Through its virtual platform, the onevoice community platform https://www.fapvoice.com provides the groundwork for collaboration among all members of this rare disease community. At rareLife solutions (the creator of onevoice), we believe that sharing and learning from each other’s experiences with rare disease empowers patients, caregivers, advocates, researchers, healthcare professionals, and industry partners to better manage, treat and educate about rare diseases and the lifestyles surrounding them. After all, the first step towards progress begins by starting the conversation (especially when what you’re talking about is rare and something not everyone has heard about)!
We understand that what you share about yourself and your rare disease is important and deserves respect. Just as you’re working with the patients, caregivers, advocates, community managers and other members on the onevoice platform to advance the rare disease experience, we’re working with you to do the same! As collaborators in this shared mission, we want to be completely open with you about how we’re amplifying your voice and the resources in the community using the onevoice platform to improve the rare disease ecosystem.
What is a onevoice platform?
A onevoice platform provides a forum for knowledge and community growth for all members within a rare disease ecosystem by curating links to high quality disease resources in one space and providing a virtual place to connect. Our platforms are currently dedicated to oneSCDvoice.com, a Sickle Cell Disease community; DuchenneXchange.org, a Duchenne Muscular Dysthropy community; oneAMYLOIDOSISvoice.com, an Amyloidosis Disease community; and oneEDSvoice.com, an Ehlers-Danlos Syndrome community.
Is joining a onevoice community free?
Yep, we do not have a membership fee.
How old do I need to be to use a onevoice platform?
You must be at least 16 years old.
Why do I need to register?
While the use of our library of resources, such as rareCurate, doesn’t require registration, the full use of the site’s features does. Having a member account allows you to customize your onevoice experience and allows you to participate in rareCourage conversations, which are only viewable by members.
Do you need my real name?
Nope- you don’t have to share your real name unless you’d like to.
What member information is visible to other community members?
Your username, role, profile page, and rareCourage posts are the only things automatically visible to logged in members. You can choose whether to display other information in your profile.
Do you track my IP address?
Your IP address is one of the pieces of data sent by your web browser to our partner, Google Analytics. You can read Google’s policies here (https://www.google.com/policies/privacy/partners/).
Do you collect information about members?
We do collect certain information about members which we use with the intention of improving the understanding and treatments for the rare disease and its community.
What types of information do you collect from members?
We only collect information that a community member voluntarily provides. Examples include biographical information (age, gender, city), photos, and disease info (symptoms, treatment, etc.).
Will you share or make my information public?
As we strive to use our platform to advance this disease ecosystem, we do share certain anonymous information collected with collaborators, people working to enhance onevoice, and most importantly, you and your disease community.
What type of member information is not shared or made public?
Except for some very important exceptions, we will not share a member’s name, password, email address, or mailing address as input during registration. Additionally, we won’t share your date of birth in your profile or your private messages.
How is the member information you collect shared?
Other than reporting adverse events, we do not share the information we collect as an individual data point; it is combined with the same type of information from other community members (in other words, we aggregate the data and strip out information that could be used to identify an individual). Occasionally, we may share anonymized excerpts about the onevoice platform as testimonials or other ways.
How is my email address supplied during registration used?
Simply to stay in contact with you about happenings on the platform, opportunities in your disease space, and any questions or requests you have. You can modify your email preferences in mySettings.
We may also need to get in touch with you in the event of an emergency or to follow up if you mention an adverse event.
Are there any safeguards to ensure that the conversation within onevoice stays on topic?
We provide trained Community Managers for all onevoice platforms who ensure that rareCourage remains a safe, helpful, and welcoming space.
How safe are you against hacking?
We use HIPAA and HI-TECH certified layers of security to protect you and your postings against hackers seeking information you’ve chosen to remain private (although, please understand, anyone can register and see whatever you’ve chosen to show to the community).
How do you select information resources?
Our research team is guided by our councils of expert physicians, healthcare professionals, advocates, patients and caregivers who represent a wide-variety of perspectives, geographies and personal and professional experiences to inform us as to information resources that are valuable to the community. By selecting a diverse set of experts, we also minimize bias from any particular perspective, institution or experience.
If you have any questions or concerns related to the information practices of this platform, please send us an e-mail at email@example.com, or write to or call us at the address/phone numbers below.
Last Updated: September 10, 2019
rareLife solutions, inc.
606 Post Road East, #397
Westport, CT 06880
© 2019 rareLife solutions, inc. All rights reserved.
Welcome community member and thank you for joining our community.
