MINERVA MEDICAL SIMULATION, INC.
The Company will take reasonable steps to protect user privacy consistent with the guidelines set forth in this Policy and with all applicable U.S. laws as well as the European General Data Protection Regulation (“GDPR”).
In this Policy, “user” or “you” means any person viewing the Service or submitting any personal information to the Company in connection with using the Service.
In general, we will not collect, use, disclose, or otherwise process your personal information without your consent. However, we may do so in certain circumstances described below.
What Information Do We Collect and How Do We Collect It?
Personal Information: As a user of Full Code we will ask you to tell us your medical/professional role. If you create an account, we will ask you for an email address. If you are subscribing on behalf of an institutional customer, your name and institutional affiliation(s). In addition, if you contact the Company and disclose additional information about you, such as your email address, we may store that information. “Personal Information” denotes the information referred to in this paragraph.
User Data: When you use the Service, you may transmit to the Company certain user-specific data (“User Data”) that we use to provide the Service, including to but not limited to your operating and systems environment, your use of the Service, and additional information that the Service allows you to input, such as scoring and performance within simulation scenarios.
Web Tracking Information: On our website, but not our smartphone or mobile applications, we, and third-party service providers that we engage to provide services to us (“Contractors”), use web tracking technologies such as cookies, web beacons, pixel tags and clear GIFs in order to operate the Service efficiently and to collect data related to usage of the Service. Such collected data (“Web Tracking Information”) includes the address of the website you visited before and after you visited the Company website, the type of browser you are using, your Internet Protocol (IP) address, what pages in the Service you visit and what links you clicked on, and whether you opened email communications we send to you. In order to collect Web Tracking Information and to make your use of the Service more efficient, we may store cookies on your computer. We also use web tracking technologies that are placed in web pages on the Service or in email communications to collect information about actions that users take when they interact with the Service or such email communications, and our Contractors may also do so. Some Web Tracking Information may include data, such as IP address data, that is unique to you. You may be able to modify your browser settings to alter which web tracking technologies are permitted when you use the Service, but this may affect the performance of the Service. We will only process Web Tracking Information with your consent, which you may provide to us using a banner on our website.
How Do We Use the Information We Collect?
Personal Information: We will use and store Personal Information for the purpose of delivering the Service (including to establish or renew your Company account), and to analyze and enhance the operation of the Service. For example, we record events to determine how often certain features of the Service are used. This enables us to identify possible improvements to the Service. With your consent if you create an account or submit a feedback message, we will enter Personal Information into our contact management database, and may use such database to send you marketing materials and to contact you regarding your interest in the Company’s products and services.
User Data: We will use the User Data to provide the Service. We will aggregate User Data across all or a subset of users to create statistical information relating to the use of the Service, as described in “Aggregate Information” below.
Aggregate Data: We also create statistical, aggregated data relating to our users and the Service for analytical purposes. For example, we aggregate data to determine the Service’s number of users for each professional role (for instance, how many doctors use the Service), and to ascertain users’ performance (for instance, what percentage of doctors got Question 1 correct). Aggregated data is derived from Personal Information and User Data, but in its aggregated form it does not relate to or identify any particular client or individual or any specific user’s data. We use aggregated data to understand our customer base and to develop, improve and market our services.
Web Tracking Information: We use Web Tracking Information only for those Users who use the Service via the website; we do not collect Web Tracking Information when Users use the service through smartphone and mobile applications. We use Web Tracking Information to administer the Service and to understand how well our Service is working, to store your user preferences, and to develop statistical information on usage of the Service. This allows us to measure overall effectiveness. We also use Web Tracking Information for marketing purposes.
Legal Exception: Notwithstanding the above, the Company may use Personal Information and User Data to the extent required by law or legal process, or if in the Company’s reasonable discretion use is necessary to investigate fraud or any threat to the safety of any individual, to protect the Company’s legal rights or to protect the rights of third parties, except where such interests are overridden by the interests or fundamental rights and freedoms of the user.
What Information Do We Disclose to Third Parties?
The Company’s Disclosure of Personal Information: The Company will not disclose Personal Information to any third party except to our Contractors who are bound by written obligations of confidentiality, the institution(s) through which a User subscribed (if the User subscribed through an institution) or as described under “Permitted Disclosures” below.
User Data: We only disclose User Data to any the designated administrators of the business entity that you establish via your account. Except as described above, we disclose User Data only to you, the user who submitted the User Data to the Company, to our Contractors who are bound by obligations of confidentiality, the institution(s) through which a User subscribed (if the User subscribed through an institution), and as described under “Permitted Disclosures” below.
Web Tracking Information: We disclose Web Tracking Information collected through the Service’s website to Contractors for marketing purposes, in order to analyze the performance of the Service and the behavior of users, and to operate and improve the Service.
