1. Information We Collect
1.1 Your privacy is important to us and we have taken steps to ensure that we do not collect more information from you than is necessary for us to provide you with our services and to protect your account.
1.2 We may process the following categories of personal data about you:
1.2.1 Personal Data means any information relating to an identified or identifiable natural person. This information may include, in particular by reference to an identifier, such as individual’s name, address, phone number, e-mail address, Social Security number or other country identifier, driver’s license number, bank account information, or credit card information; and all information, data and materials, including without limitation, demographic, medical and financial information, that relate to the past, present, or future physical or mental health or condition of an individual; the provision of health care to an individual; or the past, present, or future payment for the provision of health care to an individual; and such other information as we may deem necessary for provision of Services. When you contact us through any of the communication modes as mentioned below, your email address may be added to our mailing list from which you can unsubscribe at any time using the unsubscribe link in each email or by contacting us at firstname.lastname@example.org.
1.2.2 Communication Data may include any communication that you send to us whether that be through the Contact Form on our Website, through email, text, social media messaging, social media posting or any other communication that you send us. We process this data for the purposes of communicating with you, for record keeping and for the establishment, pursuance or defence of legal claims. Our lawful ground for this processing is our legitimate interests which in this case are to reply to communications sent to us, to keep records and to establish, pursue or defend legal claims.
1.2.3 Technical Data may include data about your use of our Website and online services such as your IP address, your login data, details about your browser, length of visit to pages on our Website, page views and navigation paths, details about the number of times you use our Website, time zone settings and other technology on the devices you use to access our Website. The source of this data is from our analytics tracking system. We process this data to analyse your use of our Website and other online services, to administer and protect our business and Website, to deliver relevant website content and advertisements to you and to understand the effectiveness of our advertising. Our lawful ground for this processing is our legitimate interests which in this case are to enable us to properly administer our Website and our business and to grow our business and to decide our marketing strategy.
1.2.4 Marketing Data may include data about your preferences in receiving marketing from us and our third parties and your communication preferences. Our lawful ground for this processing is our legitimate interests which in this case are to study how customers use our products/services, to develop them, to grow our business and to decide our marketing strategy.
1.3 We may use Personal Data, Communication Data, Technical Data and Marketing Data (the “Data”) to provide you with Services. We may also use such data to send other marketing communications to you.
2. Name and Address of the Data Controller
2.1 Data Controller for the purposes of the General Data Protection Regulation (GDPR), other data protection laws applicable in Member states of the European Union and other provisions related to data protection is:
Name: Janet Bernard
Address: MedPanel, Inc., 50 Church Street, 5th Floor Cambridge, MA 02138
3. Consent and its Withdrawal
3.2 We will process the Data only after taking written instructions/consent from you mostly in electronic form in the form of Clickable button, a checkbox or through an email.
3.3 If you change your mind, you may withdraw your consent for us to contact you, for the continued collection, use or disclosure of your information, at any time, by contacting us at email@example.com.
4. Promotional Emails
4.1 You agree that the Website and/or third parties may from time to time send e-mail messages to you which offer products and services, promotions, subscriptions or registration-based services or other material. If you wish to discontinue receiving such email, you may opt-out by writing us through email at firstname.lastname@example.org. Your preferences will then be updated.
5. How We Use and Process the Data
5.1 The Data collected by us from you may be used to provide you with Services and better understand your needs related services and programs, to correspond with you and reply to your questions with about our services.
5.2 We will not rent or sell your Data to others. We may store the Data in locations outside our direct control (for instance, on servers or databases co-located with hosting providers).
5.3 If you provide any Data to us, you are deemed to have authorized us to collect, retain and use that data for the following purposes:
i. verifying your identity;
ii. providing you with customer service and responding to your queries, feedback, or disputes;
iii. making such disclosures as may be required for any of the above purposes or as required by law, regulations and guidelines or in respect of any investigations, claims or potential claims brought on or against us;
iv. provide and maintain the Services;
v. notify you about changes to our Services;
5.4 We shall ensure that:
i. The Data collected and processed for and on our behalf by any party is collected and processed fairly and lawfully;
ii. You are always made fully aware of the reasons for the collection of Data and are given details of the purpose(s) for which the data will be used;
iii. The Data is only collected to the extent that is necessary to fulfil the purpose(s) for which it is required;
iv. No Data is held for any longer than necessary in light of the purpose(s) for which it is required.
v. Whenever cookies or similar technologies are used online by us, they shall be used strictly in accordance with the law;
vi. You are informed if any data submitted by you online cannot be fully deleted at your request under normal circumstances and how to request that the we delete any other copies of that data, where it is within your right to do so;
vii. Appropriate technical and organizational measures are taken to protect the Data;
viii. Data is transferred securely, whether it is transmitted electronically or in hard copy.
ix. You can fully exercise your rights with ease and without hindrance.
