Nemours Privacy Statement
LAST UPDATED: January 28, 2025
The Nemours Foundation and its affiliates and subsidiaries (“Nemours,” “we,” “our,” or “us”) are committed to respecting and protecting your privacy. This Privacy Statement applies to our websites and services, including Nemours Children’s Health (www.nemours.org), Nemours KidsHealth (www.kidshealth.org), the Nemours Estate (www.nemoursestate.org), and the Well Beyond Medicine Podcast (www.nemourswellbeyond.org), and all related websites, web-based services, and mobile apps (the “Sites”).
This Privacy Statement explains what Personal Data we collect from visitors to the Sites, how we use and disclose that information, and the rights and choices you have in connection with that information, including how you can limit certain uses and disclosures of your information. When we refer to “Personal Data,” we mean information about an identified individual or about an individual whom we could identify. Subject to applicable law, Personal Data generally does not include publicly available information or anonymized or de-identified data.
This Privacy Statement does not apply to third-party websites, products, or services, even if they link to the Sites. We recommend you review the privacy practices of those third parties before connecting to or accessing third-party websites and disclosing any Personal Data. See the section titled Links to Other Sites for more information.
This Privacy Statement also does not apply to protected health information regulated by HIPAA. To understand how we may use and disclose protected health information, please review our . You should still review the Types of Personal Data We Collect and Why, Cookie and Pixel Policy, Your Choices, and Updates to this Privacy Statement sections for the required privacy policy under the Delaware Online Privacy and Protection Act and to understand how our Sites may operate. Our general interest pages, including provider listings, are for general interest and educational purposes only. For specific medical advice, diagnoses, and treatment, please log in to the Nemours application or contact us or your doctor by telephone. Similarly, our Notice of Privacy Practice does not apply to our collection, use, or disclosure of Personal Data that is not protected health information regulated by HIPAA.
This Privacy Statement also does not apply to our careers page hosted by our third-party vendor or to Personal Data we collect or use about job applicants or employees. We collect, use, and disclose Personal Data about job applicants or employees for different reasons than other Personal Data we may collect, use, or disclose. For information about how we collect, use, or disclose Personal Data about job applicants or employees, please contact us using information in the Contact Us section.
Without prejudice to your rights under applicable laws, this Privacy Statement is not contractual and does not form part of your contract with Nemours or its affiliates or subsidiaries.
If you have questions or requests about this Privacy Statement, please contact us using the information in the Contact Us section.
Table of Contents
- Types of Personal Data We Collect and Why
- How We Collect Information
- Parties to Whom We May Disclose Information
- Cookie and Pixel Policy
- Aggregated, De-identified, or Anonymized Data
- Your Choices
- Precise Geolocation-Based Services
- Localization of Data Storage and Processing
- Links to Other Sites
- Children’s Privacy
- Additional Information for Individuals in Delaware
- Additional Information for Individuals in Spain
- Updates to this Privacy Statement
- Contact Us
1. Types of Personal Data We Collect and Why
We may collect the following categories of Personal Data, for the purposes stated in the chart. This chart describes our practices as a whole for Personal Data subject to this privacy statement. For any given one of our Sites, we may only collect a subset of this Personal Data or for a subset of the listed purposes.
