Login Sign Up Cart

Privacy Policy

Privacy Policy — Last Updated: April 25, 2026

1. Introduction

The Seeds Scientific Research & Performance Institute (“SSRP,” “we,” “our,” or “us”) respects your privacy. This Privacy Policy describes how we collect, use, share, and protect personal information when you visit ssrpinstitute.org (the “Site”), attend our events, register for courses, or otherwise interact with us.

By using the Site, you acknowledge this Policy. We encourage you to review it periodically.

2. Information We Collect

2.1 Information You Provide

  • Account & Membership: Name, email, password, professional credentials, NPI/license number, professional affiliation, mailing address, phone
  • Payment & Purchase: Billing address, payment method (processed by Stripe / NMI; we do not store full card numbers)
  • Event Registration: Dietary restrictions, accessibility needs, professional interests
  • Communications: Messages you send via contact forms, support requests, or email
  • CME/Continuing Education: Quiz responses, certification claim data

2.2 Information Collected Automatically

  • Device & Browser: IP address, device type, operating system, browser type and version, screen size, language preference
  • Usage Data: Pages viewed, time on page, scroll depth, click events, referring URL, exit pages
  • Cookies & Similar Technologies: First-party and third-party cookies, local storage, tracking pixels (see Section 4)
  • Attribution Data: UTM parameters, ad click identifiers (gclid, fbclid, msclkid, ttclid, li_fat_id), referral source

2.3 Information from Third Parties

  • Advertising Platforms: Aggregate ad performance data from Google Ads, Meta Ads
  • Affiliate Partners: Referral source if you arrived via an affiliate link
  • Email Service Providers: Open and click data from Klaviyo

3. How We Use Your Information

We use your personal information to:

  • Provide membership, events, courses, and CME credit (Contract)
  • Process payments and fulfill orders (Contract)
  • Send transactional emails (order confirmations, password resets) (Contract)
  • Send marketing communications (newsletters, event invites) (Consent)
  • Run paid advertising and measure ad performance (Legitimate Interest / Consent)
  • Improve the Site and analyze usage (Legitimate Interest / Consent)
  • Comply with legal obligations and enforce our terms (Legal Obligation)
  • Detect, prevent, and respond to fraud or abuse (Legitimate Interest)

We do not sell your personal information for monetary value. However, certain advertising practices (such as Meta Pixel and Google Ads) may constitute “sharing” or “sale” under California law (CCPA/CPRA). See Section 8 for your California rights and how to opt out.

4. Cookies and Tracking Technologies

The Site uses cookies and similar technologies for essential functionality, analytics, advertising, and personalization. We use a Consent Management Platform (Cookiebot by Usercentrics) to obtain and record your consent.

Categories

  • Necessary — required for the Site to function (cart, checkout, login sessions, security)
  • Preferences — remember your choices (language, region)
  • Statistics — analytics about how visitors use the Site
  • Marketing — track ad performance, retarget visitors, build audiences

Specific Technologies in Use

  • Google Analytics 4 (Google LLC) — usage analytics, served via our server-side proxy
  • Google Ads (Google LLC) — conversion tracking, audience matching
  • Google Tag Manager (Google LLC) — tag orchestration
  • Meta Pixel + Conversions API (Meta Platforms, Inc.) — ad performance, audience matching
  • Stape (Stape Holding LTD) — server-side tag management proxy
  • Cookiebot (Usercentrics A/S) — consent management
  • Klaviyo (Klaviyo, Inc.) — email marketing
  • AffiliateWP (Awesome Motive, Inc.) — affiliate tracking
  • WP Engine (WPEngine, Inc.) — hosting and operational analytics
  • NitroPack (NitroPack Inc.) — site speed optimization
  • Sourcebuster (built into WooCommerce) — order attribution

Cookie Declaration

A live, automatically updated list of all cookies and trackers on the Site is available at our Cookie Declaration page.

Managing Your Preferences

You can update your consent at any time by clicking the cookie icon in the bottom-left corner of any page or by clicking the Cookie Settings link in our footer.

5. How We Share Information

We share personal information only with:

5.1 Service Providers (Processors)

Vendors who process data on our behalf under written agreements: hosting (WP Engine), payment processors (Stripe, NMI), email service (Klaviyo, Gravity SMTP), tag management (Google, Stape), CRM and membership tools (MemberPress, AffiliateWP), CME credit accreditation partners, customer support tools.

5.2 Advertising Partners

Google (Google Ads, GA4) and Meta (Facebook/Instagram Pixel and Conversions API) receive event data — including IP address, device identifiers, and conversion events — for ad targeting and measurement. We use Google Consent Mode v2 Advanced to send privacy-preserving signals when consent is denied.

5.3 Legal and Safety

When required by law, court order, or to protect our rights or the safety of users.

5.4 Business Transfers

In connection with a merger, acquisition, financing, or sale of assets, your data may be transferred as part of that transaction.

We do not rent, lease, or otherwise disclose your personal information to third parties for their own marketing purposes without your consent.

