<img height="1" width="1" src="https://www.facebook.com/tr?id=2789950834666001&amp;ev=PageView&amp;noscript=1">

Effective Date: April 1, 2021 

Definitive Healthcare (“we”, “our”, “us”) is dedicated to providing the most comprehensive and accurate information and analytics on the healthcare provider market.

At Definitive Healthcare, we strongly believe in the individuals’ right to privacy and control over how their personal information is used. This privacy policy (the “Privacy Policy”) explains what information we collect about you, our practices for handling the same and how you can exercise your rights.

This Privacy Policy covers our use of the information of individuals who visit and use our website or online services (the “Service”), who we meet at conferences or other events or who are connected to healthcare providers and may be included within our database. For the purposes of this Privacy Policy, reference to personal information includes any information relating to an identifiable person.

This Privacy Policy does not apply to content of third-party websites accessible through the Services.

For individuals residing in the European Economic Area (EEA) or Switzerland, please click here to access the General Data Protection Regulation (GDPR) Privacy Policy Supplement where you can find out more information including how to exercise your rights review our GDPR policy.

For residents of the State of California, please click here to access the California Privacy Disclosure find out more information including how to exercise your rights under the California Consumer Privacy Act (“CCPA”) review our CCPA policy.

Collection and Use of Information

How do we obtain data for our healthcare provider profiles?

Definitive Healthcare provides a world class healthcare data and analytics platform providing access to business information about healthcare providers and associated individuals (“Business Information”). The information we collect is combined into healthcare provider profiles and made available to enterprise customers of Definitive Healthcare for the purposes described below.

We collect data for our healthcare provider profiles in different ways and from different sources including:

  • Publicly available information, including information obtained from federal, state, and other regulatory agencies
  • Licensed data received from other companies
  • Web research on publicly available information through use of technology and by our in-house research team
  • Electronic and phone surveys conducted by our research team based in the United States

In the case of healthcare professionals (HCPs) such as medical doctors, surgeons, and nurse practitioners, we collect business personal information, such as National Provider Identification Number, name, place(s) of employment, practice address, business e-mail and phone, affiliations to other HCOs (defined below), clinical, and quality data.

We also collect data from healthcare organizations (HCOs), including:

  • firmographic, demographic, technographic, financial, quality, and clinical metrics-in order to help our customers effectively analyze the healthcare market.
  • Data around leadership at healthcare organizations, such as name, job title, business e-mail and phone number, and social media links, designed to facilitate business-to-business communication.

We also contract with service providers for data collection, maintenance, hygiene, and quality purposes and receive data from these service providers. We take measures to ensure that all our service providers use the information we share with them solely for the purposes of the engagement. Please see more in the “Service Providers” section below.

How else do we collect and use your information?

If you are a user of or visitor to our platform, in order to provide you with a better experience while using our Service, we may require you to provide us with certain personally identifiable information, including but not limited to your name, phone number, and e-mail address. The information that we collect will be used to contact or identify you in order to provide you information about services of interest, free trials, product demonstrations, and other relevant items that may be of interest.

We may also obtain information provided by you via conferences or tradeshows when you interact with our employees or access our materials at the event. We also collect information where you are an enterprise customer; please see the section “Customer Information we collect” below.

Whenever you visit our Service, we collect information that your browser sends to us that is called Log Data. This log data may include information such as your computer’s Internet Protocol ("IP") address, browser version, pages of our Service that you visit, the time and date of your visit, the time spent on those pages, and other statistics. We may aggregate or de-identify user information to better understand our customer base and what products and services would be of interest to them. Aggregated or de-identified data which is not personal information is not subject to this Privacy Policy.

We also collect data from cookies stored on your device. For more information, please visit our Cookies Policy.

Customer Information we collect

We license our product to our enterprise customers’ organizations who may wish to grant access to the product to their employees. If you are such an employee nominated by your employer as a user to access the Service, your employer may provide us with information such as your name, title, and e-mail address in order to create a credentialed log-in for our Service. After receiving log-in information, you may choose to use our Service for the purposes for which the license was granted. During your time using our Service as a registered user, we may collect the following additional data:

  • Usage data, including but not limited to logins, IP address, and user behavior
  • Information you submit to Definitive Healthcare, including through our Service or directly to one of our employees
  • Information you upload to our Service

All of the above categories of information in this section are called “Customer Information”.

