You are here

US Privacy Statement

This US Privacy Statement is a supplement to the information contained in our Privacy Policy and applies to residents of the United States from whom we collect personal information (“consumers”). Certain states give their residents varying rights related to their Personal Information and specifically the following states have privacy laws that apply to Sage as noted below:

California - as a business under the California Consumer Privacy Act of 2018 as amended by the California Privacy Rights Act of 2020 (California Civil Code §§ 1798.100 to 1798.199) and its implementing regulations, as amended or superseded from time to time (“CPRA”)

Colorado - as a controller under the Colorado Privacy Act of 2021 (Colorado Rev. Stat. § 6-1-1301 et seq.) as amended or superseded from time to time (“CPA")

Connecticut - as a controller under the Connecticut Data Privacy Act of 2022 (S.B. 6) as amended or superseded from time to time (“CTPDA”);

Nevada - as an operator under the Nevada Privacy of Information Collected from the Intern from Consumers Act of 2017 (SB-220) as amended in 2021 by SB-260, and as amended or superseded from time to time (“NPICICA”)

Virginia - as a controller under the Virginia Consumer Data Protection Act as amended or superseded from time to time (“VCDPA”)

Each of the above-referenced laws individually and collectively shall be construed as the “US Privacy Laws.” Terms used herein but not defined shall have the meanings ascribed to them in the US Privacy Laws, as applicable. 

The term “personal information” as used herein shall mean the types of information described below and in the general Privacy Policy. “Personal information” as used herein shall also be construed to mean similar terms, such as “personal data”, as the terms may be used and defined in the US Privacy Laws. The types of personal information that we may collect, or have collected within the last twelve (12) months, from you or that you may provide when you utilize our products and services and our practices for collecting, using, maintaining, protecting, and disclosing that personal information are described below.

Categories of Personal Information

All of the categories of personal information we collect about you come from the following sources which are further described in our Privacy Policy:

  • Information you provide to us when you are accessing our websites or corresponding with us;
  • Information we may collect that you have made available to the public domain;
  • Information we may collect about your use of the website and services we provide;
  • Information from other sources such as service providers and other third parties; and
  • Information from cookies when you visit our websites.   

Personal information means information as defined in the US Privacy Laws and includes information that identifies, relates to, describes, is capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular individual (or natural person) or their household. Categories of personal information include the following:

  • “Identifiers” means information used to identify a particular user, such as a real name, alias, signature, username, postal address, telephone number, unique personal identifier, online identifier, Internet Protocol address, email address, account name, Social Security number, driver's license or state identification card number, passport number, insurance policy number, education or employment history, bank account number, credit or debit card number, other financial information, medical or health insurance information, or other similar identifiers. Identifiers may overlap with other categories. 
  • “Customer Records” means categories of customer personal information described in California Civil Code 1798.80, including name, address and education information.
  • “Protected Classification Characteristics” means characteristics identified under the individual US Privacy Laws and/or federal law such as age (40 years or older), race, color, ethnicity, ancestry, national origin, citizenship, sex and sexual orientation (including gender, gender identity or gender expression, pregnancy or childbirth and related medical conditions) or sex life disability, veteran or military status, and genetic information (including familiar genetic information).
  • “Commercial Information” means records of personal property, products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies of a consumer.
  • “Biometric Information” means genetic, physiological, behavioral, and biological characteristics, or activity patterns used to extract a template or other identifier or identifying information, such as, fingerprints, faceprints, and voiceprints, iris or retina scans, keystroke, gait, or other physical patterns, and sleep, health, or exercise data.
  • “Internet or Other Similar Network Activity” means information generated from a consumer’s interaction with a website, application, or advertisement or the internet such as browsing history or search history.
  • “Geolocation Data” means information about the geographic location from where a consumer accessed the services.
  • “Sensory Data” includes audio, electronic, visual, thermal, olfactory, or similar information.
  • “Professional or Employment-Related Information” means current or past job history or performance evaluations.
  • “Non-Public Education Information” means personally identifiable education records of a consumer that are directly related to a student maintained by an educational institution or party acting on its behalf, such as grades, transcripts, class lists, student schedules, student identification codes, student financial information, or student disciplinary records that are not publicly available, as defined in the Family Educational Rights and Privacy Act (20 U.S.C. Section 1232g, 34 C.F.R. Part 99) (FERPA).
  • “Inferences Drawn from Other Personal Information” means a profile reflecting a consumer’s preferences, characteristics, psychological trends, predispositions, behavior, intelligence, abilities, and aptitudes.
  • “Sensitive Personal Information” means personal information that reveals certain information about a consumer that are generally considered to be sensitive in nature, including:   
    • Any communications you have with a third party (i.e., somebody outside our business)
    • Any Protected Classification Characteristics as defined above
    • Health or medical data (including physical or mental disability and pregnancy or childbirth)
    • Biometric data processed to identify an individual
    • Information related to sex life
    • Financial account details in a combination (for example card number and password) that gives access to an account
    • Government-issued numbers (such as a social security number or a number on a passport, or driver's license)
    • Precise Geolocation Data
    • Union membership
    • Information from a known child