6. Healthcare and Medical Information

Our content is intended for licensed healthcare professionals. While SSRP Institute is not a covered entity under HIPAA and does not treat patients, we recognize that some information you may share (such as professional credentials, clinical interests, CME selections) is sensitive.

We do not collect Protected Health Information (PHI) about your patients through this Site. If you share patient information in any form with us (including via support tickets, forum posts, or community Q&A), we will request immediate deletion and notify you to do the same.

Quiz responses and CME completion data are stored solely for credentialing purposes and shared only with our accreditation partner (Northeast Ohio Medical University) as required.

7. Data Retention

We retain personal information for as long as necessary to provide our services, comply with legal obligations, resolve disputes, and enforce our agreements.

  • Account information: Active membership + 7 years
  • Order and payment records: 7 years (tax, accounting requirements)
  • CME completion records: 6 years (ACCME requirements)
  • Marketing list subscribers: Until you unsubscribe + 90 days
  • Analytics data (GA4): 14 months
  • Cookie consent records: 12 months from collection
  • Server logs: 90 days

After applicable periods expire, data is deleted or anonymized.

8. California Resident Rights (CCPA/CPRA)

If you are a California resident, you have the following rights:

  • Right to Know — what personal information we collect, use, and share
  • Right to Delete — request deletion of personal information we hold about you
  • Right to Correct — correct inaccurate personal information
  • Right to Opt Out of Sale or Sharing — including for cross-context behavioral advertising
  • Right to Limit Use of Sensitive Personal Information
  • Right to Non-Discrimination for exercising your rights

Categories of Personal Information We Collect

Identifiers (name, email, IP), Commercial Information (purchase history), Internet Activity (browsing data), Geolocation (IP-based), Professional Information (credentials), Inferences drawn from the above.

Categories We “Share” or “Sell” Under CCPA

We share Internet Activity and Identifiers with Google and Meta for cross-context behavioral advertising. Under CCPA’s broad definition, this constitutes “sale” or “sharing.”

How to Exercise Your Rights

  • Do Not Sell or Share My Personal Information: Click the link in our footer, or update your cookie preferences via the cookie icon in the bottom-left corner of any page
  • Right to Know / Delete / Correct: Email privacy@ssrpinstitute.org with your request. We will verify your identity and respond within 45 days.

9. European Economic Area, UK, and Swiss Resident Rights (GDPR/UK GDPR)

If you are in the EEA, UK, or Switzerland, you have the following rights:

  • Access the personal data we hold about you
  • Rectify inaccurate or incomplete data
  • Erase your data (“right to be forgotten”)
  • Restrict or object to processing
  • Portability — receive your data in a machine-readable format
  • Withdraw consent at any time
  • Lodge a complaint with your local data protection authority

To exercise these rights, email privacy@ssrpinstitute.org.

We rely on Standard Contractual Clauses (SCCs) for data transfers to the United States.

10. Security

We use commercially reasonable administrative, technical, and physical safeguards to protect personal information, including:

  • TLS encryption in transit (HTTPS sitewide)
  • Encrypted database storage
  • Access controls and authentication
  • Regular security updates and patching via WP Engine managed hosting
  • Payment data handled by PCI-DSS compliant processors (we do not store card numbers)
  • Quarterly vulnerability scans

No method of transmission or storage is 100% secure. If we become aware of a data breach affecting your personal information, we will notify you as required by applicable law.

11. Children’s Privacy

The Site is not directed to children under 13 (under 16 in the EEA). We do not knowingly collect personal information from children. If you believe we have collected information from a child, contact privacy@ssrpinstitute.org and we will delete it promptly.

12. Email Communications and CAN-SPAM Compliance

We comply with the CAN-SPAM Act. Marketing emails will:

  • Identify themselves as advertisements where required
  • Show a valid physical postal address
  • Include a clear unsubscribe link
  • Honor opt-out requests within 10 business days

You can unsubscribe at any time using the link in any marketing email or by contacting privacy@ssrpinstitute.org. Transactional emails (order confirmations, password resets, CME completion) cannot be unsubscribed.

13. Third-Party Links

The Site may contain links to third-party websites. We are not responsible for their privacy practices. Please review their policies before providing information.

14. Do Not Track Signals

We honor Global Privacy Control (GPC) signals from your browser as a CCPA opt-out request. We do not currently respond to other “Do Not Track” signals because there is no industry standard.

15. Changes to This Policy

We may update this Policy. The “Last Updated” date at the top reflects when material changes were made. For substantive changes, we will provide notice via email or a Site banner.

16. Contact Us

For privacy questions, requests, or to exercise your rights:

Seeds Scientific Research & Performance Institute
5000 East 345th Street
Willoughby, OH 44094
Privacy: privacy@ssrpinstitute.org
General: info@ssrpinstitute.org

For data subject requests, please use the subject line “Privacy Request” and indicate the right you are exercising.

Need help? info@ssrpinstitute.org

© 2026 Seeds Scientific Research & Performance. All Rights Reserved.