Privacy Policy

Privacy Policy – Your Privacy Rights

Welcome to the website of the Physician Assistant Education Association (“PAEA”, “we”, “us” and/or “our”). We have prepared this Privacy Policy (“Privacy Policy”) to explain how we collect, use, process, protect and disclose information and data when you use the PAEA website (“Site”) and all PAEA services, including but not limited to PACKRAT®, End of Rotation ExamsTM, End of Curriculum ExamsTM, the Centralized Application Service for Physician Assistants (CASPA), the PAEA Digital Learning Hub, PAEA Core Competencies for New PA Graduates, PAEA Professional Learning Communities and any other services offered by PAEA or through third parties that provide PAEA services to you (collectively, “Services”). “You” refers to you as a user of the Site or Services.

BY USING THE SITE OR SERVICES YOU CONSENT TO THIS PRIVACY POLICY. IF YOU DO NOT AGREE TO THE TERMS OF THIS PRIVACY POLICY, DO NOT USE THE SERVICES OR THE SITE. THE TERMS OF THIS PRIVACY POLICY SHALL NOT SUPERCEDE ANY LAW, REGULATION, WRITTEN POLICY OF PAEA THAT GOVERNS THE USE OF A SPECIFIC PAEA SERVICE, OR AGREEMENT THAT ANY USER OF THE SITE OR SERVICES HAS ENTERED INTO WITH PAEA.

Managing Your Information Preferences

When you establish a PAEA user account on the Site, you can review, correct, or update your Personal Information (defined below) by changing the relevant settings in your PAEA user account. You can opt out of receiving marketing emails by changing communications and notification settings on the Site if you have an account. You can also opt out of receiving marketing emails by clicking the unsubscribe link provided in any marketing email sent by PAEA, or by emailing us directly at privacy@paeaonline.org. You cannot opt out of receiving communications that are related to the Services that you have requested or purchased from us or that have been requested or purchased by a third party for your use. If you have questions or concerns regarding this Privacy Policy, please email us at privacy@paeaonline.org.

Information We Collect

Personal Information

For purposes of this Privacy Policy, the term “Personal Information” is used interchangeably with the term “Personal Data” and is defined to include all data about a living individual who can be identified from those data (or from those data and other information either in our possession or likely to come into our possession). The Personal Information that we collect when you sign up for or use the Site or Services or when third parties provide you with access to or use of the Services include: your name, email address, NCCPA identification number, username and password, telephone number, and birthday, all of which becomes part of your user profile information. When you or your employer or your educational program create an account for you to use any of the Services, we collect the user profile information provided to us that enables us and others authorized by you to be identified through the Services. If we do not receive the profile information required to create your account, you will not be able to use all of the features of the Site or Services. We also collect Personal Information from you when you access the Site and the Services and elect to provide Personal Information. For example, when you use the Services, we will collect data that you upload to the Site and/or information that you input into your account, as well as information from third parties identified by you to enable them to provide us with Personal Information about you to facilitate your use of the Services. Such Personal Information and data that we may collect from you and third parties authorized by you to enable us to provide you with the Services may include: your gender, race, ethnicity, nationality, citizenship, government identification numbers, street address, employment information, location information, financial information, credit card information, student identification numbers, student academic history, student disciplinary history, student educational information, transcripts, legal history, character assessment, educational recommendations, health and disability information, as well as Personal Information about other individuals identified by you in order to alert us to expect information from those other individuals as part of our provision of the Services. We consider all of the items described in this paragraph to be private and confidential Personal Information, and will not use or disclose it except as necessary to provide the Services and as described in this Privacy Policy.

Student Educational Records

PAEA’s assessment services for educational programs require the collection, processing, use, storage and disclosure of student educational records covered by the U.S. Family Educational Rights and Privacy Act (FERPA) (20 U.S.C. § 1232g; 34 CFR Part 99). Any educational program using PAEA’s assessment services authorizes PAEA to collect and store the data on behalf of the program for the sole purpose of PAEA providing the assessment services. Programs that use PAEA’s assessment services are responsible for limiting access to PAEA’s assessment services to only those individuals who need to use them and revoking access when those individuals no longer require access.

