Visor del documento
Nombre Último Cambio
VIDA Diagnostics (en) - Política de Privacidad y Puerto Seguro 24-may-2017 | 89,69%
Cambio importante no indicado
# Antigua Versión Nueva Versión
0 VIDA Diagnostics, Inc. VIDA Diagnostics, Inc.
1 Precision Pulmonary Imaging Precision Pulmonary Imaging
2 VIDA Diagnostics, Inc. VIDA Diagnostics, Inc.
3 About About
4 News News
5 Investors Investors
6 HIPAASafe Harbor HIPAA
7 Solutions
8 VIDA|precision EU Privacy Policy
9 Solutions
10 VIDA|vision VIDA|vision
11 Applications Applications
12 Clinical Trial Services Clinical Trial Services
13 Contact Contact
14 Careers Careers
15 Support Support
16 LinkedIn LinkedIn
17 Twitter Twitter
18 FacebookSafe Harbor Facebook
19 Home
20 About
21 Safe Harbor
22 SAFE HARBOR POLICY
23 PRIVACY STATEMENT
24 At VIDA Diagnostics Inc. ( EU Privacy Policy
25 Home
26 About
27 EU Privacy Policy
28 EU Privacy Policy
29 Last Updated: 4/24/2017
30 henceforth referred to as “VIDA,” Us,” and “We”), we value and respect individual privacy and are strongly committed to safeguarding personal information. Our customers, business partners, clinical trials and other health care partners, including their patients, expect that we will uphold this commitment with respect to the collection, use and retention of personal information from member countries of the European Economic Area (EEA) and Switzerland. VIDA meets this commitment by adhering to Safe Harbor’s privacy standards as set forth in the U.S.-EU Safe Harbor Privacy Principles and Frequently Asked Questions (FAQs) established jointly by the United States Department of Commerce and the European Commission as part of the U.S.-EU Safe Harbor Program. At VIDA Diagnostics Inc. (together with any affiliates henceforth referred to as “VIDA,” Us,” and “We”), we value and respect individual privacy and are strongly committed to safeguarding personal data, including health data. VIDA provides certain software and services that are routinely used by health care providers and others in clinical practice, along with academic, device, and pharmaceutical clinical trials. In conjunction with our software and services, we may receive, transmit, store and otherwise use personal data from our customers. VIDA may access this personal data to provide the software or services, to correct and address technical or service problems, to follow instructions of the customer who submitted
31 These principles provide a framework for U.S. the data, or in response to contractual requirements
32 companies to satisfy the requirement under European Union law that personal information be afforded adequate protection when transferred from the EEA to the United States. A similar set of Privacy Principles and FAQs was agreed upon by the United States Department of Commerce and the Federal Data Protection and Information Commissioner (FDPIC) of Switzerland governing the transfer of personal information between the two regions as part of the U.S.-Swiss Safe Harbor framework. We are equally committed to adhering to these principles. In order to ensure compliance by us and our customers based in the European Union (EU) and European Economic Area (EEA) with the applicable privacy laws, VIDA offers its customers Standard Contractual Clauses (henceforth referred to as “The Model Clauses”) to incorporate in our written agre
33 This Policy sets forth the standards that govern our treatment of such Personal Information.
34 We self-certify our adherence to the Safe Harbor Principles of notice, choice, onward transfer, security, data integrity, access and enforcement on an annual basis. For more information about the Safe Harbor Program, and to view our certification page, visit the United States Department of Commerce’s website at: http://www.export.gov/safeharbor . ements. The Model Clauses make specific commitments about the ways in which VIDA will process personal data transferred to VIDA for in-scope VIDA services and cannot be modified. The Model Clauses were issued by the EU Commission to
35
36 SCOPE
37 This Safe Harbor Privacy Policy sets forth how VIDA handles personal information transferred to the United States from countries in the European Economic Area (EEA) and Switzerland for the purposes detailed within this policy. provide EU data Controllers a framework for ensuring adequate safeguards consistent with EU data protection laws are established for personal data transfers outside the EU, in co
38
39 DEFINITIONS
40 “Agent” means a third party who acts on behalf of and under the instruction of VIDA.
