Skip to main content.

Collection and Use of Personal Information

What is Personal Data?

Personal Data (also referred to in this policy as Personal Information) means any information relating to a natural person who can be identified by reference to an identifier such as a name, an identification/account number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural, or social identity of that person.

Personal Information

We collect data when you visit American Diabetes Association® (ADA) Websites. There are five types of information you might provide to us: 

  1. Contact information you knowingly choose to disclose 
  2. Registration information when registering for an event 
  3. Billing information when you donate, join, subscribe, or make a purchase 
  4. Demographic or other information about you 
  5. Technical information collected by us as you interact with our websites

Contact Information

In some areas of the ADA Websites, we request that you provide personal information, such as your name, address, email, and telephone number. In some donor and purchaser information areas of the ADA Websites, we request that you provide your credit card number, contact information, and other billing information.

Registration Information

In some areas of the ADA Websites, we request that you provide personal information, such as your name, address, email, and telephone number.

Demographic Information

In some areas of the ADA Websites, we collect demographic information such as your age, career, preferences, gender, educational degrees, ethnic background, interests, and diabetes affiliation. Sometimes, we may collect a combination of information types. Examples of areas of the ADA Websites where we may collect personal or combined personal and demographic data are pages where you can donate to the ADA, sign up to be a member (professional or general), register for a program or event, or purchase a product.

Technical Information

We also may gather certain information about your use of our site, such as what areas you visit and what services you access. Moreover, there is information about your computer hardware and software that we may collect. This information can include, without limitation, your IP address, browser type, domain names, access times, and referring website addresses. Some of this information is collected through the use of cookies (described below).

Use of Personal Information

The information collected may be used by the ADA for the purpose of providing you with the content you request, operating and improving the ADA Websites, providing a positive user experience, and delivering the products and services that we offer. We may also use the information we gather to inform you of other products or services available from the ADA Websites or to contact you about your opinion of current products and services or potential new products and services that may be offered. We may use your contact information in order to send you email, postal mail, or other communications regarding updates at the ADA, such as newsletters, diabetes information, event and programmatic information, and additional listings which may be of interest to you. We may also use it to send you information about third-party products and services that match your interests and preferences, if you opt in for this communication. The nature and frequency of these messages will vary depending upon the information we have about you. In addition, at the time of registration for certain services, you have the option to elect to receive additional communications, information, newsletters, and promotions relating to topics that may be of special interest to you. If in the future we intend to process your Personal Data for a purpose other than that for which it was collected, we will provide you with information on that purpose and any other relevant information including the option to opt out. Part of our mission is to improve the lives of all people affected by diabetes, and we do that by providing appropriate information. We do not provide your name and address or email to outside parties, except as described here. To learn more about our encryption policies, please review the section on "Protecting Personal Information" (below). For EU-based visitors and subscribers, the following table provides information required by the General Data Protection Regulation (GDPR) relating to our use of your personal information.

Personal Information Legal Basis for Processing
      
      
We collect various information from you, including contact information, purchaser information, demographic information, and technical information. Contact information: name, address, email, and telephone number. Purchaser information: credit card number, contact information, and billing information. Demographic information: age, preferences, gender, educational degrees, ethnic background, interests, and diabetes specific information. Technical information: your IP address, browser type, domain names, access times, and referring website addresses. We use this consent to provide you with the content you request, as necessary for the performance of a contract. It is necessary to provide you with the content you request. It has a legitimate purpose of providing tailored content to you and the legitimate purpose of authenticating subscribers and optimizing website performance.

Retention of Personal Information

We retain, indefinitely, all the personal information we gather about visitors or subscribers as necessary to fulfill our contract with you. We retain indefinitely certain anonymized information we gather about visitors or subscribers for the legitimate purpose of performing website analytics and providing use of our website to all visitors in an efficient, practical, and relevant way. If there is no legal basis or other requirement for keeping your data AND after there has been no activity from you for seventy-two (72) months, your data that is no longer required will be purged.