Usage Data, Site Activity and Location Information

We automatically collect information regarding the actions you take on the Site and Services (“Usage Data”). Usage Data is information or content we collect about the use of our Site or Services in a way that does not identify an individual user. Usage Data help us understand trends in our users’ needs so that we can better consider new features or otherwise tailor our Services. This Privacy Policy in no way restricts or limits our collection and use of Usage Data, and we may share Usage Data about our users with third parties for various purposes, including to help us better understand our customers’ needs and improve our Services. When you use the Site or Services, some examples of the Usage Data we may collect are: the type of Web browser you use, your operating system, your web request, your Internet Service Provider, your IP address, referring/exit pages and URLs, the pages you view and how you interact with links on the Services, comments and other content you post via the Services, the time and duration of your visits to the Site or use of the Services and other such information. We may store such Usage Data itself and/or such information may be included in databases owned and maintained by PAEA affiliates, agents, or service providers. We may use such information and pool it with other information to track, for example, the total number of visitors to our Site or users of our Services, the number of visitors to each page of our Site, etc. We use this information to help us understand how people use the Site and Services, and to enhance the Site and Services. The Site and/or mobile applications utilized to access the Site on a cell phone may collect certain additional information automatically, including, but not limited to, the type of mobile device you use, your mobile device’s unique device ID, the IP address of your mobile device, your mobile operating system, the type of mobile Internet browsers you use, available storage space, connection type (e.g. WiFi vs. cellular) and information about the way you use the application. We may also use GPS technology (or other similar technology) to determine your current location. If you do not want us to have your location information, you should turn off the location services for the mobile application located in your account settings or in your mobile phone settings and/or within the mobile application.

The PAEA assessment system collects data generated by users of the Services that are capable of identifying users of PAEA assessments. User interactions in PAEA’s assessment system are logged with a unique identifier which links back to a separate data file that includes Personal Information. User interaction data are linked to user Personal Information in order to generate test scores, and to make a record of test behavior and proctor monitoring, both of which are critical features to the secure administration of PAEA assessments. Score information and student identity data are primarily available to authorized users at the program within the PAEA assessment system. Personal Information may be accessed by PAEA when programs make inquiries for assistance related to an assessment administration, for the investigation of assessment system technical problems, for investigations of suspected or reported testing irregularities, and in order to deliver PAEA assessments to students.

Cookies and Web Beacons

We use cookies (a small text file placed on your computer to identify your computer and browser). We may also use Web beacons (a file placed on a website that monitors usage). We use cookies and Web beacons to improve the experience of the Site and Services, such as pre-populating your username for easier login, to allow user-specific messaging or to permit user-specific advertising. We do not use cookies or Web beacons to collect Personal Information. Most Web browsers are initially set up to accept cookies. At this time, PAEA does not recognize automated browser signals regarding tracking, including “do-not-track” signals. You can remove persistent cookies and change your privacy preferences by following directions provided in your Internet browser’s “help” directory. However, certain features of the Site or Services may not work if you delete or disable cookies. Some of our Service Providers may use their own cookies and Web beacons in connection with the services they perform on our behalf, as further explained below.

How We Use Information and When We May Share and Disclose Information Generally

We may use your Personal Information for the purpose for which it was provided, including without limitation for the purposes described further below:

  • Provision and Monitoring of the Services: We will collect, use, process, store, transmit, and share your Personal Information as necessary to deliver the Services and support and monitor your use of the Services, in accordance with all applicable PAEA policies and any agreements entered with PAEA that govern the use of the Services. Some of the data we collect to provide the Services, for example, your birthday, are required as account security measures and user authentication data.
  • Surveys and Other Special Offers: From time to time, we may offer our users the opportunity to participate in surveys and other special offers. If you elect to participate in these services, you will need to provide certain Personal Information.
  • Questions and Requests: If you contact us by e-mail or otherwise, we will use the Personal Information you provide to answer your question or resolve your problem. If You do not have a User Account, we do not regard any information submitted by You as a question or request as private or confidential and will use and share such information in its sole discretion, as necessary for the Association’s business purposes.
  • Contacting You About Other Products, Services and Events: PAEA and, if you opt-in, third parties may use your Personal Information to contact you in the future to tell you about products, services, and events that may be of interest to you.
  • Research and Data Analysis: In an ongoing effort to better understand and serve the users of the Site and the Services, and in the service of academic research in the field of PA education, PAEA may conduct research on its users’ demographics, interests, and behavior based on Usage Data and other information provided by users and third parties. This data may be compiled and analyzed on an aggregate basis, and PAEA may share this data with researchers, member programs, business partners, publications, and other third parties. This information will not identify you or users personally. PAEA may use deidentified aggregate application data you submit to CASPA and admissions decisions your designated PA programs submit to CASPA for use in educational research and statistical reports following procedures to ensure that you are not identified. The purpose of such research and reporting is to improve PA education and admissions and all results are reported in aggregate only. Deidentified aggregate application data may include, but are not limited to, summaries of applicant demographics, application and matriculation rates, and average GPAs, all of which data are not capable of being used to identify you personally.
  • Service Improvement: We may use your Personal Information, aggregated Personal Information, and other non-personally identifiable information collected through the Site and Services to help us improve the content and functionality of the Site, to better understand our users, and to improve the Services.
  • Order Fulfillment: We may use your Personal Information that you provide to fulfill any orders you may place for Services offered by PAEA.
  • Investigation: We may use, process and disclose your Personal Information, Usage Data, user interaction data and other non-personally identifiable information collected through the Site and Services to investigate whether any use of the Site and Services may potentially violate any policies of PAEA, agreements between users of the Services and PAEA, the rights of PAEA and any of its members or a third party, or any applicable law or regulation. This includes, but is not limited to, the investigation of allegations, reports or suspicion of conduct that could affect the validity of PAEA assessment results for one or more persons, PAEA member program application fraud, and other activities that may violate the terms of use of the Site and/or Services. The findings of any such investigation may be disclosed to interested third parties, which may include, as applicable, your employer, the educational program that you are enrolled in, any educational program to which you have applied or may apply in the future, governmental authorities, certification and/or licensure bodies and credentialing bodies.

