Privacy Notice
Last Updated: November 4, 2025
This online Privacy Policy (the “Policy”) describes how the American Board of Internal Medicine and its affiliates (collectively “ABIM,” “we,” “us,” or “our”) collect, use, disclose, and secure the personal information we gather about you through our website, https://www.abim.org/ (the “Site”), when you use our sites and when you otherwise interact with us (collectively, the “Services”).
For purposes of this Policy, personal information means data that classifies as personal information, personal data, personally identifiable information, or similar terms under applicable data privacy and security laws and regulations. It does not include data excluded or exempted from those laws and regulations, such as aggregated, anonymized, or deidentified data. Nothing in this Policy will constitute an admission or evidence that any particular data privacy or information security law or regulation applies to ABIM generally or in any specific context.
In providing our Services, ABIM may collect personal information on behalf and as a processor for third parties. This Policy does not govern any information we collect on behalf of third parties, and you should consult their privacy policies to become familiar with their data collection and usage practices.
By accessing, browsing, downloading, or otherwise using the Services, you confirm that you have read, understood, and agreed with this Policy. Beyond this Policy, your use of the Services is subject to our Certification Policies. If you do not agree to this Policy or our Certification Policies, as applicable, you may not use the Services.
This Policy applies regardless of how the Services are accessed and will cover any technologies or devices by which we make the Services available to you.
If you have any questions or concerns about our personal information policies or practices, you can contact us in the methods described in the “Contact Us” section below.
By accessing, browsing, downloading, or otherwise using the Services, you confirm that you have read, understood, and agreed with this Policy. Beyond this Policy, your use of the Services is subject to our Certification Policies. If you do not agree to this Policy or our Certification Policies, as applicable, you may not use the Services.
This Policy applies regardless of how the Services are accessed and will cover any technologies or devices by which we make the Services available to you.
If you have any questions or concerns about our personal information policies or practices, you can contact us in the methods described in the “Contact Us” section below.
We collect information you voluntarily provide directly to us, information that we collect automatically when you interact with the Services, and information collected from third parties. The categories of personal information that we collect and the purposes for which we collect that information are described below.
A. Personal Information You Provide to Us
The following list describes the categories of personal information we may collect directly from you:
- Account Information includes first name, last name, email address, password, ABIM identification number, last 4 digits of social security number, gender, and date of birth. We collect this information when you provide it directly to us such as when you sign up for the Services, creating an account through the Site, or fill out a form. We collect this information for providing the Services, administrative purposes, and marketing and advertising our products and services.
- Contact Information includes customer name, postal address, telephone number, and e-mail address. We collect this information when you provide it directly to us, such as when you sign up for newsletters, request information about our Services, create an account, or fill out a form. We collect this information for providing the Services, administrative purposes, and marketing and advertising our products and services.
- Certification Information includes records of training and medical knowledge, academic history, employment history, examination performance, training program evaluations, outcomes-based milestones, certification status, self-evaluation information, and information related to the nature and scope of your medical practice. We collect this information for providing the Services and administrative purposes.
- Payment and Commercial Information includes name, address, phone number, third party payment service provider-related information, debit or credit card information, purchase and participation history, or other payment processing information. We collect this information for providing the Services and administrative purposes.
- Responses to Surveys and Questionnaires includes information you provide to us when you respond to surveys or polls. We collect this information for administrative purposes and services understanding the views and opinions of our diplomates.
- Social Media Information includes information that you post by sharing on a blog or another social media platform. We collect this information for administrative purposes and marketing and advertising our products and services. Please note that your comments will be visible to the public, so you should never share personal information that you would like to keep private.
- User-Generated Content includes personal information about you in content that you post, upload, comment, or otherwise submit on the Services, such as your name and email address and products you may have purchased. Be aware that as a default, any information you post on the Services, including without limitation reviews, comments, and text, may be available to and searchable by all users of the Services. We collect this information for providing the Services and administrative purposes.
The purposes for which we use your personal information are described in further detail in the “How We Use Personal Information We Collect” section below.
B. Personal Information Collected Automatically Through “Cookies” or Other Tracking Technologies
We may send one or more cookies to your computer or other device. We may also use other similar technologies such as tracking pixels, tags, or similar tools when you visit our Services. These technologies can collect data regarding your operating system, browser type, device type, screen resolution, IP address, and other technical information, as well as navigation events and session information as you interact with our Services. This information allows us to understand how you use the Services.
