also combine personal information you provide to the Clinic with other personal information (such as purchase history and demographic information). If we work with other companies to help us track, collect and analyze this information, they will be prohibited from using this information for any other purpose.
HOW WE COLLECT INFORMATION
We may collect personal information from Users in a variety of ways, including when Users:
- Visit our site;
- Subscribe to the newsletter;
- Respond to a survey;
- Fill out a form; and
- In connection with other activities, services, features or resources we make available on our Sites.
HOW WE USE COLLECTED INFORMATION
The Clinic collects and uses Users personal information for the following purposes:
- To personalize user experience;
- To improve our Sites;
- To improve customer service;
- To share your information with third parties;
- To administer a content, promotion, survey or other Sites feature;
- To send Users information they agreed to receive about topics we think will be of interest to them; and
- If a User decides to opt-in to our mailing list, they will receive emails that may include company news, updates, related product or service information, etc. If at any time the User would like to unsubscribe from receiving future emails, we include detailed unsubscribe instructions at the bottom of each email or User may contact us via our Sites.
- We may also use information in the aggregate to understand how our Users as a group use the services and resources provided on our Sites.
HOW WE PROTECT YOUR INFORMATION
We adopt appropriate data collection, storage and processing practices and security measures to protect against unauthorized access, alteration, disclosure or destruction of your personal information, username, password, transaction information and data stored on our Sites.
Sensitive and private data exchange between the Sites and its Users happens over a Secure Socket Layers (SSL) secured communication channel and is encrypted and protected with digital signatures.
SHARING YOUR PERSONAL INFORMATION
We may share your information with third parties:
- To help us operate our business and the Sites or administer activities on our behalf, such as sending out newsletters or surveys for those limited purposes provided that you have given us your permission;
- To protect payment transactions against fraud or identity theft; and
- To provide you with offers and marketing that may be of interest to you.
We will always obtain your express permission at the time we collect information before sharing it with third parties for marketing purposes.
We may be required to disclose Personal Information in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.
THIRD PARTY WEBSITES
Users may find advertising or other content on our Sites that link to the sites and services of our partners, suppliers, advertisers, sponsors, licensors and other third parties. We do not control the content or links that appear on these sites and are not responsible for the practices employed by websites linked to or from our Sites. In addition, these sites or services, including their content and links, may be constantly changing. These sites and services may have their own privacy policies and customer service policies. Browsing and interaction on any other website, including websites which have a link to our Sites, is subject to that website’s own terms and policies.
The Sites are not directed to children under the age of 13 and the Clinic does not intentionally collect any information from or about children under the age of 13. If you believe a child has provided us with information, contact us at firstname.lastname@example.org.
You have the right to be provided with information as to the nature of the personal information stored or processed about you by the Clinic and may request deletion or amendments.
You may email email@example.com to review, update, and revise your personal information. If access is denied, you have the right to be informed about the reasons for denial. You may resort to the dispute resolution described in this policy as well as in any competent regulatory body or authority. The Clinic shall handle in a transparent and timely manner any type of internal dispute resolution procedure about personal information.
If any information is inaccurate or incomplete, you may request that the data be amended. It is your responsibility to provide use with accurate personal information about yourself and to inform us of any changes. (Ex: new home address or change of name).
If you demonstrate that the purpose for which the data is being processed in no longer legal or appropriate, the data will be deleted, unless the applicable law requires otherwise. You also have the right to request the deletion of your personal data for any reason by emailing firstname.lastname@example.org.
ADDITIONAL ENFORCEMENT RIGHTS AND MECHANISMS
If at any time, you believe that your personal information has been processed in violation of this Policy, you may report the concern to the competent RIFC official. In particular, if you have any inquires or complaints about the use or limitation of use of your personal information, you may contact our corporate headquarters:
Or email us at email@example.com.
CALIFORNIA PRIVACY RIGHTS
If you are a California resident, you have the right to request information from us regarding the manner in which the Clinic shares certain categories of personal information with third parties for their direct marketing purposes, in addition to the rights set forth above. Under California law, you have the right to send us a request at the designated address listed below to receive the following information:
- The categories of information we disclosed to third parties for their direct marketing purposes during the preceding calendar year;
- The names and addresses of the third parties that received the information; and
- If the nature of the third party’s business cannot be determined from their name, examples of the products or services marketed. This information may be provided in a standardized format that is not specific to you. The designated email address for these requests is: firstname.lastname@example.org.
OBLIGATIONS TO DATA PROTECTION AUTHORITIES
We will respond diligently and appropriately to requests from DPAs about this Policy or compliance with applicable data protection privacy laws and regulations. We will, upon request, provide DPAs with names and contact details of the individuals designated to handle this process. With regard to transfers of personal information, we will (i) cooperate with inquiries from the DPA responsible for the entity exporting the data and (ii) respect its decisions, consistent with applicable law and due process rights. With regard to transfers of data to third parties, we will comply with DPAs’ decisions relating to it and cooperate with all DPAs in accordance with applicable legislation.
YOUR CONSENT AND UPDATES TO THIS POLICY
If you have any questions about your privacy or security on our Sites, please contact us using the following information:
This document was last updated on 1/1/2022.