Privacy Policy for YANA Careers, LLC. 

YANA Careers, LLC, www.yanacareers.com (“YANA Careers,” “we,” “us,” or “our”) thanks you for visiting the online and mobile resources we publish. We use “you” and “your” to mean the reader and other visitors to our online and mobile resources who are, in all cases, over the age of 13.

This Privacy Policy (“Policy”) explains what personal information we collect, how we use it, with whom we share it and why, and the steps we take to protect it.

“Online and mobile resources” means websites and other internet features we own or control that allow you to interact with us, as well as apps or hosted portals we use to deliver services and content (for example, learning portals, community forums, webinar platforms).

California Notice of Collection: For your California privacy rights, see THE CALIFORNIA CONSUMER PRIVACY ACT (CCPA/CPRA) below.

Who We Are

YANA Careers, LLC is a U.S.-based professional development, coaching, and education company serving clinical research and related industries. For residents of GDPR jurisdictions (defined below) and certain U.S. state privacy laws, YANA Careers is the data controller. For California residents, YANA Careers is a “business” under the CCPA/CPRA.

From Whom We Collect Personal Information

We may collect personal information from:
• Visitors to and users of our online and mobile resources
• Customers and subscribers
• Job applicants and members of our workforce
• Vendors, contractors, and business partners

“Personal information” generally means information that identifies, relates to, describes, or could reasonably be linked with an individual (e.g., name, email, address, phone number, payment data, IP address). Where specific laws (e.g., CCPA/CPRA, GDPR) define personal information differently, we apply the broader/controlling definition when required.

What We Collect
We collect two broad types of data:
1. Automatically collected, non-personal information (e.g., device type, browser, operating system, IP address, pages viewed, referring/exit pages, date/time stamps).

2. Personal information you provide or that we collect automatically, such as identifiers (name, email, phone, mailing address), professional data (role, employer, industry), and, where necessary to process payments, payment card information via our third-party processors.

By using our online and mobile resources or purchasing our products/services, you consent to our collection, use, and disclosure of information as described in this Policy.

Voluntarily Submitted Information

You may provide personal information when you:
• Email or submit forms (e.g., contact, support, intake, application)
• Create an account (e.g., program portal)
• Register for services, events, webinars, or programs
• Purchase courses, coaching, memberships, or other offerings
• Use social/community features (posts, comments, profile data)

If a paid event or service is involved, you may be asked for payment data. We use this information to provide services, manage your account, communicate with you, process transactions, and send information related to your requests or our offerings. We do not sell, rent, or trade voluntarily submitted personal information.
If you prefer not to provide certain personal information, some features or services may be unavailable.

Community Features: Information posted in public/community areas (e.g., forums) may be visible to others and is not covered by this Policy once publicly shared by you.

Automatically Collected Information & Cookies
We (and service providers) use cookies, pixels, tags, SDKs, and similar technologies to collect internet activity information, including:
• Domain name, IP address, device and browser type/OS
• Pages viewed, links clicked, time spent, files downloaded
• Referring and exit pages
• For mobile access, device identifiers and, if enabled, precise or approximate geolocation

You can manage cookies via your browser settings. Disabling cookies may limit certain features.

We use tools such as Google Analytics to analyze usage and improve our services. Learn more about Google’s data practices at: www.google.com/policies/privacy/partners/. You can opt out via: https://tools.google.com/dlpage/gaoptout.

Retention
We retain personal information consistent with applicable law and our internal retention policies, for as long as needed to fulfill the purposes described here, comply with legal obligations, resolve disputes, and enforce agreements. Usage data is typically retained for a shorter period unless needed to improve security/functionality or required by law.

User Beware: External Sites, Apps, Links, and Social Media
We maintain a presence on platforms such as LinkedIn, Facebook, Instagram, YouTube, and others. Our resources may link to third-party sites/apps we do not control. Their privacy practices govern your interactions there. Review those policies carefully.

How We Use Your Information
We use personal information for legitimate business purposes, including to:
• Provide services and fulfill requests
• Create and manage accounts
• Personalize experiences and content
• Improve our sites, services, and customer support
• Diagnose and address technical issues
• Process transactions (purchases, subscriptions)
• Prevent fraud and protect our rights, safety, and property
• Develop and improve products/services
• Send communications about orders, updates, and relevant offerings (you may opt out of non-transactional marketing)
• Comply with law and enforce policies

Lawful bases (where required) include: performance of a contract; consent; legitimate interests (e.g., security, analytics, direct marketing where permitted, improving services); and legal obligations.

When/With Whom We Share Personal Information
We do not sell or rent your personal information.
We may share information with:
• Affiliates within our corporate family (using it consistent with this Policy)

• Vendors/Service Providers who support our operations (e.g., hosting, analytics, email, learning/community platforms, payment processing). We contractually require appropriate safeguards and limit use to the intended business purpose.

• Legal/Regulatory authorities where required by law, court order, or to protect rights/safety

• Business Transfers (e.g., merger, acquisition, reorganization, or sale of assets)

We aim to limit disclosures to what’s necessary. Despite contractual safeguards, we cannot guarantee complete compliance by all third parties.

