Last updated: March 13, 2019
MobileODT Ltd. and its affiliates (“MobileODT”, “we”, “us” or “our”) highly value and respect the privacy of the users of the Services (“User(s)”, “you” or “your”) and therefore we invest great efforts and resources in order to optimize your privacy.
Therefore, if you are not a User – for example, if you are a patient of our Users (i.e. your healthcare provider) – but nonetheless believe that we may have in our possession personal information pertaining to you, please be advised that all data processing activities with respect to your personal information are conducted in accordance with our Users’ instructions. Our engagement terms provide our Users with sole and ultimate discretion to determine the purposes and manner in which your personal information is processed by MobileODT.
If you are a patient of our Users and have any requests concerning your personal information or any questions about the processing of your personal information, please contact your healthcare provider.
We will collect information that identifies you only if it is provided by you with your explicit consent. However, please note that we may also collect certain information that identifies you, without your consent, if:
- such data is required for rendering the Services to you;
- such data is required for complying with legal obligations, such as a court or regulatory order or in response to the authorities;
- such Data is required for our legitimate purposes (or the legitimate purposes of those acting in our behalf) which will be broadly described below under the “How We Use the Data We Collect and Store and for what Purposes” section.
If you reside or are using the Services within a territory governed by privacy laws which determine that consent is the only legal basis for the processing of the Data, by using the Services you hereby consent to the processing of the Data for all purposes detailed in this Policy.
This Policy specifically outlines:
- What Data Do We Collect?
- How Do We Use the Data We Collect and Store and For What Purposes?
- Sharing of Information
- Your Rights
- Data Retention
- How Do We Secure Your Information?
- External Links and Third-Party Services
- Transfer of Data
- Protection of Children’s Privacy
- Changes to The Policy
1. What Data Do We Collect?
A. Information you provide us or give us permission to obtain.
When you register to the Services, whether directly or indirectly through your organization, you may be required to submit certain details about yourself. This may include, among others, your name, phone number, email address, name of organization, your position in the organization and location.
Furthermore, you hereby acknowledge and approve the Data Processing Agreement (“DPA”) available at https://portal.mobileodt.com/Data-Processing-Agreement and the Standard Contractual Clauses therewith which shall govern your relationship with MobileODT in connection with third-parties’ information you provide MobileODT. To avoid any doubt, in the event of discrepancies between these Terms of Service and the DPA, the DPA shall prevail.
B. Information we collect from your use of the Services.
Technical information: we collect information about the mobile device and applications you use to access the Services, such as your Internet Protocol (IP) address, the type of the mobile device you are using the Services on, mobile device ID, hardware model, operating system version, your mobile device and hardware settings, unique mobile device identifiers, and crash data.
This collection of information is subject to your approval upon installation of the App. You are entitled at any time to revoke your consent to our ongoing ability to collect such information (i) by changing the settings on your mobile device, if your mobile device offers that option; or (ii) by simply deleting our App from your mobile device - but please note that this may prevent us from providing the Services in whole or in part.
Further, our web servers keep log files that record data each time a device accesses those servers and those log files contain data about the nature of each access. We may also access and collect usage data about you when you interact with the Services, such as the nature of each access, your communication with other Users and third parties, access times, cookies data, and additional related metadata, such as the time, date, and place of your usage.
Aggregated information we may also gather statistical and aggregated information originating from our users which may be combined with additional non-identifiable information collected from other sources, regarding the use of the Services. This information will be anonymous and will not allow, by reasonable means, to identify – or to be attributed to – a specific user.
To avoid doubt, any non-personal information connected or linked to any personal information shall be deemed as personal information as long as such connection or linkage exists.
We may use non-personal aggregate information for internal, research, development or commercial purposes, and we may also share such information with our business partners, affiliates or other third parties, including advisors, for the purpose of conducting a general business analysis.
For the avoidance of doubt, the Processor will not access patient Data and associated image scollected by Users who are defined in a Sexual Assault Nurse Examination (SANE) scenario or their equivalent, unless technical support is requested. The Processor will only access data on a case by case basis when explicit, written permission only is given.
For the avoidance of doubt, any non-personal information connected or linked to any personal information shall be deemed as personal information as long as such connection or linkage exists.
2. How Do We Use the Data We Collect and Store and for what Purposes?
We will store and process your information for the following purposes:
- Ongoing operation and performance of the Services and our internal course of Business - for example, for recognizing you as user of MobileODT and allow you the use of the Services.
- Support and communication with Users - for example, to contact you in order to provide the most efficient support.
- Marketing or advertising the Services - we may send you newsletters, updates, marketing materials and other information that may interest you by e-mail or via mobile devices.
- Additional legitimate interests, including:
- Preventing and responding to fraud, inappropriate use or abuse of the Services;
- Preventing or addressing technical or security issues;
- Fulfilling our commitments to our partners or other third-parties;
- Internal research for the purpose of evaluating the use of the Services, developing new features for the Services and improving user experience;
- Marketing to you or advertising of the Services;
- Ensuring the protection of our rights, security and property (and those of our partners, contractors and users);
- Various legal purposes, such as the establishment, exercise or defense of a legal claim.
3. Sharing of Information
Your Sharing of Data
The Services allow you to share information within the Services or through third-Party’s platforms. Any such sharing is ultimately controlled by you and you will bear all risk and liability with respect to this sharing. We encourage you to exercise discretion before any such sharing.
Our Sharing of Data
We will not share your Data with third parties, except in the following instances:
A. When we have received your permission. This includes sharing information as described in this Policy or otherwise with third party services when you have chosen to use our Service features which interact with these third party services.
B. When we engage third parties to process Data on our behalf. Such third parties' use will be subject to our explicit instructions and in compliance with this Policy.
