Privacy Policy | Blair Chiropractic Membership Association

Effective date: March 25, 2021 Blair Upper Cervical Chiropractic Society, Inc. (“Blair ” “us”, “we”, or “our”) operates the blairchiropractic.com website. This page informs you of our policies regarding the collection, use, and disclosure of personal data when you use our Service and the choices you have associated with that data. At Blair, as a non-profit organization, we view privacy as a key component of the value that we deliver. We use your data to provide and improve the Service. By using the Service, you agree to the collection and use of information in accordance with this policy. Unless otherwise defined in this Privacy Policy, terms used in this Privacy Policy have the same meanings as in our Terms of Service. Notice to EU individuals: this Privacy Policy is intended to comply with Regulation (EU) 2016/679 of the European Parliament and of the Council of the European Union 27 April 2016 (the “General Data Protection Regulation” or “GDPR”) and provide appropriate protection and care with respect to the treatment of your user information in accordance with the GDPR. Global Notice: This Privacy Policy is global in nature, meaning that it is applicable to all websites and offerings in our Services to all countries. Definitions “Cookies” Cookies are small pieces of data stored on your device (computer or mobile device). Examples of Cookies we use:

Session Cookies. We use Session Cookies to keep you logged into our Service.
Preference Cookies. We use Preference Cookies to remember your preferences and various settings.
Security Cookies. We use Security Cookies for security purposes.
Advertising Cookies. Advertising Cookies may be used to serve you with advertisements that may be relevant to you and your interests. You may opt out of the use of these cookies.

“Data Processors” Data Processor means any natural or legal person who processes the data on behalf of the Data Controller. We may use the services of various Data Processors in order to process your data more effectively, such as to monitor and analyze the use of our service with analytics and advertising. “Personal Data” Personal Data means data about a living individual who can be identified from that data (or from that and other information either in our possession or likely to come into our possession). “Service” Service means the blairchiropractic.com website whether accessed via computer, tablet or smart device, operated by Blair . “Usage Data” Usage Data is data collected automatically either generated by the use of the Service or from the Service infrastructure itself (for example, the duration of a page visit). “User” A User is any living individual who is using our Service and is the subject of Personal Data. Information Collection and Use We collect several different types of information for various purposes to provide and improve our Service to you. We collect Personal Data, Cookies, and Usage Data, for example, for various purposes, such as:

To provide, maintain and improve our Service
To customize advertising and content
To notify you about changes to our Service
To allow you to participate in interactive features, like news, general information, special offers, and events
To provide customer support
To monitor the usage of our Service
To detect, prevent and address technical issues
To conduct research, and provide aggregated, anonymized reporting about our general user community for internal and external use
To provide you with support and resolve disputes
To comply with our legal and regulatory requirements
To authenticate your identity
To protect rights, property, safety or security of our Services
To exercise our rights in the course of judicial, administrative or arbitration proceedings

Log Files: Our webserver log information about a user’s IP address, browser type and the current URL the user is requesting. This information is always provided by a user’s browser and automatically logged by most websites. These log files are stored in a secure location and used for our business purpose of internal analysis of traffic patterns within our Site. Information that We Obtain from Third Party Sources: From time to time, we may collect personal information about you from third party sources (including data append services such as public or social graph data, or social media websites if you have chosen to log in or connect your social media with us) which we will use for our business purposes (for example, in order to better serve you with content or promotions). However, we will only use this information where these third parties either have your consent or are otherwise legally permitted or required to disclose your personal information to us. Information provided by Others: Our Services connect you with other people and organizations. As a result of these connections, others may be able to input information about you. You may also be able to input or process information about others, for example, if you are an account administrator. If you input information about others to our Services, you must only do so if you have first received the appropriate rights and permissions to do so, including by getting advanced written consent, if required by applicable law. Payroll: Our Services include cloud-based payroll processing, and the following types of Personal Data may be collected and used:

