The American Orthopaedic Association, which includes all programs of the organization including the Council of Orthopaedic Residency Directors and Own the Bone, and affiliated organizations such as OMeGA Medical Grants Association (collectively “AOA”, “us” or “we”) understands that you may be concerned about the privacy of personal information that you provide to us through the AOA website located at staging.aoassn.org (the “site”), and we respect your right to protect your personal information. Accordingly, we have developed this Privacy Policy to inform you of AOA’s policy and practice regarding information we collect about you on the site. Please contact AOA if you have additional questions about this Privacy Policy.

Information we collect

We collect two types of information: personally identifiable information (PII) and non-personally identifiable information (Non-PII), which is also referred to as aggregate and anonymous data. Generally, you may visit our website without revealing any personally identifiable information about yourself. You have the option not to provide any personally identifiable information to us. However, to access certain options and services we may ask you to provide certain personally identifiable information and without providing such personally identifiable information, you may be unable to access certain services, programs, offers, and specific content on the site.

  •  PII – Voluntary information provided by you: AOA will not collect any personally-identifiable information about you unless you provide it to us voluntarily such as when you email us, submit a registration for an event, submit a membership or fellowship application, or fill out a survey. The PII you provide can include such items as your name, company, e-mail and U.S. mail addresses, your ethnicity, gender, your credit card number, and your telephone and fax numbers.
  •  Non-PII – Cookies, IP addresses and logs. We employ “cookies” to collect information about you and your usage of the site. A cookie is a small text file that is placed on your computer and collects information about how you use our site. We also gather information about your individual use of our services, such as types of data accessed, times and volume of use, duration of sessions and other similar usage or system data. In addition, we log IP addresses and domain names. We cannot use this technical Non-PII to identify you personally. However, if you choose to furnish the site with personally identifiable information (such as your e-mail address), that information could be linked to the data stored in the cookie.

We use PII to provide information you request, provide products, programs, and services to you or contact you when requested. We may also use it for reasonable business purposes, such as contacting you, via e-mail or regular mail, to provide you with information we believe may be of interest.

Non-PII is aggregated for system administration and to monitor the site’s usage. It is utilized to measure the number of visits to our site, average time spent, number of pages viewed and to monitor various other site statistics. This monitoring helps us evaluate how visitors use and navigate our site so we can improve the content. AOA may use this information to analyze and enhance the website.

AOA may also use PII and Non-PII to investigate security breaches or cooperate with authorities pursuant to a legal matter.

We may provide PII about you as a customer, former customer or user of the site to affiliates to allow affiliates to inform you about products or services that may be of benefit or interest to you and to help provide you with better service or to perform services on your behalf.

Except as provided below, we do not share your PII with third parties without your permission. We may disclose PII you provide via the site in connection with the sale, assignment, or other transfer of certain aspects of the AOA’s business or a portion of the business of our site, including a merger, consolidation, restructuring, asset transfer or other corporate change; or to respond to law enforcement requests; or where required by applicable laws, court orders, or government regulations; or to protect against misuse or unauthorized use of our site; or to protect the personal safety or property of our users or the public (among other things, this means that if you provide false information or attempt to pose as someone else, information about you may be disclosed as part of any investigation into your actions).

We also may disclose information to outside companies that help us bring you the products and services we offer or that are necessary to process the transaction you request. For example, we may work with an outside company to: (a) process credit card transactions; (b) manage a database of customer information; (c) assist us in distributing e-mails; (d) assist us with surveys, direct marketing and data collection; (e) provide us storage and analysis; (f) provide fraud prevention; and (g) other services designed to assist us in maximizing our business potential. We require that these outside companies agree to keep confidential all information we share with them and to use the information only to perform their obligations in the agreements.

In addition, we may disclose or sell your PII to third-parties with your permission.

