Privacy Policy
Last Update Date: 03/08/23
The Kids First Data Resource Center (“DRC” or “we”) has created this Privacy Policy to demonstrate its commitment to privacy and transparency of practices. This Privacy Policy explains the DRC’s information-gathering and dissemination practices for the Kids First Website and Data Resource Portal (the “Services”). By accessing the Services, you consent to the practices and terms of this Privacy Policy. Limited data is collected about your visit to any of our Services in order to help us better understand public use of the sites and to improve and continue to make our Services more useful to visitors. This page describes the information that is automatically collected and stored.
“Personal Information” means any information that can be used to identify you, directly or indirectly, as an individual person. The DRC collects Personal Information when you visit any of the Services, send DRC an email, respond to a survey, provide online feedback, register for the Kids First Portal, subscribe to one of the DRC’s online publications or email newsletters, or otherwise communicate with us. The DRC also collect information, such as anonymous usage statistics, by using cookies, server logs, and other similar technology as you use the Services.
The DRC collects Personal Information that you enter through the Services or give to the DRC in another way. For example:
- When you access the Services, the DRC may collect:
- contact information, such as your name, email address, mailing address, and telephone number
- employment-related information, such as employer, department, job title and business contact information
- account information, such as account name, password, security question responses, and a unique identification number
- product interest information, including products and areas of interest
- When you fill out a survey, the DRC collects, depending on the survey:
- satisfaction with an event or course, product usage, and product satisfaction
- other information in response to solicited questions, as you voluntarily contribute
- When you contribute information to DRC websites, the DRC collects:
- user generated content, such as content you post on our blogs or elsewhere on our website, or content you post on social media platforms
- any information you contribute spontaneously or in response to questions
The DRC collects Personal Information about individuals from a number of third party sources.
Business Partners and Service Providers: Our business partners and service providers, such as contacts database and website hosting providers, collect Personal Information and share some or all of this information with us.
Single Sign-On: When the DRC allow you to register and login to the Services through a third-party platform, the DRC collects information from the third-party platform permitted under the settings and privacy policy of that platform.
Publicly Available Sources: The DRC collects Personal Information about you that the DRC does not otherwise have (including contact information, employment-related information and product interest information) from social media platforms (for example, LinkedIn), and other publicly available databases.
Log File Data
The Services collect domain names of site visitors, as well as aggregate information about site traffic and server load. Additional processes store IP addresses, browser information, location, and device statistics of visitors for auditing and security purposes. This information is used strictly to maintain and improve the Services.
Cookies
The Services use “cookies” during site visits. The “cookie,” which is a small text file stored in temporary memory, is used by our Web applications for usability purposes and to comply with subscription and settings preferences that our visitors have given us. The Services also uses “cookies” on a limited basis to measure user interactions with the Services through Google Analytics. You can turn off cookies in your browser preferences at any time without affecting site performance, if you wish to do so. For more information, including how to control your privacy settings, read our Cookie Policy.
Please note that the DRC will not intentionally share the contents of any email feedback or comment form with any third party. However, due to the nature of electronic communications, the DRC cannot and does not provide any assurances that the contents of your e-mail will not become known or accessible to third parties.
You are urged not to provide any confidential information about you, your health, or other patients’ health via electronic communication. If you do so, it is at your own risk.
The DRC uses information, including Personal Information, for internal and service-related purposes. The DRC may use and retain any data that it collects to provide and improve any of the Services. The DRC may send email to the email address you provide to it for sending you email for informational and operational purposes, such as account management, customer service, system maintenance, and other Services-related purposes. The DRC may use information, including Personal Information, to show or send you information that it thinks may be useful or relevant to you. The DRC may anonymize or aggregate data collected through the Services and use and disclose it for any purpose.
Only members of the DRC staff, its approved contractors, and its approved vendors have access to the data collected by the Services. The DRC may share information with its third-party vendors and service providers, to comply with legal obligations, to protect and defend our rights and property, and with your permission. The DRC may share any information it receives with vendors and service providers it uses to help provide and improve the Services. For example, the DRC may disclose information to the service providers that help host the Services or send its emails.
The DRC may allow access to data collected by the Services to send you information the DRC thinks may be useful or relevant to you.
The DRC may access, preserve, and disclose collected information, if it believes doing so is required or appropriate to: comply with law enforcement requests and legal process, such as a court order or subpoena; respond to your requests; comply with the law; or protect your, our, or others’ rights, property, or safety.
If the DRC is involved in a transition of service to another provider, your information may be disclosed in connection with the negotiation of such transaction, and/or transferred as part of such a transaction as permitted by law and/or contract. The DRC cannot control how the recipient entities may use or disclose such information.