Please read these terms and conditions of use (“Terms”) carefully. These Terms are a binding agreement between you (“you”) and rareLife solutions, inc. (“rareLife solutions”, “we” or “us”). These Terms govern your use of our websites located at www.fapvoice.com and any of our other websites, their respective subdomains, and software applications containing a link to these Terms (collectively, our “Sites”). Other people, a.k.a. users, who have agreed to these Terms or prior Terms for using our Sites are referred to as “community members” or “community member” or “member.” Our Sites provide a common online interactive space for community members to come together, share, learn and communicate.
BY USING ANY OF OUR SITES, YOU ARE STATING THAT YOU HAVE READ AND UNDERSTAND, AND AGREE TO BE BOUND BY, THESE TERMS (WHETHER OR NOT YOU CONFIRM YOUR AGREEMENT, SUCH AS BY CLICKING “I AGREE”). IF YOU DO NOT AGREE TO THESE TERMS, YOU ARE NOT PERMITTED TO USE ANY OF OUR SITES.
IF YOU THINK YOU MAY HAVE A MEDICAL EMERGENCY, CALL 911 IMMEDIATELY.
Being a community member and Access
A caregiver who is not a parent of or legal guardian for a Patient;
A friend/family member of a Patient;
Health care professional (e.g. physician, nurse, etc.);
Scientific or medical researcher;
Person who works in rare disease (non-medical);
Member of the news media; or
Student in the health sciences
No Medical Advice
National Suicide Prevention Lifeline (US): 1-800-273-8255, https://suicidepreventionlifeline.org/
Samaritans (UK): 116 123, http://www.samaritans.org/
International directory of helplines: http://www.befrienders.org/directory
Appropriate and Lawful Use of Site
You agree not to use any of our Sites or the content available on our Sites:
- in violation of these Terms or any Law;
- to post or upload information or content that is false, inaccurate, or misleading;
- to transmit any unsolicited or unauthorized advertising or promotional materials;
- obtain or attempt to access or otherwise obtain any materials or information through any means not intentionally made available or provided for through our Sites or
- interfere with other community members’ use and enjoyment of our Sites (for example, by spamming, soliciting or overly promoting personal interests).
Related Agreements and Policies.
Our Content and Proprietary Rights.
Third Party Content (Including Your Content).
- Your Content is accurate;
Identification of the copyrighted work that you believe to be infringed.
rareLife solutions, Inc.
606 Post Road East, #397
Westport, CT 06880
© 2019 rareLife solutions, inc. All rights reserved.
The rareLife solutions onevoice website https://www.fapvoice.com/ (the “Site”) is specifically designed to harness the power of collaboration in rare disease — creating an online solution for all rare disease stakeholders. Various feature groups within the “Site” allow visitors and registered users to access curated disease information, clinical trial tools, and share experiences and information about their diseases, conditions, and symptoms and provide compassion, empathy and encouragement to help build a strong community for all rare disease stakeholders. In order to explore certain restricted areas of the Site, visitors must register to become community members (“community members”). If you do not register as a community member (“visitors”), the only information the Site will collect from you is the non-personally identified information collected through “cookies,” as described below in the section on cookies.
1. Information We Collect
I. Personally Identifiable
- “Personally Identifiable Information” (“PII”), is information that identifies an individual personally, such as first and last name, date of birth, postal address, email address, and telephone number. This is information you voluntarily share with us directly either when you register or if you post in any of the communities. Examples of PII may include but are not limited to- name, email address, and password as input during registration, mailing address, as collected from registration, email, private message, or other activities; date of birth, as collected in a community member profile
- Demographic or biographical information, such as age, gender, ethnicity, religion, and location (city, state, country) or in some instances IP address;
- Condition/disease information, including diagnosis, symptoms (e.g., frequency, duration, severity), family history;
- The course of treatment (e.g., medicines, surgeries, therapies, etc.), including side effects;
- Photographs or pictures;
- Account information from social media platforms;
- Sensor information from fitness or activity trackers;
- Laboratory or diagnostic test results;
- Genetic information;
- Electronic health records;
- Information shared via free text fields, such as in rareCourage, rareClinical, rareProfile, myBinder, rareChat, rareQuestionnaires;
- Connections to other community members on the Site (e.g., rareCourage, rareTeams, rareMates) and people outside the Site shared by a community member.
