ALERT!

This site is not optimized for Internet Explorer 8 (or older).

Please upgrade to a newer version of Internet Explorer or use an alternate browser such as Chrome or Firefox.

Privacy Policy

The Cardiothoracic Surgery Network (CTSNet) is committed to protecting the privacy rights of individuals with whom we interact, including members of the CTSNet community. This Privacy Policy has been established by CTSNet, Inc., 633 North Saint Clair St., Suite 2100, Chicago, IL 60611, United States of America. It sets forth the information we collect about you as you interact with us, how we use that information, and the rights you have regarding the way we use such information.

Any visit by an individual to www.CTSNet.org and any related CTSNet subdomain or other CTSNet-controlled website is subject to the terms set forth in this Privacy Policy. This Privacy Policy has been revised effective May 25, 2018, to coincide with the effective date of the General Data Protection Regulation (GDPR) adopted by the European Union, which applies to some of the individuals who interact with CTSNet. We may further revise it from time to time as the law and interpretations pertaining to the GDPR and other privacy-related protocols and regulations develop, so please remember to revisit this page regularly for any policy updates. In case of any substantial change to this Privacy Policy, we will post a notice on the homepage of www.CTSNet.org, and the changes will only be effective beginning on the date stated in the notice. This policy describes:

Who We Are and What We Do

The data controller as it relates to this Privacy Policy is CTSNet. CTSNet is a not-for-profit organization that serves as an electronic nexus for the worldwide community of healthcare professionals dedicated to treating cardiothoracic disease. The mission of CTSNet is to “connect the global cardiothoracic community” and the organization’s vision is to “leverage internet connectivity to facilitate communication, collaboration, education, and interaction amongst cardiothoracic surgeons and their teams across the globe.” To accomplish its organizational mission and vision, it is necessary for CTSNet to collect relevant personal and demographic data from our site visitors, verified CTSNet community members, and website contributors.

CTSNet only uses your personal data, such as your name, contact details, and profile information in our legitimate business interest to connect the global cardiothoracic community and to nurture communication, collaboration, and education amongst the worldwide cardiothoracic community via electronic resources. We do not sell your data to any third parties. However, in accordance with our mission, we do send carefully vetted communications regarding important topics, including educational meetings, research initiatives, and medical devices, on behalf of trusted third parties. Further, in order to provide our services to you, we may be required to send your relevant personal data to our trusted third-party data processors and participating cardiothoracic organizations.

Please read this full Privacy Policy carefully. By accessing any of our websites, you consent to the collection and use of any information you provide in accordance with this policy. To review and update the personal data you have supplied us with, please login in to your CTSNet account at https://www.ctsnet.org/user/me/edit.

How We Collect Information

In order to carry out the important work of CTSNet, we collect your personal data. One of the reasons we do so is that it helps to ensure that our interactions with you are timely, relevant, and personalized. We collect personal data during your visit to our websites. By personal data we mean “any information relating to an identified or identifiable natural person” such as name, postal address, and email address. The personal data we process is either provided directly by you on a voluntary basis or collected automatically via our websites.

Personal data you provide to us voluntarily
You may choose to provide CTSNet with personal data. If you choose not to provide some data, this may affect the way you navigate our websites or receive the services that we offer you. When you are creating or updating your CTSNet profile or submitting materials for publication on CTSNet, we may ask for personal data such as your name, title, postal address, email address, telephone number, the name of your institution, qualifications, areas of practice/interest, and, where necessary, your date of birth. This data is used to establish your identity and eligibility verification in various scenarios. When you contact us via email or information request links on our websites, we will use the data you provide in order to provide the information or support that you have requested.

Personal data we collect automatically
CTSNet detects and uses the IP addresses of visitors to its websites in order to assist in diagnosis and solving problems with our servers, to assist with the administration of our websites, to assess aggregate usage of our websites, and to make available enhanced website features. Like many organizations, CTSNet also uses cookies and log files in order to enhance your visit to our websites and to better understand how our websites are utilized. Cookies do many different things, such as:

• Allowing you to avoid having to log in to your account repeatedly when visiting our websites.

• Helping us to understand how visitors use our websites so that we can enhance their experience.

Website browsers typically permit you to configure settings so that your device accepts all cookies, to notify you when a cookie is issued, or to not accept cookies at any time. If you disable cookies, this will prevent us from being able to provide some personalized services. We recommend that you read the information that comes with your browser software to learn how to configure its treatment of cookies.

