Privacy and Security Policy

Effective date: July 26, 2018

Privacy Policy

F.A. Davis Company ("us", "we", or "our") operates https://www.fadavis.com and other associated educational service websites under the 'fadavis' subdomain (the "Service") as well as the Davis Drug Guide for Nurses (the "App") developed by Atmosphere Apps (the "Developer").

This page informs you of our policies regarding the collection, use, and disclosure of personal data when you use our Service and the choices you have associated with that data. This Privacy Policy for F.A. Davis Company is powered by FreePrivacyPolicy.com.

We use your data to provide and improve the Service. By using the Service, you agree to the collection and use of information in accordance with this policy. Unless otherwise defined in this Privacy Policy, terms used in this Privacy Policy have the same meanings as in our Terms and Conditions, accessible from https://www.fadavis.com

Information Collection And Use

We collect several different types of information for various purposes to provide and improve our Service to you.

Personal Data

While using our Service, we may ask you to provide us with certain personally identifiable information that can be used to contact or identify you ("Personal Data"). Personally identifiable information may include, but is not limited to the following categories:

Identity Data such as your first name, last name
Contact Data such as your e-mail address, physical address, and telephone number;
Transaction Data such as details of the software products and services you have obtained from us, purchase order details, and payments made to/from us;
Education Data such as your school association, class enrollment, and graduation year;
Technical Data such as your internet protocol (IP) address, login data, operating system and platform;
Usage Data such as how and when you use our website, performance and other communication data including unique device identifiers and other diagnostic data;
Marketing Data such as your marketing and communication preferences;
Survey Data such as your comments and opinions provided in response to a survey

Tracking & Cookies Data

We use cookies and similar tracking technologies to track the activity on our Service and hold certain information.

Cookies are files with small amount of data which may include an anonymous unique identifier. Cookies are sent to your browser from a website and stored on your device. Tracking technologies also used are beacons, tags, and scripts to collect and track information and to improve and analyze our Service.

You can instruct your browser to refuse all cookies or to indicate when a cookie is being sent. However, if you do not accept cookies, you may not be able to use some portions of our Service.

Examples of Cookies we use:

Session Cookies. We use Session Cookies to operate our Service.
Preference Cookies. We use Preference Cookies to remember your preferences and various settings.
Security Cookies. We use Security Cookies for security purposes.

Use of Data

We also collect, use and share Aggregated Data such as statistical or performance data for product development purposes. Aggregated Data may be derived from your personal data but is not considered personal data in law as this data does not directly or indirectly reveal your identity. For example, we may aggregate your Usage Data to calculate the percentage of users accessing a specific website feature. However, if we combine or connect Aggregated Data with your personal data so that it can directly or indirectly identify you, we treat the combined data as personal data which will be used in accordance with this privacy notice.

F.A. Davis Company uses the collected data for various purposes:

To provide and maintain the Service
To notify you about changes to our Service
To allow you to participate in interactive features of our Service when you choose to do so
To provide customer care and support
To provide analysis or valuable information so that we can improve the Service
To monitor the usage of the Service
To detect, prevent and address technical issues

Data Ownership

The F.A. Davis account owner is the owner of any data, including grades, achievements, and progress submitted through F.A. Davis sites. F.A. Davis retains a perpetual, irrevocable, worldwide, sublicensable and transferable right to use, publish, display, modify and copy anonymized content. For the avoidance of doubt, such anonymized content shall not include any personally identifiable information.

Transfer Of Data

Your information, including Personal Data, may be transferred to and maintained on computers located outside of your state, province, country or other governmental jurisdiction where the data protection laws may differ than those from your jurisdiction.

If you are located outside United States and choose to provide information to us, please note that we transfer the data, including Personal Data, to United States and process it there.

Your consent to this Privacy Policy followed by your submission of such information represents your agreement to that transfer.

F.A. Davis Company will take all steps reasonably necessary to ensure that your data is treated securely and in accordance with this Privacy Policy and no transfer of your Personal Data will take place to an organization or a country unless there are adequate controls in place including the security of your data and other personal information.

Disclosure Of Data Legal Requirements

F.A. Davis Company may disclose your Personal Data in the good faith belief that such action is necessary to:

To comply with a legal obligation To protect and defend the rights or property of F.A. Davis Company To prevent or investigate possible wrongdoing in connection with the Service To protect the personal safety of users of the Service or the public To protect against legal liability

Data Retention

F.A. Davis will retain data for the minimum amount of time necessary to accomplish the purpose for which it was collected. We will retain and use your data as necessary to comply with our obligations, resolve disputes and enforce agreements.