6. Disclosure of Data
6.2 We may disclose the Data in the good faith belief that such action is necessary to:
x. comply with a legal obligation
xi. protect and defend our rights or property
xii. prevent or investigate possible wrongdoing
xiii. protect the personal safety of users of the Service or the public
xiv. protect against legal liability
6.3 When necessary, we may also disclose and transfer your Data to our professional advisers, law enforcement agencies, insurers, government and regulatory and other organizations.
7. Data Storage
7.1 Your Data may be stored and processed at the servers in the United States, Europe, or any other country in which the Website or its subsidiaries, affiliates or service providers maintain facilities.
7.4 We will only retain your Data preferably for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, see section regarding insurance requirement and reporting requirements. When deciding what the correct time is to keep the Data for we look at its amount, nature and sensitivity, potential risk of harm from unauthorised use or disclosure, the processing purposes, if these can be achieved by other means and legal requirements.
8. How We Protect Your Information
8.1 We store all the Data submitted by you through Website at a secure database.
8.2 We are concerned with protecting your privacy and data, but we cannot ensure or warrant the security of any data you transmit to or guarantee that your Data may not be accessed, disclosed, altered or destroyed by breach of any of our industry standard physical, technical or managerial safeguards.
8.3 No method of transmission over the Internet or method of electronic Therefore, we cannot guarantee its absolute security. If you have any questions about security of our Website, you can contact us at Info@medpanel.com.
8.4 Any Data supplied by you will be retained by us and will be accessible by our employees, any service providers engaged by us and third parties.
9. Compliance with the GDPR
9.1 For users based in the European Union (EU), the Website shall make all reasonable efforts to ensure that it complies with The General Data Protection Regulation (GDPR) (EU) 2016/679 as set forth by the European Union regarding the collection, use, and retention of Data from European Union member countries. Website shall make all reasonable efforts to adhere to the requirements of notice, choice, onward transfer, security, data integrity, access and enforcement.
10. The Rights of Users
You may exercise certain rights regarding your Data processed by us. In particular, users based in the EU may do the following:
10.1 Right of confirmation
You shall have the right granted by the European legislator to obtain from us the confirmation as to whether or not personal data concerning you are being processed.
10.2 Right of Access
You shall have the right granted by the European legislator to obtain from us free information about your personal data stored at any time and a copy of this information. Furthermore, the European directives and regulations grant you access to the following information:
• the purposes of the processing;
• the categories of personal data concerned;
• the recipients or categories of recipients to whom the personal data have been or will be disclosed, in particular recipients in third countries or international organizations;
• where possible, the envisaged period for which the personal data will be stored, or, if not possible, the criteria used to determine that period;
• the existence of the right to request from us rectification or erasure of personal data, or restriction of processing of personal data concerning the data subject, or to object to such processing;
• the existence of the right to lodge a complaint with a supervisory authority;
• where the personal data are not collected from you, any available information as to its source;
• the existence of automated decision-making, including profiling, referred to in Article 22(1) and (4) of the GDPR and, at least in those cases, meaningful information about the logic involved, as well as the significance and envisaged consequences of such processing for you.
Furthermore, you shall have a right to obtain information as to whether personal data are transferred to a third country or to an international organisation. Where this is the case, you shall have the right to be informed of the appropriate safeguards relating to the transfer.
10.3 Right to rectification
You shall have the right granted by the European legislator to obtain from us without undue delay the rectification of inaccurate personal data concerning you. Taking into account the purposes of the processing, you shall have the right to have incomplete personal data completed, including by means of providing a supplementary statement.
10.4 Right to erasure (Right to be forgotten)
You shall have the right granted by the European legislator to obtain from us the erasure of personal data concerning you without undue delay, and we shall have the obligation to erase personal data without undue delay where one of the following grounds applies, as long as the processing is not necessary:
• The personal data are no longer necessary in relation to the purposes for which they were collected or otherwise processed.
• You withdraw consent to which the processing is based according to point (a) of Article 6(1) of the GDPR, or point (a) of Article 9(2) of the GDPR, and where there is no other legal ground for the processing.
• You object to the processing pursuant to Article 21(1) of the GDPR and there are no overriding legitimate grounds for the processing, or you object to the processing pursuant to Article 21(2) of the GDPR.
• The personal data have been unlawfully processed.
• The personal data must be erased for compliance with a legal obligation in Union or Member State law to which we are subject.
• The personal data have been collected in relation to the offer of information society services referred to in Article 8(1) of the GDPR.
Where we have made personal data public and are obliged pursuant to Article 17(1) to erase the personal data, we, while taking account of available technology and the cost of implementation, shall take reasonable steps, including technical measures, to inform other controllers processing the personal data that you have requested erasure by such controllers of any links to, or copy or replication of, those personal data, as far as processing is not required. We will arrange the necessary measures in individual cases.
10.5 Right of restriction of processing
You shall have the right granted by the European legislator to obtain from us restriction of processing where one of the following applies:
• The accuracy of the personal data is contested by the data subject, for a period enabling us to verify the accuracy of the personal data.