Cookies. Cookies are small files created by websites, including our Services, that reside on your computer’s hard drive and that store information about your use of a particular website. When you access our Services, we use cookies and other tracking technologies to:
- Estimate our audience size and usage patterns;
- Store information about your preferences, allowing us to customize our Services according to your individual needs;
- Contact you to provide you with information or services that you request from us;
- Advertise new content, events, and services that relate to your interests;
- Provide you with more personalized content that is most relevant to your interest areas; and
- Recognize when you return to our Services.
We set some cookies ourselves and others are set by third parties. You can manage your cookies preference as described in the “Your Privacy Options and Configurations” section below.
Types of Cookies and Their Functions. The following chart lists the different types of cookies that we and our service providers use on the Services, examples of who serves those cookies and links to the privacy notices and opt-out information of those cookie servers. Because the specific cookies we use may vary over time, as well as differ by the specific page you are browsing, the below chart is illustrative only.
Types of Cookies
Purpose
Who Serves (for example)
Essential
These cookies are required for the operation of the Services and enable you to move around the Services and use its features. Disabling these cookies can negatively impact the performance of Services.
ABIM
Functionality
These cookies are used to recognize you when you return to the Services. This enables us to personalize content for you and remember your preferences. These cookies also enable your interactions with the Services such as emailing us and customer support chat.
Google
Analytics, Performance, and Research
These cookies, beacons, and pixels allow us to analyze activities on the Services. They can be used to improve the functioning of the Services. For example, these cookies recognize and count the number of visitors and see how they move around the Services. Analytics cookies also help us measure the performance of our advertising campaigns to help us improve them and to optimize the content on the Services for those who engage with our advertising.
Cookie Retention Period. Some cookies operate from the time you visit the Services until the end of that particular browsing session. These cookies, which are called “session cookies,” expire and are automatically deleted when you close your Internet browser.
Some cookies will stay on your device between browsing sessions and will not expire or automatically delete when you close your Internet browser. These cookies are called “persistent cookies” and the length of time they will remain on your device will vary from cookie to cookie. Persistent cookies are used for a number of purposes, such as storing your preferences so that they are available for your next visit and to keep a more accurate account of how often you visit the Services, how your use of the Services may change over time, and the effectiveness of advertising efforts.
C. Personal Information We Receive From Third Parties
We may receive additional information about you from third parties, such as other specialty organizations, and combine it with other information we have about you.
We collect information you voluntarily provide directly to us, information that we collect automatically when you interact with the Services, and information collected from third parties. The categories of personal information that we collect and the purposes for which we collect that information are described below.
A. Personal Information You Provide to Us
The following list describes the categories of personal information we may collect directly from you:
- Account Information includes first name, last name, email address, password, ABIM identification number, last 4 digits of social security number, gender, and date of birth. We collect this information when you provide it directly to us such as when you sign up for the Services, creating an account through the Site, or fill out a form. We collect this information for providing the Services, administrative purposes, and marketing and advertising our products and services.
- Contact Information includes customer name, postal address, telephone number, and e-mail address. We collect this information when you provide it directly to us, such as when you sign up for newsletters, request information about our Services, create an account, or fill out a form. We collect this information for providing the Services, administrative purposes, and marketing and advertising our products and services.
- Certification Information includes records of training and medical knowledge, academic history, employment history, examination performance, training program evaluations, outcomes-based milestones, certification status, self-evaluation information, and information related to the nature and scope of your medical practice. We collect this information for providing the Services and administrative purposes.
- Payment and Commercial Information includes name, address, phone number, third party payment service provider-related information, debit or credit card information, purchase and participation history, or other payment processing information. We collect this information for providing the Services and administrative purposes.
- Responses to Surveys and Questionnaires includes information you provide to us when you respond to surveys or polls. We collect this information for administrative purposes and services understanding the views and opinions of our diplomates.
- Social Media Information includes information that you post by sharing on a blog or another social media platform. We collect this information for administrative purposes and marketing and advertising our products and services. Please note that your comments will be visible to the public, so you should never share personal information that you would like to keep private.
- User-Generated Content includes personal information about you in content that you post, upload, comment, or otherwise submit on the Services, such as your name and email address and products you may have purchased. Be aware that as a default, any information you post on the Services, including without limitation reviews, comments, and text, may be available to and searchable by all users of the Services. We collect this information for providing the Services and administrative purposes.
The purposes for which we use your personal information are described in further detail in the “How We Use Personal Information We Collect” section below.
