Skip to Content

Privacy Policy

Privacy and Confidentiality Policy

Aspen Insights and subsidiaries (“Aspen,” “we,” “us,” or “our”) is a data science and artificial intelligence firm engaged in the design and development of healthcare analytics systems (together, the “Services”). This Privacy Policy applies to the personal information that we collect and process in relation to our products and services, including via our website located at https://aspeninsights.com/ (the “Site”). Please note that if we process your personal information in the context of providing services for our business clients, you should contact our client with questions or for more information, as its privacy policy will apply rather than ours. All webpages employ the https communications protocol to ensure secure and encrypted transmissions over the Internet.

Aspen is strongly committed to protecting your privacy. Your privacy is important to us. In a commitment to protecting your privacy we have implemented the measures below to protect the personal data we process about you.

Types of Information We Collect

Use and Processing of Information

Sharing of Information

Your Choices

How We Protect Personal Information

Notice to California Residents

Additional Disclosures for Data Subjects in the EEA, the U.K. and Switzerland

Transfer of Information to Other Countries

Changes to This Policy

Contact Us

Types of Information We Collect

We receive personal information from our clients, potential clients, and employees. The following provides examples of the type of information that we collect and how we use that information.

ContextTypes of DataPrimary Purpose for Collection
and Use of Data
Information about ClientsWe collect the name, and contact information, of our business clients and their employees with whom we interact.Communicating with our clients concerning normal business administration such as projects, services, and billing.
Cookies and First Party TrackingWe may use cookies and clear GIFs. “Cookies” are small pieces of information that a website sends to a computer’s hard drive while a web site is viewed.   Clear GIFs are near-invisible graphics that allow us to track when a webpage opens and displays.Making our website operate efficiently and understanding how visitors interact with our websites.
Cookies and Third Party TrackingWe participate in behavior-based advertising, this means that a third party uses technology (e.g., a cookie) to collect information about your use of our website so that they can provide advertising about products and services tailored to your interests on our website, or on other websites.For analytics, advertising and security purposes.
Email InterconnectivityIf you receive email from us, we use certain tools to capture data related to when you open or interact with our messages.Understanding how you interact with the communications that we send to you.
EmploymentIf you apply for a job posting, or become an employee, we collect information necessary to process your application or to retain you as an employee.Performing our employment obligations (e.g., to process paychecks) and processing prospective candidates’ applications.  In some contexts, we are also required by law to collect information about our employees.
Feedback/SupportIf you provide us feedback or contact us for support we will collect your name and e-mail address, as well as any other content that you send to us, in order to reply.Receiving and acting upon your feedback or issues.
Mailing ListWe may offer you the ability to sign up for a mailing list.  If we do so we will collect your email address or postal address.Sharing information about our products or services.
Web logsWe collect information, including your browser type, operating system, Internet Protocol (IP) address (a number that is automatically assigned to a computer when the Internet is used), domain name, click-activity, referring website, and/or a date/time stamp for visitors.Monitoring our networks and the visitors to our websites.

In addition to the information that we collect from you or from our clients directly, we may also receive information about you from other sources, including third parties, business partners, our affiliates, or publicly available sources.  For example, if you submit a job application, or become an employee, we may conduct a background check.

Use and Processing of Information

In addition to the purposes and uses described above, we use information in the following ways:

  • To identify you when you visit our websites or our services.
  • To provide products and services.
  • To provide products and services to your business or employer.
  • To improve our services and product offerings.
  • To conduct analytics.
  • To respond to inquiries related to support, employment opportunities, or other requests.
  • To send marketing and promotional materials, including information relating to our products, services, sales, or promotions.
  • For internal administrative purposes, as well as to manage our relationships.

Although the sections above describe our primary purpose in collecting your information, in many situations we have more than one purpose.  For example, if you purchase a product from us, we collect your information to fulfill your order, but we also collect your information because we have an interest in understanding who our clients are and what services we perform on their behalf.

Sharing of Information

In addition to the specific situations discussed elsewhere in this policy, we disclose information in the following situations:

  1. Affiliates and Acquisitions. We may share information with our corporate affiliates (g., parent company, sister companies, subsidiaries, joint ventures, or other companies under common control). If another company acquires, or anticipates acquiring, our company, business, or our assets, we will also share information with that company.
  2. Other Disclosures with Your Consent. We may ask if you would like us to share your information with unaffiliated third parties who are not described elsewhere in this policy.
  3. Other Disclosures without Your Consent. We may disclose information in response to subpoenas, warrants, discovery requests, or court orders, or in connection with any legal process, or to comply with relevant laws. We may also share your information to establish or exercise our rights, to defend against a legal claim, to investigate, prevent, or take action regarding possible illegal activities, suspected fraud, safety of person or property, or a violation of our policies, or to comply with your request for the shipment of products to or the provision of services by a third-party intermediary.
  4. Public. Some of our websites may provide the opportunity to post comments, or reviews, on a message board or in a public forum.  If you decide to submit information on these pages, that information may be publicly available.
  5. Service Providers. We may share your information with service providers. Among other things service providers may help us to administer our website, perform hosting, provide technical support, process payments, and assist in the fulfillment of cybersecurity service requests.

