Medullan Privacy Policy

 

Medullan, Inc. is committed to protecting your privacy and providing you with a positive experience. This Privacy Policy applies to both the Medullan Website and Medullan’s consulting and/or product platform and design services. We refer to all of these as “Services” in this policy. The policy identifies the information collected, how it is used, shared, stored, secured, and the access and control of your information. When required for the Services, we may also transfer or process that information internationally. Please note, to the extent a notice is provided at the time of collection, on a website, or a solution specific privacy statement, conflicts with this Privacy Policy, such specific notice or supplemental privacy statement will control. 

When you use our website or any of the Medullan Services on or after May 25, 2018, you’ll be agreeing to this updated Privacy Policy. 

DATA COLLECTION
Data collected may include personal information collected about you, as you use our website, interact with us, and utilize the Services. “Personal Information” is any information that can be used to identify an individual, and may include name, address, email address, phone number, login information (account number, password), marketing preferences, payment information including name/contact/billing and tax information, and content you provide when participating in any interactive surveys, activities, or events. 

Medullan will gather some information automatically when you visit this website, and when you use our Services.

USE OF YOUR INFORMATION
Medullan uses Google Analytics to gather this data to determine customer and Website needs, and to optimize the website for your viewing. Medullan may also use the information to deliver, support, analyze, and improve the Services solution you have requested. Generic information will not reveal the identity of the visitor to this website. 

LEGAL BASIS FOR PROCESSING (FOR EEA USERS)

If you are an individual in the European Economic Area (EEA), we collect and process information about you only where we have legal basis for doing so under applicable EU laws. The legal basis depends on the Services you use and how you use them. This means we collect and use your information only where:

We need it to provide you the Services, including to operate the Services, provide customer support and personalized features and to protect the safety and security of the Services;

It satisfies a legitimate interest (which is not overridden by your data protection interests), such as for research and development, to market and promote the services and to protect our legal rights and interests;

You give us consent to do so for a specific purpose;

We need to process your data to comply with a legal obligation.

 If you have consented to our use of information about you for a specific purpose, you have the right to change your mind at any time, but this will not affect any processing that has already taken place. Where we are using your information because we or a third party (e.g. your employer) have a legitimate interest to do so, you have the right to object to that use though, in some cases, this may mean no longer using the Services. 


SECURITY
Medullan implements physical, administrative, and technical safeguards designed to protect your Personal Information from unauthorized access, use, or disclosure. We also contractually require that our suppliers protect such information from unauthorized access, use, and disclosure. The Internet, however; cannot be guaranteed 100% secure, and we cannot therefore ensure or warrant the security of any personal information you provide to us. As an international company, Medullan may need to transmit the Personal Information from the European Union to the United States. For this purpose, Medullan has self-certified to the EU–US Privacy Shield and Swiss-US Privacy Shield programs to govern the transfer of the data. By using our website and the Services or by providing any personal information to Medullan, where applicable law permits, you consent to the transfer, processing, and storage of such information outside of your country of residence where the data protection standards may be different. For data stored and used to support the Services, and to respond to any request for such data to be deleted, Medullan has a CRM system. If you choose to provide Medullan with a third party’s personal information (such as name, email, and phone number), you represent that you have the third party’s permission to do so. Your personal data is stored on the secure servers of the CRM system within the US. Medullan retains the data for the duration of your business relationship with us, and otherwise as required under applicable law. If you are located in the EEA (European Economic Area), if you withdraw your consent for the processing of your personal data, all your personal data will be deleted unless we are required to retain this personal data by law or to comply with our regulatory obligations. 


How to Access & Control Your Personal Data
Reviewing, Correcting and Removing Your Personal Information

You have the following data protection rights:

You can request access, correction, updates or deletion of your personal information.

You can object to processing of your personal information, ask us to restrict processing of your personal information or request portability of your personal information.

If we have collected and processed your personal information with your consent, then you can withdraw your consent at any time. Withdrawing your consent will not affect the lawfulness of any processing we conducted prior to your withdrawal, nor will it affect processing of your personal information conducted in reliance on lawful processing grounds other than consent.

You have the right to complain to a data protection authority about our collection and use of your personal information. Contact details for data protection authorities in the EEA, Switzerland and certain non-European countries (including the US and Canada) are available here.


To exercise any of the rights listed above, please contact us at privacy@medullan.com or by mail to Medullan, Inc. 240 Elm St. 2nd Floor, Somerville, MA 02144 USA, Attention: Privacy. We will respond to your request to change, correct, or delete your information within a reasonable timeframe and notify you of the action we have taken.

COOKIE POLICY
When you visit the Medullan website, we may send one or more cookies - a small file containing a string of characters - to your hard drive that uniquely identifies your browser. Any use of cookies will be solely for the purposes of improving the quality of the Website by storing user preferences, and tracking user trends, such as how users engage with the Website. Most browsers initially default to accept cookies, but you can reset your browser to refuse all cookies, or to alert you when a cookie is being sent.


OTHER WEBSITES
This Privacy Policy applies to this website only. We do not exercise control over any sites that you may visit from a link on our website. These other sites may place their own cookies or other files on your computer, collect data or solicit personal information from you, please reference the Privacy Policy on third party websites to learn about their specific Privacy Policies.


QUESTIONS ON AND CHANGES TO THIS POLICY
If you have any questions about this Privacy Policy, or you wish to inquire about additional website/marketing permissions, please contact us through this website, via email at privacy@medullan.com, or at Medullan Inc., 240 Elm Street, 2nd Floor, Somerville, Massachusetts, 02144, United States of America.


Please note that this Privacy Policy may change from time to time. We expect most such changes will be minor. In any case, we will post any changes we may make in the future on this page or specifically on the relevant website page(s) where information is submitted/collected.

Last updated: May 25, 2018