B. Personal Information Collected Automatically Through “Cookies” or Other Tracking Technologies
We may send one or more cookies to your computer or other device. We may also use other similar technologies such as tracking pixels, tags, or similar tools when you visit our Services. These technologies can collect data regarding your operating system, browser type, device type, screen resolution, IP address, and other technical information, as well as navigation events and session information as you interact with our Services. This information allows us to understand how you use the Services.
Cookies. Cookies are small files created by websites, including our Services, that reside on your computer’s hard drive and that store information about your use of a particular website. When you access our Services, we use cookies and other tracking technologies to:
- Estimate our audience size and usage patterns;
- Store information about your preferences, allowing us to customize our Services according to your individual needs;
- Contact you to provide you with information or services that you request from us;
- Advertise new content, events, and services that relate to your interests;
- Provide you with more personalized content that is most relevant to your interest areas; and
- Recognize when you return to our Services.
We set some cookies ourselves and others are set by third parties. You can manage your cookies preference as described in the “Your Privacy Options and Configurations” section below.
Types of Cookies and Their Functions. The following chart lists the different types of cookies that we and our service providers use on the Services, examples of who serves those cookies and links to the privacy notices and opt-out information of those cookie servers. Because the specific cookies we use may vary over time, as well as differ by the specific page you are browsing, the below chart is illustrative only.
| Types of Cookies | Purpose | Who Serves (for example) |
|---|---|---|
| Essential | These cookies are required for the operation of the Services and enable you to move around the Services and use its features. Disabling these cookies can negatively impact the performance of Services. |
ABIM |
| Functionality | These cookies are used to recognize you when you return to the Services. This enables us to personalize content for you and remember your preferences. These cookies also enable your interactions with the Services such as emailing us and customer support chat. | |
| Analytics, Performance, and Research | These cookies, beacons, and pixels allow us to analyze activities on the Services. They can be used to improve the functioning of the Services. For example, these cookies recognize and count the number of visitors and see how they move around the Services. Analytics cookies also help us measure the performance of our advertising campaigns to help us improve them and to optimize the content on the Services for those who engage with our advertising. |
Cookie Retention Period. Some cookies operate from the time you visit the Services until the end of that particular browsing session. These cookies, which are called “session cookies,” expire and are automatically deleted when you close your Internet browser.
Some cookies will stay on your device between browsing sessions and will not expire or automatically delete when you close your Internet browser. These cookies are called “persistent cookies” and the length of time they will remain on your device will vary from cookie to cookie. Persistent cookies are used for a number of purposes, such as storing your preferences so that they are available for your next visit and to keep a more accurate account of how often you visit the Services, how your use of the Services may change over time, and the effectiveness of advertising efforts.
C. Personal Information We Receive From Third Parties
We may receive additional information about you from third parties, such as other specialty organizations, and combine it with other information we have about you.
We use your personal information for a variety of business purposes, including to provide our Services, for administrative purposes, and to market our products and Services, as described below.
A. Providing Our Services
We use your information to fulfill our contract with you and provide you with our Services, such as:
- Managing your information and accounts;
- Providing access to certain areas, functionalities, and features of our Services;
- Answering requests for customer or technical support;
- Communicating with you about your account, activities on our Services, and policy changes;
- Processing your financial information and other payment methods for products or Services purchased or used;
- Processing applications if you apply for a job or volunteer position we post on our Services; and
- Allowing you to register for events.
B. Administrative Purposes
We use your information for various administrative purposes, such as:
- Pursuing our legitimate interests such as direct marketing, research and development (including marketing research), network and information security, and fraud prevention;
- Detecting security incidents, protecting against malicious, deceptive, fraudulent or illegal activity, and prosecuting those responsible for that activity;
- Measuring interest and engagement in our Services;
- Improving, upgrading, or enhancing our Services;
- Developing new products and services;
- Ensuring internal quality control and safety;
- Authenticating and verifying individual identities, including requests to exercise your rights under this Privacy Policy;
- Debugging to identify and repair errors with our Services;
- Auditing relating to interactions, transactions, and other compliance activities;
- Disclosing personal information with third parties as needed to provide the Services;
- Enforcing our agreements and policies; and
- For research purposes, any work product or publication derived from this information will be aggregated and will not identify individual physicians or training programs. You may opt out of sharing your information for external research purposes by contacting us at research@abim.org.
C. Marketing and Advertising our Products and Services
We may use personal information to tailor and provide you with content and advertisements. We may provide you with these materials as permitted by applicable law. Some of the ways we market to you include email campaigns or through social media.
If you have any questions about our marketing practices or if you would like to opt out of the use of your personal information for marketing purposes, you may contact us at any time as set forth in “Contact Us” section below.