Keep in mind, if you post PII on the Site, that PII is generally accessible to and may be collected and used by other community members and may result in unsolicited messages or other forms of contact from other community members. We advise you to exercise caution and discretion when posting PII in such areas of the Site. You are solely responsible for the information and other content you post on or through the Site. See terms and conditions
The Site also automatically collects information about you as a Site visitor that is not PII but relates to your use of the Site. Non-PII is aggregated information, demographic information and any other information that does not reveal your specific identity. Non-PII is “passively” collected from you through browser navigational tools, such as cookies and pixel tags. These types of technologies enable the Site to compile statistics about our daily number of site visitors or specific page requests, while not identifying you personally, other than by your IP address, which is the Internet Protocol address of the computer that you use to access the Site. We also do not authorize unaffiliated third parties to collect any personal information from you on the Site for purposes of such online tracking.
A cookie is a small data file that a website transfers to a user’s hard drive when a user visits the website. A cookie file can contain information such as a unique ID that the website uses to track the pages visited and is a standard method of registering website user preferences. These preferences are stored in a file on your computer’s hard disk drive. We also use ‘analytical’ cookies. These allow us to recognize and count the number of visitors to the Site and to see how visitors move around the Site when they’re using it. This helps us improve the way our website works, for example by making sure users find what they need easily.
Our Site uses both persistent and session cookies. Persistent cookies are cookies that stay on your computer permanently until you “manually” delete them. Session cookies delete themselves automatically when you leave a website and go to another one or shut down your browser.
You can set your browser to accept all cookies, to reject cookies, or to notify you whenever a cookie is offered so that you can decide each time whether to accept it. However, refusing a cookie may in some cases preclude you from using, or negatively affect the display or function of, the Site or certain areas or features of the Site. To learn more about cookies, including how to enable cookies, change your browser settings and find and delete cookies on your hard drive, please refer to your web browser’s help menus or visit www.allaboutcookies.org.
2. How We Use this Information
- PII. We may use the PII collected through the Site for any or all of the following purposes:
- Responses to Requests. We may use PII about you to respond to your requests, such as to answer your questions about using the Site, content you may have posted, your experience using the Site, and to provide you with clarifications, explanations or perhaps the benefits offered by features in the Site.
- Emergency. We may use PII in the case of an emergency or other situation that we determine requires rareLife solutions to directly contact the community member.
- Adverse Events. rareLife solutions, as required by law and/or its Collaborators, may also be required or alternatively at its option for the greater good, to report certain PII as adverse event and drug safety information to the U.S. Food and Drug Administration (FDA), the Centers for Disease Control and Prevention (CDC), and/or other U.S. or international governmental organizations, as well as directly to pharmaceutical and medical device companies. rareLife solutions will not provide PII to such government entities but may contact community members for follow-up if requested by the government or Collaborators. The information rareLife solutions provides may include, but is not limited to, information posted or submitted by community members in rareCourage, rareClinical, my rareJourney, rareChat, rareQuestionnaires or other similar data collectors in the Site. In addition, certain sections of our Site may be provided with the support of Collaborators. These Collaborators may have adverse event reporting requirements that relate to regulated products that are used by community members, and rareLife solutions may assist such Collaborators with reporting adverse events to regulatory agencies.
To learn more about adverse event reporting to the US Food and Drug Administration: http://www.fda.gov/Safety/MedWatch/
- Communications with community members who Subscribe. rareLife solutions will communicate with you if you join our mailing list or otherwise accept to be notified of certain events and activities. You may opt out of receiving such communications at any time, as described in those communications and in Section 8 below.
- Code of Conduct Compliance. We analyze rareCourage community content to ensure the Code of Conduct is being adhered to by and among the community members.
- Internal Business Purposes. We use PII about you for our internal business purposes, including in particular to help us determine usage of all of our feature groups (including rareCourage, rareClinical, my rareJourney, rareChat and other data collectors), and help us improve our offerings. We also use PII for related internal purposes, such as data analysis, audits, enhancing the Site, identifying usage trends and determining the effectiveness of our promotional messaging.
Non-PII Information may aggregate certain types of non-personally identifiable information such as the number of patients with a particular disease or condition, on a particular treatment, or experiencing a particular symptom. This anonymized (or de-identified) information would be visible by individuals that are not community members, and great care is taken in anonymizing this information so it is unlikely that someone could be identified. We may use non-PII to help us improve the Site, such as by analyzing usage of certain pages or functions on the Site.
3. How We Share Information
- PII. We may share PII we collect through the Site under certain circumstances, including:
- Affiliates. We may share PII with any entities that may become affiliates of rareLife solutions.
- rareLife solutions Staff and Moderators. rareLife solutions staff and moderators may sometimes need access to your PII in the course of troubleshooting problems or resolving complaints.