Children’s Privacy
The DRC is committed to protecting the privacy of children. The Services are intended for adults and young adults ages 13 and over. It is not intended for or designed to attract persons under the age of 13. Registration by any person to be under the age of 13 is not permitted and no part of the Services are directed to children under 13. If the DRC learns that a child under 13 has created an account, the DRC will promptly take steps to delete such information and terminate the child’s account.
Other Sites
Our privacy policies apply only to your use of the Services. The Services contain links and integrations to other sites, including sites that may indicate relationships or collaborations with the DRC. At times, in support of technical integrations, you may be required to provide your email address and name to third parties to fully use and/or access all Services. The DRC is not responsible for the privacy practices of such other sites. You should read and review the privacy policies of each site you visit to determine what information that site may be collecting about you. Below are the privacy policies for the third party websites & services that the Services currently integrate with:
- Facebook: Users have the option to integrate their Data Resource Portal login with Facebook to allow users to “login with Facebook.” The Services will access your basic profile information including your name and email address. You may visit Facebook’s privacy policy here: https://www.facebook.com/about/privacy
- Google: Users have the option to integrate their Data Resource Portal login with Google to allow users to “login with Google.” The Services will access your basic profile information including your name and email address. You may visit Google’s privacy policy here: https://policies.google.com/privacy
- Orcid: Users have the option to integrate their Data Resource Portal login with Orcid to allow users to “login with Orcid.” The Services will access your basic profile information including your name and email address. You may visit Orcid’s privacy policy here: https://orcid.org/footer/privacy-policy
- Google Analytics & reCaptcha: The Services use Google Analytics to monitor user interaction and use of the sites. See Log File Data above for information on what is collected with Google Analytics. Additionally, the Services uses google reCaptcha when submitting forms to prevent spam bots from submitting forms. You may visit Google’s privacy policy here: https://policies.google.com/privacy
- Usersnap: Usersnap is the widget in the lower right hand corner of every page. The Services use Usersnap to allow users to provide feedback on their experience on the various pages within the environments by taking screenshots and adding comments. The Usersnap widget may ask for your name and email address. It also collects browser and operating system information to help us troubleshoot any reported issues. You may visit their privacy policy here: https://usersnap.com/privacy-policy
- HotJar: HotJar is a user-sentiment widget integrated throughout the Services. The Services use HotJar to allow users to provide feedback on their experiences on various pages. Additionally, HotJar collects analytics used by internal staff on user interactions such as heatmaps and navigation paths. You may visit HotJar’s privacy policy here: https://www.hotjar.com/legal/policies/privacy
- The Services, specifically the Data Resource Portal, integrates with Cavatica, an cloud-based analytics platform developed by Seven Bridges by allowing users to push their selected genomics files to Cavatica for analysis. You may visit their privacy policy here: http://cavatica.org/privacy
- WordPress (Gravatar): The Services integrate with Gravatar to provide profile pictures for users’ Data Resource Portal profiles. You may visit their privacy policy here: https://automattic.com/privacy/
- Mailchimp: The Services use Mailchimp to provide email updates, utilizing opt-in email address information. You may visit Mailchimp’s privacy policy.
The Services provide you with the opportunity to receive email communications. Once you have decided to receive such communications, you may later decide to stop receiving them. If you are a member of our Online Community and want to stop receiving communications from the Kids First Data Resource Center, you may request unsubscription by emailing support@kidsfirstdrc.org.
If you would like to stop receiving emails from the NIH Kids First Listserv, you may go to https://list.nih.gov/cgi-bin/wa.exe?SUBED1=KIDSFIRST&A=1.
You may also send a message to support@kidsfirstdrc.org or send mail to the following postal address:
Kids First Data Resource Center
The Children’s Hospital of Philadelphia,
2716 South Street
12th Floor, #12302
Philadelphia, PA 19104.
Passwords and Tokens
You are responsible for taking all reasonable steps to ensure that no unauthorized person shall have access to your DRC passwords, accounts, or security tokens. It is your sole responsibility to (1) control the dissemination and use of activation codes and passwords; (2) authorize, monitor, and control access to and use of your DRC account and password; (3) promptly inform us of any need to deactivate a password or token. You grant to the DRC and to all other persons or entities involved in the operation of the Services the right to transmit, monitor, retrieve, store, and use your information in connection with the operation of the Services. The DRC cannot and does not assume any responsibility or liability for any information you submit, including to Online Community, or your or third parties’ use or misuse of information transmitted or received using the DRC tools and services, including Online Community.
Changes to Our Privacy Policy
Just as with the other terms and conditions associated with the Services, the DRC may change the terms and conditions of its Privacy Policy at any time by posting revisions on the Services. You agree to review the Privacy Policy each time you use the Services so that you are aware of any modifications made to these policies. By accessing or using the Services, you agree to be bound by all of the terms and conditions of the Agreement as posted on the Services at the time of your access or use, including the Privacy Policy then in effect.