Sharing of Personal Data

We do not share or disclose your personal information to third parties except as set forth below:

Personal Information, such as technical and contact information, is shared with ADA business partners for the legitimate purpose of understanding usage patterns for ADA Websites and those of our partners and with web hosting and other technical service providers for the legitimate purpose of hosting our web servers and ensuring information security for our networks. It is shared with consultants and vendors for the legitimate purpose of providing customer support and marketing assistance; with credit card processors for purposes of processing credit card transactions in connection with the donors and subscriber’s contract with the ADA websites; and with our business partners, with your consent, for the purposes of providing you with products or services tailored to your interests and preferences. In addition, we disclose personal information if legally required to do so, if requested to do so by a governmental entity or if we believe in good faith that such action is necessary to: (a) conform to legal requirements or comply with legal process, (b) protect the rights or property of the ADA, (c) prevent a crime or protect national security, or (d) protect the personal safety of users or the public. In the event any one or all of the ADA Websites become the subject of a bankruptcy proceeding, whether voluntary or involuntary, the ADA or its trustee in bankruptcy may sell, license, or otherwise dispose of such information in a transaction approved by the bankruptcy court as is legally required. In the event the ADA business is acquired in whole or part by a third party by way of merger, consolidation, or purchase, we will disclose and transfer such information to the third party. The ADA may also share aggregated anonymous information about visitors to ADA Websites with its clients, partners, and other third parties so that they may understand the kinds of visitors to the ADA Websites and how those visitors use the site.

DMD Healthcare Communications Network Participation Disclosure

This website is a member of the DMD Healthcare Communications Network (the “HCN”). HCN is owned and managed by DMD Marketing Corp (“DMD”) and is designed to enable DMD and HCN members to provide medically relevant business communications to authenticated health care professionals. 
 
Your registration at this website includes registration with HCN. As a result, your contact and other professionally relevant information will be disclosed to DMD and each HCN member to provide you medically relevant content as described in the HCN privacy policy available at https://HCN.health/privacy-policy/. The HCN privacy policy provides details on how to manage your information, including opting out of participation in the HCN.

Your Rights Under the GDPR With Regard to Your Personal Data

Under the GDPR, EU-based visitors and subscribers have the rights to request from us access to Personal Data we store about you, to amend (or rectify) this data, to restrict our processing of the Personal Data, to erase the data, and to receive a copy of the data in a structured, commonly used and machine-readable format (data portability). If you wish to invoke a right under the GDPR, you may contact us at dataprotection@diabetes.org. Please use the subject line “GDPR Request” in the subject line. Your email should include a sufficiently detailed description of the GDPR right with which you seek assistance along with appropriate contact information. We may need to contact you for further information. The ADA will notify you if your request has been granted or declined, or if exemptions apply. If you have provided consent for the processing and storing of your data, you have the right (in certain circumstances) to withdraw that consent at any time, which will not affect the lawfulness of the processing before your consent was withdrawn. You have the right to lodge a complaint with the Information Commissioner’s Office (ICO) if you believe that we have not complied with the requirements of the GDPR with regard to your Personal Data.

Information You Post

If you post any personal information in public and/or social network areas of the ADA Websites, e.g., in online community forums or chat rooms, the information disclosed may be displayed to other users of these services and may be collected and used by others over whom we have no control. The ADA is not responsible for the use made by third parties of information you post or otherwise make available in public areas of the ADA Websites and communities. If you remove information that you have made public on ADA Websites and communities, copies may remain viewable in cached and archived pages of the ADA Websites or if others have copied or saved that information.

Opt-In and Opt-Out

The registration forms and other sections of the ADA Websites where we collect your information provide you with relevant opt-in and opt-out choices regarding promotional activity and other communications with you. To access your information, determine your preferences and our opt-in/opt-out online preferences, you may login to our Constituent Center

Email

Email to donors and participants: Donors to ADA and participants of ADA events and programs may opt in for first- or third-party informational emails or opt out of all email communication, except transactional emails, such as donation receipts and event/program specific information for which you registered, you may login to our Constituent Center.  