AOA may share Non-PII with business partners, sponsors and other third parties. We reserve the right to use, transfer, sell, and share aggregated, anonymous data about our users as a group for any business purpose, such as analyzing usage trends and seeking compatible advertisers and partners.

Opting-out of the disclosure and use of PII

Except as set forth below under the EU/UK/Canada Privacy Notice if you want to opt-out of sharing your information with non-affiliated third-parties, you may send an email to info@aoassn.org with the words OPT-OUT OF DISCLOSURE in your subject line. If you select to opt-out, we will continue to share PII among our affiliates and our affiliates may continue to use PII to perform services on our behalf, to respond to communications from you, as you authorize or request, or to offer you products or services. We may also continue to share PII about you with non-affiliated third-parties as permitted or required by law. Even if you opt-out, we can continue to use and share Non-PII with both affiliated and non-affiliated third-parties.

Information protection

AOA takes reasonable steps to protect the confidentiality of your PII, including physical, electronic, and procedural safeguards as required by law. We continually review our security procedures and mechanisms to ensure that reasonable protections are in place.

Links to other sites

The website may contain links to third-party sites that are not under our control, including those of our strategic partners, sponsors and other sites with information that we feel may be useful to you. AOA is not responsible for the privacy practices, security or content of these other sites. Accordingly, we recommend that you review their privacy policies.

Children Under the Age of 16

Our Website is not intended for children under 16 years of age. No one under age 16 may provide any personal information to or on our Website. We do not knowingly collect personal information from children under 16. If you are under 16, do not use or provide any information on our Website or on or through any of its features/register on our Website, make any purchases through our Website, use any of the interactive or public comment features of our Website or provide any information about yourself to us, including your name, address, telephone number, e-mail address or any screen name or user name you may use. If we learn we have collected or received personal information from a child under 16 without verification of parental consent, we will delete that information. If you believe we might have any information from or about a child under 16, please contact us at info@aoassn.org.

Changes to the Privacy Policy

From time to time, we may amend this Privacy Policy by posting it to the site and changing the date on this page noting when it was last updated. Your continued use of the site following the posting of any changes shall constitute your acceptance of the revised Privacy Policy.

EU/UK/Canada Privacy Notice

If you are a resident of the European Union (EU)/European Economic Area (EEA), United Kingdom or Canada whose personal information we collect, the following additional information applies to you.

  1. Introduction

1.1 – Where you are an EU/ EEA, UK, or Canada resident and AOA knowingly collects your personal information (also called ‘personal data’), we will do so in accordance with applicable laws that regulate data protection and privacy. This includes, without limitation, the EU General Data Protection Regulation (2016/679) (‘GDPR’) and EU member state national laws that implement or regulate the collection, processing and privacy of your personal data (together, ‘EU Data Protection Law’).

1.2 – This EU/UK/Canada privacy notice (‘EU/UK/Canada Privacy Notice’) which should be read in conjunction AOA’s Privacy Policy provides further information as required under EU Data Protection Law on how we handle or process the personal data we collect and who we may share it with.

1.3 – This Privacy Notice also provides information on your legal rights under EU Data Protection Law and how you can exercise them.

  1. How personal data is collected

2.1 – Because of the global nature of our organization and its network, AOA may hold and process personal data that is collected from programs, fellowships and partner organizations around the world, including within the EU/UK/EEA.

2.2 – This also means that if you are a member or individual contact of this network resident in the EU/UK/EEA, your personal data may be transferred from the EU/UK/EEA to AOA headquarters in the United States.

2.3 – US data privacy laws are currently not considered to meet the same legal standards of protection for personal data as set out under EU Data Protection Law. However, in order to safeguard personal data received from the EU/UK/EEA, we only allow such a transfer of personal data to the US or other third countries under an approved contract or another appropriate mechanism which is legally authorized under EU Data Protection Law.

2.4 – This is to make sure that the personal data that AOA receives and processes (so far as it relates to residents of the EU/UK/EEA) is properly safeguarded in accordance with similar legal standards of privacy you would enjoy under EU Data Protection Law.