- Research Collaborations. Unless otherwise agreed to with a platform sponsor, rareLife solutions may share or sell certain anonymized information from onevoice to Collaborators, such as pharmaceutical or medical device manufacturers, advocacy organizations, and academic institutions that are researching and analyzing ways to better understand patient experience and improve treatment and patient outcomes.
- Surveys. rareLife solutions may occasionally ask community members to complete voluntary surveys and/or polls about their experiences, unmet needs and/or other topics, including the various features within onevoice or proposed to be included. rareLife solutions may aggregate anonymized data and combine such responses with community members’ PII and share or sell it to Collaborators.
- Clinical Trial Finder. Registered community members have the opportunity to locate clinical trials in which they or their family members may be able to participate. The feature does not promise trial enrollment, but displays trials based on responses to a series of questions that may be suitable for the registered member. The member can then reach out to the trial center to determine if the trial is appropriate. The CTF will also notify community members when a new trial is available for consideration. Using CTF, we plan to provide reporting on usage and data to our partners as well as unaffiliated third parties.
- Third Party Service Providers. We may share PII with unaffiliated third parties who provide us with services, such as the developer and designer of the Site, to provide technology, data analysis, or similar services.
- Educational Partners/Providers. On occasion, a third-party educational provider or partner (“Provider/Partner”) will ask us for a list of the people who participated in a particular webinar, Q&A, or online community chat activity that was offered by rareLife solutions through the Site. In response to such a request, we will provide the Provider/Partner with anonymized and aggregated PII, unless the community member participant chose to be identified or contacted as part of signing up for the educational activity.
- Third Parties for Marketing. We do not share PII with unaffiliated third parties for their own marketing purposes.
- Acquirers or Assignees. In the event of any reorganization, merger, sale, joint venture, assignment, transfer or other disposition of all or any portion of rareLife solutions, any affiliate, or its assets, we may transfer any and all information that we collect from Site users to the acquiring party or assignee.
- Use of PII. Under certain circumstances, rareLife solutions may use your PII, including but not limited to:
- If a community member registers or switches to the status of a licensed healthcare professional (HCP) or researcher, the community member’s full name and affiliation will be viewable;
- If a community member agrees to participate in a rareLife solutions-organized activity such as workshops or conferences, rareLife solutions may share the community member’s information (e.g., name, email) for the purpose of planning and executing the activity;
- If a community member explicitly opts in to have their PII shared with a Collaborator, rareLife solutions will share the information as instructed by the community member (e.g. co-registration with a non-profit).
- Collaborators. Community members should understand that the information they post on public areas of the Site may be shared in the various communities built by rareLife solutions, including other patients and third parties but not limited to pharmaceutical and medical device makers, contract research organizations, advocacy groups, academic medical centers, and research institutions (“Collaborators”). While community members are encouraged to share their information, greater amounts of information or data may increase the likelihood that a community member could be located or identified.
- Opt Out. At any time, you may opt out of allowing rareLife solutions to use your PII for the purposes noted in this section by using our contact us form or by sending us an email at firstname.lastname@example.org. We will process your request within a reasonable time. However, please note that in certain instances, we may have already used your PII consistent with this Policy prior to your opt out date.
- Other Information. We may share non-PII, such as the Site usage patterns of Site visitors on an aggregate basis, with third parties, for instance as a poster presentation at a medical conference
4. How Can You Manage PII We Maintain?
- Updating or Correcting PII. If you would like to review, correct, update or remove PII about you that you previously provided to us (other than your birth date), you may do so by visiting your “settings” page.
If you are unable to locate that page, please inform us by sending us an e-mail at email@example.com. For your protection, we will only implement such requests with respect to the PII associated with the particular email address that you use to send us your request, and we may need to verify your identity before implementing your request.
5. How Do We Protect and Maintain PII Collected Through the Site?
- Security. We use reasonable organizational, technical and administrative measures to help protect against the loss, misuse and alteration of the information under our control. rareLife solutions uses a third-party data security vendor, which stores information and data collected on our Sites in a manner that is consistent with the same integrity, rigor, and technical standards required under the HIPAA Security Rule. However, no data transmission over the Internet or data storage system can be guaranteed to be 100 percent secure. Please exercise caution in sending us any information you consider confidential. It is your personal responsibility to secure your own copies of your passwords and related access codes for our online resources.