Email to members: ADA professional membership and journal members may opt in for first- or third-party informational emails or opt out of all email communication, except transactional emails, such as subscription renewal, at membership@diabetes.org

Email to users who have submitted a request for information: Individuals who have requested specific information from the ADA such as, but not limited to, e-newsletters, living with Type 2 Diabetes, Living with Type 1 Diabetes, Diabetes Food Hub®–related information, Diabetes Risk Test, etc. are agreeing that the ADA may contact them by email in exchange for these free services. Users who fall under Canada's Anti-Spam Law (CASL) and GDPR regulations may opt in to or opt out of emails from the ADA. Users can also opt in for third-party informational emails. Where permitted by law, users who do not wish to receive emails related to these activities or newsletters may cancel such services by following the unsubscribe instructions at the bottom of any email message from the ADA or go to the Constituent Center and update preferences. The above are examples of opt-in/opt-out options and are not intended to describe every option on the ADA websites.

Links to Other Sites

The ADA Websites may provide links to other websites or resources. You acknowledge and agree that the ADA has no control over such sites and resources and is not responsible for the availability of such external sites or resources, and does not endorse and is not responsible or liable for any materials, advertising, products, or other materials on or available from such sites or resources or those sites’ data collection or privacy policies. You further acknowledge and agree that the ADA shall not be responsible or liable, directly or indirectly, for any damage or loss caused or alleged to be caused by or in connection with use of or reliance on any such materials or goods available on or through any such site or resource or those sites data collection or privacy policies.

Monitoring of Information and Cookies

We monitor customer traffic patterns and site usage to help us develop the design and layout of the ADA website. We may also use the information we collect to occasionally notify you about important changes to the websites, new services, or features offered by the ADA and special offers and information we think you will find valuable. If you would rather not receive this information, please contact us through one of the channels identified in "How to Correct or Update Information" (below). Google Analytics is used to analyze traffic to this website. Google Analytics does not maintain individual profiles for visitors, nor does Google Analytics collect data that might identify the individual visitor. Google Analytics only collects aggregate data. Click here for more information about the Google Analytics privacy policy. We collect standard information, by way of a cookie, to help us evaluate how our sites are being used. A cookie is a small, uniquely identifiable text file that is stored on your machine. A cookie collects information that is used for statistical purposes and does not identify you in any way. Our sites use cookies to keep track of your shopping cart and to make sure you don't see the same content repeatedly. We use cookies to deliver information specific to your interests and to save your password so you don't have to re-enter it each time you visit our site. Most web browsers automatically accept cookies, but you can change your browser settings to prevent that. Even without accepting cookies, you can still use most of the features throughout the ADA Websites. Often times, we may use certain advertising networks and exchanges that participate in the Network Advertising Initiative (NAI). NAI has developed a tool that allows consumers to opt out of certain interest-based advertising delivered by NAI members’ ad networks. To learn more about opting out of such targeted advertising or to use the NAI tool, click here. Please be aware that such opt-outs do not affect non-targeted ads. We are not responsible for the effectiveness of, or compliance with, any third-parties’ opt-out mechanisms or programs, or the accuracy of their statements regarding their programs.

Protecting Personal Information

We are concerned with protecting your privacy and data. When you make a donation, register for an event or program, place orders, access your account information, or request information, we use a secure server. This secure server software, Secure Sockets Layer (SSL), encrypts all information you input before it is sent to us. Furthermore, all customer transactional data we collect is protected against unauthorized access with the use of digital certificates. Digital certificates for the ADA are issued by VeriSign, one of the most established signers of digital certificates. We provide reasonable technical, administrative, and physical controls to secure the confidentiality, integrity, and availability of personal information. If you have any questions about security on the ADA Websites, you may contact us at dataprotection@diabetes.org.

