Privacy policy
1.0 Privacy Statement
Your privacy is important to us. Please read this Privacy Notice carefully to learn how we collect, use, share, and otherwise process information relating to individuals (“Personal Data”), and to learn about your rights and choices regarding your Personal Data.
Clinisys is the controller of your Personal Data as described in this Privacy Notice, unless specified otherwise. This Privacy Notice applies to the collection and processing of Personal Data collected by us when you visit our branded websites that link to this Privacy Notice; use our online products and services as an authorized user where we act as a controller of your Personal Data; visit our branded social media pages; visit our facilities; communicate with us (including emails, phone calls, texts or fax); or register for, attend or take part in our events, webinars, trade shows or contests. This Privacy Policy does not apply to Personal Data we process on behalf of our customers in the role of processor or other service provider, such as when we allow customers to use, collect, share or process Personal Data via our online products and services. Please see Section 1.4 below.
1.1 Collection of Personal Data
We collect three types of Personal Data from you:
Information You Provide: We collect and record any information that you provide to us directly, including any personal identifiers, professional or employment-related information, financial account information, commercial information, visual information, or internet activity information that you provide to us through this website or other medium.
Information We Collect Automatically: We automatically collect and store information about your use of this website and our services. To do so, we may use cookie technology and other online identifiers to track your IP address, web browser, geolocation, or your activity on this site. For more information about cookies and other tracking technologies, please see our Cookie Policy.
Other Information We Collect: We may combine data from other sources with Personal Data we receive from you. These other sources may be from third parties or from publicly available sources. This may include information related to your employment, education, commercial interactions, and internet activity.
In some cases, the collection and processing of Personal Data is required for you to receive certain products or services (see Section 1.2 below). Personal Data does not include information that is anonymized or aggregated such that you cannot be identified from it
If you provide us or our service providers with any Personal Data relating to other individuals, you represent that you have the authority to do so and have obtained any necessary consent for the information to be used in accordance with this Privacy Notice. If you believe that your Personal Data has been provided to us improperly or want to exercise your rights relating to your Personal Data, please contact us by using the information in Contact Us Section (1.17) below.
1.2 Types of Personal Data We Collect
We may collect the following types of Personal Data about you.
- identifiers (e.g., name, address, phone number, IP address);
- records about you (e.g., signatures, physical characters or descriptions of you, content, timing, and method of communications you have with us, an information you share or upload to our website, services, or other digital properties)
- demographic information;
- financial and commercial information (e.g., credit card numbers, purchase history);
- internet or other online activity information;
- geolocation data (e.g., computer/device location);
- audio or visual information (e.g., photographs, video or audio recordings);
- professional/educational information;
- inferences drawn from any of the above.
1.3 Protecting Personal Data
Where required by law, we obtain your consent to use and process your Personal Data for these purposes. Otherwise, we rely on other legal bases to collect and process your Personal Data. We may process your Personal Data for the following purposes:Providing our services, products, and website access: We process your Personal Data relating to your access of our services, products, website, and other digital properties (e.g., IP address, internet activity, account information, personal information, etc.) to ensure both you and we meet our obligations under the applicable contract, terms of use, or service agreement and to project future demand as well as improve our websites and services; absent a contractual relationship, we process your Personal Data to further our legitimate interest in operating and improving our websites and services.
Internal business purposes: We process your Personal Data to operate, maintain, and improve our services, products, and website, including customizing the content; maintaining internal business records, such as accounting, managing user accounts, document management and similar activities; enforcing our policies and rules; monitoring service usage, management reporting; auditing; and IT security and administration to meet our obligations to you to perform our contract with you, or, if no contract applies, to the extent it is necessary for our legitimate interest in operating our business in a secure and efficient manner.
Internal research and product improvement purposes: We process your Personal Data to verify and maintain the quality or safety of our products or services; improve our products or services; design new products and services; evaluate the effectiveness of our advertising or marketing efforts; and debug and repair errors with our systems, networks, and equipment to perform our contract with you, or, if no contract applies, to the extent it is necessary for our legitimate interest in improving our products and services.
