Data collected may include personal information collected about you, as you use our website, interact with us, and utilize the Services. “Personal Information” is any information that can be used to identify an individual, and may include name, address, email address, phone number, login information (account number, password), marketing preferences, payment information including name/contact/billing and tax information, and content you provide when participating in any interactive surveys, activities, or events.
Medullan will gather some information automatically when you visit this website, and when you use our Services.
USE OF YOUR INFORMATION
Medullan uses Google Analytics to gather this data to determine customer and Website needs, and to optimize the website for your viewing. Medullan may also use the information to deliver, support, analyze, and improve the Services solution you have requested. Generic information will not reveal the identity of the visitor to this website.
LEGAL BASIS FOR PROCESSING (FOR EEA USERS)
If you are an individual in the European Economic Area (EEA), we collect and process information about you only where we have legal basis for doing so under applicable EU laws. The legal basis depends on the Services you use and how you use them. This means we collect and use your information only where:
We need it to provide you the Services, including to operate the Services, provide customer support and personalized features and to protect the safety and security of the Services;
It satisfies a legitimate interest (which is not overridden by your data protection interests), such as for research and development, to market and promote the services and to protect our legal rights and interests;
You give us consent to do so for a specific purpose;
We need to process your data to comply with a legal obligation.
If you have consented to our use of information about you for a specific purpose, you have the right to change your mind at any time, but this will not affect any processing that has already taken place. Where we are using your information because we or a third party (e.g. your employer) have a legitimate interest to do so, you have the right to object to that use though, in some cases, this may mean no longer using the Services.
Medullan implements physical, administrative, and technical safeguards designed to protect your Personal Information from unauthorized access, use, or disclosure. We also contractually require that our suppliers protect such information from unauthorized access, use, and disclosure. The Internet, however; cannot be guaranteed 100% secure, and we cannot therefore ensure or warrant the security of any personal information you provide to us. As an international company, Medullan may need to transmit the Personal Information from the European Union to the United States. For this purpose, Medullan has self-certified to the EU–US Privacy Shield and Swiss-US Privacy Shield programs to govern the transfer of the data. By using our website and the Services or by providing any personal information to Medullan, where applicable law permits, you consent to the transfer, processing, and storage of such information outside of your country of residence where the data protection standards may be different. For data stored and used to support the Services, and to respond to any request for such data to be deleted, Medullan has a CRM system. If you choose to provide Medullan with a third party’s personal information (such as name, email, and phone number), you represent that you have the third party’s permission to do so. Your personal data is stored on the secure servers of the CRM system within the US. Medullan retains the data for the duration of your business relationship with us, and otherwise as required under applicable law. If you are located in the EEA (European Economic Area), if you withdraw your consent for the processing of your personal data, all your personal data will be deleted unless we are required to retain this personal data by law or to comply with our regulatory obligations.
How to Access & Control Your Personal Data
Reviewing, Correcting and Removing Your Personal Information
You have the following data protection rights:
You can request access, correction, updates or deletion of your personal information.
You can object to processing of your personal information, ask us to restrict processing of your personal information or request portability of your personal information.
If we have collected and processed your personal information with your consent, then you can withdraw your consent at any time. Withdrawing your consent will not affect the lawfulness of any processing we conducted prior to your withdrawal, nor will it affect processing of your personal information conducted in reliance on lawful processing grounds other than consent.
You have the right to complain to a data protection authority about our collection and use of your personal information. Contact details for data protection authorities in the EEA, Switzerland and certain non-European countries (including the US and Canada) are available here.
To exercise any of the rights listed above, please contact us at firstname.lastname@example.org or by mail to Medullan, Inc. 240 Elm St. 2nd Floor, Somerville, MA 02144 USA, Attention: Privacy. We will respond to your request to change, correct, or delete your information within a reasonable timeframe and notify you of the action we have taken.
QUESTIONS ON AND CHANGES TO THIS POLICY
Last updated: May 25, 2018