Category of Personal Data | Examples | Purpose of Collection and Use |
Identifiers | First and last name, contact information, device ID or IP address, and user-generated content (including reviews and feedback) | ● Provide and enhance the Sites ● Detect and prevent fraud ● Market or advertise to you ● Communicate with you ● Comply with legal or regulatory obligations |
Commercial and financial information | Transaction information associated with donations or purchases (e.g., credit card information for online donations or purchase of tickets to the Nemours Estate); transaction and account history and activity; financial or bank account information and other information relating to your financial institution, including payment card information; and/or other consumer histories or tendencies | ● Provide and enhance the Sites ● Detect and prevent fraud ● Market or advertise to you ● Communicate with you ● Comply with legal or regulatory obligations |
Internet or other electronic activity information | Browsing and app history; clickstream data; browser and operating system type; navigation paths; date/time stamps; cookie identifiers; clear gifs; Internet service provider (ISP); referring/exit pages; device identifiers; and other information about device characteristics and how you interact with our Sites | ● Provide and enhance the Sites ● Detect and prevent fraud ● Market or advertise to you ● Communicate with you ● Comply with legal or regulatory obligations |
Geolocation data | Device location; geolocation; IP address; cell network data; and/or other similar locational data | ● Provide and enhance the Sites ● Detect and prevent fraud ● Market or advertise to you ● Communicate with you ● Comply with legal or regulatory obligations |
Professional or employment-related information | Employer name, professional contact information | ● Detect and prevent fraud ● Market or advertise to you ● Communicate with you ● Comply with legal or regulatory obligations |
Inference information | Inferences we may infer from other Personal Data we have collected, which may include preferences and characteristics
| ● Provide and enhance the Sites ● Detect and prevent fraud ● Market or advertise to you ● Communicate with you ● Comply with legal or regulatory obligations |
In addition, although generally outside the scope of this Privacy Statement, for purposes of the Delaware Online Privacy and Protection Act, we may collect protected health information regulated by HIPAA through certain pages on Nemours Children’s Health. See our Notice of Privacy Practices for more information about how we use and disclose protected health information.
2. How We Collect Information
We may collect Personal Data from the following sources. This chart describes our practices as a whole for Personal Data subject to this privacy statement. For any given one of our Sites, we may only collect Personal Data from a subset of these sources.
Sources of Personal Data | Categories of Personal Data We Collect |
Directly from you
We may collect Personal Data from you when you interact with our Sites, submit inquiries or request information from us, engage our services (by you or by your email), or otherwise contact or communicate with us. We may also collect Personal Data from you when we send you marketing information about our products, services, events, and/or promotions via phone, email, or other means. We may also disclose information across our business units or brands to identify or facilitate potential sales opportunities. We may use Personal Data to improve how we reach you, the content we share with you, to conduct market research, and to improve business operations, our platform, and overall customer engagement. Finally, we may collect Personal Data from you when we process your requests to us and requests for information. | ● Identifiers ● Commercial and financial information ● Internet or other electronic activity information ● Geolocation data ● Inference information |
Automatically
We may collect Personal Data from you automatically when you visit the Sites or as you interact with us. Any automatically collected information, even if collected by one of our vendors on our behalf, is subject to the Privacy Statement and is used and disclosed as described herein. See the Cookie and Pixel Policy section for more information. | ● Internet or other electronic network activity ● Geolocation data |
Our service providers and third-party vendors
The Sites may use third-party analytics services. These services may include page views and page activity and are used by Nemours to analyze trends and administer the Sites. | ● Identifiers ● Internet or other electronic activity information
|
Third parties
We may collect Personal Data from third-party social media platforms and sites, such as when you engage with our social media pages, online communities, and forums, and when you mention us on your own or other social media pages, online communities, or forums. Please note that online forums may be publicly accessible and other individuals may view information you post in the forums. If you are involved in a business relationship with us, we may also obtain some limited information about you indirectly, for example from your colleagues or your company, or from publicly available sources such as the Internet and/or subscription-based services. | ● Identifiers ● Internet or other electronic activity information
|
3. Parties to Whom We May Disclose Information
We disclose Personal Data as shown in the following table. This chart describes our practices as a whole for Personal Data subject to this privacy statement. For any given one of our Sites, we may only disclose Personal Data to a subset of these third-party recipients or for a subset of the listed purposes.