Securing our facilities, websites and services: We process your Personal Data (e.g., name, IP address, account information, internet activity) as part of our efforts to maintain, monitor and secure our facilities, websites, services, and products. This may include aggregating data, verifying accounts, investigating suspicious activity, and enforcing our terms and policies to the extent necessary to further our legitimate interest in maintaining a safe and secure website, products and services and in protecting our rights and the rights of others.
Responding to contact requests: If you contact us electronically or by phone, we process your Personal Data (e.g., name, account information, contact information, government identifiers) to perform our contract with you, or, if no contract applies, to the extent it is necessary for our legitimate interest in responding to your inquiry and communicating with you. We may record and process communications for training, quality assurance, and administration purposes. If required under applicable law, we will obtain your prior consent or give you the option to object to a call being recorded.
Managing payments: We may process your financial information and other Personal Data (e.g., name, account information, financial history) to administer your organization’s account and to collect or make payments to the extent that doing so is required to fulfil our contract with you.
Marketing and advertising: We may process your Personal Data (e.g., name, account information, contact information, purchase history, internet activity) to advertise to you, conduct market research, and to provide other personalized content based upon your Personal Data to the extent it is necessary for our legitimate interest in advertising our websites, services or products. Where legally required, we will obtain your consent before engaging in any marketing or advertising.
Complying with legal and safety obligations: We process your Personal Data (e.g., name, account information, payment history, contact information, internet history) when cooperating with public and government authorities, protecting our legal rights, conducting audits, and protecting against abuse of our services and products. Any such processing is based on our legitimate interest in protecting our legal rights or, when applicable, complying with a legal obligation to which we are subject.
In connection with a corporate transaction: We may process your information if we sell or transfer all or a portion of our business or assets including through a sale in connection with bankruptcy and other forms of corporate change in furtherance of our legitimate interest in operating and transacting the business of the company.
In some cases, we may provide specific services or offerings subject to separate or supplemental privacy policies. In those cases, we will prominently inform you of those policies and provide those policies in an easily accessible format.
1.4 Exclusions
This Privacy Policy does not apply to Personal Data that:
a. we process on behalf of our customers in the role of processor or other service provider, such as when we allow customers to create their own websites/applications to offer their own products and services, to send electronic communications to others; or otherwise use, collect, share or process Personal Data via our online products and services. Our customers’ privacy policies may be different from ours, and we are not responsible for those practices.
b. we process about current or former employees, job applicants, and other individuals who interact with us for employment-related purposes.
1.5 Protecting Personal Data
We take commercially reasonable precautions to protect the Personal Data in our possession from loss, misuse, unauthorized access, disclosure, alteration, or destruction. While we follow generally accepted standards to protect Personal Data, no method of storage or transmission is 100% secure or error-free. Personal Data you send to or from the website or via e-mail may not be secure, and we encourage you to contact us about more secure ways to share sensitive information when necessary. Where you use passwords, ID numbers, or other special access features on this site, it is your responsibility to safeguard them and to log out of any accounts you access after your sessions.
1.6 Your Individual Rights
Depending on our relationship with you and where you may reside, you may have certain rights relating to your Personal Data based on applicable local data protection laws, including from individual US state privacy laws (e.g., California, Virginia, Colorado, and other states), Canadian privacy laws, and the EU/UK General Data Protection Regulation. Depending on the applicable laws these rights may include the right to:
- Request information about the categories of Personal Data we have collected about you, the categories of sources from which we collected the Personal Data, the purposes for collecting, sell or sharing the Personal Data, and to whom we have disclosed your Personal Data.
- Request and receive copies of your Personal Data that we hold;
- Request additional information about how we process your Personal Data;
- Correct inaccurate or incomplete Personal Data (taking into account our use of it);
- Request deletion of your Personal Data;
- Restrict or object to our processing of your Personal Data, including restricting the sale or sharing of your data or its use for cross-context behavioural marketing. Where we process Personal Data for direct marketing purposes (either by us or third parties) or for cross-context behavioural marketing, you may not have to provide a specific reason for such objection;
- Require us (if possible) to transfer your Personal Data to another controller (i.e., data portability);
- Limit the use or disclosure of your sensitive Personal Data;
- Restrict certain disclosures of your Personal Data to third parties;
- Not be subject to a decision based solely on automated processing, including profiling, which produces legal effects; and
- Withdraw your consent to the processing of your Personal Data (to the extent we base processing on consent and not on another lawful basis).