D. With Your Consent
We may use personal information for other purposes that are clearly disclosed to you at the time you provide personal information or with your consent.
We use your personal information for a variety of business purposes, including to provide our Services, for administrative purposes, and to market our products and Services, as described below.
A. Providing Our Services
We use your information to fulfill our contract with you and provide you with our Services, such as:
- Managing your information and accounts;
- Providing access to certain areas, functionalities, and features of our Services;
- Answering requests for customer or technical support;
- Communicating with you about your account, activities on our Services, and policy changes;
- Processing your financial information and other payment methods for products or Services purchased or used;
- Processing applications if you apply for a job or volunteer position we post on our Services; and
- Allowing you to register for events.
B. Administrative Purposes
We use your information for various administrative purposes, such as:
- Pursuing our legitimate interests such as direct marketing, research and development (including marketing research), network and information security, and fraud prevention;
- Detecting security incidents, protecting against malicious, deceptive, fraudulent or illegal activity, and prosecuting those responsible for that activity;
- Measuring interest and engagement in our Services;
- Improving, upgrading, or enhancing our Services;
- Developing new products and services;
- Ensuring internal quality control and safety;
- Authenticating and verifying individual identities, including requests to exercise your rights under this Privacy Policy;
- Debugging to identify and repair errors with our Services;
- Auditing relating to interactions, transactions, and other compliance activities;
- Disclosing personal information with third parties as needed to provide the Services;
- Enforcing our agreements and policies; and
- For research purposes, any work product or publication derived from this information will be aggregated and will not identify individual physicians or training programs. You may opt out of sharing your information for external research purposes by contacting us at research@abim.org.
C. Marketing and Advertising our Products and Services
We may use personal information to tailor and provide you with content and advertisements. We may provide you with these materials as permitted by applicable law. Some of the ways we market to you include email campaigns or through social media.
If you have any questions about our marketing practices or if you would like to opt out of the use of your personal information for marketing purposes, you may contact us at any time as set forth in “Contact Us” section below.
D. With Your Consent
We may use personal information for other purposes that are clearly disclosed to you at the time you provide personal information or with your consent.
We may collect, use, or disclose personal information for a variety of business purposes, including the following:
- Service Providers. We use service providers to perform various functions on our behalf, to help provide the Services to you. We may also receive personal information from service providers.
- Business Partners and Affiliates. We may collect personal information from and disclose personal information with our business partners and affiliates, including legal advisors and financial advisors, co-branded partners, and other third parties. We may combine that information with other information we collect about you, but we will always use the information as described in this Policy. We may also disclose personal information to our affiliates, subsidiaries, joint ventures or other companies under common control.
- Training Program Directors. We may disclose information related to training and examination results with training program directors.
- Accreditation and Verification Organizations. We may disclose examination performance, certification status, and other personal information with accreditation organizations or with credential and licensure verification organizations. Such organizations may include, but are not limited to, the Accreditation Council for Graduate Medical Education, the Federation of State Medical Boards, and the American Board of Medical Specialties. You should view these organizations’ privacy policies to assess how they may use and share your personal information.
- Business Transactions or Mergers. We reserve the right to disclose your personal information to third parties as part of any potential business or asset sale, merger, acquisition, investment, round of funding, or similar type of transaction. Additionally, if we are entering into a corporate transaction with a third party, we may receive personal information in connection with the diligence. If we close a transaction, the third party may transfer personal information, which we would use as described in this Policy.
- Bankruptcy or Insolvency. In the event of bankruptcy, insolvency, or dissolution proceedings, we may disclose your personal information with third parties as part of the sale or reorganization process.
- Publication. We may publish your personal information, including name and certification status, as part of the Services in the publicly available database on the Site.
We may collect, use, or disclose personal information for a variety of business purposes, including the following:
- Service Providers. We use service providers to perform various functions on our behalf, to help provide the Services to you. We may also receive personal information from service providers.
- Business Partners and Affiliates. We may collect personal information from and disclose personal information with our business partners and affiliates, including legal advisors and financial advisors, co-branded partners, and other third parties. We may combine that information with other information we collect about you, but we will always use the information as described in this Policy. We may also disclose personal information to our affiliates, subsidiaries, joint ventures or other companies under common control.
- Training Program Directors. We may disclose information related to training and examination results with training program directors.
- Accreditation and Verification Organizations. We may disclose examination performance, certification status, and other personal information with accreditation organizations or with credential and licensure verification organizations. Such organizations may include, but are not limited to, the Accreditation Council for Graduate Medical Education, the Federation of State Medical Boards, and the American Board of Medical Specialties. You should view these organizations’ privacy policies to assess how they may use and share your personal information.