41 “Personal Information” or “information” means information that (1) is transferred from the EEA or Switzerland to the United States; (2) is recorded in any form; (3) is about, or pertains to, a specific individual; and (4) can be l mpliance with the principles of Article 17 (4) of Directive 95/46/EC of the European Parliament (the “Directive”) or, as of its entry into force, Article 28 (3) of Regulation (EU) 2016/679 of the European Parliament (the “Regulation”).
42 inked to that individual. These terms do not include any data rendered anonymous such that individuals are not identifiable or are identifiable only with a disproportionately large expense of time, cost, or labor. The Model Clauses are applicable only to Personal Data (defined
43 “Sensitive Personal Information” means personal information below) made available to VIDA by customers in the EEA or Switzerland to VIDA for processing in conjunction with VIDA software and services.
44 that reveals race, ethnic origin, sexual orientation, political opinions, religious or philosophical beliefs, trade union membership, past criminal convictions or indictments or that concerns an individual’s health. VIDA has invested in the operational processes necessary to meet the re
45
46 SAFE HARBOR PRIVACY PRACTICES
47 Notice
48 When we collect personal information from any of our EEA or Switzerland-based business partners, clinical trial partners, customers, or website users, we commit to inform them about the types of data we collect about them, the purposes for which we use the data, the type quirements of The Model Clauses.
49 The following sets forth VIDAs privacy policy within the framework of The Model Clauses.
50 DEFINITIONS
51 s of third parties to which we disclose the data, the choices and means that we offer for limiting their use and disclosure, and how subjects covered by this policy can contact us with any inquiries or complaints. ‘Controller’ means the natural or legal person, public authority, agency or any other body which alone or jointly with others determines the purposes and means of th
52 Notice is always provided in clear and conspicuous language at the time of collection or as soon as practicable thereafter, but in any event before we use the information for a purpose other th e processing of personal data ; where the purposes and means of processing are determined by national or Community laws or regulations, the controller or the specific criteria for his nomination may be designated by national or Community law;
53 an that for which it was originally collected or processed by the transferring organization or before we disclose the information for the first time to a third party except where the third party is an agent as defined above. ‘Data Exporter’ means th
54 Personal information covered by this policy includes:
55 Patient information
56 Custom e controller who transfers the personal data;
57 er information ‘Data Importer’ means the processor who agrees to receive from the data exporter personal data intended for processing on his behalf after the transfer in
58 Health Care Provider/ Clinical Trial Partner information
59 Business Partner information
60 Website User Information
61 Personal information will not be used for any activities such as marketing, promotion, sale or lease to third parties. Personal information is likewise never shared with vendors, suppliers and contractors except where necessary to support the provision of products and services we offer.
62 Personal information is used by us to facilitate complaint handl accordance with his instructions and the terms of the Clauses and who is not subject to a third country’s system ensuring adequate protection within the meaning of Article 25(1) of Directive 95/46/EC;
63 ing/ adverse event reporting, clinical trial research, core lab service activities, internal record keeping, requests for additional information and other legal and business activities. ‘Data Subject”’ shall have the meaning as defined in the Data Protection Directive, or
64 We may also use personal information to improve the information we provide you on our website about our products and services. We may also keep you updated about upcoming conferences we are participating in, our release schedule, and news stories about VIDA when you request additional information by completing our online Information Request Form.
65 Our Website
66 Our website uses cookies. A cookie is a piece of data stored on a site visitor’s hard drive to help us improve your access to our site and identify repeat visitors. The information collected about you from cookies may be used by us to monitor browsing preferences. Usage of a cookie is in no way linked to any personally identifiable information on our site.
67 Our website also contains links to other sites. These links are provid , as of its entry into force, in the General Data Protection Regulation
68 ‘subprocessor’ means any processor engaged by the data importer or by any other subprocessor of the data importer who agrees to receive from the data importer or from any other subprocessor of the data importer personal data exclusively intended for processing activities to be carried out on behalf of the data exporter after the transfer in accordance with his instructions, the terms of the Clauses and the terms of the written subcontract.
69 ed for your convenience only. The inclusion of any links does not necessarily imply a recommendation or endorsement of the views expressed by the sites to which the links lead. Please be aware that we are not responsible for the content or privacy practices of other sites. We encourage our users when they leave our site to read the privacy statements of any other site you go to that collects personally identifiable information. ‘personal data‘ means any information relating to an identified or
70 Choice
71 If we wish to use your personal information covered by this policy in a manner that is incompatible with the purposes for which it was originally collected or subsequently authorized by you—or—if we wish to disclose the information to non-agent third parties, VIDA provides you with an opportunity to choose (“opt out”) of having your data used or transferred in this manner, unless such a choice is not required by law. You may simply e-mail us at info@vidadiagnostics.com to request that we do not share your information in this way.