Your Choices

You can make the following choices regarding your personal information:

  1. Promotional Emails. You may choose to provide us with your email address for the purpose of allowing us to send promotional materials to you. You can stop receiving promotional emails by following the unsubscribe instructions in e-mails that you receive.  If you decide not to receive promotional emails, we may still send you service-related communications.
  2. Access to Your Personal Information. We will grant you, where required by law, reasonable access to the personal information that we have about you. You may request access to your personal information by contacting us at the address described below.
  3. Changes to Your Personal Information. You can contact us at the address described below in order to request that your information be modified.
  4. Deletion of Your Personal Information. We typically retain personal information that we collect on our own behalf for the period necessary to fulfill the purposes outlined in this policy, unless a longer retention period is required or permitted by law. You may request information about how long we keep a specific type of information, or request that we delete your personal information, by contacting us at the address described below.
  5. Revocation of Consent or Objections. You may revoke consent to processing (where our processing is based upon consent), or object to our processing (where our processing is not based upon your consent) by contacting us at the address described below.  If you revoke your consent / object we may no longer be able to provide you services. In some cases, we may limit or deny your request to revoke consent / object if the law permits or requires us to do so, or if we are unable to adequately verify your identity.
  6. Do Not Track. Due to the absence of a current “Do Not Track” standard, the Site does not currently respond to “Do Not Track” signals.

How We Protect Personal Information

No method of transmission over the Internet, or method of electronic storage, is fully secure. While we use reasonable efforts to protect your personal information from unauthorized access, use, or disclosure, we cannot guarantee the security of your personal information. If we are required by law to inform you of any unauthorized access to your personal information, we may notify you electronically, in writing, or by telephone, if permitted to do so by law.

Our website or service may permit you to create an account.  When you do you will be prompted to create a password.  You are responsible for maintaining the confidentiality of your password, and you are responsible for any access to or use of your account by someone else that has obtained your password, whether such access or use has been authorized by you.  You should notify us of any unauthorized use of your password or account.

Notice to California Residents

The information in this section applies to residents of California. Please contact us at info@aspeninsights.com if you have any questions about this Privacy Policy, including this section specific to California residents, or if you would like a printed copy of this Privacy Policy. You may also print a copy of this Privacy Policy by selecting the “Print” button in your web browser.

  1. How We Collect and Use Personal Information
    In accordance with the California Consumer Privacy Act of 2018 (“CCPA”), this section describes the Personal Information we collected about California residents in the last 12 months, the sources of that information, our business or commercial purposes for collecting the information, and the third parties with whom we shared that information. Please refer to the corresponding sections of this policy above for details on the following:
  2. Your Rights and How to Exercise Them
    Under the CCPA, California residents have certain rights with regard to their Personal Information. Those rights may only apply in certain circumstances and may be subject to limitations or exceptions. A summary of those rights is provided below as well as information on how to exercise your rights. Please note that we will require certain identifying information about you as necessary for us to verify your request in accordance with applicable law.
    • Right to Know: You have the right to ask us to tell you the categories of Personal Information we collected, the purposes for which we collected, sold or disclosed that information, and the categories of third parties to whom we disclosed the information in the last 12 months. To exercise this right, please email your request to info@aspeninsights.com and include “Disclosure Request” in the subject line of your message.
    • Right to Access: You have the right to request access to the specific pieces of Personal Information we collected, used, disclosed and/or sold about you in the last 12 months. To exercise this right, please email your request to info@aspeninsights.com and include “Access Request” in the subject line of your message.
    • Right to Delete: You have the right to request us to delete the Personal Information we have collected or maintain about you. Please note that certain exceptions may apply to your right to delete information, such as when we must retain Personal Information as required or permitted by law and we will maintain a copy of your deletion request. We will notify you if any such exceptions apply to your request. To exercise this right, please email us at info@aspeninsights.com and include “Deletion Request” in the subject line of your message.
    • Right to Opt Out of Sale: You have the right to opt out or ask us not to sell your Personal Information. Please note that we do not sell your Personal Information.

    We will not discriminate against you for exercising any of the rights noted above. However, we may offer certain financial incentives, charge reasonable fees related to your requests, or deny your right to know, right to access, or right to deletion in accordance with applicable law.

    You can exercise these rights yourself or you can designate an authorized agent to make a request on your behalf. If you would like an authorized agent to submit a request on your behalf, please send us an email at info@aspeninsights.com for instructions and details on proof and information required for use of an authorized agent.