Service Providers (Third Party)

We may employ third party companies and individuals to facilitate our Service ("Service Providers"), to provide the Service on our behalf, to perform Service-related services or to assist us in analyzing how our Service is used.

These third parties have access to your Personal Data only to perform these tasks on our behalf and are obligated not to disclose or use it for any other purpose.

Analytics

We may use third-party Service Providers to monitor and analyze the use of our Service.

Google Analytics
Google Analytics is a web analytics service offered by Google that tracks and reports website traffic. Google uses the data collected to track and monitor the use of our Service. This data is shared with other Google services. Google may use the collected data to contextualize and personalize the ads of its own advertising network.
You can opt-out of having made your activity on the Service available to Google Analytics by installing the Google Analytics opt-out browser add-on. The add-on prevents the Google Analytics JavaScript (ga.js, analytics.js, and dc.js) from sharing information with Google Analytics about visits activity.
For more information on the privacy practices of Google, please visit the Google Privacy & Terms web page: https://policies.google.com/privacy?hl=en
FullStory, Inc.
Website owners who use FullStory Services can watch a DVR-like video playback of user sessions on their website, enabling meaningful insight into their users' experience, as an effective way to identify usability problems and other areas for improvement. FullStory exists to make the web better for end-users, and it is only available to websites that share that goal. If you are a Visitor, FullStory collects information on your use of our Site, such as pages visited, links clicked, non-sensitive text entered, and mouse movements, as well as information more commonly collected such as the referring URL, browser, operating system, marketing, cookie information, and Internet Service Provider ("Usage Data"). FullStory's purpose in collecting Usage Data is to better understand how FullStory's Visitors use the Site. As a Visitor, FullStory collects potentially personally identifying information like Internet Protocol (or "IP") addresses ("Potential PII").

Your Rights

Your data belongs to you; and your rights as the owner of your data are enforced by data protection legislation around the world. A brief summary of your rights is presented below:

Access your data:You can access the information F.A. Davis holds on you at any time by request. The more specific you can be about what you want to know, the better. We will need to confirm your identity before we release information to you.
Rectify your data:You can ask us to correct any information we hold about you that is inaccurate.
Request erasure:You have the right to 'be forgotten', in certain circumstances. This right does not apply if it would prevent the performance of a Service with you, or if there is another legal requirement for us to retain your data. If erasure is not possible, you may be able to ask us to restrict processing.
Request the restriction of processing of your data:You may ask us to suspend the processing your data under certain circumstances, for example pending a review of the accuracy of the data, or you have objected to our use of the data and we need to establish whether we may lawfully continue processing it.
Request the transfer of your data:In some cases, you can ask us to transfer the data you originally provided to us to yourself or to another third party. This only applies to information you provided directly, or that we observed about you through automated means.
Object to the processing of your data:You can object to our processing of your data for direct marketing purposes. In some cases, we may have compelling legitimate grounds to process your data which override your rights and freedoms.
You can lodge a complaint:If your data is being handled in a way that breaches data protection legislation, you can lodge a complaint with us.

Image Data Handling

Image Upload and Storage

When you add images to to the app, these images are transmitted to remote servers only if you are logged in. The primary purpose of this upload process is to synchronize your data across all your devices, ensuring that you have consistent access to your images no matter where you log in from. This synchronization process allows for a seamless user experience across platforms. If you are not logged in, all of your images remain on your local device.

Image Usage

Images that you include in the FPNotebook app are not used for any secondary purposes. Any transmission or storage of images by the app is only for the purpose of implementing app functionality and syncing data across your devices.

Copyright and Ownership

It is important to note that by uploading images, you are not transferring copyright or ownership of these images. You retain full copyright and ownership rights to your images. We make no claims of copyright or ownership over any images uploaded to our platform.

Third-Party Cloud Services

To provide robust data synchronization and storage capabilities, third-party cloud services are utilized. These services are selected for their reliability and security measures. However, it is important for users to understand that their images may be stored on these third-party cloud services as part of the synchronization and storage process. While these images are not shared with the public and are intended solely for your personal access and use, their storage is managed by these third-party services in accordance with their security protocols and privacy policies.

Privacy and Security

We are committed to protecting your privacy and securing your data. We implement a variety of security measures to ensure the confidentiality and integrity of your images. However, users should be aware that no method of electronic storage is 100% secure. While we strive to use commercially acceptable means to protect your images, we cannot guarantee absolute security.