Standard identification information including, but not limited to, name, address, date of birth, business/personal e-mail address, job title, business location;
Salary and associated information, such as the effective date of salary changes;
Bank account information, for the purposes of instructing bank payments for salary payments;
Social security/social insurance/tax identifier information (this varies according to the country, and more specific details can be supplied upon request);
Details about any employee dependents, where it is relevant;
Full time/part time status of an employee;
Regular expected hours to be worked;
Marital status (where required);
Details of retirement or pensions funds/plans including, but not limited to, reference (plan identifier) information, contribution values and other pertinent data;
Information about the regular payments or deductions that an employee may have applied to their regular payroll calculation;
Information about the one-time payments or deductions that an employee may have applied to their regular payroll calculation;
Information about the number of hours worked in a given week, month or other time-period, as defined or required.

Legal Basis for Processing Personal Data Under General Data Protection Regulation (GDPR) and Other Regulations Blair’s legal basis for collecting and using the personal information described in this Privacy Policy depends on the Personal Data we collect and the specific context in which we collect it. Blair may process your Personal Data because:

We need to contact you
You have given us permission to do so

Retention of Data Blair will retain your Personal Data only for as long as is necessary for the purposes set out in this Privacy Policy. We will retain and use your Personal Data to the extent necessary to comply with our legal obligations, resolve disputes, and enforce our legal agreements and policies. Blair will also retain Usage Data for internal analysis purposes. Usage Data is generally retained for a shorter period of time, except when this data is used to strengthen the security or to improve the functionality of our Service, or we are legally obligated to retain this data for longer time periods. Transfer of Data Your information, including Personal Data, may be transferred to — and maintained on — computers located outside of your state, province, country or other governmental jurisdiction where the data protection laws may differ than those from your jurisdiction. If you are located outside United States and choose to provide information to us, please note that we transfer the data, including Personal Data, to the United States for processing. Your consent to this Privacy Policy followed by your submission of such information represents your agreement to that transfer. Blair will take all steps reasonably necessary to ensure that your data is treated securely and in accordance with this Privacy Policy and no transfer of your Personal Data will take place to an organization or a country unless there are adequate controls in place including the security of your data and other personal information. Disclosure of Data Business Transaction If Blair is involved in a merger, acquisition or asset sale, your Personal Data may be transferred. We will provide notice before your Personal Data is transferred and becomes subject to a different Privacy Policy. Disclosure for Law Enforcement Under certain circumstances, Blair may be required to disclose your Personal Data if required to do so by law or in response to valid requests by public authorities (e.g. a court or a government agency). Legal Requirements Blair may disclose Personal Data in the good faith belief that such action is necessary to:

To comply with a legal obligation
To protect and defend the rights or property of Blair
To prevent or investigate possible wrongdoing in connection with the Service
To protect the personal safety of users of the Service or the public
To protect against legal liability
To process your Personal Data for payment processing and payroll purposes
To share with your employer

