Privacy Policy

Updated Sep 22, 2024.

Your privacy is important to us and we have taken steps to ensure the security and privacy of your information. We intentionally collect only the data needed to provide for the functionaity of this website, and we will never, under any circumstances, sell your data.

If you choose to register an account here, we will collect some identifying information - your first and last name, email address, and country. This information is utilized to provision and maintain your account.

During registration and via your profile, you may also choose to opt-in to email notifications of cases, as well as to display of your name on the leaderboard.

Registered users may be permitted to submit cases for consideration. The information submitted may be shown publicly if the cases are accepted for inclusion on the website. You are responsible for ensuring patient data or other identifying information is not part of your case submissions.

Registered users may also be permitted to submit answers to cases. Submitted answers may be shown to scorers in order to evaluate the correctness of your answers.

If you earn Continuing Medical Education (CME) credits via Case of the Day, we will provide your name, email address, and your record of successfully completed case answers to the sponsoring organization in order to award CME credits.

We will only access your data to provide the services you have requested, to help troubleshoot or fix a software bug, to investigate malicious activity, or if required by applicable law.

We only store cookies required to provide functionality on the website; to remember who you are (if you are logged in), and to provide protection against certain security threats. We do not utilize third-party cookies for marketing or tracking.

Your data is encrypted via SSL/TLS when transmitted between your browser and our servers, and your data (and our backups of it) are encrypted when stored.

We grant all CCPA (California Consumer Privacy Act) and GDPR (General Data Protection Regulation) rights to our users, regardless of their jurisdiction. Any requests under these laws may be directed to chris@sprcod.org. We may utilize some of the information gathered about you - primarily your email address - to verify your identity when exercising these righs.

These rights include:

  • Right to Know: You have the right to know what information we collect and how it is used, shared, or sold.
  • Right of Access: You have the right to access the personal information we collect about you.
  • Right to Correction: You have the right to request correction of your personal information.
  • Right to Erasure / Be Forgotten: You have the right to request that we erase your personal information. This right may be limited by applicable law, and exercising it will cause your account here to cease to function.
  • Right to Complain: You have the right to complain about our handling of your personal information with the appropriate supervisory authority.
  • Right to Restrict Processing: You have the right to request restriction of how your personal information is used or process, including opting out of the sale of your personal information. (Note: We commit under this policy not to sell your information.)
  • Right to Object: You have the right to object to how or why your personal information is processed.
  • Right to Portability: You have the right to receive the information we have about you, including transmission of it to a third party on your request.
  • Right to not be subject to Automated Decision-Making: You have the right to object and prevent any decision that could have a legal or similarly significant effect on you from being solely made based on automated processes.
  • Right to Non-Discrimination: You have the right to exercise your data privacy rights without affecting the price of these services or the level of customer service you receive. However, exercising certain rights (like the "right to be forgotten") may, by virtue of exercising those rights, prevent you from using our services.

We utilize only cookies required to provide you with login functionality and protect you against security threats.

We store data in the United States via a cloud hosting service called Amazon Web Services (AWS). AWS agrees to comply with the requirements of the GDPR and other privacy laws with regards to the data we store on their systems.

In the event of an error during your use of the website, we notify a service called Bugsnag so we may troubleshoot your problem. Bugsnag may receive your IP address as part of this notification. Bugsnag agrees to comply with the requirements of the GDPR and other privacy laws with regards to the data we store on their systems.