Information You Make Available to Others

By using the Site or Services, including creation of a profile on PAEA, submission of public queries, or making public comments in parts of the Site where that is possible, you may make certain of your Personal Information available to others, such as your name or username, and you may voluntarily enter and make available comments and other content that includes additional Personal Information. Such information may be accessed by users who use the Site or Services and may be accessed by commercial search engines such as Google, Yahoo!, and Bing to the extent that such engines are permitted to access the Site or Services. You may also provide and upload and direct third parties to provide and upload Personal Information that you expressly direct us to share with designated third parties in order to participate in Services offered by us. If you direct us to share your Personal Information with designated third parties in connection with our delivery of the Services, we will do so in accordance with your consent and direction in the scope of our delivery of the Services.

Service Providers

From time to time, we may establish a business relationship with other businesses that we believe to be trustworthy and have privacy practices consistent with ours (“Service Providers”). For example, we may contract with Service Providers to provide certain services, such as hosting and maintenance, accounting, data analytics and data storage and management, assessment-related activities, Internet-based platforms, and marketing and promotions. We only provide our Service Providers with the information necessary for them to perform these services on our behalf. Each Service Provider must agree to use reasonable security procedures and practices, appropriate to the nature of the information involved, in order to protect your Personal Information from unauthorized access, use, or disclosure. Service Providers are prohibited from using Personal Information other than as specified by PAEA.

Advertising

We also may share non-personally identifiable information with third party ad servers, ad networks, and data exchanges (“Advertisers”) so that they can tailor their advertisements to your apparent interests and deliver those advertisements to you while you are either on our Sites or use our Services. These companies may place or recognize a unique cookie on your computer or use other technologies such as Web beacons to conclude that you have an interest in and to display a relative advertisement instead of a random advertisement. In addition, Advertisers use technologies (such as cookies, pixels, and Web beacons) to collect information about your browsing behavior on our Sites and via our Services, which they may match with information they have previously collected (including personally identifiable information you have provided to them). Our Privacy Policy does not cover any use of information that Advertisers may collect from you or that you choose to provide to them. For information about how to opt out of receiving certain behavioral advertisements, please visit this website: http://www.networkadvertising.org/choices.

Other Transfers

We may share Personal Information and Usage Data with businesses controlling, controlled by, or under common control with PAEA. If PAEA is merged, acquired, or sold, or in the event of a transfer of some or all of our assets or equity, we may disclose or transfer Personal Information and Usage Data in connection with such transaction.

Compliance with Laws and Law Enforcement

PAEA will cooperate with government and law enforcement officials and private parties to enforce and comply with the law. We may disclose Personal Information and any other content and information about you to government or law enforcement officials or private parties if, in our discretion, we believe it is necessary or appropriate in order to respond to or comply with legal requests (including court orders and subpoenas), to protect the safety, property, or rights of PAEA or of any third party, to prevent or stop any illegal, unethical, or legally actionable activity, or to comply with the law.

Be Careful When You Share Information With Others Exclusions

This Privacy Policy shall not apply to any unsolicited information you provide to PAEA through the Site or Services or through any other means. This includes, but is not limited to, information posted to any public areas of the Site, any ideas for new products or modifications to existing products, and other unsolicited submissions (collectively, “Unsolicited Information”). All Unsolicited Information shall be deemed to be non-confidential and PAEA shall be free, and you hereby grant PAEA the right, to reproduce, use, disclose, and distribute such Unsolicited Information to others without limitation or attribution.

Security

We maintain physical, electronic, and procedural safeguards to protect the confidentiality and security of Personal Information and other information transmitted to us. However, no data transmission over the Internet or other network can be guaranteed to be 100% secure. As a result, while we strive to protect information transmitted on or through the Site or Services, we cannot and do not guarantee the security of any information you transmit on or through the Site or Services, and you do so at your own risk.