Consent and Changes

By using the app, you consent to the practices described in this Privacy Policy regarding your images. We reserve the right to update or change our Privacy Policy at any time. Any changes to the image handling section of our Privacy Policy will be posted on this page. Your continued use of the app after any changes to this Privacy Policy will constitute your acceptance of such changes.

Links To Other Sites

Our Service may contain links to other sites that are not operated by us. If you click on a third-party link, you will be directed to that third party's site. We strongly advise you to review the Privacy Policy of every site you visit.

We have no control over and assume no responsibility for the content, privacy policies or practices of any third-party sites or services.

Children's Privacy

Our Service does not address anyone under the age of 18 ("Children").

We do not knowingly collect personally identifiable information from anyone under the age of 18. If you are a parent or guardian and you are aware that your Children has provided us with Personal Data, please contact us. If we become aware that we have collected Personal Data from children without verification of parental consent, we take steps to remove that information from our servers.

Changes To This Privacy Policy

We may update our Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page. This page was most recently updated on July 26, 2018.

We will let you know via email and/or a prominent notice on our Service, prior to the change becoming effective and update the "effective date" at the top of this Privacy Policy.

You are advised to review this Privacy Policy periodically for any changes. Changes to this Privacy Policy are effective when they are posted on this page.

Service Security

F.A. Davis deploys universally accepted best practices for applications that handle sensitive information and are accessed via the Internet by end-users and partners. These best practices include guidelines for encryption and highly restricted access to back-end development, deployment, and data storage environments. This also covers the OWASP Top 10 recommendations.

Infrastructure Security

We apply established best practices for ensuring our infrastructure is secure:

All traffic is encrypted using SSL/TLS with 256-bit encryption (HTTPS).
F.A. Davis servers are guarded by various firewalls, with both external WAN access and internal LAN restrictions - powered by AWS infrastructure.
F.A Davis server access is given only to the trusted F.A. Davis employees who require it.
F.A. Davis controls all access logs and records actions made each user.
F.A. Davis employs automatic installations (with no interruption to end-users) for all crucial operating system and application security patches as soon as they are released
All servers operate within a Virtual Private Network (VPN) (secure structure of different components of the system), which are only accessible from internal nodes
We transfer all of the incoming and outgoing traffic through one secure proxy interface.

Physical Security

F.A. Davis is hosted using Amazon Web Services (AWS). AWS data centers adhere to the highest standards of physical security and processes and have fulfilled ISO 27001, ISO 9001, SOC 3 and other certifications. For more information on AWS security infrastructure visit
http://aws.amazon.com/security/
http://aws.amazon.com/compliance/
https://aws.amazon.com/compliance/iso-27001-faqs/

Data Security

Our user-data back-ups to the Amazon Elastic Block Store (EBS) service occur regularly and automatically; additionally, EBS has redundant nodes in different locations. CN stores all data for six months for customers (may be extended per contract terms if necessary). We can also execute a data dump or delete data based on client-need. All backups and snapshots are encrypted.

Regarding user-data and AWS, F.A. Davis...

host our services in the N. Virginia datacenters of Amazon
perform daily data backups on a separate server - backups are complete versions of production data
can extend the number of servers to handle the higher load without any interruption

F.A. Davis is hosted on thoroughly firewalled servers which automatically disable any unsupported device that tries to access them; the servers are carefully configured to allow access only to known services. Our data centers are only accessible by our internal servers, and no external access is granted.

The security of your data is important to us but remember that no method of transmission over the Internet, or method of electronic storage is 100% secure. While we strive to use commercially acceptable means to protect your Personal Data, we cannot guarantee its absolute security.

Data Integrity and Disaster Recovery

F.A. Davis Service is designed and built to maintain a 99.9999% uptime. We conduct user data backups daily. However, having access to multiple duplicate servers reduce the risk of data loss (close to zero). Essential data and data with the highest usage rates are delivered to users using CDN to reduce the propagation delay. In addition to providing higher performance and availability, redundant data centers decrease the disaster recovery time (to zero). Therefore, if one or more servers fail, there are backup servers that can replace them immediately, without interruption.

Data Breach

We look for our service providers to provide us timely notification of breaches. If a security breach occurs, we will work with our clients and end-users to notify them promptly.

Contact Us

If you have any questions about this Privacy Policy, please contact us:

By email: cs@fadavis.com