This website is operated and provided by Circa Healthcare LLC having its registered office at 10 Valley Stream Parkway, Suite 301, Malvern, PA 19355.

References to “Circa”, “we”, “us” or “our” are references to Circa Healthcare LLC and the entities we own or control.

It is important to us that we protect the privacy of personal information and for you to know what type of information we collect and how we treat information we may receive from you. This policy applies to all personal information collected by us, or submitted to us, whether offline or online, including personal information collected or submitted through our website and through our official social media pages that we control (together the “Sites”). It applies to clients and potential customers, suppliers and prospective suppliers, business contacts, website users, job applicants and all other persons about whom Circa holds information.

This Privacy Policy also sets out your rights and who you can contact for more information. If you are based in the EU or the UK, please see the EU and UK User section for additional information that may be relevant to you.

We do update this Privacy Policy from time to time. Any changes we make to our Privacy Policy in the future will be posted on this page and, where appropriate, notified to you on the Sites or by e-mail. It was last updated on 10/1/2020.

Information we collect

In running and maintaining our Sites, or engaging with you for the provision or receipt of products or services or for any other purpose as outlined below, we may collect and process the following information about you in physical and electronic form.

This information will include your personal data, which means information that can be used to identify you, and we will hold, use and otherwise process such personal data in accordance with applicable data protection and privacy laws and as set out in this Privacy Policy:

1. Information that you provide when you you contact, do business or interact with us by phone or email or apply for, enrol in or register for an event that we are organising.
2. Information you provide in a CV or other application form when applying for a job vacancy with us which may include but not be limited to your contact information, such as your home address and contact details (including your mobile telephone number), your date of birth; your academic background, educational and professional qualifications, your right to work, visa status, employment history and status; and any other information about you that you disclose to us during the application process.
3. Information provided to us by recruitment agencies with whom you have registered an interest in working for us.

The personal data that we collect about you, particularly where applicable to the recruitment process, may include special categories of personal data, such as information about your racial or ethnic origin, criminal or alleged criminal offences, sexual orientation or your health and lifestyle, including where necessary to accommodate any disability needs. You are not obliged to provide us with any of your personal data, but if you fail to provide us with this information, or you object to us processing such information, we may be prevented from progressing your application.

Automated collection of information

Each time you use the Sites, we may automatically collect the following types of information:

• Technical information: For example, the type of internet browser and the operating system. We use this information to help provide a good user experience on the Sites.
• Log information: For example, the details of the use of the Sites by you, the visits to the Sites and traffic data. We use this information to help us understand how users use the Sites and to improve user experience.

Like most websites, we use “Cookies” to help us make our Sites and the way you use them better. There are more details in our section on Cookies below.

Use of your information

We use the information that we collect from you to provide you with a safe, smooth, efficient, and customised experience and to provide our products and services to you. In addition to this we may use the information for one or more of the following purposes:

1. To provide information to you that you request from us relating to our products or services and to communicate with you.
2. To organise educational events (including with third parties).To inform you of any changes to our Sites, services or goods and products.
3. To carry out our obligations arising from any agreements entered into between you and us.
4. To administer our Sites and for internal operations, including running and improving our business, troubleshooting, data analysis, testing, research, statistical and survey purposes.
5. To consider your application where you have applied for a job vacancy with us, including to identify and contact you and in order to determine whether you have the professional skills, expertise and experience for the position applied for.

The personal data you provide as part of the recruitment process will be held and processed for the purpose of the selection process, including to verify the personal data provided and for other background screening purposes including, where permitted by law, criminal record checks, searches with a credit reference agency and sanctions screening checks. It may also be used in connection with any subsequent employment or placement, where it may form the basis of your personnel record with us. You will receive further information about such processing for the purposes of administering your employment as applicable.

Storing and protecting your personal data

We will only keep the information we collect about you, through your use of the Sites or otherwise, for as long as required for the purposes set out above or as required to comply with any legal obligations to which we are subject. This will involve us regularly reviewing our files to check that information is accurate, up-to-date and still required.