Categories of Third-Party Recipients and Purpose for Disclosure | Categories of Personal Data We May Disclose |
Affiliates We may disclose Personal Data to our business units, subsidiaries, joint ventures, brands, or other companies under our common control (collectively, “Affiliates”) for the purposes described in this Privacy Statement. We will require our Affiliates to honor this Privacy Statement. | ● Identifiers ● Commercial and financial information ● Internet or other electronic activity information ● Geolocation data ● Inference information |
Third-party vendors We use third-party vendors to perform operational functions related to our Sites. Some of these vendors (e.g., marketing automation vendors or hosting providers) may have access to your Personal Data, but only as necessary to provide services to us. We also disclose your Personal Data to vendors (for example, marketing automation vendors or hosting providers) as needed to assist us with business operations. We seek to require our vendors to keep your information confidential. However, for purposes of this Privacy Statement, we may not have business associate agreements in place with every vendor that receives Personal Data under this Privacy Statement because, as we explain at the top of the document, this Privacy Statement does not describe how we may collect, use, and disclose protected health information regulated by HIPAA, and business associate agreements describe how our vendors may use and disclose protected health information regulated by HIPAA. | ● Identifiers ● Commercial and financial information ● Internet or other electronic activity information |
Marketing, Advertising, and Analytics Providers for Our Marketing and Brand Purposes We may disclose Personal Data to third-party providers for marketing, advertising, and analytics purposes, including on Nemours KidsHealth. For additional information regarding our advertising practices, please see the Interest-Based Advertising section. We may also disclose Personal Data to third-party providers for prospecting, product development, and to conduct product and brand perception and awareness surveys. | ● Identifiers ● Commercial and financial information ● Internet or other electronic activity information |
Government entities We may disclose Personal Data to government entities and agencies, regulators, law enforcement, and other third parties, including to comply with applicable laws and regulations, to respond to a subpoena or search warrant or pursuant to legal process, to establish or exercise our legal rights, for fraud or crime-prevention purposes, or for the protection of the rights, property, or safety of our company or third parties. We may also disclose Personal Data in relation to a known or suspected violation of our terms of use, fraud prevention, or other unlawful use, including with entities assisting us with an investigation, or as may be required by applicable law. | ● Identifiers ● Commercial and financial information ● Internet or other electronic activity information ● Geolocation data |
Business partners We may engage third parties to perform certain functions on our behalf. To do so, we may disclose Personal Data to our third-party business partners and service providers in order to maintain and operate the Sites and provide, improve, and personalize the Sites, including to fulfill requests for the Services, and for other technical and processing functions, such as sending emails on our behalf and technical support. | ● Identifiers ● Internet or other electronic activity information |
Professional Service Firms We may disclose Personal Data to professional service firms in connection with our legal and regulatory obligations and to establish or exercise our rights and defend against claims, including, for example, auditors, law firms, and consultants. | ● Identifiers ● Commercial and financial information ● Internet or other electronic activity information ● Geolocation data ● Inference information |
Successor organizations Subject to applicable law, we reserve the right to transfer some or all Personal Data in our possession to a successor organization in the event of a merger, acquisition, bankruptcy, or other sale or transfer of all or a portion of our assets. If any such transaction occurs, the purchaser will be entitled to use and disclose the Personal Data collected by us in the same manner that we are able to, and the purchaser will assume the rights and obligations regarding Personal Data as described in this privacy statement. | ● Identifiers ● Internet or other electronic activity information ● Inference information |
4. Cookie and Pixel Policy
a. Usage Info and Cookies
When you access the Sites, our servers automatically collect and record the Internet Protocol (“IP”) address associated with your computer. We may also collect additional information such as a device ID, browser type and version, the operating system of your device, language, country, the date and time of visits, your IP address, the pages viewed, time spent on the Sites, and the websites visited just before and just after a Site. This information is used to help us administer the Sites, and it is transmitted automatically by your web browser. This information may be appended to your profile information to remember your preferences and diagnose technical problems.
We may use cookies to collect this information. Cookies are small data files sent by a website and stored on the computer or device at the request of that site. Cookies store information related to a user’s browser to enable us to recognize your device on return visits to the Sites and to remember your preferences.
Most browsers allow you to control cookies, including whether or not to accept them and how to remove them. If you want to block the use and saving of cookies from the Sites on to the computer’s hard drive, you should take the necessary steps within your web browser’s settings to block all cookies from the Services and external serving vendors. Please note that if you choose to erase or block your cookies, certain parts of our Sites may not function correctly. For information on how to disable cookies, refer to your browser’s documentation.