Depending on how you interact with us, we may collect, or may have collected within the last twelve (12) months the following personal information as summarized in the table below.

Category Collected
Identifiers Yes
Customer reports Yes
Protected classification characteristics Yes
Commercial information Yes
Biometric information Yes
Internet or other similar network activity Yes
Geolocation data Yes
Sensory data Yes
Professional or employment-related information Yes
Non-public education information Yes
Inferences drawn from other personal information Yes
Sensitive Personal Information Yes

 

All of the categories of personal information we collect about you (as detailed above) are used for the following purposes which are further described in our Privacy Policy:

  • To deliver our products and services to you;
  • To improve the effectiveness of our products, services and marketing communications;
  • For marketing purposes, including, without limitation, sending you alerts, notifications, and emails about products, events, promotions, and offers from Sage and/or Sage’s partners and to analyze our marketing services to better measure and understand the effectiveness of our marketing;
  • For communication with you, including, without limitation, sending confirmations, invoices, notices, updates, security alerts, or administrative messages and to provide customer service;
  • For any Business Purpose, as defined by the CPRA, including, without limitation, for security and audit related purposes;
  • To enforce our terms and conditions or to protect our business, partners or users, and comply with our contractual and legal obligations; 
  • Other uses, as described to you when collecting your personal information or as otherwise set forth in the Privacy Policy; or
  • Where you have attended a sponsored event, we may share your personal information with the sponsors of the event, or we may share mailing list information with selected third parties.

Sharing of Personal Information

We may share your personal information with the following third parties as further described in our Privacy Policy:

  • Businesses within, and affiliates and subsidiaries of, Sage;
  • Business partners including, without limitation, service providers and other third parties as outlined in our Privacy Policy; or
  • Other third parties as described to you when collecting your personal information or as otherwise set forth in the Privacy Policy.

Sales of Personal Information

As defined by the US Privacy Laws, in limited circumstances, we may “sell” or “share” the following types of your personal information:

  • Identifiers and 
  • Other personal information, as disclosed to you when collecting your personal information.

We do not sell or share personal information of minors under 16 years of age without affirmative authorization.

We do not process Sensitive Personal Information without prior consent.

 

Rights and Choices

Your rights 

Under the US Privacy Laws, you may have the following rights with respect to personal information we collect or have collected from you in the last twelve (12) months:

  • The right to know and request a written report of what personal information we have collected about you and how it has been used, disclosed, or sold;
  • The right to request deletion of personal information as explained in the following paragraphs;
  • The right to opt-out of the sale or sharing of personal information as explained in the following paragraphs; 
  • The right to correct inaccurate personal information;
  • The right to limit the use and disclosure of any sensitive personal information collected about you; and
  • The right to not receive discriminatory treatment by us for the exercise of your privacy rights conferred to you.

Please note that these rights are not absolute, and we may be entitled to refuse requests where exceptions apply. If you wish to exercise any of these rights, please contact us using the following contact details.

You may also have the right to designate an agent to exercise these rights on your behalf.
 