Email Communications, Newsletters, and Marketing
We may send newsletters and promotional emails consistent with your preferences and applicable law. You can unsubscribe via the link in our emails or by contacting us (see Contacting Us). Transactional/service emails (e.g., receipts, account notices) are not subject to opt-out.

Payments
Paid products/services may be processed by third-party payment processors (e.g., card processors, digital wallets). We do not store full payment card numbers. Processors handle your data under their own privacy policies and must comply with PCI-DSS standards.

Your Rights and Options
• Account settings: You can update certain account/profile information in your portal (if applicable).
• Marketing opt-out: Use the unsubscribe link in our emails or contact us.
• Do Not Track: Browser “DNT” signals are not currently honored.
• Jurisdictional rights: See CCPA/CPRA, Virginia, GDPR/UK-GDPR sections below.

Children’s Privacy
Our resources are not intended for individuals under 18. We do not knowingly collect personal information from children under 13 (COPPA). If you believe a minor has provided personal information, contact us at [email protected] and we will delete it.

How We Protect Personal Information
We maintain a Security Program with technical, organizational, and administrative safeguards designed to protect personal information consistent with industry standards and applicable law. No system is 100% secure; we cannot guarantee against unauthorized access, loss, or misuse. We maintain incident response procedures and require vendors to notify us of relevant security incidents affecting data we provided.

The California Consumer Privacy Act (CCPA/CPRA)
Categories Collected
From California residents, we may collect: identifiers (e.g., name, email, IP), customer records data (e.g., address, payment info), commercial information (purchases), internet/electronic activity, geolocation (if enabled), and audio/visual/electronic information (e.g., recordings with notice/consent). We do not sell personal information and have not sold personal information in the last 12 months. We may “share” personal information for cross-context behavioral advertising as defined by CPRA; you may opt out as described below.

Your CCPA/CPRA Rights
California residents may request:
• Access/Know: categories and specific pieces of personal information collected; sources; purposes; categories of disclosures; categories of third parties.
• Deletion: of personal information, subject to legal exceptions.
• Correction: of inaccurate personal information.
• Opt-Out of Sharing/Targeted Advertising: You may opt out of cross-context behavioral advertising.
• Non-Discrimination: We will not discriminate for exercising your rights.

To exercise rights, contact [email protected]. We may need to verify your identity/authority before acting on requests. We will respond within timeframes required by law.

Opt-Out Preference Signals / Global Privacy Control (GPC): Where applicable, we treat a valid GPC signal as a request to opt out of sharing for the browser/device sending the signal.

Virginia Residents (VCDPA)
Virginia residents may request to access, correct, delete, and opt out of targeted advertising and certain profiling. To exercise your rights or appeal a denial, contact [email protected]. We will verify requests and respond within statutory timeframes.

The EU General Data Protection Regulation (GDPR) & UK-GDPR
Scope and Lawful Bases

For data subjects in the GDPR Jurisdictions (EEA, plus countries with adequacy decisions, and the UK under UK-GDPR), we process personal data under lawful bases including legitimate interests, contract, consent, and legal obligations. We do not sell your personal data or use automated decision-making producing legal/similar significant effects without required safeguards.

Cross-Border Transfers
Where we transfer personal data to countries without an adequacy decision, we use GDPR-permitted mechanisms (e.g., Standard Contractual Clauses) and supplementary measures where appropriate.

Your GDPR/UK-GDPR Rights
You may have rights of access, rectification, erasure, restriction, portability, and objection. To exercise, contact [email protected]. We will verify identity, respond without undue delay, and within required timeframes. You may lodge a complaint with your supervisory authority.

Online Tracking Technologies & Advertising
We, service providers, and third parties may collect activity data on our sites/apps and on third-party properties via cookies, pixels, tags, SDKs, APIs, and web beacons to:
• Remember preferences and simplify experiences
• Deliver and measure relevant content/ads
• Monitor, analyze, and improve performance and usage
We may provide limited identifiers (e.g., hashed email) to advertising platforms to help deliver or suppress ads and to measure performance, consistent with law and your preferences.

Opt-Out Choices:
• Use the “Do Not Sell or Share My Personal Information” link (where provided) to opt out of cross-context behavioral advertising/sharing.
• Manage cookies in your browser/device settings.
• Use industry tools (e.g., DAA, NAI) to control targeted ads.
• Use GPC where supported.

Note: Opt-outs can be browser-, device-, and property-specific. Clearing cookies may reset your preferences.

Authorized Agents (Where Permitted)
You may authorize an agent to make a request on your behalf. We may require proof of authorization (e.g., power of attorney) and will verify both you and your agent. Agents may use information only to fulfill the request, for verification, or for fraud prevention.

Rights of Data Subjects in Other Jurisdictions
Where other local privacy laws apply, we will honor applicable rights to access, correct, delete, or otherwise manage personal information, subject to lawful exceptions.

Changes to This Policy
This Policy was drafted on October 28, 2025 and is effective as of that date. We may update it from time to time. Check our online resources periodically for changes. The English version controls.

Contacting Us
If you have questions about this Policy or our privacy practices, contact:
Attention: Legal Department
YANA Careers, LLC
2950 Belcrest Center Drive, Suite #1022
Hyattsville, MD 20782, USA
Email: [email protected]