We may also use web beacons, pixels, or similar collection mechanisms, and in certain circumstances may collect IP addresses, screen resolution and browser software and operating system types, clickstream patterns, dates and times that our site is accessed, and other categories of data.
b. Do-Not-Track
The Sites are not designed to support Do-Not-Track functionality. Do-Not-Track is a preference you can set on your web browser to inform websites that you do not want to be “tracked’ by third parties. The Sites do not respond to Do-Not-Track Signals. Our third-party service providers may not respond to Do-Not-Track signals. If an individual comes to a Site or Service directly with a Do-Not-Track signal enabled on their browser, we do not look for the Do-Not-Track signal or respond to it; even if a Site or Service looks for the Do-Not-Track signal, it does not respond to it.
c. Interest-Based Advertising
Except for Nemours KidsHealth, we do not display advertisements on the Sites. We display advertisements on Nemours KidsHealth, including in part using interest-based advertising. We may also participate in interest-based advertising to place advertisements on unaffiliated sites using information you provide us when you interact with our Sites other than Nemours KidsHealth or Nemours Children’s Health. Interest-based ads, also known as personalized ads, are ads that are targeted to you based on your web browsing and app usage over time and across websites or apps. For example, the Sites may use third-party ad servers, retargeting services, and web analytics systems, such as Google, to analyze aggregate web usage statistics and provide us the ability to display advertisements about our services to you when you have left our Sites. In addition, certain pages of the Sites contain embedded information from Third-Party Sites (for example, YouTube or Vimeo videos) and loading or interacting with that embedded information may be used for interest-based advertising on other websites by third parties.
You have the option to restrict the use of information for interest-based advertising and to opt out of receiving interest-based ads. Some of these third parties may use cookies and other technologies to collect information about your online activities over time and across third-party websites or online services to deliver advertising based on your interests and preferences, as inferred from your browsing history. Some of these ads may be personalized, meaning that they are intended to be relevant to you based on information that those third-party Providers collect about your visits to the Sites and elsewhere over time.
To learn more about this type of advertising and how to opt out of this form of advertising, you may either visit optout.aboutads.info to opt out of sites and services participating in the Digital Advertising Alliance (“DAA”) self-regulatory program or visit optout.networkadvertising.org to opt out of this form of advertising by members of the Network Advertising Initiative (“NAI”). Note that electing to opt out will not stop advertising from appearing in your browser or applications, although it may make the ads you see less relevant to your interests. This opt-out works through cookies set on a particular browser, so if you delete cookies from a web browser, or use a different browser, you will need to opt out again.
Your choice to opt out on a particular browser or device will apply only to the collection and use of information from that particular browser or device. Opting out on a particular device will not opt you out of information collection on other devices, nor will it limit cross-device sharing on those other devices. If you use different browsers on a device or multiple devices, for each browser and device you wish to opt out, please opt out each device and browser separately at optout.aboutad.info and at optout.networkadvertising.org.
5. Aggregated, De-identified, or Anonymized Data
We may create aggregated, de-identified, or anonymous information from Personal Data by removing certain data components (such as your name, email address, or linkable tracking ID) that makes the data identifiable, or through aggregation, obfuscation, or other means. For example, we may use aggregated, de-identified, or anonymized information to understand how to improve or enhance the Sites. Subject to applicable law, our use of such aggregated, de-identified, or anonymized information is not Personal Data or subject to this privacy statement.
6. Your Choices
You have certain choices with respect to your Personal Data.
We may use your contact information to send you email messages regarding updates to the Sites, such as the publication of new information and content, promotional offers, or to communicate with you about us. You may opt out of receiving these emails at any time via the unsubscribe link contained in the email message.
We will communicate with you only according to your preferences provided to us. We may use your contact information to send you messages regarding updates to the Sites. You may opt out of receiving these messages by following the unsubscribe link contained in the message, or by contacting us through the information contained in the Contact Us section. You may not be able to opt out of receiving certain messages from us, such as transactional communications or legal notices.