- Data Integrity and Retention. We will retain PII about you for the period necessary to fulfill the purposes outlined in this Policy or our data retention policies unless a longer retention period is required by law. However, rareLife solutions cannot guarantee the identity of any other community members with whom a community member may interact in the course of using the Site or who may have access to a community member’s PII. Additionally, we cannot guarantee the integrity or authenticity of any data that community members provide about themselves
Social Logins. To register and log in to your account, you also have the option of authenticating yourself with your existing profile on one of the following social networks, Facebook or Google+, and registering or logging in. The information we require for registration or login is (i) your name and (ii) your email address. After your express consent to the use of the transmitted and required data for purposes of registering and/or logging into the Site, your data will be stored by us and used for the purposes as stated within this Policy. [There is no link beyond the authentication process between your customer account created with us and your account on the corresponding social network.] In order to perform the authentication process for registration and login, your IP address is transmitted to the respective social network provider. We have no influence on the purpose and scope of data collection and on the further processing of the data by the respective provider of the social network. For further information, please read the data protection information of the respective provider:
1) Facebook Inc. – 1601 S California Ave, Palo Alto, California 94304, USA;
2) Google Inc. – 1600 Amphitheater Parkway, Mountainview, California 94043, USA; https://policies.google.com/technologies/partner-sites?hl=en and https://policies.google.com/privacy?hl=en&gl=us
Facebook Ads. We may use the “Facebook Pixel” from Facebook Inc. (1601 S California Ave, Palo Alto, California 94304, USA) on the Site. This allows user behavior to be tracked after they have been redirected to this Site by clicking on a Facebook ad. This enables us to measure the effectiveness of Facebook ads for statistical and market research purposes. The data collected in this way is anonymous to us, i.e. we do not see the personal data of individual users. You can object to the collection of data via Facebook pixels and the processing of your data to display Facebook Ads. To adjust the settings concerning which advertisements are shown on Facebook, you can visit Facebook’s dedicated page and follow the instructions to change the settings for usage based advertisements: https://www.facebook.com/settings?tab=ads. You can opt out of the collection and use of information for ad targeting by following Facebook’s published opt-out instructions.
YouTube. We have integrated YouTube videos into our Site, which are stored on http://www.YouTube.com and can be played directly from our Site. These are integrated in the “extended data protection mode”, i.e. no data about you as a user will be transmitted to YouTube, if you do not click on the videos to start playing them. Only when you play the videos will the data referred to in this paragraph be transferred to YouTube. We have no influence on this data transfer. If you are logged in to Google (an affiliate of YouTube), your information may be directly associated with your Google account. If you do not wish to be associated with your profile on YouTube, you must log out of Google before activating the button.
Google Analytics. Our Site uses Google Analytics, a web analysis service of Google, Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043 USA, www.google.com (“Google Analytics” or “Google”). Google Analytics employs cookies that are stored to your computer in order to facilitate an analysis of your use of the Site. The information generated by these cookies, such as time, place and frequency of your visits to our Site, including your IP address, is transmitted to Google’s location in the US and stored there. Google uses this information to analyze your use of our Site, to compile reports for us on internet activity and to provide other services relating to our Site. Google Analytics also offers a deactivation add-on for most current browsers that provides you with more control over what data Google can collect on websites you access. You can find additional information on how to install the browser add-on referenced above at the following link: https://tools.google.com/dlpage/gaoptout?hl=en.
6. CALIFORNIA PRIVACY RIGHTS
Pursuant to Section 1798.83 of the California Civil Code, a California resident who has provided Personal Information to a business with whom he/she has established a business relationship for personal, family, or household purposes (“California Customer”) is entitled to request information about whether the business has disclosed Personal Information to any third parties for the third parties’ direct marketing purposes. Upon receipt of a request by a California Customer, the business is required to provide a list of all third parties to whom Personal Information was disclosed in the preceding calendar year, as well as a list of the categories of Personal Information that were disclosed.
You can make a request for this information by emailing us at firstname.lastname@example.org or by writing to us at the address given at the bottom of this policy.
7. EUROPEAN ECONOMIC AREA DATA SUBJECT RIGHTS
If you are a natural person residing within the European Economic Area (“Data Subject”), the following additional rights as expressed under Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 known as the General Data Protection Regulations (“GDPR”) are applicable to you:
1. Personal Data: For the purposes of this section, “Personal Data” means collectively PII, Unique Identifiers, Advertising Identifiers, and Location Data which you have provided to, or otherwise collected by rareLife solutions when you use and otherwise access the platform.
2. Basis for Processing Data: rareLife solutions relies on the consent of the Data Subject to process personal information. Data Subjects must be at least the age of 16 to consent to the processing of their Personal Data. Data Subjects under the age of 16 must obtain their parent’s or legal guardian’s permission to consent to the processing. On other occasions, we may process information when we need to do so to fulfill a contract, provide services or where we are required by law to do so.