- Business Transactions or Mergers. We reserve the right to disclose your personal information to third parties as part of any potential business or asset sale, merger, acquisition, investment, round of funding, or similar type of transaction. Additionally, if we are entering into a corporate transaction with a third party, we may receive personal information in connection with the diligence. If we close a transaction, the third party may transfer personal information, which we would use as described in this Policy.
- Bankruptcy or Insolvency. In the event of bankruptcy, insolvency, or dissolution proceedings, we may disclose your personal information with third parties as part of the sale or reorganization process.
- Publication. We may publish your personal information, including name and certification status, as part of the Services in the publicly available database on the Site.
If you are a resident of a country in the European Economic Area (“EEA”), the United Kingdom, or Switzerland, you have the following rights with respect to your personal information under applicable law:
Consumer Right
Explanation
Right to Know/Access
You may have the right to confirm whether we are processing your personal information, the right to know specific pieces of personal information we have collected about you, to know the categories of personal information we are processing or have processed, and the right to access that data. You also have the right to know the third parties to whom we have disclosed your personal information.
Right of Correction
You may have the right to correct inaccuracies in your personal information, taking into account the nature of the personal information and the purposes of the processing of the personal information.
Right of Deletion
You may have the right to delete your personal information provided by you or obtained about you.
Right to Restrict or Object
You may have the right to delete your personal information provided by you or obtained about you.
Right of Portability
You may have the right to obtain your personal information in a portable and—to the extent technically feasible—readily usable format that allows you to transmit the data to another entity without hindrance.
Right to Withdraw Your Consent
You may have the right to withdraw your consent to our processing of your personal information. Please note that your withdrawal will only take effect for future processing, and will not affect the lawfulness of processing before the withdrawal;
Right to Non-Discrimination
You may have the right not to receive discriminatory treatment for exercising the privacy rights conferred by law. We will not discriminate against you because you exercised any of your privacy rights, including, but not limited to, by: denying goods or services to you; charging different prices or rates for goods or services, including through the use of discounts or other benefits or imposing penalties; providing a different level of quality of goods or services to you; or suggesting that you will receive a different price or rate for goods or services or a different level or quality of goods or services.
Appeal Your Decision
You may have the right to appeal our decision if we decline to process your request. If applicable laws grant you an appeal right and you would like to appeal our decision with respect to your request, you may do so by informing us of this and providing us with information supporting your appeal.
Lodge a Complaint
You may have a right to lodge a complaint with a competent supervisory authority if you believe our processing of your personal information violates applicable law. If you resident in the EEA, Switzerland, or the United Kingdom, links to the relevant supervisory authorities are below:
Sensitive Data. We will process sensitive data (as the term or its equivalent is defined by applicable privacy laws) in accordance with any applicable privacy laws. In some instances, that means we will not collect sensitive data without first obtaining your consent or providing you with the right to opt out.
Exercising Your Rights. To exercise your rights to know/access, correction, deletion, restrict, or portability, as applicable, please email us using the information set forth in the “Contact Us” section below.
Verification. To ensure the protection of your personal information, we may need to verify that the individual submitting a request is the consumer to whom the request relates prior to processing the request, or an authorized agent. To verify a consumer’s identity, we may request up to three pieces of personal information about you to compare against our records when you make a request.
Making a verifiable consumer request does not require you to create an account with us. However, we may require that you access a previously existing account where necessary to submit the request. We will only use personal information provided in your request to verify your identity and will delete any information you provide after processing the request. We reserve the right to take additional steps as necessary to verify the identity of consumers where we have reason to believe a request is fraudulent.
You may choose a person or business that you authorize to act on your behalf to submit your requests (“Authorized Agent”). If you choose to use an Authorized Agent, we require that you provide the Authorized Agent with written permission to allow them to submit your request and that you verify your identity directly with us. Failure to do so may result in us denying your request.