7. Precise Geolocation-Based Services
With your consent, we may collect the precise geolocation of your device by using satellite, cell phone tower, Wi-Fi signals, or other technologies made available to us by your device and web browser. We will collect this data on a Site if you have enabled location-driven capabilities on your device (the setting may be called “Location Services” or “Location Permissions”) and opt in through your web browser for that Site. If you have opted in to share your location with a Site, that Site will continue to collect location data based on how you choose to share the data. You can specify via your device operating system and web browser how you share location data with each of our Sites. For more information about how to control those settings, please see the documentation for your device operating system and web browser.
8. Localization of Data Storage and Processing
a. Location of Our Operations
We are a U.S. organization. Our Sites are provided in the United States. If you are located outside of the United States, any information you provide to us will be transferred to, processed, and/or maintained in the United States. If you are located outside of the United States, the transfer of Personal Data may be necessary to provide you with the requested information and services and/or to perform any requested transaction.
b. Data Transfers
The provision of these services will involve the processing of Personal Data by companies located in countries outside the European Economic Area (international data transfers). Specifically, information we collect from you will be processed in the United States, and by using these services you acknowledge and consent to the processing of your data in the United States.
11. Additional Information for Individuals in Delaware
Our Sites may contain links to other websites, mobile applications, or Internet locations (collectively “Third-Party Sites”), as a convenience to the user. Our Sites may also include social network sharing widgets or other embedded content (such as YouTube or Vimeo videos) that may provide information to their associated social networks or third parties about your interactions with our web pages that you visit, even if you do not click on or otherwise interact with the plug-in, widget, or embedded content. Information is transmitted from your browser and may include an identifier assigned by the social network or third party, information about your browser type, operating system, device type, IP address, and the URL of the web page where the widget appears. We have no control over and are not responsible for Third-Party Sites, their privacy practices, their content, or any goods or services available through the Third-Party Sites, including any embedded content on the Sites. This Privacy Statement does not apply to Third-Party Sites; any information you provide to a Third-Party Site is subject to that Third-Party Site’s privacy policy or privacy statement. You should carefully review the applicable privacy policies or privacy statements before using or engaging with any Third-Party Site.
10. Children’s Privacy
a. Nemours KidsHealth
Nemours KidsHealth does not use accounts or permit website registration, and we do not knowingly collect or solicit personally identifiable information from anyone we know to be under the age of 13, without parental consent. Nemours KidsHealth does not, as a general rule, enable, encourage, or request users to enter or send us their Personal Data. Expectant parents may be invited to sign up to receive certain pregnancy- and baby-related emails from us. If you are under 13, please do not sign up for our expectant parents newsletters or otherwise send us any information about yourself to us, including your name, address, telephone number, or email address. However, Nemours KidsHealth is a website and receives and collects information about the device accessing Nemours KidsHealth in order to allow the website to function. We collect only as much personal information as is reasonably necessary for a user to explore and learn from Nemours KidsHealth, and we do not display targeted advertisements on the “For Kids” section of Nemours KidsHealth or allow others to use information collected through visits to the “For Kids” section of Nemours KidsHealth to engage in targeted advertising on other sites.
b. Our Other Sites
Our other Sites are not directed to or intended for use by children under 13 years of age. We do not knowingly collect or solicit Personal Data from anyone under the age of 13, or knowingly allow such persons to register for our services, without parental consent. No one under age 13 may provide any Personal Data to us or on the Sites. If you are under 13, please do not attempt to register for the Sites or send any information about yourself to us, including your name, address, telephone number, or email address. If we learn that we have inadvertently collected Personal Data from an individual under age 13 without parental consent, we will take steps to delete the data as permitted by law. If you believe that we might have any information from or about an individual under age 13, please contact us using the information in the Contact Us section.