Under your organization’s license agreement, some individuals at your organization may have the right to access information for all users at your organization for purposes of tracking usage patterns across the organization. If you have questions about who at your organization can see your data, please contact your organization’s point of contact for Definitive Healthcare. If you do not know your company’s point of contact, we can if necessary, provide you with that information.

Use of Customer Information

Definitive Healthcare may use Customer Information for its legitimate business interests, including to:

  • Administer your account
  • Provide customer service
  • Respond to direct inquiries from our users, through our site or with direct contact with one of our employees
  • Personalize user experience
  • Research, develop, test, and evaluate future product features and enhancements
  • Send communications and marketing material, such as newsletters, that fit your professional interests
  • Provide general information about Definitive Healthcare’s events, services, and resources of interest to the user
  • Respond to job applications or career inquiries
  • Investigate and resolve problems or bugs, monitor usage and performance, and provide adequate resources for the operation of our site
  • Investigate breaches of Definitive Healthcare security or license agreements

Sharing of Information

We share your information in the following ways:

Customers

Definitive Healthcare may make healthcare provider profiles, as described above, available to our licensed customers. If you are an HCP and do not want your information to be shared in this way please see the section entitled “Your Privacy Choices” below.

Service Providers

We may share your information with third-party vendors and service providers for a variety of business purposes, including:

  • To facilitate and provide the Service;
  • To perform Service-related services including providing support;
  • To assist us in analyzing how our Service is used; and/or
  • For security purposes and to prevent fraud.

Disclosures for Legal Reasons

We may share your information when required by law, subpoena, search warrant, or other lawful requests made by appropriate law enforcement agencies or enforce rights, including to:

  • Comply with lawful requests;
  • Enforce our contracts or other agreements;
  • Defend ourselves against third party claims or lawsuits;
  • Address a violation of law; and/or
  • Protect the security, rights, and safety of Definitive Healthcare, its employees, customers, or others.

Business Transfers

We may share or transfer your information during the process or completion of any change in company ownership or structure or transaction involving a substantial portion of our assets, such as an investment, divestment, merger, acquisition, or bankruptcy, as part of the transferred assets.

Definitive Healthcare may share information in other ways that you specifically agree to while using our services.

Our affiliates

We may if necessary share your information with our affiliate or group companies.

Your Privacy Choices

We want you to be clear about how to exercise your applicable rights and choices regarding the processing of your personal information and we have developed processes for individuals to exercise their rights as necessary.

Newsletters and marketing materials

If you wish to opt-out of our newsletter or other marketing materials, you may opt-out using the information in the specific communications or by filling out the form at this link. After receiving your request, we will send you an e-mail to confirm that you have been unsubscribed from the specific communications you requested.

Healthcare Provider Profiles

If you are an individual (including a HCP) and would like to opt-out of having your personal information provided to our enterprise customers (as applicable) please contact us using the online form here or using the information in the section entitled “Further Questions-Contact” below.

Definitive Healthcare 

Attn: Data Privacy Officer 

550 Cochituate Road 

Suite 4 

Framingham, MA 01701 

 

Upon receipt of your request(s) we will respond to you in writing and honor your request(s) as we are required to do in accordance with law.

All data subjects/individuals

Residents of California can read about and exercise their rights by accessing our CCPA Privacy Statement.

If you are resident in the EEA or Switzerland, you can read about your rights and how to exercise them in the section entitled “Your rights under the GDPR” below.

In addition, all individuals subject to this Privacy Policy can request to exercise their rights and choices available to them under applicable law by contacting us using the contact information in the section below entitled “Further Questions-Contact.”

Upon receipt of your request(s) we will respond to you in writing and act as appropriate in accordance with applicable law. To protect your privacy and security, we may take reasonable steps to verify your identity before granting you access or making corrections. In the case of deletion requests, please be aware that that it may not be technologically possible to remove each and every record of the information you have provided to us from our system. The need to back up our systems to protect information from inadvertent loss means that a copy of your personally identifiable information may exist in a non-erasable form that will be difficult or impossible for us to locate. After receiving your request, we will use commercially reasonable efforts to update, correct, change, or delete, as appropriate, all personally identifiable information stored in databases we actively use and other readily searchable media as appropriate, as soon as and to the extent reasonably practicable.