If you are a resident of a country in the European Economic Area (“EEA”), the United Kingdom, or Switzerland, you have the following rights with respect to your personal information under applicable law:
| Consumer Right | Explanation |
|---|---|
| Right to Know/Access | You may have the right to confirm whether we are processing your personal information, the right to know specific pieces of personal information we have collected about you, to know the categories of personal information we are processing or have processed, and the right to access that data. You also have the right to know the third parties to whom we have disclosed your personal information. |
| Right of Correction | You may have the right to correct inaccuracies in your personal information, taking into account the nature of the personal information and the purposes of the processing of the personal information. |
| Right of Deletion | You may have the right to delete your personal information provided by you or obtained about you. |
| Right to Restrict or Object | You may have the right to delete your personal information provided by you or obtained about you. |
| Right of Portability | You may have the right to obtain your personal information in a portable and—to the extent technically feasible—readily usable format that allows you to transmit the data to another entity without hindrance. |
| Right to Withdraw Your Consent | You may have the right to withdraw your consent to our processing of your personal information. Please note that your withdrawal will only take effect for future processing, and will not affect the lawfulness of processing before the withdrawal; |
| Right to Non-Discrimination | You may have the right not to receive discriminatory treatment for exercising the privacy rights conferred by law. We will not discriminate against you because you exercised any of your privacy rights, including, but not limited to, by: denying goods or services to you; charging different prices or rates for goods or services, including through the use of discounts or other benefits or imposing penalties; providing a different level of quality of goods or services to you; or suggesting that you will receive a different price or rate for goods or services or a different level or quality of goods or services. |
| Appeal Your Decision | You may have the right to appeal our decision if we decline to process your request. If applicable laws grant you an appeal right and you would like to appeal our decision with respect to your request, you may do so by informing us of this and providing us with information supporting your appeal. |
| Lodge a Complaint |
You may have a right to lodge a complaint with a competent supervisory authority if you believe our processing of your personal information violates applicable law. If you resident in the EEA, Switzerland, or the United Kingdom, links to the relevant supervisory authorities are below: |
Sensitive Data. We will process sensitive data (as the term or its equivalent is defined by applicable privacy laws) in accordance with any applicable privacy laws. In some instances, that means we will not collect sensitive data without first obtaining your consent or providing you with the right to opt out.
Exercising Your Rights. To exercise your rights to know/access, correction, deletion, restrict, or portability, as applicable, please email us using the information set forth in the “Contact Us” section below.
Verification. To ensure the protection of your personal information, we may need to verify that the individual submitting a request is the consumer to whom the request relates prior to processing the request, or an authorized agent. To verify a consumer’s identity, we may request up to three pieces of personal information about you to compare against our records when you make a request.
Making a verifiable consumer request does not require you to create an account with us. However, we may require that you access a previously existing account where necessary to submit the request. We will only use personal information provided in your request to verify your identity and will delete any information you provide after processing the request. We reserve the right to take additional steps as necessary to verify the identity of consumers where we have reason to believe a request is fraudulent.
You may choose a person or business that you authorize to act on your behalf to submit your requests (“Authorized Agent”). If you choose to use an Authorized Agent, we require that you provide the Authorized Agent with written permission to allow them to submit your request and that you verify your identity directly with us. Failure to do so may result in us denying your request.
Depending on the device(s) you use to access the Services, you may be able to select certain privacy choices or configuration, which are further described below:
- Deactivating Your Account. You may request that we deactivate your account by contacting us at request@abim.org. If you choose to deactivate your account, we remove your information from our production system, remove you from our mailing lists, and restrict access to your information. Any retained information will be kept confidential (in accordance with the ABIM Confidentiality Policy), encrypted and archived offline. We will retain this information as it is necessary for the fulfillment of our mission of preventing fraud in connection with physician accreditation.
- Email Communications. If you receive an unwanted email from us, you can use the unsubscribe link found at the bottom of the email to opt out of receiving future emails. Note that you will continue to receive transaction-related emails regarding products or Services you have requested. We may also send you certain non-promotional communications regarding us and our Services, and you will not be able to opt out of those communications (e.g., communications regarding our Services or updates to our Terms or this Privacy Policy).
- Mobile Devices. We may send you push notifications through our mobile application. You may opt out from receiving these push notifications by changing the settings on your mobile device.
- Do Not Track (“DNT”). DNT is a privacy preference that users can set in certain web browsers. Please note that we do not respond to or honor DNT signals.
- Cookies and Personalized Advertising. You may stop or restrict the placement of cookies and tracking technologies on your device or remove them by adjusting your preferences as your browser or device permits. However, if you adjust your preferences, our Services may not work properly. Please note that cookie-based opt-outs are not effective on mobile applications. However, you may opt out of personalized advertisements on some mobile applications by following the instructions provided by Android or iOS. You can find out more about cookies and how to manage them by visiting https://ico.org.uk/for-the-public/online/cookies/.
