Skip to main content

Privacy Policy

Last updated: June 24, 2026

1. Who We Are

EmersonArc ("EmersonArc," "we," "us," or "our") operates the websites at emersonarc.com and its subdomains, including consulting.emersonarc.com, acuityvoice.emersonarc.com, acuitymedical.emersonarc.com, and academy.emersonarc.com (collectively, the "Sites"). We are a medical communications and consulting company based in the United States.

Questions about this policy can be directed to: hello@emersonarc.com

2. Information We Collect

We collect information in two ways:

Information you provide directly

  • Contact and inquiry form submissions — including name, email address, organization, phone number, and the content of your message.
  • Newsletter subscriptions — your email address when you subscribe to any EmersonArc publication.
  • Email correspondence — if you contact us directly by email.

Information collected automatically

  • Standard server logs — IP address, browser type, pages visited, and timestamps. These are retained only as long as necessary for security and operational purposes.
  • Cookies and similar technologies — see Section 6 below.

We do not collect sensitive personal data such as health records, government IDs, payment card numbers, or racial or ethnic origin.

3. How We Use Your Information

We use the information we collect to:

  • Respond to inquiries, proposals, and consulting requests you submit through our forms.
  • Send newsletters and editorial content you have subscribed to.
  • Operate, maintain, and improve our Sites.
  • Comply with legal obligations.
  • Prevent fraud and ensure the security of our Sites.

We do not sell, rent, or trade your personal information to third parties for their marketing purposes.

4. Legal Basis for Processing (EEA, UK & Switzerland)

If you are located in the European Economic Area, the United Kingdom, or Switzerland, we process your personal data under the following legal bases:

  • Legitimate interests — responding to inquiries, operating and securing our Sites, and improving our services, where these interests are not overridden by your rights.
  • Consent — sending marketing emails and newsletters. You may withdraw consent at any time by unsubscribing or contacting us.
  • Contract — fulfilling any service engagement you enter into with us.
  • Legal obligation — complying with applicable law.

5. Third-Party Services

We use a limited number of third-party services to operate our Sites. Each processes data on our behalf and under applicable data protection agreements:

  • Vercel — website hosting and delivery. Data may be processed on servers in the United States and other countries. Vercel Privacy Policy.
  • Web3Forms — form submission delivery. Form data (name, email, message) is transmitted through Web3Forms to deliver it to our inbox. Web3Forms Privacy Policy.
  • Kit (ConvertKit) — email newsletter delivery for subscribers. Kit Privacy Policy.

Our web fonts are self-hosted from our own domain. We do not load fonts or other assets from Google Fonts or any third-party content delivery network, so no visitor data is sent to those services.

We do not use third-party advertising networks or behavioural tracking tools.

6. Cookies

Our Sites use a minimal number of cookies:

  • Strictly necessary cookies — required for the Sites to function (e.g., security, session management). These cannot be disabled.
  • Preference cookies — used to remember settings you have chosen. These are only set if you interact with relevant features.

We do not currently use analytics, advertising, or social-media tracking cookies. If this changes, we will update this policy and, where required by law, seek your consent.

You can control cookies through your browser settings. Disabling strictly necessary cookies may affect Site functionality.

7. Data Retention

We retain personal information only as long as necessary for the purposes described in this policy:

  • Inquiry and contact form data — up to 3 years, or as long as required to respond to and follow up on your inquiry.
  • Newsletter subscriber data — until you unsubscribe or request deletion.
  • Server logs — typically 90 days, unless a longer period is required for security purposes.

After the applicable retention period, data is deleted or anonymised.

8. Your Rights

For individuals in the EEA, UK, and Switzerland (GDPR)

You have the right to:

  • Access — request a copy of the personal data we hold about you.
  • Rectification — request correction of inaccurate data.
  • Erasure — request deletion of your data, subject to legal retention requirements.
  • Restriction — request that we limit processing of your data in certain circumstances.
  • Portability — receive your data in a structured, machine-readable format.
  • Object — object to processing based on legitimate interests.
  • Withdraw consent — where processing is based on consent, withdraw it at any time without affecting the lawfulness of prior processing.
  • Lodge a complaint — with your local data protection authority.

For California residents (CCPA / CPRA)

Under the California Consumer Privacy Act, you have the right to:

  • Know — request disclosure of the categories and specific pieces of personal information we have collected about you.
  • Delete — request deletion of personal information we have collected, subject to legal exceptions.
  • Correct — request correction of inaccurate personal information.
  • Opt out of sale or sharing — we do not sell or share personal information for cross-context behavioural advertising.
  • Non-discrimination — we will not discriminate against you for exercising your privacy rights.

To exercise any of these rights, contact us at hello@emersonarc.com. We will respond within the timeframe required by applicable law (typically 30 days). We may need to verify your identity before fulfilling your request.

9. International Data Transfers

EmersonArc is based in the United States. If you are located outside the United States, your information may be transferred to and processed in the United States or other countries where our service providers operate. We take steps to ensure such transfers comply with applicable law, including relying on Standard Contractual Clauses approved by the European Commission where required.

10. Children's Privacy

Our Sites are not directed to individuals under the age of 16. We do not knowingly collect personal information from children. If you believe we have inadvertently collected information from a child, please contact us and we will delete it promptly.

11. Links to Other Sites

Our Sites may contain links to third-party websites. We are not responsible for the privacy practices of those sites and encourage you to review their privacy policies before providing any personal information.

12. Changes to This Policy

We may update this Privacy Policy from time to time. When we do, we will revise the "Last updated" date at the top of this page. For material changes, we will provide more prominent notice where required by law. Your continued use of our Sites after any change constitutes acceptance of the updated policy.

13. Contact Us

For any questions, requests, or concerns about this Privacy Policy or our data practices, please contact us:

If you are located in the EEA or UK and believe your data protection rights have been violated, you have the right to lodge a complaint with your national data protection authority. A list of EEA supervisory authorities is available at edpb.europa.eu.