ARRT PRIVACY POLICY - State website

^{Last Updated: January 2025}

The Service is operated by The American Registry of Radiologic Technologists (“ARRT”), 1255 Northland Drive, St. Paul, MN 55120-1155 (“We,” “Us,” or “ARRT”). This Privacy Policy (“Privacy Policy”) describes how we collect, process, and share Personal Information, Your rights, Your choices, and other important information about how we handle Your Personal Information. This Privacy Policy applies to Your use of our website, online services, and in-person services (collectively, our “Service”).

YOUR USE OF THIS PRIVACY POLICY

ATTENTION: Please read this Privacy Policy carefully before using the Service. Accessing, downloading content from, or using the Service indicates that you accept and acknowledge this Privacy Policy in full. If you do not accept this Privacy Policy, do not access or use the Service. You acknowledge that You have read and understood this Privacy Policy.

Unless explicitly stated otherwise, any new features that augment or enhance the current Service shall be subject to this Privacy Policy.

Please review the Privacy Policy each time You use the Service. By using the Services, you agree to be bound by the most recent version of the Privacy Policy. If We materially change this Privacy Policy, We will update this page to reflect any changes to this Privacy Policy, and We will let You know by displaying a notice when You next visit the Service.

HOW WE COLLECT PERSONAL INFORMATION

The following describes the information We collect relating to identified or identifiable individuals and information otherwise defined as personal information under applicable law (“Personal Information”).

From You

When You use the Service, We may collect Your birthdate, last four digits of Your social security number, and zip code to identify Your eligibility to use the Service.

When You contact Us, We may collect Your name, email address, and any other information that You provide to Us voluntarily.

When You make a payment through the Service, We may collect Your name, address, credit card type, payment submission date, payment settlement date, payment amount, payment response type and code, payment status, transaction purpose, and other Personal Information sufficient for our payment processors to process the transaction and provide fraud screening, information security, and compliance.

When You interact with ARRT through social media, We may collect Your facial photograph, voice recording, and any other information You provide.

When You leave a voice message for ARRT or provide a written message through the Message Center, We may collect Your voice recording and any information You provide in the message.

State Health Entity

When You apply for an examination through Your state health entity or licensing authority (“Health Entity”), we receive Your Personal Information from the Health Entity, such as Your name, birthdate, social security number, zip code, and eligibility for examination.

Automatic Collection

When You access and use the Service, We may collect certain Personal Information automatically. For example, we collect Personal Information relating to Your device, browser, or application e.g. device identifiers, IP address, Your user name, roles/permissions for the Service, the domain name of Your Internet service provider, Your location, the Service features You use and the time of Your use, Your mobile device information (e.g., device model and operating system version) identifiers from cookies, session history, Service navigation metadata, and other data generated through applications and browsers, including via cookies, pixels, and similar technologies when You use our Service, access our Service, or when You open our communications. Additional information collected is described in the Analytics and Cookies and Other Tracking Technologies sections below.

From Other Sources

We may collect Personal Information about You, such as first, middle, and last name, date of birth, address, city, state, zip code, social security number, phone number, exam type, licensing state, exam date, exam status, exam scores, eligibility dates, exam service providers, and disability accommodation providers.

We may combine all of the information We collect from or about You and use it in the manner described in this Privacy Policy.

HOW WE USE YOUR INFORMATION

We may use the Personal Information that We collect for several purposes, including:

To verify Your eligibility for an examination;
To compile and maintain a database of the professional records of those who apply for a state license using this service, and to make available the data to the public and to various third parties, such as employers, other education organizations, continuing education providers, and state and regulatory authorities, consumers, and patients as a verification service;
The purposes for which You provided it;
To provide information and services to You;
To process and respond to Your inquiries and comments;
To send You information about Your relationship or transactions with Us;
To facilitate payment transactions (Your information will be used to submit Your payment information to our payment processor);
To administer, operate, and improve the Service or develop new services;
To personalize and enhance Your experience using the Service;
To send periodic emails. If You choose the email address You provide may be used to send You occasional news, reminders, updates, etc. Note: If You would like to update Your email preferences, or unsubscribe from receiving future emails at any time, We include detailed instructions at the bottom of each email;
To generate and review reports and data about our user base and Service usage patterns;
To analyze the accuracy, effectiveness, usability, or popularity of the Service;
To compile aggregate data for internal and external business purposes;
To prevent fraud and abuse of the Service and to otherwise protect users and visitors and our organization;
To assist law enforcement and respond to subpoenas; and
To perform other business activities as needed, or as described elsewhere in this Privacy Policy.
As explained elsewhere in this Privacy Policy, Personal Information We collect may be processed by our partners in providing services related to the Service (such as administration services, technical services relating to the maintenance, servicing, and upgrading of the products, software services, hosting services, customer service, data migration services, and analytical services, among others).

