Last Updated: 02.12.2018
1 - Purpose
2 - Definition of personal information
3 - Type of personal information collected
As you use our Platform, we collect certain information about you and your use of the Platform. The information we collect falls into three different categories: (a) information you provide us; (b) information we collect from you automatically when you use our Platform; and (c) information we collect from our partners and other sources.
- Information you provide
MedFlash may collect information you provide directly to MedFlash and/or its service providers (the “Service Providers”) when you use our Platform. This includes but is not limited to:
a) Personal Information you provide when you create an account (the “Account”) or register on the Platform. When you create an Account, we ask for Personal Data, which may include your first and last name, birthdate, email, medical specialty, medical license, country of practice, professional background, work institution and education institution.
Providing information is entirely optional, but enables you to have a dipper access to the educational contents provided in the Platform.
The information that is publicly available or you voluntarily provide will be published in your profile, which isn’t accessible to users browsing the MedFlash App mobile application.
b) Personal Information you provide when you update your account.
c) Personal Information you provide when you participate in a survey or promotion.
- Information collected automatically
MedFlash, its Service Providers, and/or MedFlash’ partners or affiliates may automatically collect certain information about you when you access or use the Platform (“Usage data”). Usage Information may include IP address, device identifier, browser type, operating system, information about your use of the Platform, and data regarding network connected hardware (e.g., computer or mobile device).
The methods that may be used on the Platform to collect Usage Information include:
a) Log Information: Log information is data about your use of the Platform, such as IP address, browser type, internet service provider, referring/exit pages, operating system, date/time stamps, and related data, and may be stored in log files.
b) Information Collected by Tracking Technologies: Location-identifying technologies, device tokens, and other tracking technologies now and hereafter developed (“Tracking Technologies”) may be used to collect information about interactions with the Platform.
i) Location-identifying Technologies: GPS (global positioning systems) software, geo-filtering and other location-aware technologies locate (sometimes precisely) you for purposes such as verifying your location and delivering or restricting content based on your location.
ii) Device Tokens: A device token is a unique identifier issued by the operating system of your mobile device. You may sign up to receive “push notification” messages through the Platform. To ensure messages reach the correct devices, we rely on a device token unique to your mobile device. While we may be able to access a list of the tokens, the mobile app and tokens do not reveal your identity, unique device ID, or contact information to us.
Some information about your use of the Platform may be collected using Tracking Technologies across time and services, and used by MedFlash’s and third parties for delivering the Platform.
4 - Information MedFlash collects from partners and other sources
We may collect Personal Information that you have provided to our subsidiaries, affiliates, business partners and/or businesses related to MedFlash for purposes set out below. MedFlash is not responsible or liable for the accuracy of the information provided by third parties or for third party policies or practices. As a general rule, MedFlash collects Personal Information directly from you. If third parties hold information MedFlash requires, we will endeavor to ensure the information has been collected with your consent.
Specifically, we may collect and use Personal Information that is aggregated and anonymised (the “Analytic Information”) from our subsidiaries, affiliates, business partners and/or businesses related to MedFlash, for various business purposes, including, without limitation, enabling us to provide the Platform. This Analytic Information, because it is aggregated and anonymised, is no longer Personal Information as it cannot be used, alone or in conjunction with other information, to identify an individual. We may use this Analytic Information in a variety of ways, including to help analyze site traffic, understand users’ needs and trends, and to improve our products and services. We may use this information by itself or aggregate it with information we have obtained from others.
Further, we may use, transfer, lease, sell or otherwise commercialise Analytic Information for any and all purposes without notice or obligation to you, provided that the Analytic Information does not indicate your identity and cannot be used, alone or in conjunction with other information, to determine your identity. You will not have any rights arising from the creation, collection or use of the Analytic Information.
