Michigan Dental Association Logo

For any questions or concerns relating to data privacy, please contact:

Michigan Dental Association

Attn: Data Privacy

3657 Okemos Road, Suite 200

Okemos, MI 48864

privacy@michigandental.org 

Michigan Dental Association (“MDA,” “we,” “us,” or “our”) respects the privacy of our users and all those who submit personal information to MDA through this website or by other means.  Accordingly, we have provided this privacy notice (“Notice”) to inform you, the user (“you” or “user”) of how we collect, use, share, store, and protect your personal information.  A copy of this Notice can be further found at:  Privacy Policy - Michigan Dental Association.  By using or accessing MDA’s website (“Website”) or otherwise submitting your personal information to us through webforms, hard copies, email, fax or any other medium, whether electronic, auditory, visual, or physical, you are representing that you understand the terms of this Notice.  If you do not agree to the terms of this Notice, do not continue to use the Website or any of MDA’s services, and do not provide us with your personal information at any time.

 

Collection of Your Information

When you use the Website or MDA’s services you may choose to provide MDA with certain personal information (“PI”). PI may include information that identifies, relates to, describes, or could be linked with a particular consumer or household.  Other PI may be automatically collected by your use of the Website and certain webforms and chatbots therein.  Further, we may collect other information about your use of the Website that is not PI.  Generally, PI means information about an individual who can be identified from use of that information (or from that information when combined with other information in our possession or likely to come into our possession), including information that identifies, relates to, describes, is capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer or household.  Specific types of PI include names, social security numbers, unique identifiers (such as user names), physical addresses, mailing addresses, cookies, geolocation data, phone numbers, and IP addresses.  PI does not include aggregated or anonymized data, or data that is otherwise specifically excluded from current data privacy laws.

 

In the interest of providing transparency to our users, we have provided the following list of the categories of PI that we collect, and some examples of the personal information that would fall into each category.  By using the Website, submitting webforms, submitting payment information, submitting emails or faxes, submitting hard copies of documents, or submitting PI through any other medium, whether electronic, auditory, visual, or physical, or providing consent for the use of your PI, you are providing consent for us to collect the following PI. 

Except for our collection of your browser data through cookies and pixels when you visit our Website, we only collect PI you voluntarily provide to us, either through your submission of PI (i) through web forms and chat widgets on our Website or any Linked Website (as hereinafter defined), (ii) via email or fax to one of MDA’s employees or agents, (iii) by phone to one of MDA’s employees or agents, (iv) via hardcopy to one of MDA’s, (v) through any means to our third-party marketing vendors, and/or (vi) to Novi’s database:

 

  • Personal Identifiers - (Name, phone number, email, fax number, date of birth, ADA Number, Social Security Number, education, employment history, medical and health insurance status, medical and health information, and mailing address):

 

  • We may use Personal Identifiers to (i) improve our services and offerings, to inform you about our services or service updates, (ii) conduct recruitment and retention campaigns via phone, email, fax or hardcopy, (iii) provide individualized help and care to our clients, (iv) underwrite insurance applications and prepare insurance quotes, (v) comply with HIPAA and HIPAA HITECH, and other laws, legal processes, or regulations, as well as law enforcement authorities, other government officials or other third parties pursuant to a subpoena, a court order or other legal process, and/or (vi) protect the vital interests of a person, to protect our property, services, and legal rights, and to support our audit, compliance, and governance functions.
  • Personal Identifiers may include Sensitive Personal Information (SPI) which are given heightened protection as applicable under state and/or federal law. We implement enhanced protections for such information, including encryption and restricted access protocols.

 

 

  • Customer Records - (Name, mailing address, ACH, routing number, bank account number, and credit card numbers (credit card data is collected through third-party payment processors such as Authorize.net and Stripe; however, other than the physical storage of the last four digits of your credit card number in cases where credit card information is submitted by phone or physical copy, this data is not retained by MDA, and MDA makes no representations regarding the same)):

 

  • We may use Customer Records to (i) process payments for membership dues, online orders, continuing education classes, insurance coverage, and other services or offerings (ii) improve our services and offerings, to inform you about our services or service updates, (iii) provide individualized help and care to our clients, (iv) comply with HIPAA and HIPAA HITECH, and other laws, legal processes, or regulations, as well as law enforcement authorities, other government officials or other third parties pursuant to a subpoena, a court order or other legal process, and/or (v) protect the vital interests of a person, to protect our property, services, and legal rights, and to support our audit, compliance, and governance functions.