Please note that You may choose not to allow Us to use Your Personal Information for certain purposes as described in the Your Choices Regarding Your Personal Information section below.

HOW YOUR PERSONAL INFORMATION IS DISCLOSED

Your Personal Information may be disclosed to third parties in accordance with this Privacy Policy. Please note that a user may choose not to share certain information as described in Your Choices Regarding Your Personal Information below.

Third Party Service Providers and Business Partners

We may use third-party service providers and business partners to perform functions in connection with the Service and our other services, such as delivering announcements by email, developing, registering for, and delivering exams, payment processing, analyzing and improving the Service usefulness, reliability, user experience, and operation, storing data, securing data, hosting data, migrating data, providing users with services, and providing other services as described in this Privacy Policy. We may share Your Personal Information with these providers and partners so they can provide services to You (where legally required, We will obtain Your express consent).

CyberSource. We use CyberSource for payment processing services. CyberSource may collect Your first name, last name, email address, phone number, mailing address, order and payment information, IP address and information about the device used to access the Service, how and which Service are used, information provided though means such as social media or when You contact us through our website, and enrollment numbers or demographic group information (which does not identify individual users). For more information, please visit the CyberSource privacy policy.
Google. We use various Google products and services to support ARRT, including:

Tag Manager. We use Google Tag Manager and Dynamic Remarketing to deploy marketing tags and cookies. Google Tag Manager or Dynamic Remarketing may collect information related to tag firing, information contained in standard HTTP requests logs, and information related to online identifiers, such as cookie identifiers and IP addresses. For more information, please visit Google’s privacy policy.
APIs and Static. We may use Google APIs and Static to deliver our website to You by deploying CDN headers and cookies. For more information, please visit Google’s privacy policy.
Analytics. We use Google Analytics to analyze user activity on our Service for remarketing and behavioral targeting. Google and other third parties may use cookies, pixels, web beacons, and other storage technologies to collect information from the Service and from other Internet websites and use that information for the purposes of targeting ads and providing measurement services. Google may track Your activity over time and across websites.

Paradigm Testing. We use Paradigm Testing to assist in evaluating requests for test accommodations in accordance with the Americans with Disabilities Act (ADA). If You require accommodations, You will start by answering “yes” to the question about ADA accommodations on Your application for ARRT certification and registration. After we receive Your ARRT application, we’ll provide instructions on Your payment confirmation page about how to apply for accommodations. If You applied via a paper application, those instructions will be mailed to You. When You then request ADA accommodations from Paradigm, You will provide Personal Information, including Your contact information, medical information related to the nature of Your mental or physical impairment, and the ways in which it limits Your major life activities, information related to the ways in which Your mental or physical impairment impacts Your ability to examine under standard conditions, information related to any treatments, medications, devices, or auxiliary aids You commonly use, or plan to use, while taking Your exam, information related to Your history with classroom, workplace, and testing accommodations, and an explanation for the necessity of the accommodations You are requesting, and their appropriateness relative to Your impairment, to Paradigm Testing, which will make the recommendation as to what, if any, special accommodations You should receive. After Paradigm Testing makes a recommendation, it will transmit Your access code and the recommendation to ARRT, which will make the final decision regarding which accommodations are appropriate. All information that You provide to Paradigm Testing is subject to its privacy policy.
Pearson VUE. We use Pearson VUE to conduct our examinations. We may provide Pearson VUE with Your Personal Information, including Your name, address, email address, and other state licensure information, to facilitate examinations. Pearson VUE may collect other information from You, including Your driver's license information, credit card information, date of birth, social security number, employment data, education data, and biometric data, including Your photograph and palm vein topography, to verify Your identity. For more information on Pearson VUE's collection practices and privacy policies.

Investigators, State Medical Boards, State Licensing Entities, State Licensing Agencies, or the Public

We may disclose examination results and licensing information to state medical boards, or to the public. We release individual examination scores and credential status to state agencies. A state agency may request Your information by entering Your Personal Information into our state entity website. If We have a record on You, We will release a status report back to the registered state agency. We will disclose all relevant information in our possession for which We do not have claim of legal privilege in response to a lawful subpoena, court order, or an authorized request by a government or regulatory entity.

Organizational Changes

If We become involved in a merger, acquisition, sale of assets, joint venture, securities offering, bankruptcy, reorganization, liquidation, dissolution, or other transaction, or if the ownership of all, or substantially all, of our organization otherwise changes, We may transfer Your Personal Information to a third party or parties in connection therewith.