5 – The motives why we collect your personal information
We collect Personal Information for purposes related to managing and developing our businesses and operations, including but not limited to:
a) Establishing, managing and terminating business relations with you.
b) Informing you of our products and services other than those that you have specifically requested.
c) Reviewing the products and services that we provide to you, or that you provide to us.
d) Communicating and sending curated healthcare related information of interest to you, including newsletters, alerts, notifications.
e) Tracking and analysing trends and patterns related to our businesses and operations for market research related purposes.
f) Providing you with the Platform.
g) Creating aggregated information or Analytic Information that does not individually identify you.
h) Complying with applicable law or regulatory requirements.
i) And any other reasonable purpose to which you consent.
In addition to the foregoing, we may also use and disclose your Personal Information for other purposes, which we will disclose at the time of collection.
6 - The use of your personal information
We may also use your Personal Information to investigate security breaches or cooperate with government authorities pursuant to a legal matter.
MedFlash is committed to complying with European Anti-Spam Legislations. In the case of personal contact information provided in conjunction with any newsletter or other marketing initiatives, you can withdraw your consent to receiving those communications and unsubscribe from any MedFlash subscriptions at any time by contacting our Data Protection Officer (“DPO”) using the contact information provided below. In addition, commercial electronic communications sent by MedFlash to which you have subscribed will further contain an unsubscribe mechanism.
We reserve the right to send you transactional or informational emails such as customer service communications in connection with the products you have purchased or changes to this site or policies.
7 - Disclosure of your personal information
In addition to the purposes set out above, we may disclose Personal Information for purposes related to:
a) Managing and developing MedFlash’ businesses and operations.
b) Managing your Account.
c) Providing you with the Platform.
d) Creating and maintaining a responsible business relationship with you.
e) Creating aggregated information or Analytic Information that does not individually identify you.
f) Communicating with you on topics related to your Account, Platform, and other matters related to MedFlash.
g) Informing you of our products and services other than those that you have specifically requested.
h) Tracking and analysing trends and patterns related to our businesses and operations for market research related purposes.
i) Interacting with you on social media.
j) And other purposes identified when the Personal Information is collected, or as permitted or required by law.
Personal Information is disclosed to third parties for purposes set out above including but not limited to:
b) Third party service providers, affiliates and business associates including an organisation or individual retained by MedFlash to perform functions on its behalf.
c) Any third party, where you have provided your consent for such disclosure or where disclosure is required or permitted by law.
On rare occasions, we may use or disclose your Personal Information without your knowledge or consent where we are permitted or required by applicable law or regulatory requirements to do so.
MedFlash may share or sell aggregated, de-identified data that does not identify you with partners and the public in a variety of ways. When we provide this information, we take technical measures to ensure that the data does not identify you and cannot be associated back to you.
Notification respecting service providers internationally
To ask any questions or to obtain written information about MedFlash’s policies and practices regarding those service providers, you may write to our Privacy Officer at the address listed below in the “Contact us” section.
8 - MedFlash obtainment of consent
We may collect, use or disclose your Personal Information without your knowledge or consent where we are permitted or required to do so by applicable law or regulatory requirements.
You may change or withdraw your consent at any time, subject to legal or contractual restrictions and reasonable notice, by contacting the office of our Privacy Officer using the contact information set out below. In some circumstances, a change or withdrawal of consent may limit our ability to provide products or services to you or acquire products or services from you.
You may change or withdraw your consent at any time, subject to legal or contractual restrictions and reasonable notice, by contacting the office of our DPO using the contact information set out below. In some circumstances, a change or withdrawal of consent may limit our ability to provide products or services to you or acquire products or services from you.
9 - Tracking options
With respect to MedFlash’s mobile apps, you can stop all collection of data generated by use of the app by uninstalling the app. You may also be able to exercise specific privacy choices, such as enabling or disabling certain location-based services or push notifications, by adjusting the permissions in your mobile device.