3. Access/Portability: You may access, correct, or modify the Personal Data you provided to rareLife solutions and associated with your account. Note that we may request to verify your identification before fulfilling your request. You can also request that your personal information is provided to you in a commonly used electronic format so that you can share it with other organizations. You may do so by contacting our privacy team and they will send you the Data Subject Access Request (DSAR) form to process your request.
4. Forgotten: You may request to have your Personal Data erased, or otherwise request that your Personal Data not be processed. Please note that the Service, or parts of the Service, may become inaccessible or otherwise not function properly if you request to have your Personal Data erased or not be processed. You may do so by contacting our privacy team as described below.
5. Object, Restrict, or Withdraw Consent: You may withdraw consent you previously provided to rareLife solutions or otherwise object to or restrict the processing of your Personal Data. Please note that the Service, or parts of the Service, may become inaccessible or otherwise not function properly if you withdraw certain consents or otherwise object to restrict the processing of your Personal Data. You may do so by contacting our Privacy Team and they send you the Data Subject Withdrawal Form (DSWF) to process your request.
6. Supervisory Authority: If you have a concern with the handling of your Personal Information, you have the right to do so with your local Data Protection Authority in the country in which you reside.
8. Use of Site by Children
This site is not intended for use by children (under the age of 13 in the US or 16, if you live in the EEA). In light of Article 8 of the GDPR, we have a parental consent form in place that the holder of parental responsibility needs to fill if the child is under the age of 16 years. Under Article 8(2), we make “reasonable efforts” to verify that consent has been given or authorized by the holder of parental responsibility. We also want to let the child know that he or she has a right to withdraw that consent once they are competent to make such a decision.
9. Transfers and Processing of PII
10. Managing Communications With You.
If you no longer wish to receive emails from us on a going-forward basis, you may opt-out of receiving such emails by following the “unsubscribe” directions on the e-mails, or by going to your “member settings” page and un-checking the option to receive e-mails from us, or by calling us toll-free at (844) 663-8642 [8:00 am-5:00 pm (ET), Monday-Friday], or by sending an e-mail to email@example.com with the subject line “Unsubscribe.” We will endeavor to comply with your request as soon as reasonably practicable.
Last Updated: September 12, 2019
rareLife solutions, Inc.
606 Post Road East, #397
Westport, CT 06880
©2019 rareLife solutions, Inc. All rights reserved.
onevoice is a “positively-charged” community…and we want to provide a safe and powerful space for encouragement. We hope you are taking on the mantle of being a ‘community member’ means you’re part of the solution. Bring your PMA (positive mental attitude), your realities and strength to onevoice – we need as much “good stuff” as you can muster…
We get it though. Everyone’s life has struggles and rough patches, and you’re welcome and invited to share those as well.
Posting or linking to material that is unlawful, obscene, derogatory, defamatory, threatening, harassing, abusive, slanderous, hateful, or embarrassing to any other person or entity as determined by us in our sole discretion.
Holding yourself out on our Sites as a healthcare professional or otherwise misrepresenting your licensure, specialty, certification, or other credential or information.
If you are a healthcare professional: attempting to treat or diagnose a patient or provide any other service or product to a patient on the Site.
Disclosing in any part of the Site any personally identifiable information (e.g., name, address, etc.), alone or in combination, about a former or current patient or client.
Under certain circumstances, mostly dealing with Federal Laws about approved drug marketing and advertising, posting or linking to information about certain pharmaceutical products or medical devices.
Participation or use of the site for any purpose in violation of applicable local, state, federal, or international laws.
Posting or linking to content that infringes, misappropriates or violates the intellectual property or other proprietary rights of third parties or their privacy or publicity rights.
Sending or posting viruses or other harmful computer code.
Unconsented collecting or harvesting of information about others, including email addresses.
Creating or using an account to impersonate another person.
Creating or registering more than one name and/or e-mail address.
Granting another person access to use your account to post or view comments.
Posting excessively or “spamming,” including repeatedly posting the same comment or content, including advertisements, business solicitations, chain letters, or pyramid schemes.
Participating on our Sites by persons under 16 years of age.
Disrupting conversations and communications repeatedly or posting unrelated comments to a particular topic.
Using our Sites in a manner that prevents another person from participating in the Site or exposes us or any community member’s or our Collaborators to potential liability or detriment of any kind.
With respect to enforcing our Code of Conduct, we reserve the right to:
Record the conversations or content on our Site.
Investigate and take appropriate legal action against anyone who, in our sole discretion, is alleged to or violates the Terms or this Code of Conduct.