We will also ensure that there are appropriate technical, physical, electronic, and administrative safeguards in place to protect your information from unauthorised access. Unfortunately, the sending of information via the internet (including by email) is not totally secure and on occasion such information can be intercepted. Although we will do our best to protect your personal data, we cannot guarantee the security of data that you choose to send us electronically, and sending such information is entirely at your own risk.

Disclosing your information

We may disclose personal data to provide our services, respond to legal requirements, enforce our policies and protect our rights and property. The personal data you provide to us may also be shared with our group companies, including those based in different countries to you, if this is necessary to provide you with our services, respond to your inquiries or for any other related purposes.

We may also provide third party service providers access to information where they support or provide services to us. We will ensure that if we share information with, or provide access to, third party service providers, any such disclosure or access is at all times in compliance with applicable data protection and privacy legislation.

We may also share your personal information with:

• third parties who support our information technology or handle mailings or events on our behalf;
• law enforcement agencies, other governmental agencies or third parties if we are required by law to do so, or in other limited circumstances (for example if required by a court order or regulatory authority, or if we believe that such action is necessary to prevent fraud or cyber-crime or to protect the Sites, our technology assets or the rights, property or personal safety of any person); and
• other business entities should we plan to merge with or be acquired by that business entity, or if we undergo a re-organisation with that entity.

Third party links

On occasion we include links to third parties on the Sites. Where we provide a link it does not mean that we endorse or approve that site’s policy towards visitor privacy. This Privacy Policy relates only to information contained on, or gathered via, our Sites. You should review their privacy policy before sending them any personal data.

Cookies

Our use of cookies

Circa Healthcare set and access cookies and similar technology on your device to obtain information about how you access and use the Sites. This helps us to provide you with a good experience and allows us to improve the Sites. You can adjust the settings on your computer to decline any cookies if you wish. Unless you have adjusted your browser settings so that it will refuse cookies, the Sites will set cookies when you load and navigate them. Where used, these cookies are downloaded to your computer and stored on the computer’s hard drive. Such information will not identify you personally. It is statistical data. This statistical data does not identify any personal details whatsoever.

What are cookies?

Cookies are text files containing small amounts of information which are downloaded to your device when you visit a Site. Cookies are then sent back to the originating website during your browsing session or on each subsequent visit, or to another website that recognises that cookie. The cookies we set do lots of different jobs, like help us to improve the Sites and deliver a better and more personalised service, remember your preferences, and generally improve the user experience. You can find more information about cookies at http://www.allaboutcookies.org/.

Cookies can be categorised as set out below:

• Strictly necessary cookies – these cookies are essential in order to enable you to move around a site and use its features and enable services you have specifically asked for. Consent is not generally required for these cookies.
• Performance cookies – these cookies collect information about how visitors use a site (for example, by recording which pages or features visitors use most often (usually on an anonymous basis)).
• Functionality cookies – these cookies allow a site to remember the choices a user makes, such as a user name or language preference.
• Targeting or advertising cookies – these cookies collect information about a user’s browsing habits and are usually placed by advertising networks with the site operator’s permission.

Cookies can also be categorised in accordance with how long they are saved on your device: “session cookies” are short-term cookies that are only saved on the device’s memory for the duration of a user’s visit to the site, whereas “persistent cookies” remain saved in the device’s memory for a set period of time, even after the browser session has ended.

Refusing or restricting cookies

You may refuse to accept cookies by activating the setting on your browser which allows you to refuse the setting of cookies. The “Help” or “Internet Settings” functions within your browser should tell you how. Alternatively, you may wish to visit http://www.allaboutcookies.org/ which contains detailed information on cookies and how to delete, restrict or block them on a wide variety of browsers. For information on how to do this on the browser of your mobile phone you will need to refer to your handset manual.

Please be aware that if you select to refuse or restrict cookies you may be unable to access certain parts of the Sites.

Contacting Us

Please do not hesitate to contact us regarding any matter relating to this Privacy Policy at info@circahealthcare.com.