Payment Processing

All credit transactions occur in a secure area of our site to protect you from any loss, misuse, or alteration of information collected. When you make a donation, subscribe, or place an order online at any of the ADA Websites, your credit card information is protected through the use of encryption of web content using Transport Layer Security.

Association Policies Regarding Disclosure of Personal Information

ADA, like many other non-profit organizations, occasionally makes available only our contributor names and postal addresses to companies, predominantly other non-profit organizations. In addition, member and donor names are provided to a credit card vendor as part of our affinity program. Names of Tour de Cure® participants may be provided to local bike shops. These practices help us reduce costs of reaching more individuals with our diabetes-related information. These companies are carefully screened. Names/addresses are provided on a one-time basis; therefore, these companies will not have continued access to your name and address unless you respond to them directly, which you are free to do or not to do. You can request that we do not share, sell, or exchange your information for third party's fundraising or marketing purposes by emailing us at privacy@diabetes.org. If you use more than one email address, postal address, or telephone number, please identify each one. The ADA may provide aggregate statistics about our customers, sales, traffic patterns, and related site information to reputable third-party vendors, but these statistics will include no personal identifying information.

Our Commitment to Children's Privacy

Protecting the privacy of the very young is especially important. We adhere to the 1998 Children's Online Privacy Protection Act (COPPA). For more information, visit the Federal Trade Commission's COPPA site.

Notification Guidelines

The ADA does not send unsolicited commercial communications to individuals with whom they do not have consent/permission or a preexisting or current business relationship. The ADA provides all notified recipients with clear, easy, and effective methods for unsubscribing to any and all online communications.

How to Correct or Update Information

Here are the options for changing and modifying information previously provided:

Email privacy@diabetes.org or send a letter to:

American Diabetes Association
ATTN: Customer Service Center
2451 Crystal Drive, Suite 900
Arlington, VA 22202

Where to Address Your Questions or Complaints

If you have any concerns as to how your data is processed, you can contact:

American Diabetes Association
ATTN: Customer Service Center
2451 Crystal Drive, Suite 900
Arlington, VA 22202

Email: dataprotection@diabetes.org

Changes to Privacy Statement

If we change our Privacy Statement for the ADA Websites, we will post those changes here so that you will always know what information we gather, how we might use that information, and to whom we will disclose it. We welcome your comments concerning this Privacy Statement. Members who believe that we have not adhered to this statement may contact us by emailing membership@diabetes.org. Non-members may contact us at dataprotection@diabetes.org. We will use commercially reasonable efforts to promptly determine and remedy the problem. Thank you for using the ADA Websites.

Legal Requests

The ADA reserves the right to share your information to respond to duly authorized information requests of governmental authorities or where required by law.

California

Under California Civil Code Section 1798.83 (also known as S.B. 27), if you are a California resident and your business relationship with the ADA is primarily for personal, family, or household purposes, you may request certain data regarding our disclosure, if any, of personal information to third parties for the third parties’ direct marketing purposes. To make such a request, please send an email to dataprotection@diabetes.org with “Request for California Privacy Information” in the subject line. You may make such a request up to once per calendar year. If applicable, we will provide you, by email, a list of the categories of personal information disclosed to third parties for their direct marketing purposes during the immediately preceding calendar year, along with the third parties’ names and addresses. Please note that not all personal information sharing is covered by S.B. 27’s requirements.

Acceptance of These Terms

Your use of the ADA Websites shall indicate your understanding and acceptance of the terms of this Privacy Statement. If you do not agree with all the terms herein, you should not use the ADA Websites or services.

Tell Us What You Think

The ADA welcomes your questions and comments about this Privacy Statement, about the practices of the ADA, and about your dealings with this website. Please send an email to dataprotection@diabetes.org, or write to:

American Diabetes Association
ATTN: Data Protection Officer
2451 Crystal Drive, Suite 900 Arlington, VA 22202
Last Reviewed: July 7, 2022
Last Edited: July 7, 2022