Remove offending content from our Sites, including any content that we determine, in our sole discretion, to be unlawful, obscene, derogatory, defamatory, threatening, harassing, abusive, slanderous, hateful, or that otherwise fails to conform to the Terms or this Code of Conduct.
Suspend or terminate the access of such violators to our Sites.
Report violations to the law enforcement authorities.
Terminate a user’s access to the Site if the user’s registration information and/or e-mail address is no longer valid.
Monitor, edit, or disclose any communication on the Site.
Edit or permanently remove any communication posted on the Site, even if not violative.
Take any other action that we deem necessary to protect the personal safety of community members or the public.
Although community members can remove, edit, or delete posts at any time, you should avoid posting personally identifiable or confidential information on our Sites (e.g., full name, e-mail addresses, etc.). However, we recognize that there may be certain situations where personally identifiable information is posted despite our monitoring of the Sites. Accordingly, if you are unable to remove or delete such content (e.g., posted by another community member), we may require you to may an administrative fee to remove each posting.
rareLife solutions, Inc.
606 Post Road East, #397
Westport, CT 06880
© 2019 rareLife solutions, inc. All rights reserved.
The General Data Protection Regulation (GDPR) is the European data protection regulation adopted by the EU Commission to replace the EU Data Protection Directive, also known as Directive 95/46/EC. GDPR took effect on May 25th, 2018. The regulation expands upon and replaces the EU Data Protection and Privacy rules with a more comprehensive framework that dictates how the personal information of EU data subjects is used, stored, transmitted, protected, and codified. The GDPR applies to both individuals and businesses and regulates the way in which personal data of citizens in the European Union should be handled. The GDPR also requires that businesses share with the EU data subject how personal data is being handled; respond to certain data subject requests about that data; and handle such with proper security controls. The regulation also sets a standard for how that data is shared with other controllers and processors and sets guidelines for use or transfer of that information in countries with different laws and regulations regarding data use and transfer. A copy of the text of GDPR can be found here.
Our policies regarding data ownership and protection are focused on providing you with confidence that your data remains secure, and under your control. We have established a number of measures to ensure that customers and their data are treated in a manner consistent with privacy principles.
At rareLife, we are committed to ensuring the security and protection of the personal information that we process, and to provide a compliant and consistent approach to data protection. We have always had a robust and effective data protection program in place which complies with existing law and abides by the data protection principles. However, we recognize our obligations in updating and expanding this program to meet the demands of the GDPR and the Data Protection Bill.
We are dedicated to safeguarding the personal information under our remit and in developing a data protection regime that is effective, fit for purpose and demonstrates an understanding of, and appreciation for the GDPR. Our preparation and objectives for GDPR compliance have been summarized in this statement and include the development and implementation of new data protection roles, policies, procedures, controls and measures to ensure maximum and ongoing compliance.
How is rareLife Preparing for the GDPR
rareLife already has a consistent level of data protection and security across our organization, however it is our aim to be fully compliant with the GDPR.
Our preparation includes: –
Information Audit – We are carrying out a company-wide information audit to identify and assess what personal information we hold, where it comes from, how and why it is processed and if and to whom it is disclosed. This will be an iterative process reviewed on an annual basis.
- Policies & Procedures – At rareLife, we are revising/implementing new data protection policies and procedures to meet the requirements and standards of the GDPR and any relevant data protection laws, including: –
- Data Retention & Erasure – We are working on having erasure procedures to meet the new ‘Right to Erasure’ obligation and are aware of when this and other data subject’s rights apply; along with any exemptions, response timeframes and notification responsibilities.
- Data Breaches – Our data breach procedures ensure that we have safeguards and measures in place to identify, assess, investigate and report any personal data breach at the earliest possible time. Our procedures are robust and have been disseminated to all employees, making them aware of the reporting lines and steps to follow.
- Data Transference – When rareLife collects a data subject’s personal information it avoids sharing that information with any vendor, third party, contractor or other type of outside service, unless either required by law or as part of our internal processes which sometimes include external providers. The information is stored in our systems and is not transferred outside of our network to any controllers or sub processors without explicit permission from our clients. rareLife never sells personal data to other companies, and to the extent it is ever shared, it is only to complete the purpose for which the data was acquired. All of our vendors must have procedures in place that protect any data that is shared with them.
- International Data Transfers & Third-Party Disclosures – Where rareLife stores or transfers personal information outside the EU, we have robust procedures and safeguarding measures in place to secure, encrypt and maintain the integrity of the data. Our procedures include a continual review of the countries with sufficient adequacy decisions, as well as provisions for binding corporate rules; standard data protection clauses or approved codes of conduct for those countries without. We carry out strict due diligence checks with all recipients of personal data to assess and verify that they have appropriate safeguards in place to protect the information, ensure enforceable data subject rights and have effective legal remedies for data subjects where applicable.