EU and UK Users

Introduction

This section applies in addition to the terms set out above if the (EU) 2016/679 General Data Protection Regulation (GDPR) and/or the UK Data Protection Act 2018 (as amended from time to time) (together, the “Data Protection Legislation”) applies to you. GDPR will apply to you if you are or become a resident of the member states of the EU, Norway, Iceland and Liechtenstein (EU data subjects). The UK Data Protection Act 2018 (as amended from time to time) will apply to you if you are or become a resident of the United Kingdom (UK data subjects). Where we use the terms “personal data”, “data subject”, “controller”, “processor” and “process” (and its derivatives), such terms shall have the meanings given to them in the Data Protection Legislation.

Who are we?

Circa Healthcare LLC acts as data controller for the purpose of Data Protection Legislation and is responsible for processing your personal data under this Privacy Policy unless otherwise notified to you in connection with a particular product or service.

Legal grounds for using your personal information

Our processing of your personal information is necessary:

• for the performance of contracts to which you will be a party to and in order to take steps at your request prior to you entering into those contracts, including to provide you with products or information you have requested;
• for the purposes of legitimate interests pursued by us; or
• in order to comply with a legal obligation to which we are subject.

In relation to any processing of special categories of personal information such as information about your ethnicity, we will generally rely on obtaining specific consent from you at the time unless there is otherwise a legal requirement for us to process such information.

Legitimate interests

Where our processing is based on the legitimate interest grounds described above, those legitimate interests are: (i) collecting personal information to provide you with a smooth and efficient customer experience; (ii) running our business; (iii) to provide the products and services you have requested; (iv) to prevent fraud; (v) to update you and keep you informed about relevant products and services, unless you indicate at any time that you do not wish us to do so; and (vi) for our own marketing, research and product development.

Transferring data outside of the EEA or the UK

You acknowledge and agree any personal data that you provide to Circa Healthcare will be transferred to and stored in the US in accordance with this Privacy Policy. Where we share data with affiliates and other third parties as described above in the “Disclosing your information” section, your information may also be sent to and stored at, a destination outside the European Economic Area (“EEA”) (or the United Kingdom, to the extent that it is no longer a territory within the EEA and you are a UK data subject) and may be processed by staff operating outside the EEA or UK who work for us, or for one of our service providers, affiliates, distributors, agents or contractors.

Where recipients are outside the EEA (or the United Kingdom, to the extent that it is no longer a territory within the EEA and you are a UK data subject), we ensure that the recipient provides an adequate level of protection for your personal data or the transfer is otherwise permitted under applicable Data Protection Legislation

Your rights in relation to your information

In accordance with Data Protection Legislation, at any time you have the right:

1. To request access to or a copy of any personal data which we hold about you.
2. To ask us to rectify your personal data, if you consider that it is inaccurate, or delete it, if you consider that we do not have the right to hold it.
3. To withdraw consent to our processing of your personal data (to the extent such processing is based on previously obtained consent).
4. To data portability (moving some of your personal data elsewhere) in certain circumstances.
5. To restrict processing of your personal data or object to your personal data being processed in certain circumstances.
6. Not to be subject to a decision based on automated processing and to have safeguards put in place if you are being profiled based on your personal data.

Any request for access to or a copy of your personal data must be in writing and we will endeavour to respond within a reasonable period and in any event within one month in compliance with Data Protection Legislation. We will comply with our legal obligations as regards your rights as a data subject.

We will correct any incorrect or incomplete information and will stop processing your personal data, or erase it, where there is no legal reason for us to continue to hold or use that information.

Contact us

If you wish to exercise any of the rights relating to your information set out above, or if you have any questions or comments about data protection, or you wish to raise a complaint about how we are using your information you can contact us using the following details, or any other details notified to you from time to time:

Write to the UK office of Circa Limited at 116 Dundas Street, Edinburgh, EH3 5DQ, UK or info-UK@circahealthcare.com.

Call +44 (0) 131 322 7009. Please note calls may be recorded or monitored for training purposes.

If you have any concerns about our use of your information, you also have the right to make a complaint to the relevant Data Protection Authority – these bodies regulate and supervise the use of personal data in the EEA and UK, to the extent it is no longer a member of the EEA.