Depending on the device(s) you use to access the Services, you may be able to select certain privacy choices or configuration, which are further described below:
- Deactivating Your Account. You may request that we deactivate your account by contacting us at request@abim.org. If you choose to deactivate your account, we remove your information from our production system, remove you from our mailing lists, and restrict access to your information. Any retained information will be kept confidential (in accordance with the ABIM Confidentiality Policy), encrypted and archived offline. We will retain this information as it is necessary for the fulfillment of our mission of preventing fraud in connection with physician accreditation.
- Email Communications. If you receive an unwanted email from us, you can use the unsubscribe link found at the bottom of the email to opt out of receiving future emails. Note that you will continue to receive transaction-related emails regarding products or Services you have requested. We may also send you certain non-promotional communications regarding us and our Services, and you will not be able to opt out of those communications (e.g., communications regarding our Services or updates to our Terms or this Privacy Policy).
- Mobile Devices. We may send you push notifications through our mobile application. You may opt out from receiving these push notifications by changing the settings on your mobile device.
- Do Not Track (“DNT”). DNT is a privacy preference that users can set in certain web browsers. Please note that we do not respond to or honor DNT signals.
- Cookies and Personalized Advertising. You may stop or restrict the placement of cookies and tracking technologies on your device or remove them by adjusting your preferences as your browser or device permits. However, if you adjust your preferences, our Services may not work properly. Please note that cookie-based opt-outs are not effective on mobile applications. However, you may opt out of personalized advertisements on some mobile applications by following the instructions provided by Android or iOS. You can find out more about cookies and how to manage them by visiting https://ico.org.uk/for-the-public/online/cookies/.
You may be entitled to know our legal basis for processing your personal information pursuant to applicable law, such as the GDPR. Our processing of your personal information is supported by the following legal bases:
Purpose of Processing
Performance of a Contract
Our Legitimate Interest
Your Consent
Compliance with Our Legal Obligations
To Provide Our Services
✓
✓
✓
For Administrative Purposes
✓
✓
✓
For Marketing and Advertising Our Services
✓
✓
- For Performance of a Contract. We may process your information where required to provide you with our Services. For example, we may need to process your information to respond to your inquiries or requests.
- When We Have a Legitimate Interest. We may process your information where we or a third party have a legitimate interest in processing your information.
- With Your Consent. We may process your information where you have consented to certain processing of your information.
- For Compliance with Our Legal Obligation. We may process your information where we have a legal obligation to do so. For example, we may process your information to comply with tax, labor, and accounting obligations.
The specific legal bases corresponding to the purposes for which we process your personal information is set forth in the chart below:
You may be entitled to know our legal basis for processing your personal information pursuant to applicable law, such as the GDPR. Our processing of your personal information is supported by the following legal bases:
| Purpose of Processing | Performance of a Contract | Our Legitimate Interest | Your Consent | Compliance with Our Legal Obligations |
|---|---|---|---|---|
| To Provide Our Services | ✓ | ✓ | ✓ | |
| For Administrative Purposes | ✓ | ✓ | ✓ | |
| For Marketing and Advertising Our Services | ✓ | ✓ |
- For Performance of a Contract. We may process your information where required to provide you with our Services. For example, we may need to process your information to respond to your inquiries or requests.
- When We Have a Legitimate Interest. We may process your information where we or a third party have a legitimate interest in processing your information.
- With Your Consent. We may process your information where you have consented to certain processing of your information.
- For Compliance with Our Legal Obligation. We may process your information where we have a legal obligation to do so. For example, we may process your information to comply with tax, labor, and accounting obligations.
The specific legal bases corresponding to the purposes for which we process your personal information is set forth in the chart below:
We process personal information on our servers in the United States of America, and may do so in other countries. If you use our Services or otherwise provide us with information from outside of the United States, you expressly consent to the transfer of your data to the United States, the processing of your data in the United States, and the storage of your data in the United States.
Personal information about you provide while in another country, including a member state of the EEA, the United Kingdom, or Switzerland may be transferred to the United States. Applicable data protection laws may permit such transfers when necessary for the performance of a contract between you and us, if we obtain your explicit consent to such transfer, or if it is in our legitimate interest to transfer the personal information. The laws in the United States may not be as protective as the applicable data protection laws in the EEA, United Kingdom, and Switzerland or the laws of other jurisdictions where you may be located. If we transfer personal information from the EEA, United Kingdom, or Switzerland, or another country with cross-border transfer obligations, we will provide an appropriate safeguard, such as using standard contractual clauses.
For more information, please contact us using the information provided in the “Contact Us” section below.