- Subject Access Request (SAR) – We are diligently working on our SAR procedures to accommodate the revised 30-day timeframe for providing the requested information and making this provision free of charge. Our new procedures detail how to verify the data subject, what steps to take for processing an access request, what exemptions apply and a suite of response templates to ensure that communications with data subjects are compliant, consistent and adequate.
- Legal Basis for Processing – We are reviewing all processing activities to identify the legal basis for processing and ensure that each basis is appropriate for the activity it relates to. Where applicable, we also maintain records of our processing activities, ensuring that our obligations under Article 30 of the GDPR and Schedule 1 of the Data Protection Bill are met.
- Privacy Notice/Policy – We have revised our Privacy Notice(s) to comply with the GDPR, ensuring that all individuals whose personal information we process have been informed of why we need it, how it is used, what their rights are, who the information is disclosed to and what safeguarding measures are in place to protect their information.
- Obtaining Consent – We have incorporated consent mechanisms for obtaining personal data, ensuring that individuals understand what they are providing, why and how we use it and giving clear, defined ways to consent to us processing their information. We have developed stringent processes for recording consent, making sure that we can evidence an affirmative opt-in, along with time and date records; and an easy to see and access way to withdraw consent at any time.
- Data Protection Impact Assessments (DPIA) –We are in the process of developing stringent procedures and assessment templates for carrying out impact assessments that comply fully with the GDPR’s Article 35 requirements. Our goal is to document processes that record each assessment, allow us to rate the risk posed by the processing activity and implement mitigating measures to reduce the risk posed to the data subject(s).
- Processor Agreements – where we use any third-party to process personal information on our behalf (i.e. Payroll, Recruitment, Hosting etc.), we have drafted compliant Processor Agreements and due diligence procedures to ensure that they (as well as we), meet and understand their/our GDPR obligations. These measures include initial and ongoing reviews of the service provided, the necessity of the processing activity, the technical and organizational measures in place and compliance with the GDPR.
- Special Categories Data – where we obtain and process any special category information, we do so in complete compliance with the Article 9 requirements and have high-level encryptions and protections on all such data. Special category data is only processed where necessary and is only processed where we have first identified the appropriate Article 9(2) basis or the Data Protection Bill Schedule 1 condition. Where we rely on consent for processing, this is explicit with the right to modify or remove consent being clearly signposted.
Data Subject Rights
In addition to the policies and procedures mentioned above that ensure individuals can enforce their data protection rights, we provide easy to access information via (our website, in the office, during induction etc.) of an individual’s right to access any personal information that rareLife processes about them and to request information about: –
- What personal data we hold about them
- The purposes of the processing
- The categories of personal data concerned
- The recipients to whom the personal data has/will be disclosed
- How long we intend to store their personal data for
- If we did not collect the data directly from them, information about the source
- The right to have incomplete or inaccurate data about them corrected or completed and the process for making this request
- The right to request erasure of personal data (where applicable) or to restrict processing in accordance with data protection laws, as well as to object to any direct marketing from us and to be informed about any automated decision-making that we use
- The right to lodge a complaint or seek judicial remedy and who to contact in such instances
Information Security & Technical and Organizational Measures
rareLife solutions takes the privacy and security of individuals and their personal information very seriously and take every reasonable measure and precaution to protect and secure the personal data that we process. We have robust information security policies and procedures in place to protect personal information such as SSL, access controls, password policy, encryptions and IT.
If you have any privacy-related questions/concerns, feel free to reach out to us. This same contact information can be used for questions related to data subject access requests, portability, erasure, etc. The contact information is as follows:
606 Post Road East, #397
Westport, CT 06880
Telephone (844) 663- 8642
We are constantly improving our policies and procedures to adhere to the standard and to go a step further to ensure all data we collect is properly protected.
We strive to be transparent with how we are collecting data regarding our customers and providing information to them on the data that we currently have. All our teams work to ensure that the data collected is only what is needed to provide the best service and utilizes data subjects’ information for the purpose of fulfilling those services only.
rareLife solutions, Inc.
606 Post Road East, #397
Westport, CT 06880
© 2019 rareLife solutions, inc. All rights reserved.
The cookie settings on this website are set to "allow cookies" to give you the best browsing experience possible. If you continue to use this website without changing your cookie settings or you click "Accept" below then you are consenting to this.