Affiliates

We may also share Your Personal Information with our affiliates for purposes consistent with this Privacy Policy. Our affiliates will be required to maintain that Personal Information in accordance with this Privacy Policy.

Investigations and Law

We may disclose your Personal Information to third parties if We believe that such disclosure is necessary to:

Comply with the law or guidance and cooperate with government or law enforcement officials or private parties;
Investigate, prevent, or take action regarding suspected illegal activities, suspected fraud, the rights, reputation, safety, and property of us, users or others, or violations of our policies or other agreements with Us;
Respond to claims and legal process (for example, subpoenas); and/or
Protect against legal liability.

Cookies and Other Tracking Technologies

We use Personal Information in connection with our use of cookies, pixels, and similar technologies on our Service. We and authorized third parties may collect this data automatically.

We and authorized third parties may use cookies and similar technologies for the following purposes:

for “essential” purposes necessary for our Service to operate (such as maintaining user sessions, content delivery, and the like);
for “functional” purposes, such as to enable certain features of our Service (for example, to allow a customer to maintain a logged-in session); and
for “analytics” purposes and to improve our Service, such as to analyze the traffic to and on our Service (for example, we can count how many people have looked at a specific page, or see how visitors move around the Service when they use it, to distinguish unique visits/visitors to our Service, and what website they visited prior to visiting our Service, and use this information to understand user behaviors and improve the design and functionality of the Service).

SECURITY

We implement a variety of security measures to protect the safety of Your Personal Information when You enter, submit, or access Your Personal Information.

While We take reasonable measures to protect your Personal Information against loss, theft, and unauthorized use, disclosure, or modification, We cannot guarantee its absolute security. No Internet, email, or mobile application transmission is ever fully secure or error free. Email or other messages sent through the Service may not be secure. You should use caution whenever submitting Personal Information through the Service and take special care in deciding what Personal Information You provide us.

We cannot guarantee that transmissions of Your Personal Information will be fully secure and that third parties will never be able to defeat our security measures or the security measures of our partners. We assume no liability for disclosure of your information due to transmission errors, third-party access, or causes beyond our control.

Any Personal Information collected through the Service is stored and processed in the United States. If You use our Service outside of the United States, You consent to have Your Personal Information transferred to the United States.

DATA RETENTION POLICY, MANAGING YOUR INFORMATION

We will retain Your information for as long as You use the Service and for a reasonable time thereafter. We may maintain anonymized or aggregated data, including usage data, for analytics purposes. We may retain and use Your information as necessary to comply with our legal obligations, resolve disputes, enforce our agreements, and/or for the period required by laws in applicable jurisdictions. Please note that some or all of the information We have collected may be required for transactions on the Service to function properly.

LINKS TO OTHER WEBSITES OR APPLICATIONS

The Service may contain links to other websites or apps or may forward users to other websites or apps that We may not own or operate and to which this Privacy Policy does not apply. The links from the Service do not imply that We endorse or have reviewed these websites or apps. The policies and procedures We describe here do not apply to these websites or apps. We neither can control nor are responsible for the privacy practices or content of these websites or apps. We suggest contacting these websites or app providers directly for information on their privacy policies. Nonetheless, We seek to protect the integrity of our Service, and welcome any feedback about these linked websites and mobile applications.

YOUR CHOICES REGARDING YOUR INFORMATION

You have choices regarding our collection, processing, and sharing of your Personal Information.

Changing Your Information – You may request to review, update, or have deleted any Personal Information collected from You through the Service. Please contact Us by emailing us at PrivacyRights@arrt.org or sending a letter through the U.S. Postal Service to “ARRT, 1255 Northland Drive, St. Paul, MN 55120-1155 ATTN: Privacy Policy” asking to review or update Your Personal Information, or to have Us delete Your Personal Information along with information which is sufficient, in the ARRT’s sole and absolute discretion, to verify that the Personal Information that you are requesting to change is associated with you. However, We reserve the right to retain Personal Information as necessary for our business purposes and to comply with federal and state laws.
Withdrawing Consent - If You are an individual residing in the EU, and You provided Your consent for any particular processing of Your Personal Information, You have the right to withdraw Your consent to our processing of Your Personal Information any time by requesting that Your Personal Information be deleted. See further information under the section EU Privacy Rights below. This deletion is permanent, and Your Personal Information cannot be reinstated and you agree that you are no longer authorized to use ARRT’s intellectual property such as its certification mark and other designations. To proceed with this request, please contact Us by emailing PrivacyRights@arrt.org or sending a letter through the U.S. Postal Service to “ARRT, 1255 Northland Drive, St. Paul, MN 55120-1155 ATTN: Privacy Policy”.
Opt-Outs Available from Our Partners - Some of our partners allow users to opt out of their collection of Personal Information. You may opt out of third-party services directly via the third party. For example, to opt-out of Google’s analytic and marketing services, visit Google Analytics Terms of Use, the Google Policy, or Google Analytics Opt-out.