11. Additional Information for Individuals in Delaware
Beginning January 1, 2025, we may be subject to the Delaware Personal Data Privacy Act based on our interactions with Delaware residents and our use of their Personal Data. This law provides Delaware residents enhanced rights with respect to their Personal Data when they are not acting solely in a commercial or employment context (such as a B2B communication) when interacting with us. If you are an employee or job applicant or are interacting with us in a commercial or employment capacity, these disclosures are unlikely to apply to you.
In this section, “DPDPA Personal Data” refers to Personal Data that is linked or reasonably linkable to an identified or identifiable Delaware resident. DPDPA Personal Data does not include de-identified or publicly available information, as defined in the Delaware Personal Data Privacy Act, protected health information regulated by HIPAA, and certain other exceptions spelled out in the law. We do not collect DPDPA Personal Data about individuals we know to be under the age of 13.
First, a Delaware resident may have the right to confirm whether we are processing DPDPA Personal Data concerning them and to access their DPDPA Personal Data.
Second, a Delaware resident may have the right to correct inaccuracies in their DPDPA Personal Data we hold.
Third, a Delaware resident may have the right to request we delete DPDPA Personal Data concerning them.
Fourth, a Delaware resident may also request to receive their DPDPA Personal Data in a portable and, if technically feasible, readily usable format.
Fifth, a Delaware resident may have the right to request a list of the categories of third parties to which we have disclosed their DPDPA Personal Data.
Sixth, a Delaware resident may opt out of processing their DPDPA Personal Data for purposes of targeted advertising, the sale of their DPDPA Personal Data, or profiling in furtherance of decisions that produce legal or similarly significant effects concerning that Delaware resident.
To exercise your rights, please email us using the information in the Contact Us section. If you email us, please put in the subject line of your email the right you are seeking to invoke: “Delaware Right to Access,” “Delaware Right to Correct,” “Delaware Right to Delete,” “Delaware Right to Portability,” “Delaware Right to Third-Party Categories,” and “Delaware Right to Opt Out.”
You may submit multiple requests at once through an email. Subject to certain exceptions, ordinarily there is no cost for submitting your first request; if you submit multiple requests in a twelve-month period, we may charge you a reasonable fee to cover the administrative costs of complying with your requests or decline to act on your requests. For requests other than a Right to Opt Out, we are permitted to use commercially reasonable efforts to authenticate you are who you say you are and if you are making a request on behalf of another, that you have the authority to do so. If we are unable to do so, we may request that you provide additional information reasonably necessary to authenticate you. If we cannot authenticate you or your authority, we will deny the request. If you submit a Right to Opt Out request, we are permitted to deny the request if we have a good faith, reasonable, and documented belief that the request is fraudulent, and we will tell you that and why.
If you submit a request, we will tell you what the result is of your request (including, if you submit a Right to Access, your DPDPA Personal Data) without undue delay and within 45 days after we receive your request. We may extend that deadline by 45 days, to 90 days in total, in some cases. If we extend the deadline, we will tell you that and why.
Delaware’s law includes exceptions for Personal Data regulated under other laws or maintained for certain reasons or in certain contexts. For example, it does not apply to publicly available information, including information that we reasonably believe Delaware residents have lawfully made available to the general public, or protected health information regulated by HIPAA. As another example, we will not delete DPDPA Personal Data when it is necessary to maintain it to comply with a legal obligation.
If we don’t grant your request, we will tell you why we did not. You may appeal our decision by emailing us using the information in the Contact Us section with the subject line “Appeal of Request” and including our response to your request. We will also include this information in our response to your request. If you appeal our decision, we have 60 days to respond.
In addition, when you visit our website, we may use the information we collect automatically through online interactions, as described above in the Cookie and Pixel Policy section for targeted advertising, which we may disclose or make available to advertising and social media networks.
12. Additional Information For Individuals in Spain
a. General
The General Data Protection Regulation (GDPR) governs processing of Personal Data by organizations in the European Economic Area or about individuals located in the European Economic Area. The current members of the European Economic Area are Austria, Belgium, Bulgaria, Croatia, Cyprus, Czech Republic, Denmark, Estonia, Finland, France, Germany, Greece, Hungary, Iceland, Ireland, Italy, Latvia, Liechtenstein, Lithuania, Luxembourg, Malta, the Netherlands, Norway, Poland, Portugal, Romania, Slovakia, Slovenia, Spain, and Sweden.