72 If the personal data in question is sensitive personal information, VIDA shall request and receive your explicit consent in documentable form (“opt in”) prior to using or transferring the information in this new way.
73 Onward Transfer
74 If we transfer personal information to vendors, suppliers, contractors, agents or other third parties, we will obligate them to protect the information at least to the same degree mandated by the Safe Harbor Privacy Principles, unless the third party already subscribes to the Principles or is subject to the EU Data Protection Directive or to privacy laws considered to be adequate by the European Commission.
75 If we learn that a third party is using or sharing personal information in a manner inconsistent with this policy, we will take reasonable steps to prevent or stop such use or sharing.
76 Access
77 You have the right to access your personal information, and to correct, amend, or delete the information if you can demonstrate that it is inaccurate or incomplete, except where the rights of persons other than you would be violated.
78 We commit to provide to you access to your personal information whenever possible. Just email us at info@vidadiagnostics.com if you wish to:
79 See what data we have about you, if any
80 Change/ correct any data we have about you
81 Have us delete any data we have about you
82 Express any concern you have about our use of your data
83 Security
84 We take precautions to protect personal data covered by this policy from loss, misuse, and unauthorized access, disclosure, alteration and destruction. We have put in place appropriate physical, technical and managerial procedures to safeguard and secure the information from loss, misuse, unauthorized access or disclosure, alteration, or destruction both online and off. Only employees who need the information to perform a specific job (such as customer billing) are granted access to personally identifiable data. Likewise, the computers and servers that house this data are kept in a secure environment. Personal information is transmitted securely over the Internet using data encryption technology.
85 We encourage all health care professionals and other individuals who send patient studies or clinical data to VIDA for analysis to anonymize the patient information prior to transmitting it over the Internet, whenever appropriate. If patient data arrives in identifiable form—and when the information is not expressly required to remain in identifiable form—we will anonymize the data in-house.
86 Retention
87 We will keep your personal information only as long as we need it for the purposes for which we collected it, or as permitted or required by law.
88 Data Integrity
89 We will use your personal information only in ways that are compatible with the purposes for which it was collected or subsequently authorized by you. We will take reasonable steps to ensure that information is relevant to its intended use, accurate, complete and current.
90 Enforcement
91 We will regularly review how we’re meeting this policy and take corrective action in the event we discover we have violated the Safe Harbor Principles. We also regularly verify that the policy is accurate, comprehensive for the information intended to be covered, prominently displayed, completely implemented and accessible and in conformity with the Principles.
92 We also provide an independent mechanism for resolving complaints about our policy when the complaint or dispute cannot be satisfactorily resolved through our internal process.
93 Amendments
94 This policy may change from time-to-time in a manner that remains consistent with the Safe Harbor Privacy Principles. We will post any revised policy here and encourage you to revisit this page periodically to check for updates and ensure you are happy with them. This policy is effective beginning June 19, 2015.
95 If you feel we are not abiding by this policy, have questions about our privacy practices, or wish to access your personal data, contact us at:
96 VIDA Diagnostics Inc.
97 2500 Crosspark Road
98 W250 BioVentures Center
99 Coralville, IA 52241
100 Email: info@vidadiagnostics.com
101 Toll free: 1.855.900.VIDA (8432)
102 Fax: 610.602.5941
103 We have also committed to refer unresolved privacy complaints under the US-EU and US-Swiss Safe Harbor Principles to an independent dispute resolution mechanism, the BBB EU SAFE HARBOR, operated by the Council of Better Business Bureaus. If you do not receive timely acknowledgment of your complaint, or if your complaint is not satisfactorily addressed by us, please visit the BBB EU SAFE HARBOR web site at www.bbb.org/us/safe-harbor-complaints for more information and to file a complaint. identifiable natural person (‘data subject’); an identifiable person is one who can be identified, directly or indirectly, in particular by reference to an identification number or to one or more factors specific to his physical, physiological, mental, economic, cultural or social identity;
104 ‘technical and organisational security measures’ means those measures aimed at protecting personal data against accidental or unlawful destruction or accidental loss, alteration, unauthorised disclosure or access, in particular where the processing involves the transmission of data over a network, and against all other unlawful forms of processing.
