Privacy Policy

1. Introduction

This Privacy Policy describes how Foresight Management Group ("FMG," "we," "us," or "our") collects, uses, discloses, and protects personal information through the Foresight Connects platform (the "Platform"). Foresight Connects is a proprietary event management portal operated by FMG to facilitate pharmaceutical, life sciences, and corporate meeting and event programs on behalf of our clients.

By accessing or using the Platform, you acknowledge that you have read, understood, and agree to the practices described in this Privacy Policy. If you do not agree, you should not access or use the Platform.

2. Scope

This Privacy Policy applies to all users of the Foresight Connects platform, including but not limited to:

• FMG administrative and event management staff
• Client administrators and representatives
• Sales Managers (SMs) and program approvers
• Healthcare professionals (HCPs) and Key Opinion Leaders (KOLs) participating as speakers or faculty
• Event attendees and registrants
• Vendor contacts and service providers

This policy does not govern information collected through other FMG channels, including www.foresightmanagement.net, unless expressly stated.

3. Information We Collect

3.1 Account and Profile Information

When a user account is created in the Platform, we collect identifying information including first and last name, professional title, email address, phone number, organizational affiliation, and assigned role within the system.

3.2 Healthcare Professional Data

For speakers, faculty, and other HCPs, we may collect National Provider Identifier (NPI) numbers, medical license information, state licensure details, curriculum vitae or professional biographies, specialty and therapeutic area expertise, institutional affiliations, speaking history, honoraria and payment details, W-9 tax forms (including Social Security Numbers or Employer Identification Numbers), and compliance attestation records.

3.3 Attendee and Registration Data

For event attendees, we collect registration details including name, credentials, email, dietary and accessibility requirements, travel preferences, and hotel accommodation information.

3.4 Financial and Payment Information

The Platform processes expense submissions, vendor payments, speaker honoraria, budget allocations, and virtual payment card transactions (such as VPay). Financial data is collected and processed solely for the purpose of program execution and reconciliation.

3.5 Program and Operational Data

We collect information related to event logistics, including venue details, transportation manifests, run-of-show documents, vendor agreements, site inspection records, and program checklists.

3.6 Usage and System Data

The Platform automatically collects technical information including IP addresses, browser type, device identifiers, access timestamps, pages viewed, and actions taken within the system. This data supports security monitoring and system performance.

4. How We Use Your Information

We use personal information collected through the Platform for the following purposes:

• To create, manage, and administer user accounts and role-based access controls
• To plan, coordinate, and execute meetings and events on behalf of our clients
• To manage speaker and HCP engagement, including faculty recruitment, onboarding, and compliance documentation
• To process payments, honoraria, travel reimbursements, and expense reconciliation
• To generate reports, including post-event summaries, budget reconciliations, and program analytics
• To communicate with users regarding program logistics, scheduling, and status updates
• To comply with pharmaceutical industry transparency and compliance requirements, including the Sunshine Act and Open Payments reporting
• To maintain the security and integrity of the Platform
• To fulfill legal, regulatory, and contractual obligations

5. Legal Basis for Processing

We process personal information on the following legal grounds:

• Contractual necessity: Processing required to fulfill our obligations under client service agreements and statements of work
• Legitimate interest: Processing necessary for the operation, security, and improvement of the Platform
• Legal compliance: Processing required to meet regulatory obligations, including pharmaceutical industry compliance, tax reporting, and transparency requirements
• Consent: Where required by applicable law, we obtain consent before collecting or processing certain categories of personal information

6. Data Sharing and Disclosure

We do not sell personal information. We may share information with the following categories of recipients:

Clients. Information related to program execution is shared with the sponsoring client organization as required under our service agreements. This may include speaker details, attendee lists, budget reports, and compliance documentation.

Service Providers. We engage third-party service providers that support Platform operations, including cloud hosting, application deployment, scheduling tools, and venue sourcing platforms. These providers are contractually bound to protect personal information and use it solely for the services they provide to us.

Regulatory and Legal. We may disclose information as required by law, regulation, legal process, or enforceable governmental request. This includes compliance with pharmaceutical industry transparency requirements such as the Physician Payments Sunshine Act.

Professional Advisors. We may share information with legal counsel, auditors, and insurance providers as necessary.

7. Data Security

FMG implements administrative, technical, and physical safeguards to protect personal information processed through the Platform. These measures include:

• Role-based access controls (RBAC) with row-level security (RLS) policies enforced at the database level
• Encryption of sensitive data fields, including Social Security Numbers, NPI numbers, and financial account information
• Secure authentication through Supabase Auth with email verification
• HTTPS encryption for all data in transit
• Access logging and audit trails for administrative actions
• Cyber liability insurance coverage through Hiscox

While we take reasonable measures to protect your information, no method of electronic storage or transmission is completely secure. We cannot guarantee absolute security.

8. Data Retention

We retain personal information for as long as necessary to fulfill the purposes described in this Privacy Policy, comply with legal and regulatory obligations, resolve disputes, and enforce our agreements. Specific retention periods vary based on the type of information and applicable requirements:

• Program and event records: Retained for a minimum of seven (7) years following program completion to satisfy pharmaceutical industry compliance and tax requirements
• Financial records: Retained in accordance with IRS requirements and applicable state tax laws
• User accounts: Retained for the duration of the business relationship; deactivated accounts are retained for compliance purposes before permanent deletion
• System logs: Retained for a minimum of twelve (12) months for security and operational purposes

9. Your Rights

Depending on your jurisdiction, you may have the following rights regarding your personal information:

• The right to access the personal information we hold about you
• The right to request correction of inaccurate or incomplete information
• The right to request deletion of your personal information, subject to legal and contractual retention obligations
• The right to restrict or object to certain processing activities
• The right to data portability where technically feasible
• The right to withdraw consent where processing is based on consent

To exercise any of these rights, contact us at info@foresightmanagement.net. We will respond within the timeframe required by applicable law.

10. Children's Privacy

The Platform is not directed to individuals under the age of 18. We do not knowingly collect personal information from children. If we become aware that we have collected information from a child, we will take steps to delete it promptly.

11. Third-Party Services and Integrations

The Platform integrates with third-party services to support its functionality. These include, but are not limited to, Supabase (database and authentication), Vercel (application hosting), Zoho (CRM, project management, and financial tools), Doodle (scheduling), and venue sourcing platforms. Each third-party service operates under its own privacy policy. We encourage users to review those policies independently.

12. Changes to This Privacy Policy

We may update this Privacy Policy periodically to reflect changes in our practices, the Platform, or applicable law. When we make material changes, we will notify affected users through the Platform or via email. The "Effective Date" at the top of this policy indicates when it was last revised.

13. Contact Information

If you have questions or concerns about this Privacy Policy or our data practices, contact us at:

Foresight Management Group
Attn: Privacy Inquiries
532 Old Marlton Pike W PMB 710
Marlton, NJ 08053
Email: info@foresightmanagement.net
Phone: 973-444-7446