C. With our affiliates. This relates to entities that are legally part of the same group of companies that we are part of, or that become part of that group.
D. In case of a change of control. If we engage in a merger, acquisition, bankruptcy, dissolution, reorganization, or similar transaction or proceeding, we may transfer the information to our new owner.
G. Non-Personally Identifiable Information. We may also share aggregated or non-personally identifiable information that we collect and share as broadly described above under “what data we collect” section.
4. Your Rights
Right of Access - since most of your personal information is provided by you or your organization you have full access to your Data directly through the App or through your organization.
Right to Rectification - you are entitled to correct/update your Data at any time by editing your Account details. You are responsible to make all necessary changes to correct any information in your Account which is inaccurate, incomplete or outdated. Please keep in mind that false, incorrect, or outdated information may prevent you from registering to the Services and impair our ability to provide you with Services. If you have a reason to believe we possess incorrect Data relating to you, you may also request the amendment of such Data.
Right to Erasure - you may contact us at all times with a request to delete your Data. We will comply with this request and delete any Data which is associated with you, to the extent possible. However, you should be aware that we use backup systems in which your Data is stored without the ability to delete it immediately upon request. Therefore, we may require an additional short period of time until we are able to fully delete all traces of your Data.
Nonetheless, for legal reasons, organizational reasons or in order to prevent fraud, we may retain certain specific information relating to you. In any event, your request for deletion will be recorded and will not be deleted.
In addition, under certain circumstances you may have the right to object to the processing of the Data and to export certain Data to another service.
5. Data Retention
We only retain your Data while your Account remains active or for as long as it is necessary to achieve the purposes mentioned in this Policy. After discontinuation of the respective purpose or if you have terminated your Account, the corresponding Data may be deleted. In addition, Data may also be deleted upon your request (see above).
Please note that we may need to retain certain information about you for legal and internal business purposes even if you delete your Account with us. This includes, among others:
- Data which is required to prevent fraud or abuse of the Services;
- Data which is required for our internal security purposes;
- Data which needs to be retained for bookkeeping and accounting purposes, in order to comply with legal or regulatory requirements or to exercise any legal right.
We will retain the minimum Data required for those purposes.
6. How Do We Secure Your Information?
We consider data security a top priority and we do our best to keep your Data secured. For that purpose, we practice administrative, technical, and physical security procedures to help protect the information you provide us.
Although we do our best to protect your Data, unfortunately, no method of transmitting or storing electronic data is ever completely secure. Therefore, you cannot reasonably expect, and we cannot promise or guarantee that such information will be immune from any wrongdoings, malfunctions, unlawful interceptions or access, or other kinds of abuse and misuse. Please be aware that we may use third-party cloud service providers that provide hosting, data storage and other services pursuant to their standard terms and conditions that are generally non-negotiable, and accordingly, we may be unable to impose contractual obligations on them with respect to the measures they use to protect personal information.
If you have reason to believe that your interaction with us is no longer secure (for example, if you feel that the security of any account you might have with us has been compromised), please immediately notify us of the problem by contacting us in accordance with the "Contact Us" section below.
7. External Links and Third-Party Services
The Services may contain integration with third-party service providers and links to third party sites or other apps or services that are not owned or operated by MobileODT. Similarly, it is possible that you will use other services to interact or interface with the Services (for example, by accessing the Services via your social network account). This Policy only applies to MobileODT’s Services and does not apply to any third-party sites, apps, platforms or any other services. The use of these technologies by these third parties is subject to their own privacy policies and is not covered by this Policy.
WE ARE NOT RESPONSIBLE FOR THE PRIVACY PRACTICES OR TERMS OF ANY THIRD PARTIES.
8. Cross-Border Transfer of Data
By using the Services, you consent to the transfer of Data to countries outside of your country of residence or the country where the Data is collected, which may have different data protection rules than in your country.
For the avoidance of doubt, if the Data is collected by a user and synced to the portal within the United States, then such collected Data is stored by the Processor on servers located in the United States alone.
If you reside in, or are accessing the Services from, the European Union, you should know that most of the processing of your Data takes place within the European Union or within territories recognized by the EU Commission as providing adequate protection to your Data.
The above notwithstanding, we may also transfer, process and store your Data in territories which have yet to be recognized by the EU Commission as providing adequate protection to your Data. However, we have put in place adequate measures, such as standard contractual clauses adopted by the European Commission to protect your Data.
In addition, please note that your Data is stored on servers maintained by third party service providers. We ensure the compliance of these third parties with the requirements of the appropriate privacy protection regulations.
9. Protection of Children’s Privacy
The Services are not directed to individuals under the age of eighteen (18).
IF YOU ARE UNDER 18 YEARS OF AGE, YOU MAY NOT USE OR ACCESS THE SERVICES AT ANY TIME OR IN ANY MANNER.
Protecting the privacy of young children is especially important. We will not knowingly collect or maintain Data from individuals under the age of sixteen (16). If we learn that Data of persons under 16 years of age has been collected by us on or through the Services, we may take the appropriate steps to delete such information.
10. Changes to The Policy
We are constantly seeking to improve our privacy practices. Accordingly, we may amend, change, update or modify this Policy from time to time.
Please take a look at the “LAST UPDATED” legend at the top of this page to see when this Policy was last revised. Any such revision or modification will become effective immediately upon posting of the revised Terms on our website.
Your continued use of the Services following the posting of revised Policy means that you accept and agree to the changes. You are expected to check this page frequently so you are aware of any changes, as they are binding on you.
If you have any questions (or comments) concerning these Terms, you are welcome to send us an email at: firstname.lastname@example.org and we will make an effort to reply within a reasonable timeframe.
You may also:
- Contact our Data Protection Officer (DPO) at email@example.com
- Lodge a complaint with your local data protection authority for any inquiry or complaint.