We process personal information on our servers in the United States of America, and may do so in other countries. If you use our Services or otherwise provide us with information from outside of the United States, you expressly consent to the transfer of your data to the United States, the processing of your data in the United States, and the storage of your data in the United States.
Personal information about you provide while in another country, including a member state of the EEA, the United Kingdom, or Switzerland may be transferred to the United States. Applicable data protection laws may permit such transfers when necessary for the performance of a contract between you and us, if we obtain your explicit consent to such transfer, or if it is in our legitimate interest to transfer the personal information. The laws in the United States may not be as protective as the applicable data protection laws in the EEA, United Kingdom, and Switzerland or the laws of other jurisdictions where you may be located. If we transfer personal information from the EEA, United Kingdom, or Switzerland, or another country with cross-border transfer obligations, we will provide an appropriate safeguard, such as using standard contractual clauses.
For more information, please contact us using the information provided in the “Contact Us” section below.
We will retain your personal information until the personal information is no longer necessary to accomplish the purpose for which it was provided. We may retain your personal information for longer periods for specific purposes to the extent that we are obliged to do so in accordance with applicable laws and regulations, to protect you, other people, and us from fraud, abuse, an unauthorized access, as necessary to protect our legal rights, or for certain business requirements.
We will delete your personal information when it is no longer necessary for the purpose for which it was collected, or upon your request, subject to exceptions as discussed in this Policy or under applicable law, contract, or regulation.
We will retain your personal information until the personal information is no longer necessary to accomplish the purpose for which it was provided. We may retain your personal information for longer periods for specific purposes to the extent that we are obliged to do so in accordance with applicable laws and regulations, to protect you, other people, and us from fraud, abuse, an unauthorized access, as necessary to protect our legal rights, or for certain business requirements.
We will delete your personal information when it is no longer necessary for the purpose for which it was collected, or upon your request, subject to exceptions as discussed in this Policy or under applicable law, contract, or regulation.
The security of your personal information is important to us. We take various reasonable organizational, administrative, and technical measures to protect your personal information from unauthorized access, disclosure, alteration, or destruction. If required by law to do so, we will notify you and/or the relevant supervisory authority in the event of a data breach.
However, we cannot and do not guarantee complete security, as it does not exist on the Internet.
The security of your personal information is important to us. We take various reasonable organizational, administrative, and technical measures to protect your personal information from unauthorized access, disclosure, alteration, or destruction. If required by law to do so, we will notify you and/or the relevant supervisory authority in the event of a data breach.
However, we cannot and do not guarantee complete security, as it does not exist on the Internet.
Our Services may contain links to third-party websites. When we provide links, we do so only as a convenience and we are not responsible for any content of any third-party website or any links contained within. It is important to note that this Policy only applies to our Services. We are not responsible and assume no responsibility for any personal information collected, stored, or used by any third party as a result of you visiting third-party websites. We also advise that you carefully read the privacy notice of any third-party websites you choose to visit.
Our Services may contain links to third-party websites. When we provide links, we do so only as a convenience and we are not responsible for any content of any third-party website or any links contained within. It is important to note that this Policy only applies to our Services. We are not responsible and assume no responsibility for any personal information collected, stored, or used by any third party as a result of you visiting third-party websites. We also advise that you carefully read the privacy notice of any third-party websites you choose to visit.
Our Services are not directed at children (as defined under applicable law), and we do not knowingly collect or otherwise process personal information from children.
Our Services are not directed at children (as defined under applicable law), and we do not knowingly collect or otherwise process personal information from children.
This Policy may change from time to time. If we need to change this Policy at some point in the future, we will post any changes on this page. If we make a significant or material change to this Policy we will notify you via email or as otherwise required by applicable law. You should check these terms when you use the Site. Your continued use of the Services constitutes acceptance of the most current version of this Policy.
This Policy may change from time to time. If we need to change this Policy at some point in the future, we will post any changes on this page. If we make a significant or material change to this Policy we will notify you via email or as otherwise required by applicable law. You should check these terms when you use the Site. Your continued use of the Services constitutes acceptance of the most current version of this Policy.
If you have any questions about this Privacy Policy, please contact us by email at jbrown@abim.org, or write to us at:
American Board of Internal Medicine
510 Walnut Street, Suite
1700, Philadelphia, PA 19106
Attention: Jason Brown
If you have any questions about this Privacy Policy, please contact us by email at jbrown@abim.org, or write to us at:
American Board of Internal Medicine
510 Walnut Street, Suite
1700, Philadelphia, PA 19106
Attention: Jason Brown