From time to time, we use social media platforms to promote our educational offerings to visitors to our websites. To opt out of receiving these cookies, please visit the social media platforms that you use and configure the settings accordingly. Further information about cookies is available from these third-party sites: http://www.allaboutcookies.org and http://www.youronlinechoices.eu (these provide information tailored to users in European Union countries).

You May Withhold Data

You may choose not to provide CTSNet with any or all of the personal data that we request.  However, if you choose not to provide some data, it may affect the way you navigate our websites or receive the services that we provide.  Depending on the information you choose to withhold, we may not be able to provide particular services to you.

How We Use Your Information

We do not sell, rent, trade, or otherwise disclose personal data about our website visitors, except that, in accordance with our mission, we will from time to time send scrutinized communications regarding important cardiothoracic medical practice topics, including educational meetings, research initiatives, and medical devices, on behalf of trusted third parties. When you provide us with personal data through our websites, you consent to us using that personal data for our lawful reasons as described in the section “Our Lawful Reasons for Processing Your Data” below. We share your personal data with third-party processors and controllers that we have retained to perform various services on our behalf and in relation to the purposes set forth in this Privacy Policy. These third parties are contractually required to act only on our instructions and to maintain an appropriate level of data protection and data security. Service providers are not authorized by us to use the data provided by us for their own purposes or to disclose the data to third parties except as necessary to perform services or functions for CTSNet or to comply with legal requirements. For example, service providers are not authorized by CTSNet to use the data we share with them for their own marketing purposes.

We also collect, use, and share aggregated data such as statistical or demographic data. Aggregated data may be originally derived from your personal data but is not considered personal data in law, as this data does not directly or indirectly reveal your identity. For example, we may aggregate your usage data to calculate the percentage of users accessing a specific website feature. However, if we combine or connect aggregated data with your personal data so that it can directly or indirectly identify you, we treat the combined data as personal data that will be used in accordance with this Privacy Policy.

We enlist the services of other companies and organizations to help us deliver services to you; we maintain privacy contracts with them to ensure they will safeguard any personal data that they process on our behalf. These companies and organizations include but are not limited to:

  • Website development vendors (for creating, enhancing, and maintaining our websites)
  • Website hosting vendors (for hosting our websites)
  • Mass emailing software providers (for transmitting our global electronic communications via email)
  • Mobile app development vendors (for creating, enhancing, and maintaining our mobile applications)

Our Lawful Reasons for Processing Your Information

The GDPR states that we are only allowed to process personal information of individuals to whom it applies if we have a proper reason to do so. This includes sharing it with third parties. We must be clear about why we process their data and what our lawful basis is for processing such data. The six lawful bases for processing are set out in the GDPR, and at least one of them must apply whenever we process personal data of individuals to whom the GDPR applies.  Further information is available at this third-party website: https://ico.org.uk/For-Organisations/Guide-To-The-General-Data-Protection-Regulation-Gdpr/Lawful-Basis-For-Processing.  These lawful bases are:

  1. Contract: The processing is necessary for a contract we have with you, or because you have asked us to take specific steps before entering into a contract.
  2. Legal obligation: The processing is necessary for us to comply with the law (not including contractual obligations).
  3. Vital interests: The processing is necessary to protect someone’s life.
  4. Public task: The processing is necessary for us to perform a task in the public interest or for our official functions, and the task or function has a clear basis in law.
  5. Legitimate interests: The processing is necessary for our legitimate interests or the legitimate interests of a third party unless there is a good reason to protect your personal data which overrides those legitimate interests.
  6. Consent: You have given clear consent for us to process your personal data for a specific purpose.

When it is in our legitimate interest, we process your data to accomplish various objectives, including:

  • Communicating with you about your membership in the CTSNet community
  • Notifying you about important updates and enhancements to CTSNet.org and other CTSNet platforms
  • Emailing you information on our global news summaries, Journal and News Scan posts, and our educational publications and initiatives
  • Inviting you to submit educational materials to CTSNet
  • Inviting you to interact with the global cardiothoracic community
  • Informing you about cardiothoracic educational meetings and courses around the world
  • Making you aware of new medical devices and techniques
  • Inviting you to participate in or watch live streamed educational events
  • Inviting you to serve on a CTSNet leadership body
  • Inviting you to participate in a CTSNet educational roundtable recording
  • Promoting our educational offerings
  • Encouraging you to update your CTSNet profile

We may also use social media sites such as Facebook, LinkedIn, Twitter, and YouTube to reach you about CTSNet educational materials and other offerings.  If you do not want to see targeted advertising from us on social media, please refer to the instructions provided by the social media platforms that you utilize.