  1. Direct Marketing

3.1 – If AOA provides direct marketing communications to individuals in the EU/UK/EEA regarding services and/or events which may be of interest, this will be done in accordance with EU Data Protection Law, and in particular where we contact individuals for direct marketing purposes by SMS, email, fax, social media and/or any other electronic communication channels, this will only be with the individual’s consent or in relation to similar services to services that the individual has purchased (or made direct enquiries about purchasing) from AOA before.

3.2 – Individuals are also free to object or withdraw consent to receive direct marketing from us at any time, by contacting us using the email address below.

  1. The lawful grounds on which we collect and process personal data

4.1 – We process your personal data for the above purposes, relying on one or more of the following lawful grounds under EU Data Protection Law:

(a) where you have freely provided your specific, informed and unambiguous consent for AOA to process your personal data for particular purposes

(b) where we agree to provide services to you, in order to set up and perform our contractual obligations to you and/or enforce our rights

(c) where we need to process and use your personal data in connection with our legitimate interests as a global network and being able to effectively manage and operate our organization in a consistent manner across all territories. We will always seek to pursue these legitimate interests in a way that does not unduly infringe on your legal rights and freedoms and, in particular, your right to privacy, and/or

(d) where we need to comply with a legal obligation or for the purpose of us being able to establish, exercise or defend legal claims.

4.2 – Please also note that some of the personal data we receive and that we process may include what is known as ‘sensitive’ or ‘special category’ personal data about you, for example, information regarding your gender, ethnic origin or political, philosophical and religious beliefs. If the AOA processes such sensitive or special category data we will only do this in specific situations where:

(a) you have provided this with your explicit consent for us to use it: or,

(b) there is a legal obligation on us to process such data in accordance with EU Data Protection Law

(c) it is needed to protect your vital interests (or those of someone else) such as in a medical emergency or,

(d) where you have clearly chosen to publicize such information or,

(e) where needed in connection with a legal claim that we have or may be subject to.

  1. Disclosing your personal data to third parties

5.1 – We may disclose your personal data to certain third party organizations who are processing data solely in accordance with our instructions (called ‘data processors’) such as companies and/or organizations that support our business and operations (for example providers of web or database hosting, IT support, payment providers, event organizers, agencies we use to conduct fraud checks or mail management service providers) as well as professionals we use such as lawyers, insurers, auditors or accountants. We only use those data processors who can guarantee to us that adequate safeguards are put in place by them to protect the personal data they process on our behalf.

5.2 – We may also disclose your personal data to third parties who make their own determination as to how they process your personal data and for what purpose(s) (called “data controllers”). The external third party data controllers identified above may handle your personal data in accordance with their own chosen procedures and you should check the relevant privacy policies of these companies or organizations to understand how they may use your personal data.

5.3 – Other than as described above, we will treat your personal data as private and will not routinely disclose it to third parties without you knowing about it. The exceptions are in relation to legal proceedings or where we are legally required to do so and cannot tell you (such as a criminal investigation). We always aim to ensure that your personal data is only used by third parties we deal with for lawful purposes and who observe the principles of EU Data Protection Law.

  1. How long we retain your personal data for

6.1 – AOA retains personal data identifying you for as long as necessary in the circumstances – for instance, as long you are a member of the AOA or have a relationship with one of our programs for a reasonable period to send you marketing or other materials where we have regular contact with you, or as may be needed to enforce or defend contract claims or as is required by applicable law.

6.2 – AOA has adopted a data retention policy for EU / UK residents (which we may make available on request) that sets out the different periods we may retain personal data for in respect of relevant purposes in accordance with our duties under EU Data Protection Law. The criteria we use for determining the relevant retention and disposal periods we adopt are based on the purpose for which we hold data and the reasonable expectations of those whose personal data we collect in these circumstances, taking into account various legislative requirements and guidance issued by relevant EU regulatory authorities.