Based upon our website traffic, we may be subject to the GDPR with respect to Personal Data about individuals who visit Nemours KidsHealth from Spain, with respect to Personal Data we collect about those individuals during their visit to that site.
Basis for processing your Personal Data. We will process your Personal Data based upon your consent or based on legitimate interests. If you would like more information about the legitimate interests and bases for processing in particular processing operations, we invite you to contact us using the information in the Contact Us section.
Examples of Personal Data processed based upon your consent. If we are directing marketing communications to you, in your individual capacity, we do so with your consent unless an exception applies (such as to send you direct marketing about similar products or services to ones you have already purchased from us). If you wish to withdraw your consent, you may unsubscribe through the email or contact us using the information in the Contact Us section. Withdrawing your consent will not affect processing operations we have already completed based upon your consent.
Examples of Personal Data processed based upon legitimate interests. We may process your Personal Data for our legitimate interests or the legitimate interests of third parties, which include advertising or market and opinion research, as far as you have not objected to the use of your data; entering into a contract with a third party (which could include your employer) and performing our obligations under that contract; the examination and optimization of processes for needs analysis; the further development of services and products as well as existing systems and processes; the disclosure of Personal Data within the framework of due diligence in the course of company sale negotiations; the enrichment of our data, e.g., by using or researching publicly accessible data; statistical evaluations or market analysis; benchmarking; the assertion of legal claims and defense in legal disputes which are not directly attributable to the contractual relationship; the restricted processing of data, if a deletion is not possible or only possible with disproportionately high effort due to the special type of storage; the prevention and investigation of fraudulent or criminal offences, if not exclusively for the fulfilment of legal requirements; and complying with our legal obligations in countries outside of the European Economic Area or the United Kingdom. If you would like more information, or to object to a particular processing operation based upon legitimate interests, please contact us using the information in the Contact Us section.
Our use of automated decision-making. We may engage in automated decision-making or profiling in the course of our processing operations. We do not, however, engage in solely automated decision-making, including profiling, that in our view would produce legal effects or similarly significantly affect you.
b. Data Retention
We will retain Personal Data for as long as needed or permitted in light of the purpose(s) for which it was obtained. The criteria used to determine our retention periods include (i) the length of time we have an ongoing relationship with you; (ii) whether there is a legal obligation to which we are subject; and (iii) whether retention is advisable in light of our legal position (such as in regard to applicable statutes of limitations, litigation or regulatory investigations).
c. Data Subject Rights
If the GDPR applies to your Personal Data, you may have the right to:
- access your Personal Data;
- rectify inaccurate Personal Data about you;
- erasure of your Personal Data;
- place restrictions on processing your Personal Data;
- object to processing your Personal Data;
- receive your Personal Data in a portable format; and
- withdraw your consent for processing.
These rights are not absolute and may be subject to limitations or restrictions. For more information, or to exercise your rights, please contact us contact us using the information in the Contact Us section.
You may also have the right to lodge a complaint with a supervisory authority. If you are in Spain, you may contact the Agencia Española de Protección de Datos.
13. Updates to this Privacy Statement
We may update this privacy statement from time to time. The “effective date” at the top of this privacy statement indicates when this privacy statement was last revised. Any changes are effective when we post the revised privacy statement on the Sites. We encourage you to routinely review this privacy statement to learn about updates to our privacy practices.
14. Contact Us
For more information or if you have questions or concerns about our privacy practices, please contact us by email at [email protected], by telephone at (800) 472-6610, or by mail at:
The Nemours Privacy Office
10140 Centurion Parkway North
Jacksonville, FL 32256
If you have health questions, do not contact us at these addresses. If it is an emergency, please call 911. Otherwise, please contact your healthcare or medical professional.