 

 

  • Usage Data - (IP address, pixels, unique device identifier cookies, location data, website interactions, and first party cookies which track: advertising conversions, website direction tracking, operating systems used to access website, browser types, and languages):

 

  • We may use Usage Data to (i) provide the services you have requested or authorized and to help us manage the availability and connectivity of the Website, (ii) improve our services and offerings, (iii) inform you about our services or service updates, and to provide individualized help and care to our clients, (iv) analyze your responses to certain web traffic and prompts, (v) build private user profiles and match the PI with publicly available information about you for the purposes of improving this Website and our services, and/or (vi) create targeted marketing based on your use of the Website and our services.
  • Geolocation Data - During your use of the Website, we collect your location information through your device’s IP address. We may also gather information about your location using other technologies and forms:
  • We may use Geolocation Data to (i) improve our services and offerings, to inform you about location-specific payment services or payment service updates, (ii) provide region-specific targeted advertisements, (iii) provide individualized help and care to our clients, (iv) comply with HIPAA and HIPAA-HITECH, and other laws, legal processes, or regulations, as well as law enforcement authorities, other government officials or other third parties pursuant to a subpoena, a court order or other legal process, (v) analyze our adherence to applicable tax regulations and possible nexus with certain jurisdictions through third-party advisors, and/or (vi) protect the vital interests of a person, to protect our property, services, and legal rights, and to support our audit, compliance, and governance functions.

 

  • Commercial Data - (data relating to your inquiries about services, purchases, service requests):

 

  • We may use Commercial Data to (i) improve our Website, services and offerings, (ii) inform you about our services or service updates, and (iii) provide individualized help, care, and targeted services and advertisements to our clients.

 

MDA’s Use and Sharing of PI

Other than as specifically outlined above, and excepting the broader use of aggregated data as discussed below, we also generally use the PI we collect in one or more of the following ways:

 

  • Website Administration;
  • Marketing and Advertising;
  • Recruiting;
  • Underwriting;
  • To improve functionality and our service offerings;
  • To coordinate with various government agencies and municipalities, as well as private security;
  • To comply with HIPAA and HIPAA-HITECH, as well as any applicable laws or regulations;
  • In response to a subpoena, a court order, or other legal process; and/or
  • As part of a sale, merger, reorganization, or restructuring.

 

As a general rule, we may share all of the above listed categories of PI if we believe disclosure is necessary or appropriate to protect the rights, property, or safety of us, our clients, or others. Further, certain aspects and components of our services are performed through contracts with outside persons or organizations, such as marketing, underwriting, accreditation, outcomes data collection, dental services, legal services, etc. At times it may be necessary for us to provide your PI to one or more of these outside persons or organizations who assist us with our operations.

 

This Notice does not restrict our collection, use, or disclosure of any aggregated information or information that does not identify, or cannot be reasonably linked to, any individual.  For example, we may choose to share aggregated data with unaffiliated third parties, in an anonymous form that does not allow the third party to associate the information we shared as being your PI.

 

To be clear, other than as described herein, we will not collect additional categories of PI or use the PI we collect for materially different, unrelated, or incompatible purposes without providing you notice.  Except as described in this Notice, we do not sell, share, distribute, lease, or transfer your PI to any third parties. You have the right to opt-out of such sharing by contacting us, as explained below.

 

Your Rights and Responsibilities

If you wish to contact us, you must do so using the means listed at the beginning of this Privacy Notice. While MDA and its affiliates take measures to protect PI, no security measure or network is entirely secure, as further explained below. Your password to access MDA and its affiliates should be complex and should never be shared with anyone, and should be changed from time to time. After you access MDA or affiliate resources, you should log off and exit your browser and/or application so unauthorized persons cannot access the resources.

If you do not want to receive postal mail, telephone calls from us in the future, or if you do not want us to share your contact information in the manner described in this Privacy Notice, please provide us with your exact name and postal addresses, phone and fax numbers and, if appropriate, MDA membership information to privacy@michigandental.org. It may take up to four weeks for your opt out to become effective. While we will continue to share information we maintain about you with our service providers, subsidiary and affiliates, and with state and local dental societies, we will take reasonable steps to ensure that any other specific contact information you so identify is removed from lists we share with other organizations. We have instituted opt-out capabilities to help you avoid receiving unwanted commercial email messages from the MDA. MDA will honor such requests within ten business days.

On request we may provide you with access to information that you submitted to MDA, such as certain transaction information (e.g., dates on which you made purchases, amounts and types of purchases), communications that you have directed to our site (e.g., emails, user inquiries), and contact information (e.g., name, address, phone number). On request we may also offer the ability to have inaccuracies corrected in contact information, financial information, unique identifiers, transaction information and certain other data.

In addition to the other rights we note in this Privacy Notice, you also have the right to contact the MDA to obtain the following information:

  1. What personal information about you the MDA holds;
  2. For what purposes does MDA process your information;
  3. To what third parties (and in what jurisdictions) has or may the MDA disclose your personal information;
  4. How long will your data be maintained by the MDA (and how that period of time has been calculated);
  5. How to request correction or deletion of specific portions of your personal data held by the MDA that you believe are incorrect; and
  6. The source(s) from which the MDA has obtained your personal data.