Aggregate Data: We disclose de-identified aggregated data to third parties, such as potential customers, business partners, advertisers, and funding sources, in order to describe our business and operations. We also disclose de-identified, aggregated User Data to other Users of the Service so that they may gauge their performance. For example, after a doctor answers Question 1, we might disclose to that doctor what percentage of doctors answered Question 1 correctly.
Permitted Disclosures: Notwithstanding the foregoing, the Company reserves the right to disclose any information the Company collects in connection with the Service, without further notice to you (a) to any successor to the Company’s business as a result of any merger, acquisition or similar transaction; and (b) to any law enforcement or regulatory authority to the extent required by law or if, in the Company’s reasonable discretion, disclosure is necessary to investigate fraud or any threat to the safety of any individual, to protect the Company’s legal rights or to protect the rights of third parties, except where such interests are overridden by the interests or fundamental rights and freedoms of the user.
What Are the Company’s Data Retention Policies?
The Company houses live storage data and backup data. Our live storage database contains Personal Information and User Data of all Users who have logged into the Service at least once in the previous 365 days. If a User has not logged into the Service in 365 days, we will delete that User’s Personal Information and User Data from our live storage database. We keep backup data for 30 days, after which such backup data is automatically deleted. Backup data is not generally accessible to Company employees.
How Can You Opt Out of Use and Disclosure of Your Information?
If you would like your Personal Information or User Data removed from our mailing list or database, please contact us at email@example.com. We will delete your Personal Information or User Data immediately from our live storage database. It will be automatically removed from our backup database within 30 days.
Access and Updating of Information
You can update your Personal Information by using the profile editing tools on the Service. The Company will respond to any reasonable request by a user to review or amend his or her Personal Information held in our mailing list or database. The Company reserves the right to verify your identity in order to provide such access.
Security: We use reasonable security precautions to protect the security and integrity of your Personal Information and User Data in accordance with this Policy and applicable law, including but not limited to encrypting your name and email address (if you have provided them to us) when at rest. However, no Internet transmission is completely secure, and we cannot guarantee that security breaches will not occur. Without limitation of the foregoing, we are not responsible for the actions of hackers and other unauthorized third parties that breach our reasonable security procedures.
Children: The Company does not knowingly collect or maintain personally identifiable information from persons under 18 years of age, and no part of the website is directed at persons under 18. If you are under 18 years of age, then please do not use the website. If the Company learns that personally identifiable information of persons less than 18 years of age has been collected without verifiable parental consent, then the Company will take the appropriate steps to delete this information. To make such a request, please contact us at firstname.lastname@example.org.
California Online Privacy Protection Act (“CalOPPA”) Notice
On September 27, 2013, California enacted A.B. 370, amending the California Online Privacy Protection Act to require website operators like us to disclose how we respond to “Do Not Track Signals”; and whether third parties collect personally identifiable information about users when they visit us.
(1) We do not use tracking technology, and thus do not track users who do not interact with sharing functionality across the web..
(2) We do not authorize the collection of personally identifiable information from our users for third party use through advertising technologies without separate member consent.
The Company is not subject to the California Consumer Privacy Act (CCPA), However, the California “Shine the Light” law (California Civil Code Section 1798.83) permits our customers who are California residents to request certain information regarding our disclosure of Personal Information to third parties for their direct marketing purposes. To make such a request, please send an email to email@example.com. Please note that we are only required to respond to one request per customer each year.
The GDPR grants European Union (“EU”) residents the following rights:
- The right to access – You have the right to request the Company for copies of your personal data. We may charge you a small fee for this service.
- The right to rectification – You have the right to request that the Company correct any information you believe is inaccurate. You also have the right to request the Company to complete the information you believe is incomplete.
- The right to erasure – You have the right to request that the Company erase your personal data, under certain conditions.
- The right to restrict processing – You have the right to request that the Company restrict the processing of your personal data, under certain conditions.
- The right to object to processing – You have the right to object to the Company’s processing of your personal data, under certain conditions.
- The right to data portability – You have the right to request that the Company transfer the data that we have collected to another organization, or directly to you, under certain conditions.
If you are an EU resident and you have consented to our processing your data, you have the right to withdraw that consent at any time. Your withdrawal of consent will not affect the lawfulness of our processing of your data before your withdrawal. Even if you withdraw your consent, we may continue to process your data if we have legitimate grounds for doing so that override your interests, rights, and freedoms, or to comply with applicable law.
If you make a request under the GDPR, we have one month to respond to you. If you would like to exercise any of the rights listed above, please contact us at firstname.lastname@example.org.
If you are an EU resident and you either wish to report a complaint feel that the Company has not addressed your concern in a satisfactory manner, you may contact the appropriate supervisory authority here.
This Policy forms part of, and is subject to, the provisions of the Company’s Terms of Service available at https://full-code.com/terms-of-service/