1.7 Disclosing Personal Data to Third Parties
We do not “sell” or “share” Personal Data about you as those terms are defined by the California Consumer Privacy Act.
1.8 Disclosure of Personal Data
Although we have not “sold” Personal Data for money in the past 12 months, we engage in routine practices with our services products, and websites involving third parties that could be considered a “sale” or “sharing” as defined under California law. We do not knowingly sell or share any Personal Data of minors under the age of 16.
1.9 Promotional and Marketing Policy
We may ask you to consent to being contacted by us for promotional and marketing purposes. However, you may opt-out of receiving promotional or marketing emails at any time by notifying us as a reply to any unwanted e-mail, by using the unsubscribe function in our newsletter, contacting us at [email protected], or by writing to us at our local office. Requests to unsubscribe from Clinisys e-mails may take 5 business days to process.
1.10 Cookies and Tracking Technologies
Please see our Cookie Policy linked here.
1.11 Third-Party Websites
The website may contain links to other third-party sites. When you click on one of these links you are visiting a website operated by someone other than us and the operator of that website may have a different privacy policy. We are not responsible for their individual privacy practices, so we encourage you to investigate the privacy policies of such third-party operators.
1.12 Children
Our website is not intended for children under 16 years of age. No one under age 16 may provide any information to us through this website. We do not knowingly collect Personal Data from children under 16. If you are under 16, do not access, use, or provide any information on the website or on or through any of its features. If we learn we have collected or received Personal Data from a child under 16 without parental consent, we will delete that information. If you believe we might have any information from or about a child under 16, please contact us by sending us an email at [email protected] or writing to us our local office.
1.13 Data Security
Although we maintain reasonable security safeguards, no security measures or communications over the Internet can be 100% secure, and we cannot guarantee the security of your information. While we work hard to protect data incidents, we have dedicated controls and procedures in place for when such situations, along with the procedures that are required to make notifications to you and to the relevant Supervisory Authority as appropriate.
1.14 Data Retention
Your Personal Data will be retained as long as necessary to fulfil the purposes we have outlined above unless we are required to do otherwise by applicable law. This includes retaining your Personal Data to provide you with the products or services you have requested and interact with you; maintain our business relationship with you; improve our business over time; ensure the ongoing legality, safety and security of our services and relationships; or otherwise in accordance with our internal retention procedures. Once you have terminated your relationship with us, we may retain your Personal Data in our systems and records in order to ensure adequate fulfilment of surviving provisions in terminated contracts or for other legitimate business purposes, such as to enable easier future user onboarding, demonstrate our business practices and contractual obligations, or provide you with information about our products and services in case of interest.
1.15 International Transfer of Personal Data
a. Your data may be used and disclosed by Clinisys and its divisions, holding companies, subsidiaries and affiliates, or other entities outside of your country, including in countries that have a different standard of data protection than in your own country.
b. For individuals whose data is subject to the General Data Protection Regulation (GDPR) in either the EEA or the UK, we have taken steps to protect your privacy and fundamental rights when your Personal Data is transferred to the other countries, including the United States. For transfers to entities outside the EEA or UK, we make use of the European Commission’s Standard Contractual Clauses. For transfers to third parties, we make sure that the recipient is subject to a jurisdiction for which there is an adequacy decision of the European Commission or UK, as applicable, or that there are adequate safeguards such as Standard Contractual Clauses or Binding Corporate Rules in place.
1.16 Changes to this Privacy Policy
We may update this Privacy Policy at our discretion to reflect changes we deem necessary or to satisfy legal requirements. We will post a prominent notice of material changes on our websites.
1.17 Contact Us
We welcome comments and questions regarding this Privacy Policy. Any such questions should be directed via e-mail to [email protected]. Additionally, you may make your request in writing to one of our local company addresses.