10 - MedFlash protection of your personal information
MedFlash will endeavor to safeguard Personal Information using methods that are appropriate to the sensitivity of the information. Specifically, MedFlash takes the following steps to safeguard any Personal Information that it collects:
a) Protecting the confidentiality of all Personal Information when doing business internally or externally with other organisations.
b) And protecting all Personal Information with appropriate and effective security safeguards, including physical, administrative, and technology safeguards, against such risks as loss or theft, unauthorised access, disclosure, copying, use or destruction, regardless of the format in which it is held.
11 - MedFlash storage of your personal information
MedFlash collects and stores your information on a secure, European server. For our overseas visitors, your data may be collected and stored on secure, offsite servers that meet the laws and policies of your country.
12 – Correction of inaccurate personal information
It is important that any Personal Information MedFlash holds about you is accurate and current. MedFlash requires you to keep us informed of changes to any Personal Information. You can correct any inaccuracies by accessing and modifying the information provided in your Account.
13 – Retaining your personal information
MedFlash retains Personal Information in accordance with its legal or business practices. We retain your Personal Information up to one year after you cease to be a MedFlash active Platform user. You will be considered an inactive user after one year with no activity in the Platform, starting from the date of your last access. Once the Personal Information is no longer required to fulfill the purpose for which it was collected and no longer required or permitted to be retained for legal or business purposes, it is securely destroyed or made anonymous.
14 – Access to your personal information
Any data that you provide to MedFlash can be accessed and modified from your Account. If you remove data from your profile, it will no longer appear to you or others who use the Platform. Backups of that data will remain in association with your Account and in our archive servers until deleted in accordance with our data retention schedule.
You can also ask to see the Personal Information that we hold about you. If you want to review, verify or correct your Personal Information, please contact our Privacy Officer using the contact information set out below. Please note that any such communications must be in writing.
When making an access request, we may require specific information from you to confirm your identity and right to access, as well as to search for, and provide you with, the Personal Data that we hold about you. If you need help in preparing your request, please contact our DPO.
For any personal data shared with your consent you can ask MedFlash to provide you with a copy of such data in a commonly used and machine-readable format. You can also request of MedFlash, if technically feasible, to send this information to other data processors.
MedFlash may not be able to provide you with access to your Personal Information, in situations where such refusal is permitted or required by applicable law or regulatory requirements. MedFlash will inform you of the reasons why, subject to any legal or regulatory restrictions, access has been denied.
15 - Your obligations
As a user, you have certain obligations toward the other users with whom you will be communicating. Certain of these obligations are imposed by applicable law and regulations, and others have become commonplace in user-friendly communities of like-minded members, such as the MedFlash App mobile application:
You must not provide information to MedFlash and/or other users which you believe might be injurious or detrimental to your person, professional or social status.
Any violation of these guidelines may lead to the restriction, suspension or termination of your Account by MedFlash, as we take these principles seriously and consider them to be the basis on which our users adhere to the Platform.
16 – Deactivation of your account
You can deactivate your Account by contacting us at firstname.lastname@example.org. When you do, data that can identify you will be removed from the Account, including but not limited to your email, name, birthdate and photo.
Backup copies of this data will be removed from our servers based upon an automated schedule, which means it may persist in our archive for at most thirty (30) days. MedFlash may continue to use your de-identified data.
17 - Questions or concerns related to our services
18 - Children’s privacy
The Service is not directed to individuals of less than 18 years of age. If you are a parent or guardian and believe we may have collected information about a child, please contact us as described in the “Contact Us” section, below.
20 - Contact US
DPO: Bruno Guimarães
Address: Rua de Argoncilhe, n.º 362; 4505-074, Argoncilhe, Santa Maria da Feira, Aveiro, Portugal.
Telephone Number: +351 911919023
Email Address: email@example.com
Name: ADHARA, LDA.
Address: Rua de Argoncilhe, n.º 362; 4505-074, Argoncilhe, Santa Maria da Feira, Aveiro, Portugal.
Telephone Number: +351 911919023
Email Address: firstname.lastname@example.org