VERIFICATION OF RIGHTS REQUESTS

If you submit a request, we typically must verify your identity to ensure that you have the right to make that request, reduce fraud, and to ensure the security of Personal Information. If an agent is submitting the request on your behalf, we reserve the right to validate the agent’s authority to act on your behalf.

We may require that you match Personal Information we have on file in order to adequately verify your identity. If you have an account, we may require that you log into the account to submit the request as part of the verification process. We may not grant access to certain Personal Information to you if prohibited by law.

INFORMATION COLLECTED FROM OTHER WEBSITES AND MOBILE APPLICATIONS, AND DO NOT TRACK POLICY

Your browser or device may offer You a “Do Not Track” option, which allows You to signal to operators of websites, web applications, mobile applications, and services (including behavioral advertising services) that You do not wish such operators to track certain of Your online activities over time and/or across different websites or applications. Our Service does not support Do Not Track requests at this time, which means that We, or our analytics providers or other third parties with which We are working, may collect Personal Information about Your online activity both during and after Your use of the Service.

CHILDREN

Our Service is not intended for children under 16 years of age. We do not knowingly collect Personal Information from an individual under age 16. If You are under the age of 16, please do not submit any Personal Information through the Service. If You have reason to believe that We may have accidentally received Personal Information from an individual under age 16, please contact Us by emailing us at PrivacyRights@arrt.org or sending a letter through the U.S. Postal Service to “ARRT, 1255 Northland Drive, St. Paul, MN 55120-1155 ATTN: Privacy Policy.”

CHANGES TO THIS PRIVACY POLICY

We reserve the right to update or modify this Privacy Policy at any time and from time to time without prior notice. Please review this Privacy Policy periodically, and especially before You provide any Personal Information. This Privacy Policy was made effective on the date indicated above.

HOW TO CONTACT US

For any enquiries or complaints relating to the use of Your Personal Information or this Privacy Policy, please feel free to contact Us by emailing us at PrivacyRights@arrt.org or sending a letter through the U.S. Postal Service to “ARRT, 1255 Northland Drive, St. Paul, MN 55120-1155 ATTN: Privacy Policy.”

YOUR CALIFORNIA PRIVACY RIGHTS

Section 1798.83 of the California Civil Code permits California residents to request from a business, with whom the California resident has an established business relationship, certain information about the types of Personal Information the business has shared with third parties for those third parties’ direct marketing purposes, and the names and addresses of the third parties with whom the business has shared such information during the immediately preceding calendar year. California residents may make one request each year by contacting Us by emailing us at PrivacyRights@arrt.org or by sending a letter through the U.S. Postal Service to “ARRT, 1255 Northland Drive, St. Paul, MN 55120-1155 ATTN: Privacy Policy.”

YOUR NEVADA PRIVACY RIGHTS

The Nevada Revised Statutes (NRS 603A.300 et seq.) permit a Nevada consumer to direct an operator of an Internet website or online service to refrain from making any sale of any covered information the operator has collected or will collect about that consumer. You may submit a request pursuant to this directive by emailing us at PrivacyRights@arrt.org or by sending a letter through the U.S. Postal Service to “ARRT, 1255 Northland Drive, St. Paul, MN 55120-1155 ATTN: Privacy Policy.” We will provide further information about how We verify the authenticity of the request and Your identity.

Consumer Health Data Privacy Policy

CATEGORIES OF CONSUMER HEALTH DATA WE COLLECT

We collect the following categories of Consumer Health Data for the following purposes:

Categories of Consumer Health Data Collected	The purposes of collecting, using and sharing	How Consumer Health Data will be used or processed
Individual health conditions, treatment, diseases, or diagnosis Social, psychological, behavioral, and medical interventions	We use Paradigm Testing to assist in evaluating requests for test accommodations in accordance with the Americans with Disabilities Act (ADA)	If You require accommodations, You will send ARRT an application containing a request for ADA accommodations. We will then contact Paradigm to procure an identification code, which We will mail to You, in conjunction with a letter instructing You to create a Paradigm account, and to use the code which identifies You. When You then request ADA accommodations from Paradigm, You will provide Personal Information, including Your contact information, medical information related to the nature of Your mental or physical impairment, and the ways in which it limits Your major life activities, information related to the ways in which Your mental or physical impairment impacts Your ability to test under standard conditions, information related to any treatments, medications, devices, or auxiliary aids You commonly use, or plan to use, while taking Your exam, information related to Your history with classroom, workplace, and testing accommodations, and an explanation for the necessity of the accommodations You are requesting, and their appropriateness relative to Your impairment, to Paradigm Testing, which will make the recommendation as to what, if any, special accommodations You should receive. After Paradigm Testing makes a recommendation, it will transmit Your name and the recommendation to ARRT, which will make the final decision regarding which accommodations are appropriate. All information that You provide to Paradigm Testing is subject to its privacy policy.
Biometric data, including facial photos, and voice recordings	Identity verification in connect with exams; social media sharing and connections; customer service; video and audio meeting recordings	We use facial photos to verify identity in connection with exams and share this information with our exam vendor. We operate social media accounts and share photos, text, and recordings as is typical for social media platforms. We occasionally ask consumers to share photos with Us for use on our social media accounts. We use voice recordings for the purposes for which they are provided, such as responding to customer service requests. We record certain audio or video meetings for the purpose for which the meeting is occurring, including hearings regarding potential ethics violations.
Any information that we or our respective processor, processes to associate or identify you with data described above that is derived or extrapolated from non-health information (such as proxy, derivative, inferred, or emergent data by any means, including algorithms or machine learning), also referred to as “Inference Data.”	Site Analytics	See “How Your Personal Information is Disclosed” section above.

Sharing of Consumer Health Data

Categories of Consumer Health Data we Share

We may share the following categories of Consumer Health Data with third parties and specific affiliates:

Individual health conditions, treatment, diseases, or diagnosis
Social, psychological, behavioral, and medical interventions
Biometric data
Any information that we or our respective processor, processes to associate or identify You with data described above that is derived or extrapolated from non-health information (such as proxy, derivative, inferred, or emergent data by any means, including algorithms or machine learning), also referred to as “Inference Data.”

Categories of Third Parties with Which we Share

We may share Consumer Health Data with the following categories of third-party recipients: See Third Party Service Providers and Business Partners list in How Your Personal Information is Disclosed section above.

Specific Affiliates with Which we Share

We may share Consumer Health Data with the following Affiliates: None.

Consumer Health Data Privacy Rights

Your Rights

Under the Washington State MHMDA and similar laws, residents and natural persons whose Consumer Health Data is collected in certain states may have the following rights, subject to verification, exceptions, and limitations:

Right to Confirm/Access/Know: Up to twice annually, You have the right to (a) confirm whether we are collecting, sharing, or selling Your Consumer Health Data, and (b) access such data, including a list of all third parties and affiliates with whom we have shared or sold the consumer health data and an active email address or other online mechanism that You may use to contact these third parties.
Right to Delete: You have the right to request deletion of the Consumer Health Data held by us and our affiliates, processors, contractors, and other third parties.
Right to Withdraw Your Consent/Opt-Out: You may withdraw any consent You have provided at any time. The consequence of Your withdrawing consent might be that we cannot perform certain services for You, such as location-based services, personalizing or making relevant certain types of advertising, or other services conditioned on Your consent or choice not to opt-out.
Right to Non-Discrimination: You have the right to not to receive discriminatory treatment as a result of Your exercise of rights conferred by the MHMDA and similar laws.

How to Exercise Your Rights

You may submit requests as follows (please review verification requirements below).

You may send an email to PrivacyRights@arrt.org with Your email address, phone number or address on file, along with Your request.
If You have any questions or wish to appeal any refusal to take action in response to a MHMDA rights request, contact Us at PrivacyRights@arrt.org. We will respond to any request to appeal within the period required by law.

Washington Residents: If Your appeal is unsuccessful, you can raise a concern or lodge a complaint with the Washington State Attorney General.
Nevada Residents: If your appeal is unsuccessful, You can raise a concern or lodge a complaint with the State of Nevada Attorney General.

Verification of Consumer Health Data Rights Requests

If You submit a request, we typically must verify Your identity to ensure that You have the right to make that request, reduce fraud, and to ensure the security of Consumer Health Data. If an agent is submitting the request on Your behalf, we reserve the right to validate the agent’s authority to act on Your behalf.

We may require that You match Consumer Health Data we have on file in order to adequately verify Your identity. If You have an account, we may require that You log into the account to submit the request as part of the verification process. We may not grant access to certain Consumer Health Data to You if prohibited by law.