To Target Content and Advertising Blair may use your user information for advertising purposes in order to promote the Services, and the products and services of third parties. To develop and provide content and advertising to you that is targeted to your interests, we use the analytics collected by the systems described above to determine which aspects of our Services you prefer based upon the frequency of your visits and engagement with those areas. We may make reasonable assumptions based on your browser provided data to target relevant content and advertising to you on our site and elsewhere where we may be acting as a third party. We may also make reasonable geographic and demographic assumptions based on your presented IP address to target relevant content and advertising. Organizational Account Information Some experiences and features within the Service allow you to interact with an organization, such as your employer. If you are granted access to an organization account, the owner of the organization or a designated administrator may control and administer details of your account, for example, by deciding your access rights; making decisions about your personal information, such as payroll details; or requiring you to take certain actions (for example, location and clocking-in/out for a shift). If your access rights are amended by the owner or designated administrator, then you may lose access to the information that is in the control of the organization. Your use of the Service as part of an organization’s account may be subject to the organization’s policies, which may be different from this Privacy Policy. We are not responsible for the privacy or security practices of other organizations, and you should consider both the organization’s policies and whether you are comfortable enabling the organization with access to your information prior to connecting to the party’s services. Security of Data The security of your data is important to us but remember that no method of transmission over the Internet, or method of electronic storage is 100% secure. While we strive to use commercially acceptable means to protect your Personal Data, we cannot guarantee its absolute security. Blair utilizes HTTPS protocols to ensure authentication of the Blair website and protection of the privacy and integrity of the exchanged data while in transit. Once received by Blair , Blair utilizes encryption and security features of Amazon Web Services to protect the security of data, including Personal Data. “Do Not Track” Signals We do not support Do Not Track (“DNT”). Do Not Track is a preference you can set in your web browser to inform websites that you do not want to be tracked. You can enable or disable Do Not Track by visiting the Preferences or Settings page of your web browser. Your Data Protection Rights You have certain data protection rights. Blair aims to take reasonable steps to allow you to correct, amend, delete, or limit the use of your Personal Data. If you wish to be informed what Personal Data we hold about you and if you want it to be removed from our systems, please contact us at Support@blairchiropractic.com. You can edit your Blair information at any time. In certain circumstances, you have the following data protection rights:

The right to access, update or to delete the information we have on you. Whenever made possible, you can access, update or request deletion of your Personal Data directly within your account settings section. If you are unable to perform these actions yourself, please contact us to assist you.
The right of rectification. You have the right to have your information rectified if that information is inaccurate or incomplete.
The right to object. You have the right to object to our processing of your Personal Data.
The right of restriction. You have the right to request that we restrict the processing of your personal information.
The right to data portability. Whenever made possible, you have the right to be provided with a copy of the information we have on you in a structured, machine-readable and commonly used format.
The right to withdraw consent. You also have the right to withdraw your consent at any time where Blair relied on your consent to process your personal information.

Please note that we may ask you to verify your identity before responding to such requests. If you are an individual and would like to make a request pursuant to your data collection rights, please contact us at Support@blairchiropractic.com. Service Providers We may employ third-party companies, including Data Processors and individuals to facilitate our Service. These third parties have access to your Personal Data only to perform these tasks on our behalf and are obligated not to disclose or use it for any other purpose. Payments We may provide paid products and/or services within the Service. In that case, we use third-party services for payment processing (e.g. payment processors). We will not store or collect your payment card details. That information is provided directly to our third-party payment processors whose use of your personal information is governed by their Privacy Policy. These payment processors adhere to the standards set by PCI-DSS as managed by the PCI Security Standards Council, which is a joint effort of brands like Visa, Mastercard, American Express and Discover. PCI-DSS requirements help ensure the secure handling of payment information. The payment processors we work with are: Stripe.com Children’s Privacy Blair does not target “Children” for use of our Service. For purposes of this Privacy Policy, “Children” refers to an individual under an age determined by applicable law as able to consent to such employment and related data collection. We do not knowingly collect personally identifiable information from Children. If you are a parent or guardian and you are aware that your Children has provided us with Personal Data, please contact us. If we become aware that we have collected Personal Data from children without verification of parental consent, we take steps to remove that information from our servers. Such verification of parental consent may be provided explicitly or implicitly to Blair by an employer of the child in furtherance of the legal employment of the child and related human resource management including payroll processing. CONTACT INFORMATION If you have any questions or comments about this notice or the ways in which Blair collects and uses your information as described in the Privacy Policy or you wish to exercise your rights, please do not hesitate to contact us at: Email: Support@blairchiropractic.com CHANGES TO THIS PRIVACY POLICY NOTICE We reserve the right to amend our Privacy Policy at our discretion and at any time. When we make changes to our Privacy Policy, we will (i) let you know via email and/or a prominent notice on our Services and (ii) post the updated Privacy Policy on the website and update the Privacy Policy’s effective date. You are advised to review this Privacy Policy periodically for any changes. Your continued use of our website following the posting of changes constitutes your acceptance of such changes.