Website Privacy Notice

Last Updated May 10th, 2022

Accreditation Commission for Health Care International, LLC is committed to protecting the privacy and security of personal data. This privacy policy applies to the personal data collected by Accreditation Commission for Health Care International, LLC, and its subsidiaries, affiliates, and related entities (collectively, “Company,” “we,” or “us”). This policy describes the types of information we may collect from you or that you may provide when you visit our www.achcinternational.org  (“Website”) and our practices for collecting, using, maintaining, protecting, and disclosing that information.

This policy does not apply to information collected through any other means, including on any other website operated by Company or any third party or any third party, including through any application or content that may link to or be accessible from or on the website.

Collection of Personal Data

For the purposes of this Privacy Notice, personal data means any information about an identifiable individual. Personal data excludes anonymous or de-identified data that is not associated with a particular individual.

We collect several types of information from and about users of our Website, including information:

  • Personal contact details such as name, title, addresses, telephone numbers, and personal email addresses.
  • Details of transactions you carry out through our Website and of the fulfillment of your orders. You may be required to provide financial information before placing an order through our Website.
  • Records and copies of your correspondence (including email addresses), if you contact us.
  • Details of your visits to our Website, including traffic data, location data, logs, and other communication data and the resources that you access and use on the Website.
  • Information about your computer and internet connection, including your IP address, operating system, and browser type.

The technologies we use for this automatic data collection may include:

  • Cookies (or browser cookies). A cookie is a small file placed on the hard drive of your computer. You may refuse to accept browser cookies by activating the appropriate setting on your browser. However, if you select this setting you may be unable to access certain parts of our Website. Unless you have adjusted your browser setting so that it will refuse cookies, our system will issue cookies when you direct your browser to our Website. For further information, visit allaboutcookies.org.
  • Flash Cookies. Certain features of our Website may use local stored objects (or Flash cookies) to collect and store information about your preferences and navigation to, from, and on our Website. Flash cookies are not managed by the same browser settings as are used for browser cookies.
  • Web Beacons. Pages of our Website and our emails may contain small electronic files known as web beacons (also referred to as clear gifs, pixel tags, and single-pixel gifs) that permit the Company, for example, to count users who have visited those pages or opened an email and for other related website statistics (for example, recording the popularity of certain website content and verifying system and server integrity).

We will collect the majority of the personal data that we process directly from you or through these data collection technologies as you navigate through the site.

The personal data is mandatory in order for us to complete account registrations, fulfill transaction obligations, and see which areas of our website are most visited and helps us improve the quality of your online experience by recognizing and delivering more of the most desired features and services. We process this information because it is necessary for our legitimate interests in operating and providing our services and improving our website. Failure to provide or allow us to process mandatory personal data may affect our ability to accomplish the purposes stated in this Privacy Notice.

Use of Personal Data

We only process your personal data where applicable law permits or requires it, including where the processing is necessary for the performance of our Website, processing and completion of a transaction with you, where the processing is necessary to comply with a legal obligation that applies to us as, for our legitimate interests or the legitimate interests of third parties, to protect your vital interests, or with your consent if applicable law requires consent. We may process your personal data for the following legitimate business purposes and for the purposes of completing a requested transaction with you:

  • To present our Website and its contents to you.
  • To provide you with information, products, or services that you request from us.
  • To fulfill any other purpose for which you provide it.
  • To provide you with notices about your account, including expiration and renewal notices.
  • To carry out our obligations and enforce our rights arising from any contracts entered into between you and us, including for billing and collection.
  • To notify you about changes to our Website or any products or services we offer or provide through it.
  • To allow you to participate in interactive features on our Website.
  • In any other way we may describe when you provide the information.
  • For any other purpose with your consent.

We will only process your personal data for the purposes we collected it for or for compatible purposes. If we need to process your personal data for an incompatible purpose, we will provide notice to you and, if required by law, seek your consent. We may process your personal data without your knowledge or consent where required by applicable law or regulation.

We may also process your personal data for our own legitimate interests, including for the following purposes:

  • To prevent fraud.
  • To ensure network and information security, including preventing unauthorized access to our computer and electronic communications systems and preventing malicious software distribution.
  • To support internal administration with our affiliated entities.

You will not be subject to decisions based on automated data processing without your prior consent.

Collection and Use of Special Categories of Personal Data

The following special categories of personal data are considered sensitive under the laws of your jurisdiction and may receive special protection:

  • Racial or ethnic origin.
  • Political opinions.
  • Religious or philosophical beliefs.
  • Trade union membership.
  • Genetic data.
  • Biometric data.
  • Data concerning health.
  • Data concerning sex life or sexual orientation.
  • Data relating to criminal convictions and offences.

We do not collect or process any of the special categories of personal data through our Website.

Children Under the Age of 16

Our Website is not intended for children under 16 years of age. No one under age 16 may provide any information to or on the Website. We do not knowingly collect personal information from children under 16. If you are under 16, do not use or provide any information on this Website or on or through any of its features. If we learn we have collected or received personal information from a child under 16 without verification of parental consent, we will delete that information. If you believe we might have any information from or about a child under 16, please contact us at: [email protected].

Data Sharing

We will only disclose your personal data to third parties where required by law or to our employees, contractors, designated agents, or third-party service providers who require such information to assist us with administering our relationship with you, including third-party service providers who provide services to us or on our behalf. Third-party service providers may include, but are not limited to, payment processors and data storage or hosting providers. These third-party service providers may be located outside of your home jurisdiction.