We may disclose personal information if required to do so by law or if we believe that such action is necessary to protect and defend the rights, property, or personal safety of CTSNet, our websites, or our visitors, and for other lawful purposes.

Links to Other Sites

We may provide links on our websites to non-CTSNet websites for your convenience and information. These websites operate independently and are neither affiliated with CTSNet nor under our control. These websites may have their own privacy policies in place, which we strongly suggest you review if you choose to visit such websites. We cannot be responsible for the privacy policies and practices of other websites, even if you access them using links from our websites.

How We Keep Your Data Secure

We maintain appropriate administrative, technical, and physical safeguards to protect your personal data against accidental or unlawful destruction, accidental loss, unauthorized alteration, unauthorized disclosure or access, misuse, and all other unlawful forms of processing of the personal data in our possession.

We limit access to your personal data to those employees, agents, contractors, and other third parties who have a business need to know. All CTSNet-dedicated staff with access to your personal data understand the importance of keeping your information safe and secure at all times and are given applicable training.

However, the transmission of information over the internet is never completely secure and as a result, while we strive to protect your personal information, CTSNet cannot guarantee the security of any information you transmit to us, and you do so at your own risk. Once we receive your data, we make every reasonable effort to ensure its security, both on our systems and while in transit between our systems and third parties who work on our behalf.

We have put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.

If you are a resident of the European Economic Area, you should be aware that the personal data we collect from you is collected and stored in the United States, which may not have the same level of data protection as your home country.

How Long We Keep Your Information

We will hold your personal information on our systems for as short a time as is necessary or appropriate for the relevant activity and to meet any legal or regulatory requirement. This is so that we can provide the services, products, or information you have requested, to administer your relationship with us, to ensure that we do not communicate with you if you have asked us not to, and to comply with the law.

Personal Data Rights of Individuals to Whom the GDPR Applies

If you are a person to whom the GDPR applies, you have the right to:

  1. Request access to your personal data.
  2. Request correction of your personal data.
  3. Request erasure of your personal data.
  4. Object to processing of your personal data.
  5. Request restriction of processing your personal data.
  6. Request that we transfer your personal data to someone you designate.
  7. Withdraw any consent you have granted to us regarding your personal data.

You will not have to pay a fee to access your personal data (or to exercise any of the other rights). However, we may charge a reasonable fee if your request is clearly unfounded, repetitive, or excessive. Alternatively, we may refuse to comply with your request under such circumstances.

We try to respond to all legitimate requests within one month. Occasionally it may take us longer than a month if your request is particularly complex, or you have made a number of requests. In this case, we will notify you and keep you updated.

If you would like to know more about the personal data we process about you; access a copy of the personal data we have collected from you; correct, update, erase, or transfer the data we hold about you; revoke your consent for us to use your data; or ask any other questions you may have about our privacy practices, we offer two options:

1) To review and update your personal data stored on CTSNet, please login at https://www.ctsnet.org/user/me/edit.

2) To make a request or inquiry regarding your personal data, please email support@ctsnet.org.

When you tell us that you no longer want to hear from us for marketing purposes, please be aware that we may still contact you for administrative purposes.

Lastly, if you are a citizen of the European Union, you also have the right to lodge a complaint about the way we manage your data with the applicable European Union Data Protection Authority (DPA).  We would, however, appreciate the chance to hear your concerns and resolve any problems before you approach the DPA, so please contact us first in one of the two ways described above.

Consent to This Privacy Policy

Your use of any of our websites, or conduct of other interactions with CTSNet as described above, constitute your unconditional acceptance of the practices described in this Privacy Policy and the other terms and conditions of the terms of use. If you do not agree with and accept all of the practices described in this Privacy Policy, please do not use our websites or conduct any of the other interactions with CTSNet described above, and refrain from voluntarily submitting any personal data to CTSNet.

Last revised: May 25, 2018