• The processing is unlawful and the data subject opposes the erasure of the personal data and requests instead the restriction of their use instead.
• We no longer need the personal data for the purposes of the processing, but we are required by the data subject for the establishment, exercise or defence of legal claims.
• You have objected to processing pursuant to Article 21(1) of the GDPR pending the verification whether our legitimate grounds override those of yours.
If one of the aforementioned conditions is met, and you wish to request the restriction of the processing of personal data stored by us, you may at any time contact us.
10.6 Right to data portability
You shall have the right granted by the European legislator, to receive the personal data concerning you, which was provided to us, in a structured, commonly used and machine-readable format. You shall have the right to transmit those data to another data controller without hindrance from us to which the personal data have been provided, as long as the processing is based on consent pursuant to point (a) of Article 6(1) of the GDPR or point (a) of Article 9(2) of the GDPR, or on a contract pursuant to point (b) of Article 6(1) of the GDPR, and the processing is carried out by automated means, as long as the processing is not necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in us.
10.7 Right to object
You shall have the right granted by the European legislator to object, on grounds relating to your particular situation, at any time, to processing of personal data concerning you, which is based on point (e) or (f) of Article 6(1) of the GDPR. This also applies to profiling based on these provisions. We shall no longer process the personal data in the event of the objection, unless we can demonstrate compelling legitimate grounds for the processing which override the interests, rights and freedoms of the data subject, or for the establishment, exercise or defense of legal claims. If we processes personal data for direct marketing purposes, you shall have the right to object at any time to processing of personal data concerning you for such marketing. This applies to profiling to the extent that it is related to such direct marketing. If you object to us to the processing for direct marketing purposes, we will no longer process the personal data for these purposes. In addition, you have the right, on grounds relating to your particular situation, to object to processing of personal data concerning you by us for scientific or historical research purposes, or for statistical purposes pursuant to Article 89(1) of the GDPR, unless the processing is necessary for the performance of a task carried out for reasons of public interest.
10.8 Automated individual decision-making, including profiling
You shall have the right granted by the European legislator not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning you, or similarly significantly affects you, as long as the decision (1) is not necessary for entering into, or the performance of, a contract between you and us, or (2) is not authorised by Union or Member State law to which we are subject and which also lays down suitable measures to safeguard your rights and freedoms and legitimate interests, or (3) is not based on your explicit consent. If the decision (1) is necessary for entering into, or the performance of, a contract between you and us, or (2) it is based on your explicit consent, we shall implement suitable measures to safeguard your rights and freedoms and legitimate interests, at least the right to obtain human intervention on our part, to express your point of view and contest the decision.
10.9 Right to withdraw data protection consent
You shall have the right granted by the European legislator to withdraw your consent to processing of your personal data at any time. You may initiate request with us at Info@medpanel.com to exercise any of the above mentioned rights. We shall review your request and, in our own discretion, honor your request, if deemed necessary by us, within reasonable time.
11.2 Cookies are small files saved to the user's computers’ or mobile devices’ hard drive or memory that track, save and store information about the user's interactions and usage of the Website. This allows the Website, through its server to provide the users with a tailored experience within this Website.
11.3 Users are advised that if they wish to deny the use and saving of cookies from this Website on to their computers hard drive they should take necessary steps within their web browsers security settings to block all cookies from this Website and its external serving vendors.
11.4 We may gather certain information automatically and store it in log files. This information includes Internet protocol (IP) addresses, browser type, Internet service provider (ISP), referring/exit pages, operating system, date/time stamp, and click stream data. We may use this information, which does not identify individual users, to analyze trends, to administer the Website, to track users’ movements around the Website and to gather demographic information about our user base as a whole.
11.5 We may track the referring URL (the web page you left before coming to the Website) and the pages, links, and graphics of the Website you visited. We do so because it allows us to evaluate the reputation and responsiveness of specific web pages and any promotional programs we may be running.
11.7 Please note that if you choose to block cookies, doing so may impair the Website Services or prevent certain elements of it from functioning.
12. Service Providers
12.1 We may employ third party companies and individuals to facilitate our Service (``Service Providers``), to provide the Service on our behalf, to perform Service-related services or to assist us in analyzing how our Service is used.
12.2 These third parties have access to your Personal Data only to perform these tasks on our behalf and are obligated not to disclose or use it for any other purpose.
13. Third Party Links
14. Changes to this Privacy Statement
14.2 You acknowledge and agree that it is your responsibility to review this Website and this Policy periodically and to be aware of any modifications. Updates to this Policy will be posted on this page.
14.3 Also, occasionally there may be information on the Website that contains typographical errors, inaccuracies or omissions that may relate to service descriptions, pricing, availability, and various other information, and the Website reserves the right to correct any errors, inaccuracies or omissions and to change or update the information at any time, without prior notice.
15. Contact US
Date of Last Update: March 11, 2019