Third Parties/Links

Our Site and Services may contain links or integrate with other websites and online services or allow others to send you such links. PAEA is not responsible or liable for any damage or loss related to your use of any third party website or online service. You should always read the terms and conditions and privacy policy of a third party website or online service before using it, whether directly or in connection with your use of the Site or Services. Third parties may collect, but we do not authorize them to collect, personally identifiable information about your online activities over time and across different websites when you use the Sites or Services.

Children’s Privacy

We do not knowingly collect Personal Information from children under the age of 13. If we become aware that we have inadvertently received Personal Information from a child under the age of 13, we will delete such information from our records.

California Privacy Rights

When California customers provide personal information to a business, they have the right to request certain disclosures if that business shares personal information with third parties for the third parties’ direct marketing purposes. Once per calendar year the customer may request that the business provide a list of companies with which it shares personal information for those companies’ direct marketing purposes, and a list of the categories of personal information that the business shares. PAEA generally does not share personal information with third parties for the third parties’ direct marketing purposes without Your explicit consent and direction. However, if you receive a solicitation from a third party that you believe obtained Your information from the PAEA without your consent, You may request information about our compliance with this law by contacting us at:
Physician Assistant Education Assocation
Attention: Privacy Compliance Officer
655 K Street, N.W., Suite 700,
Washington, D.C. 20001-2399
privacy@paeaonline.org

Any such inquiry must include “California Privacy Rights Request” in the first line of the description and include Your name, street address, city, state, and ZIP code. Please note that we are only required to respond to one request per customer each year, and we are not required to respond to requests made by means other than through this email address or mail address.

Note to International Users

The Sites and Services are hosted in the United States and are primarily intended for and directed to users in the U.S. If you are accessing the Sites or Services from any region outside the United States with laws or regulations governing personal data collection, use, and disclosure that differ from U.S. laws, please be advised that through your continued use of the Sites or Services, which are governed by U.S. law and this Privacy Policy, you are transferring your Personal Information to the U.S., and you consent to that transfer. The laws in the U.S. may not be as protective of your privacy as those in your location. By using our Sites or Services, you agree that the applicable laws in the U.S. will govern the collection, use, processing, storage, transfer, and disclosure of your information, except as noted below for residents of the European Union.

European Union General Data Protection Rights

Information about the European Union General Data Protection Regulation (GDPR) can be found here. GDPR outlines subject access rights of individuals in relation to their personal data. If you are a resident of the European Union or the United Kingdom and would like to exercise any of Your rights under GDPR, Your rights and the actions you can take are summarized below.

Right to Access: You can access most of the data we have about you through your account. You can request a complete report on what personal information we have about you.

Right to Rectification: We strive to keep records and all data accurate. If you would like to modify an inaccurate record of Your personal data, in most cases you can edit the data yourself through your account. However, if you are unable to make a correction yourself, you can request that we make the correction for you.

Right to Data Portability: You can request a copy of your personal data to be transferred to a new system or platform.

Right to Object: You can object to our processing of your personal data in certain limited circumstances that are not related to our provision of the Services.

Right to Restrict Use: You can request that we restrict the processing of your personal data in certain limited circumstances that are not related to our provision of the Services.

Right to Erasure: You can request that we delete your personal data in certain extremely limited circumstances that are not related to our provision of the Services.

All GDPR subject access rights requests must be sent via email to privacy@paeaonline.org and include the specific details for your request and the basis for making the request. We will respond to all valid subject access rights requests within 30 calendar days of receiving the request; however, it may take longer to fulfill your request. If you are unsatisfied with how we handle your request, you can find the contact information for your local data protection authority here.

Privacy Policy Changes

From time to time, we may change this Privacy Policy. If we change this Privacy Policy, we will give you notice by posting the revised Privacy Policy on the Site. Those changes will go into effect on the effective date shown in the revised Privacy Policy. By continuing to use the Site or Services, you consent to the revised Privacy Policy.

Links to Additional Data and Privacy Practices Information for Specific PAEA Services

Certain PAEA Services provide additional detailed information regarding collection and use of your data. Please follow the links below to learn more about how the specific PAEA Service may use your data, why they collect your data, and which data are collected. While this Privacy Policy and the policies accessible via the below links apply to the treatment of your Personal Information, in the event there is a difference in the two policies, any more specific terms in the Additional Data and Privacy Practices Information for Specific PAEA Services policy will control.
PAEA Assessments — PACKRAT, End of Rotation Exams, and End of Curriculum Exams

PLEASE DOWNLOAD AND PRINT A COPY OF THIS PRIVACY POLICY FOR YOUR RECORDS AND PLEASE CHECK THE SITE FREQUENTLY FOR ANY CHANGES TO THIS PRIVACY POLICY.

Privacy Policy Effective Date: March 4, 2020.