  3. How We Disclose Information
    • We did not disclose personal information to third parties for any business purposes. For more information on the categories of information we disclosed and to whom it was disclosed, see sections above.
    • We do not sell your personal information or the personal information.
  4. Third-Party Marketing Disclosure
    • Under California Civil Code § 1798.83, California residents with whom we have a business relationship can request information about the types of personal information, if any, we shared with third parties for the direct marketing purposes of the third parties and the identities of the third parties with whom we shared such information in the immediately preceding 12 months. We do not share your Personal Information with third parties in this manner and have not done so in the last 12 months. You may request more information by contacting us using the contact information at the bottom of this Privacy Policy.

Additional Disclosures for Data Subjects in the EEA, the U.K. and Switzerland

This section provides general information about how Ironwood collects, stores, uses, transfers and otherwise processes personal data in or from certain countries in the European Economic Area, the United Kingdom, and Switzerland (together, for purposes of this section of the Privacy Policy, “EEA”), in accordance with the General Data Protection Regulation (“GDPR”) and its local implementations.

Lawful Bases of Processing – Where Ironwood is acting as a data controller that determines the purposes and means of processing your personal data, such as when we collect, use, and share personal data as described above, we must have a lawful processing basis for doing so. Our lawful bases for processing personal data include:

  • to conclude or perform a contract with you, for example to:
    • process your purchases of or requests for cybersecurity products and services;
    • communicate with you about purchases, professional services, accounts, and programs;
  • for our legitimate business purposes, including to:
    • respond to your customer service inquiries and requests for information;
    • maintain, improve, and analyze our Site, advertisements, and the products and services we offer;
    • detect, prevent, or investigate security breaches or fraud; and
    • facilitate the functionality of our Services;
  • to comply with our legal obligations, for example to maintain appropriate records for internal administrative purposes and as required by applicable law; and
  • on the basis of your consent, for example to send you via email and other electronic means personalized promotions and special offers or informing you about our professional services, offerings, events, or other promotional purposes.

You can withdraw your consent at any time by contacting us as described in the “Contact Us” section below.

Your EEA Data Subject Rights – Under certain circumstances, by law you have the right to:

Request access to your personal information (commonly known as a “data subject access request”). This enables you to receive a copy of the personal information we hold about you.

Request correction of the personal information that we hold about you.

Request erasure of your personal information. This enables you to ask us to delete or remove personal information where there is no good reason for us continuing to process it.

Object to processing of your personal information where we are relying on a legitimate interest (or those of a third party), or where we are processing your personal information for direct marketing purposes.

Request the restriction of processing of your personal information. This enables you to ask us to suspend the processing of personal information about you.

Request the transfer of your personal information to another party, when possible.

Not be subject to automated decision-making producing legal or significant effects on an individual, which we do not engage in.

To exercise any of these rights, please contact us as set forth in the “Contact Us” section below and specify which GDPR privacy right(s) you wish to exercise.  We must verify your identity in order to honor your request, which we will respond to within 30 days of receipt.

Transfers –When we transfer or receive personal data from the EEA, we do so pursuant to appropriate safeguards or your explicit consent under GDPR Article 49.

Retention – As a general rule, we keep your data for only as long as it is needed to complete the purpose for which it was collected or as required by law. We may need to keep your data for longer than our specified retention periods to honor your requests, including to continue keeping you opted out of marketing emails, or to comply with legal, regulatory, accounting or other obligations.

Complaints – If you have any issues with our compliance, you have the right to lodge a complaint with an EEA supervisory authority (link). We would, however, appreciate the opportunity to first address your concerns and would welcome you directing an inquiry first to us per the “Contact Us” section below.

Transmission of Information to Other Countries

By submitting your personal information to us you agree to the transfer, storage and processing of your information in a country other than your country of residence including, but not necessarily limited to, the United States. As a result, your personal information may be subject to the laws of that jurisdiction and accessible to their law enforcement and national security. If you would like more information concerning our attempts to apply the privacy principles applicable in one jurisdiction to data when it goes to another jurisdiction you can contact us using the contact information below.

Changes to This Privacy Policy

We may change our privacy policy and practices over time. To the extent that our policy changes in a material way, the policy that was in place at the time that you submitted personal information to us will generally govern that information unless we receive your consent to the new privacy policy. Our privacy policy includes an “effective” and “last updated” date. The effective date refers to the date that the current version took effect. The last updated date refers to the date that the current version was last substantively modified.

Contact Us

If you have any questions, comments, or complaints concerning our privacy practices please contact us at the appropriate address below.  We will attempt to respond to your requests and to provide you with additional privacy-related information.

info@aspeninsights.com

6000 Western Place, #510

Fort Worth, TX 76107

1-817.223.3270

This Privacy Policy was last modified August 3, 2023.