Data Retention

We will retain your information as long as reasonably necessary for the purposes set out in this Privacy Policy, and in accordance with applicable laws. Further, we will retain and use your information as necessary to comply with our legal obligations, resolve disputes, enforce our agreements, or comply with law enforcement.

Keeping Your Information Secure

Definitive Healthcare takes the security of your data seriously. We invest considerable resources in implementing technical and organizational measures to secure your information. We value your trust in providing us your personal information and strive to use commercially acceptable means of protecting it. Definitive Healthcare takes reasonable steps to ensure that personal information is reliable for its intended use and all such information is up-to-date, accurate, and complete, and we remind you however, that no method of electronic transmission or electronic storage is 100% secure and reliable, and we cannot guarantee its absolute security.

Links to Third-Party Sites

Our Service may contain links to other sites. If you click on a third-party link, you will be directed to that site. Note that these external sites are not operated by us. Therefore, we strongly advise you to review the privacy policy of these websites. We have no control over, and assume no responsibility for, the content, privacy policies, or practices of any third-party sites or services.

Social Media Widgets

Our site includes features from social media sites that allow you to like, share, or comment on content we post. Those features are governed by the privacy policies of the companies providing the feature. These features may collect information about you in order to provide the services requested, such as your IP address.

Children’s Privacy

Definitive Healthcare’s products and services are directed at business professionals. Our Services do not address anyone under the age of 13. We do not knowingly collect personally identifiable information from children under 13. In the case we discover that a child under 13 has provided us with personal information, we will delete this from our servers.

Your rights under the GDPR

This section of the Privacy Policy provides specific information about how we comply with the EU General Data Protection Regulation (“GDPR”). It supplements the information contained in the rest of our Privacy Policy and applies to all data subjects residing in the EEA and Switzerland.

What information do we collect about data subjects in the EEA or Switzerland?

You can read about the general categories of information we collect in the section “Collection and Use of Information” above, however in the case of data subjects to whom the GDPR applies, we only collect the information about data subjects interested in our products and services. Only professional information is collected, and no sensitive personal information is collected or processed. We also collect information from data subjects who access our website in the EEA and Switzerland.

We do not collect personal information about HCPs in the EEA or Switzerland however we do track information on Healthcare Organizations (HCOs) in these regions but no information on specific individuals is collected by us as part of this process.

Data Controller and legal grounds for processing

If the GDPR applies to the processing of your data, then Definitive Healthcare is the data controller of your personal information.

Our legal basis for collecting and using the personal information described above will depend on the personal information collected and the specific context in which we collect it. However, we will normally collect personal information from you only where you have given your consent, to fulfill the obligations of a contract or agreement with you, and as otherwise necessary to protect our legitimate interests provided those do not conflict with your rights related to data privacy.

If we ask you to provide personal information to perform a contract with you, we will make this clear at the relevant time and advise you whether the provision of your information is mandatory or not (as well as of the possible consequences if you do not provide the same).

If we collect and use your personal information in reliance on our legitimate interests (or those of any third party), this interest will normally be to provide our services, communicate with you and for our legitimate commercial interest, for instance, by responding to your queries, improving our Services, undertaking marketing, or for the purposes of detecting or preventing illegal activities. We may have other legitimate interests and if appropriate we will make clear to you at the relevant time what those legitimate interests are.

Transfer of your information

Personal information from data subjected in the European Union may be transferred to the United States or another country where our affiliates, service providers, or sub-contractors are located. These countries may have data protection laws that are different to the laws of your country. In such cases we have taken appropriate safeguards to require that your data will remain protected in accordance with this Privacy Policy. These include putting in place the current version of the EU Model Clauses or other adequacy provisions.

Your rights and how to exercise same

Under the terms of GDPR, you have the following rights:

  • Right of Access: You have the right to know what data about you that we process and request access to same (subject access request). This enables you to receive a copy of the personally identifiable information we hold about you and to check that we are lawfully processing it. If requested, we will provide the information in a machine-readable format that is industry standard and will easily be portable to another entity. We will not charge a fee to process or respond to your request unless we reasonably determine it is excessive, repetitive, or manifestly unfounded. As such, if we determine that the request warrants a fee, we will tell you why we made that decision and provide you with a cost estimate before completing the data subject’s request. 