You may also contact us at privacy@michigandental.org if you believe your information is being used improperly.

You may provide consent to additional uses and disclosures; for example, in connection with a product or service offered by the MDA, an affiliated entity, or a third party.

 

 

Security

In compliance with applicable law and industry standards, we have put in place reasonable physical, electronic, and administrative procedures to safeguard the PI we collect. The PI we directly collect is stored on our cloud-based network, unless stored on third-party servers or third-party cloud-based networks. We take reasonable steps and regularly assess our privacy and security policies and procedures and comply with laws designed to protect the privacy and security of your PI, including (i) encryption during transfer through the Secure Socket Layer (SSL) protocol, and (ii) encryption at rest.  We also (i) conduct annual security audits in an effort to further protect PI from breach, loss, or unauthorized access, and (ii) mandate that our employees undergo annual HIPAA training.  Unfortunately, transmission of information via electronic or physical means is not completely secure; accordingly, we cannot guarantee the security of any such information.  Any transmission of PI or data is entirely at your own risk.

 

Retention of Information

We will retain your PI only for as long as is necessary for the purposes set forth herein, which shall be at least as long, but in no way limited to, the time that you use the Website or our services. Specific retention schedules vary by data type and category. If you would like us to delete your data before our internally designated purge date, you may request that we do so.  However, we may retain and use your PI to the extent necessary to comply with our legal obligations (for example, if we are required to retain your data to comply with applicable laws), resolve disputes, and enforce our legal agreements and policies.

Cookies

Our Website uses cookies and pixels to track your activity on the Website and to hold certain information.  Cookies are small files placed on your device.  Cookies help analyze Website traffic, provide information about your use of the Website, and help the Website work more efficiently by responding to you as an individual (such as tailoring operations to your needs, likes and dislikes by gathering and remembering your preferences).  Pixels collect information about your activity, browser, and device, as well as information about when you interact with services we offer through one of our Linked Websites, such as advertising and commerce features. You can manage your cookie preferences through your browser settings and opt-out of tracking by contacting us.

 

Do Not Track Signals and Requests

“Do not track” signals and requests are sent from your browser to websites you visit indicating you do not want to be tracked or monitored.  In most circumstances you need to affirmatively elect to turn on the “do not track” signals or requests.  Websites are not required to accept these signals or requests, and many do not.  At this time, neither our Website nor the widgets existing therein honor “do not track” signals or requests.

 

Consent

You are responsible for any third-party PI obtained, published, or shared through this Website or MDA by your actions, and you represent, warrant, and covenant that you have adequately obtained and complied with said third party's consent in providing their PI to us.

 

Linked Websites

We provide links to other websites, landing pages, widgets, plug-ins or applications for informational purposes, including but not limited to: Novi AMS, Constant Contact, Sharpspring, JXM, American Dental Association, Aptify, Marketing General Incorporated, Web Ascender, Hubspot, Google Analytics, Google Tag Manager, Facebook Pixels, Google Adsense, Cloudflare, Authorize.net., and Stripe for your convenience, or to offer additional services such as payment processing (collectively “Linked Websites”).  Linked Websites are independent from our Website and are not governed by this Notice.  We do not review, maintain, endorse, or control the Linked Websites or the information, software, products, or services available on the Linked Websites.  We also have no control over the Linked Websites’ privacy policies or posted privacy notices.  Access or use of any of the Linked Websites is entirely at your own risk.  If you have any questions about a Linked Website’s privacy policies or notices, you should contact them directly. 

 

International Transfers and Processing of PI

We store information received through or by our Website in our cloud server hosted in the United States.  If you are providing the information from another country, you understand that the information will be transferred, stored and used in the United States.  Your consent to this Notice followed by your use of the Website or MDA’s services represents your agreement to that transfer. We implement data safeguards to protect your personal information during international transfers, detailed above. You have rights under applicable international laws, including the GDPR, detailed above.

 

Protection for Children (Minors)

We have no intention of collecting PI from children under the age of 13 without parental consent, in compliance with the Children’s Online Privacy Protection Act (COPPA).  If we become aware that PI from a minor under 13 has been collected without the consent of the parent or guardian of such minor, we will use all reasonable efforts to delete such information. We also retain the right to limit or preclude access to persons under the age of 18 and to delete the data of persons under the age of 18.

 

Changes to the Notice

We reserve the right, at our sole discretion, to amend this Notice at any time.  If at any time in the future we plan to use PI in a way that differs from what is described in this Notice or choose to amend this Notice, we will post those changes on the Website. We may notify you of changes to this Notice via email. Your continued use of the Website or MDA’s services following the posting of any changes to this Notice constitutes affirmative acceptance of those changes.