We require all our third-party service providers, by written contract, to implement appropriate security measures to protect your personal data consistent with our policies and any data security obligations applicable to us. We do not permit our third-party service providers who process your personal data on our behalf to use your personal data for their own purposes. We only permit them to process your personal data for specified purposes in accordance with our instructions.

We may also disclose your personal data for the following additional purposes where permitted or required by applicable law:

  • To other members of our group of companies (including outside of your home jurisdiction) for the purposes set out in this Privacy Notice.
  • As part of our regular reporting activities to other members of our group of companies.
  • To comply with legal obligations or valid legal processes such as search warrants, subpoenas, or court orders. When we disclose your personal data to comply with a legal obligation or legal process, we will take reasonable steps to ensure that we only disclose the minimum personal data necessary for the specific purpose and circumstances.
  • To protect the rights and property of the Company.
  • During emergency situations or where necessary to protect the safety of persons.
  • Where the personal data is publicly available.
  • If a business transfer or change in ownership occurs and the disclosure is necessary to complete the transaction. In these circumstances, we will limit data sharing to what is absolutely necessary, and we will anonymize the data where possible.
  • For additional purposes with your consent where such consent is required by law.

Cross-Border Data Transfers

Where permitted by applicable law, we may transfer the personal data we collect about you to the United States and other jurisdictions that may not be deemed to provide the same level of data protection as your home country, as necessary for the purposes set out in this Privacy Notice. If you are located in the EU, we have implemented data transfer mechanisms from article 46 (Standard Contractual Clauses) of the GDPR to secure the transfer of your personal data to the United States and other jurisdictions.

Data Security

We have implemented appropriate physical, technical, and organizational security measures designed to secure your personal data against accidental loss and unauthorized access, use, alteration, or disclosure. In addition, we limit access to personal data to those employees, agents, contractors, and other third parties that have a legitimate business need for such access.

Data Retention

Except as otherwise permitted or required by applicable law or regulation, we will only retain your personal data for as long as necessary to fulfill the purposes we collected it for, as required to satisfy any legal, accounting, or reporting obligations, or as necessary to resolve disputes. To determine the appropriate retention period for personal data, we consider applicable legal requirements, the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorized use or disclosure of your personal data, the purposes we process your personal data for, and whether we can achieve those purposes through other means. We specify the retention periods for your personal data in our data retention policy.

Under some circumstances we may anonymize your personal data so that it can no longer be associated with you. We reserve the right to use such anonymous and de-identified data for any legitimate business purpose without further notice to you or your consent.

Data Protection Officer

We have appointed a Data Protection Officer to oversee compliance with this Privacy Notice. If you have any questions about this Privacy Notice or how we handle your personal data, or would like to request access to your personal data, please contact the Data Protection Officer at: [email protected]. If you are unsatisfied with our response to any issues that you raise with the Data Protection Officer, you may have the right to make a complaint with the data protection authority in your jurisdiction by contacting the data protection authority.

Rights of Access, Correction, Erasure, and Objection

It is important that the personal data we hold about you is accurate and current. By law you may have the right to request access to, correct, and erase the personal data that we hold about you, or object to the processing of your personal data under certain circumstances. You may also have the right to request that we transfer your personal data to another party. If you want to review, verify, correct, or request erasure of your personal data, object to the processing of your personal data, or request that we transfer a copy of your personal data to another party, please contact us at [email protected]. Any such communication must be in writing.

We may request specific information from you to help us confirm your identity and your right to access, and to provide you with the personal data that we hold about you or make your requested changes. Applicable law may allow or require us to refuse to provide you with access to some or all of the personal data that we hold about you, or we may have destroyed, erased, or made your personal data anonymous in accordance with our record retention obligations and practices. If we cannot provide you with access to your personal data, we will inform you of the reasons why, subject to any legal or regulatory restrictions.

Right to Withdraw Consent

Where you have provided your consent to the collection, processing, or transfer of your personal data, you may have the legal right to withdraw your consent under certain circumstances. To withdraw your consent, if applicable, contact us at [email protected].

Opt-Outs

  • Collection of Location Information: Your device may allow you to disable location-based services, which will prevent our Website from accessing your device location information. For specific questions regarding disabling your device’s location-based services, we recommend that you review the specific instructions provided for your device. Please note that some features on our Website may not be available if you disable location-based services.
  • Email Addresses: If you do not wish to receive marketing emails, and/or product view emails then please follow the opt-out instructions on any marketing email you receive.  Please note that, if you request to be removed from our email marketing list, then you may still receive non-marketing emails, such as confirmations from us regarding any orders that you have placed on our Website. 
  • Cookies: If you would like to deactivate our ability to analyze your anonymous browsing and purchasing behavior through the use of this service, then you may deactivate the setting on your Web browser which allows you to accept cookies. If you choose to do this, however, then you will be unable to use certain features and services offered on our Website.

Changes to This Privacy Notice

We reserve the right to update this Privacy Notice at any time, and we will provide you with a new Privacy Notice when we make any updates. If we would like to use your previously collected personal data for different purposes than those we notified you about at the time of collection, we will provide you with notice and, where required by law, seek your consent, before using your personal data for a new or unrelated purpose. We may process your personal data without your knowledge or consent where required by applicable law or regulation.

Contact Us

If you have any questions about our processing of your personal data or would like to make an access or other request, please contact us at: [email protected].  If you are unsatisfied with our response to any issues that you raise, you have the right to make a complaint with the data protection authority in your jurisdiction.