EU GDPR Policy

medDARE (“us”, “we”, or “our”) operates the https://meddare.ai website (hereinafter referred to as the “Service”).

This page outlines our policies concerning the collection, use, and disclosure of personal data when you use our Service as well as the options available to you regarding that data. With this policy, we inform you that in cases in which we are required to do so by law, we apply the GDPR rules regarding the collection, storage, use, handling, transfer and deletion of personal information.

 
1 / About GDPR

The General Data Protection Regulation (Regulation (EU) 2016/679, abbreviated GDPR) is a European Union regulation on information privacy in the European Union (EU) and the European Economic Area (EEA). It also governs the transfer of personal data outside the EU and EEA.

2 /  What Types of Data We Collect

There are two ways in which we can collect personal data: via our website and from our clients under the framework of our agreements.

3 /  Data Collected via Website

We gather your data through online inquiry forms on our website, email inquiries and exchanges, or telephone conversations.

4 / Data Collected under Framework Agreements

Using medDARE services for managing your customers' data indicates that you've enlisted medDARE as a data processor to conduct specific processing tasks on your behalf. According to  Article 28 of the GDPR, the relationship between the controller and the processor are regulated by the Data Processing Agreement, which we put in place with every Client.

We take all necessary measures for data security and to ensure a risk-appropriate level of protection. When selecting appropriate technical and organizational measures, the protection objectives of Art. 32 (1) GDPR, such as confidentiality, integrity and availability of the systems and services, as well as their resilience in relation to the type, scope, circumstances and purpose of the processing operations for the permanent containment of the risk are taken into account.

We comply with respective obligations under the GDPR, including but not limited to, the obligations relating to the security of processing, the notification of personal data breaches, and the rights of data subjects.

5 / Access, Data Storage and Security

We confirm that medDARE tries to provide the appropriate level of security to cover all possible risks presented by processing, in particular from accidental or unlawful destruction, loss, unauthorized disclosure, etc.

  • We have implemented policies regarding information security, access to information and rules for the use of information and privacy in line with our ISO 9001 and ISO 27001 certification.
  • Any person acting under the authority of medDARE either as the controller or the processor who has access to personal data does not process them except on instructions from the controller, unless he or she is required to do so by law.
  • We retain personal data no longer than it is necessary and we have regular reviews and proper processes in place. In cases when you provide us with your consent to use your details for direct marketing, we will keep such data until you notify us otherwise and/or withdraw your consent.
6 / Tracking & Cookies Data

We use cookies and similar tracking technologies to track the activity on our service and hold certain information.

Cookies are files with small amounts of data which may include an anonymous unique identifier. Cookies are sent to your browser from a website and stored on your device. Tracking technologies also used are beacons, tags, and scripts to collect and track information and to improve and analyze our service.

You can instruct your browser to refuse all cookies or to indicate when a cookie is being sent. However, if you do not accept cookies, you may not be able to use some portions of our Service.

7 / Analytics

We may use third-party Service Providers to monitor and analyze the use of our service, for example, Google Analytics. Google Analytics is a web analytics service offered by Google that tracks and reports website traffic. Google may use the collected data to contextualize and personalize the ads of its own advertising network.

8 / Monitoring and Enforcement of Compliance to Privacy Policy

As the controller of your personal data, medDARE is committed to respecting all your rights under the GDPR. If you have any questions or feedback, please reach out to our Data Protection Officer (DPO) by email at dpo@meddare.com.

Any changes we may make to this Policy in the future will be posted on this page and, where appropriate, notified to you by e-mail or by other means, if such notification will be deemed necessary.