  • Right to Rectification: You have the right to request correction of the personal information that we hold about you. This enables you to have any incomplete or inaccurate information we hold about you corrected.

  • Right to erasure/right to be forgotten: You have the right to request to delete or remove any personal information data that we may have about you and we will honor those requests to the extent legally and technically possible provided that we can verify your identity and we are not obligated to keep the data for other allowable reasons (e.g. required by law).

  • Right to restriction of processing: You have the right to restrict or stop the processing of your personal information in certain circumstances, such as where you exercise your rights to rectification and completion. This enables you to ask us to suspend the processing of your personally identifiable information, for example, if you want us to establish its accuracy or the reason for processing it.

  • Right to Data Portability: You have the right in certain circumstances to request the transfer of a copy of the information we hold about you to another party. If requested, we will provide the information in a machine-readable format that is industry standard so that it is easily be portable to another entity.

  • Right to Object: You have the right to object to us processing your personal data at any time, unless we are obligated to in certain circumstances (e.g. required by law).

  • Right to withdraw consent: if you have previously given consent to us to collect or process your information, you may withdraw that consent at any time. Please contact us at the methods below.

  • Right to lodge a complaint with a data protection authority: If you are resident in the European Union (EEA) or Switzerland you have the right to register a complaint about our data collection and processing activities with the supervisory authority concerned. For more information on data protection authorities, please visit here.

Any requests must also include sufficient detail that allows us to properly understand, evaluate, and respond to the request. If we need more information to process your request, we will contact you via e-mail or in writing, asking only for information that we would need to respond to your request thoroughly and promptly. We will avoid requesting more information as much as possible.  

To exercise any of your rights listed above, please contact the data controller at privacy@definitivehc.com: or by using the contact information in the “Further Questions-Contact” section below.

Cookies and similar technologies

Cookies

Information about you is collected through the use of cookies when you visit our website.

A cookie is a small piece of data (text file) that a website – when visited by a user – asks your browser to store on your device in order to remember information about you, such as your language preference or login information. Those cookies are set by us as first-party cookies. We also use third-party cookies – which are cookies from a domain different than the domain of the website you are visiting – for our advertising and marketing efforts. For more information about the cookies collected and your choices see our Cookies Policy here.

Google Analytics

We use Google Analytics, a web analytics service provided by Google, Inc., through a third party on our website in order to improve the experience of our website for its users and to improve our marketing activities. Google Analytics uses cookies and other tracking technologies to collect information such as IP address, time of visit, how you found our website, and whether you have previously visited our website. The information generated by Google Analytics will be transmitted to and stored by Google and will be subject to Google’s privacy policies. To learn more about Google’s partner services and to learn how to opt out of tracking of analytics by Google click here.

Do Not Track Signals

Your browser or device may include ‘Do Not Track’ functionality. Our information collection, disclosure practices, and the choices that we provide to visitors will continue to operate as described in this Policy, whether or not a Do Not Track signal is received.

Web beacons and other tracking technologies

Our website utilizes web beacons for the purpose of improving our website’s operation and improving the effectiveness of our customer and marketing communications. Web Beacons can be used alongside cookies to provide data about your web-browsing habits, such as when you visited a website or if you were directed to the website from a marketing e-mail. We also may use other standard Internet technologies for similar purposes when you visit our websites or interact with us online.

Changes to the Privacy Policy

We reserve the right to modify this Privacy Policy as necessary at any time. We advise you to review this page periodically for any changes. if we make material changes to it, we will provide notice through our Services, or by other means, to provide you the opportunity to review the changes before they become effective. You acknowledge that your continued use of our Services after we publish or send a notice about our changes to this Privacy Policy means that the collection, use and sharing of your personal data is subject to the updated Privacy Policy, as of its effective date.

Further Questions-Contact

Check out our Frequently Asked Questions here.

Contact us through any of the methods below if you have any questions about this Privacy Policy or if you want to exercise your applicable rights:

Definitive Healthcare  

Attn: Data Privacy Officer  

550 Cochituate Road  

Suite 4  

Framingham, MA 01701