105 ‘third party’ means any natural or legal person, public authority, agency or any other body other than the data subject, the controller, the processor and the persons who, under the direct authority of the controller or the processor, are authorized to process the data;
106 Source: EU Data Protection Directive (95/46/EC).
107 POLICY COMMITMENTS
108 It is VIDA’s policy to:
109 Data transfer. Safeguard transfers of personal data to VIDA as mutually agreed to by all relevant parties in The Model Clauses.
110 Data processing. Process the personal data only on behalf of the customer and in compliance with its instructions and the Model Clauses.
111 Notification. Promptly inform the customer of:
112 Its inability to comply with its instructions or The Model Clauses and agree to suspend the data transfer activities and/or terminate the agreement at the customer’s request;
113 Any legally binding request for disclosure of the personal data by a law enforcement authority unless the notification is lawfully prohibited;
114 Any instances of accidental or unauthorized access to personal data covered by The Model Clauses;
115 Any request received directly from the data subjects without responding to that request, unless it has been otherwise authorized to do so.
116 Responsiveness and Cooperation With Authorities. Promptly address inquiries from the customer relating to its processing of transferred personal data and abide by the advice of relevant EU authorities with regard to the processing of the transferred data.
117 Technical and Organizational Security Measures. Apply the technical and organizational security measures specific in the Model Clauses to the personal data before processing the personal data. The technical and organizational security measures that are agreed to will provide at least the same level of protection for the personal data and the rights of EU data subjects as the customer. Strong Encryption, integrity controls, and firewall technology are examples of data transfer safeguards that are typically agreed to in The Model Clauses.
118
119 VIDA also encourages all customers who send patient studies or clinical data to VIDA for analysis to anonymize the patient information prior to transmission, whenever appropriate. If patient data arrives in identifiable form—and when the information is not expressly required to remain in identifiable form—we will destroy the data in-house per established processes.
120
121 Audit Submit its processing activities (and those of its subprocessors) covered by the Model Clauses to audit by the customer, its agent, or an inspection body operating on behalf of a relevant EU authority.
122 Data Subject Requests and Disputes. Make available to data subjects upon their request a copy of the Model Clauses, or any existing contract that governs subprocessing activities. With the exception of information about technical and organizationl security measures specified in The Model Clauses, elements of the Model Clauses that contain sensitive commercial information may be redacted.
123
124 In the event of a dispute about, VIDA shall oblige and requests by the EU Data Subject to refer the dispute to mediation by an independent body or the Supervisory Authority or to the courts in the Member State in which the Data Exporter resides.
125
126 Third Parties. Obtain written permission from or provide written notice to customers before engaging subcontractors to process personal data covered by the Model Clauses. VIDA enters into written agreements with its subcontractors and the agreements impose the same obligations under the Model Clauses that apply to VIDA. VIDA will provide a copy of third party agreements to the customer upon request.
127 Termination of Services. Upon termination of services for a customer, return or destroy, as allowed by law and the other terms of the service agreement with the customer, all the transferred personal data and the copies thereof that had not been destroyed previously in the normal course of the service – and certify to the customer that it has done so. Patient data inappropriately transmitted to VIDA is destroyed upon receipt.
128 Additional Obligations. Observe the requirements of any other Model Clauses entered into with customers not explicitly mentioned in this statement
129 Compelled disclosure: VIDA may be required to disclose personal information in response to lawful requests by public authorities, including to meet national security or law enforcement requirements
130 CHANGES TO THIS PRIVACY POLICY
131 We may periodically update this EU Privacy Policy. We encourage you to check back in from time-to-time for updates.
132 CONTACT
133 If you have questions about our privacy practices or our treatment of the personal information you provide us, contact us at:
134 VIDA Diagnostics Inc.
135 2500 Crosspark Road
136 W250 BioVentures Center
137 Coralville, IA 52241
138 Email: info@vidadiagnostics.com
139 Toll free: 1.855.900.VIDA (8432)
140 Fax: 610.602.5941
141
142
143 © 2015 - VIDA Diagnostics, Inc. © 2015 - VIDA Diagnostics, Inc.
144 LinkedIn LinkedIn
145 Twitter Twitter
146 Facebook Facebook