6.3 – In accordance with the above retention policy, the personal data that we no longer need will be disposed of and/or anonymized so you can no longer be identified from it.

  1. Your personal data rights

7.1 – In accordance with your legal rights under EU Data Protection Law, you have a ‘subject access request’ right under which can request information about the personal data that we hold about you, what we use that personal data for and who it may be disclosed to as well as certain other information.

7.2 – Usually we will have one month to respond to a subject access request. However, we reserve the right to verify your identity and we may, in case of complex requests, require a further two months to respond. We may also charge for administrative time in dealing with any manifestly unreasonable or excessive requests. We may also require further information to locate the specific information you seek and certain legal exemptions under EU Data Protection Law may apply when responding to your subject access request.

7.3 – Under EU Data Protection Law. EU/EEA residents also have the following rights. which are exercisable by making a request to us in writing:

(a) that we correct personal data that we hold about you which is inaccurate or incomplete

(b) that we erase your personal data without undue delay if we no longer need to hold or process it

(c) to object to any automated processing (if applicable) that we carry out in relation to your personal data.

(d) to object to our use of your personal data for direct marketing

(e) to object and/or to restrict the use of your personal data for purpose other than those set out above unless we have a compelling legitimate reason, or

(f) that we transfer personal data to another party where the personal data has been collected with your consent or is being used to perform contract with you and is being processed by automated means.

7.4 – So we can fully comply, please note that these requests may also be forwarded on to third party data processors who are involved in the processing of your personal data on our behalf.

7.5 – If you would like to exercise any of the rights set out above, please contact us at the address below.

7.6 – If you make a request and are not satisfied with our response, or believe that we are illegally processing your personal data, you have the right to lodge a complaint to a supervisory authority including, without limitation, the EU Member State of his or her habitual residence, place of work or place of the alleged infringement.

The site is operated and controlled by The American Orthopaedic Association in the United States, and is intended for use only by people within the United States. We make no representations that any materials on the site are appropriate for use outside of the United States.

Under California Civil Code sections 1798.83-1798.84, California residents are entitled to ask AOA for a notice describing what categories of personal customer information we share with third parties or affiliates for those third parties or affiliates’ direct marketing purposes. That notice will identify the categories of information shared and will include a list of the third parties and affiliates with whom it was shared, along with their names and addresses. If you are a California resident and would like a copy of this notice, please submit a written request to the address below. Please note that it may take 60 days from receipt of your written request to receive the notice.

The American Orthopaedic Association
9400 West Higgins Road, Suite 205
Rosemont, IL 60018

The AOA will disclose personal information when required by law or in the good-faith belief that such action is necessary to: conform to the edicts of the law or comply with a legal process served on the AOA, protect and defend the rights or property of the AOA, or visitors to the AOA web site, identify persons who may be violating the law, the legal notice, or the rights of third parties, cooperate with the investigations of purported unlawful activities.

It is the policy of the AOA to allow members to inspect the following records of the organization:

  • IRS Form 990
  • Original applications for tax-exempt status
  • Articles of incorporation
  • Bylaws
  • Audited financial statements

Access will be granted at AOA Headquarters at a mutually agreed upon time. A responsible AOA employee will remain in the presence of the individual(s) requesting access to this information. Individuals will be allowed a reasonable amount of time to review the records, but access to copying machines and the like may be denied.

AOA legal counsel is Paula Goedert, Esq., Barnes and Thornburg, Chicago, Illinois.

Contact information will not be shared or sold to third parties for any purpose.

If you have any questions or comments about AOA’s Privacy policy, or if you wish to review and correct your personally identifiable information held by AOA, please contact Sonia Armendariz, Data Protection Officer, American Orthopaedic Association, 9400 West Higgins Road, Suite 205, Rosemont, IL 60018, at info@aoassn.org.