How to exercise your access, correction, limit, and deletion rights

You may exercise your right to know about personal information collected, used, disclosed or sold and request that we disclose any or all of the following (including, in the instance of certain US Privacy Laws, personal information you previously provided to us):

  • Specific pieces of personal information that a business has about the consumer;
  • Categories of personal information it has collected about the consumer;
  • Categories of sources from which the personal information is collected;
  • Categories of personal information that the business sold or disclosed for a business purpose about the consumer;
  • Categories of third parties to whom the personal information was sold or disclosed for a business purpose; or
  • The business or commercial purpose for collecting or selling personal information.

You may also exercise your right to request correction or deletion of your personal information or limit the use of sensitive personal information we have collected from you.

You may exercise these rights by obtaining, completing, and submitting a Consumer Request Form.  You may only make a verifiable request to access personal information we have about you twice within a twelve (12) month period.

Please follow the instructions provided in response to the Form – you may have to verify your identity, residency, and authority to make the request (if applicable). Once these have been verified, we will review, and act upon your request(s).

We cannot respond to your request or provide you with personal information if we cannot verify your identity or your authority to make the request and confirm the personal information relates to you. Making a verifiable consumer request does not require you to create an account with us. Unless otherwise requested by us to review and respond to your request, we will only use personal information provided in a verifiable consumer request to verify the requestor's identity or authority to make the request.

We endeavor to respond to a verifiable request within forty-five (45) days of receiving all such required information. If we require additional time, we will inform you of the reason for the extended period.  Any disclosures we provide will only cover the 12-month period preceding the verifiable consumer request's receipt. The response we provide will also explain the reasons we cannot comply with a request, if applicable. For requests to access your personal information, we will select a format to provide your personal information that is readily useable and should allow you to transmit the information from one entity to another entity without hindrance. We do not charge a fee to process or respond to verifiable consumer requests; however, if we determine that your request warrants a fee, we will inform you of the reason and fee before we complete your request.

 

How to exercise your right to opt-out of the sale of your personal information

You may exercise your right to opt-out of the sale or sharing of your personal information by filling out the Do Not Sell My Personal Information Request Form or calling (800) 732-0199. Once the form or verbal request to our 800# has been received by us, we may send you instructions regarding how to verify your identity, residency, and/or authority (if applicable). Once your identity, residency, and/or authority (if applicable) have been verified (when required by us), we will review and act upon your request. If you are a Virginia resident, you may request to opt out of the processing of your personal information for purposes of profiling in furtherance of decisions that produce legal or similarly significant effects concerning you.

If you are a Virginia or Colorado resident and we refuse to take action on your request, you may appeal this refusal within a reasonable period after your receipt of the decision by submitting a request for appeal via our Personal Information Request Form.

 

DMD Healthcare Communications Network Participation Disclosure - Notice for Healthcare Providers located in the United States:

This website is a member of the DMD Healthcare Communications Network (the “HCN”). HCN is owned and managed by DMD Marketing Corp (“DMD”) and is designed to enable DMD and HCN members to provide medically relevant business communications to authenticated health care professionals based in the United States.

If you are a U.S. health care professional, your registration at this website includes registration with HCN. As a result, your contact and other professionally relevant information will be disclosed to DMD and each HCN member to provide you medically relevant content as described the HCN privacy policy available at https://HCN.health/privacy-policy/. The HCN privacy policy provides details on how to manage your information, including opting out of participation in the HCN.

To the extent that this site’s privacy policy conflicts with the HCN privacy policy, with respect to the use of this information by HCN, the conflict will be resolved in favor of the HCN policy.

 

Contact us

If you have any comments, questions or concerns about anything you have read on this US Privacy Statement or you are concerned how your personal information has been handled by Sage , you can contact us via General Queries or (800) 732-0199. 

Changes to this US Privacy Statement

If we make changes to this US Privacy Statement, we will detail them on this page. If it is appropriate, we may provide you with details by email; we suggest that you regularly visit this page to see any changes or updates to this Privacy Statement.

This US Privacy Statement became effective on July 1, 2023, replacing the California Privacy Statement that had been in effect since January 1, 2020.