IMAGEMOVER(MD) EU GDPR PRIVACY POLICY
Last Updated [October 2020]
This privacy policy (“Privacy Policy”) describes how ImageMover(MD)( “IMAGEMOVER”, “we”, “our” or “us”) uses personal information that we process in connection with your use of this mobile application or any other website or application that we operate that links to this Privacy Policy, however accessed (collectively, our “App(s)”).
Please read this Privacy Policy carefully to better understand how we collect, use, and disclose personal information about you as you use our App. Any changes to this Privacy Policy will appear on this page, so we encourage you to review it periodically.
IMAGEMOVER’S SERVICES
mageMover provides a variety of secure image workflow services (the “Service(s)”) to customer organizations (“Customer Organization(s)”) in conjunction with other third-party products and services through the ImageMover Solution , including:
Health or wellness Test Kits result collection (collectively, “ImageMover Test Kit Results Capture”)
Image transfer services (“ImageMover Transformer”)
Image transfer within an EHR or other hospital system (including “ImageMover Mobile”, “ImageMover Uploader”, “ImageMover Modality”, “ImageMover Image Exchange”)
The following ImageMover products may process patient demographic information available in the EHR and data related to medical images.
Our Apps are business to business websites or applications that are not intended for personal use. ImageMover Customers Organizations and their authorized users may use our Apps in accordance with their Agreements to process their business-related information, which could include information collected from third parties as permitted by your organization’s Agreement.
Our Customer Organizations may use our Services to collect information from individuals, including their employees or contractors and use our Services to manage other personal information and activity. ImageMover is not responsible for the privacy and security practices of our Customer Organizations, and this Privacy Policy is not intended to cover those Customer Organization’s practices or any other third party’s privacy practices with respect to its employees or any other individuals from whom it collects information.
INFORMATION WE COLLECT OR PROCESS IN PROVIDING SERVICES
The information we collect from you varies, depending on the way you use our App or Services, as outlined above. We may collect and process information from or about you in the ways described below:
A service provider for the Services listed above, any personal information we process is on behalf of Customer Organizations and at their request. Rather, the Customer Organizations determine and control what information to collect, and ImageMover is contractually required to provide our Services in accordance with our Customer Organization’s instructions.
The types of information we could process from you in performing our photo or image transfer solutions may include patient demographic or identifiable information available in the EHR and data related to medical images.
The types of information we could process or store from you in performing our Test Kit Services (i.e. the capture of test results) may include, but is not limited to:
Test Kit Info
Test Kit Manufacturer, Test Kit Expiration date, Test Kit lot number
Test Subject Info
Job/Role (example: student, coach), External ID, (Student ID # or Employee ID#), External ID Picture (Image), Last Name, First Name, Middle Name, Date of Birth, Gender, Phone Number, Address, Residence ZIP code, Residence county/parish, Email, Additional Job/Role information (example jersey number, position), Symptoms, Consent Signature (Image), Consent Received (Text), Test results, Image of test results, Test result date, Race, Ethnicity, Ordering provider name and NPI number (as applicable), Ordering provider ZIP code, Performing facility name and CLIA number (as applicable), Performing facility ZIP code, Date test ordered, Date specimen collected, Ordering provider address, Ordering provider phone number, Whether this is the first test they’ve been administered, Employed in healthcare?, Symptomatic as defined by CDC? If yes, then date of symptom onset?, Hospitalization status and history, ICU status and history, Whether resident in a congregate care setting (including nursing homes, residential care for people with intellectual and developmental disabilities, psychiatric treatment facilities, group homes, board and care homes, homeless shelters, foster care, or other setting), Pregnancy status
Your personally identifiable information (“PII”) is any information that relates to you and identifies or can be used to identify you. Your “personal data” is any information which is related to an identified or identifiable natural person, as defined under the General Data Protection Regulation (GDPR).
We also process any information you choose to provide to us or our Customer Organizations.
1. HOW WE USE YOUR INFORMATION
If you submit or we collect or process information through our Services, then such information may be used to:
Provide you the requested Services (as listed under “ImageMover’s Services”) or process your request;
Comply with applicable law (including health laws), assist law enforcement, and to respond to regulatory or other legal inquiries; and
For any other purpose to which you consent, or you direct us, or as provided for in this policy.
2. HOW WE SHARE OR DISCLOSE YOUR INFORMATION
We do not sell, lease, or rent your PII or personal data collected from our Service to third parties. We share or disclose your information as stated in this policy or with your consent or at your direction.
(a) Customer Organizations.
We transfer and share information collected from you with the Customer Organizations on whose behalf we collect that information and in accordance with our contractual agreements with them.
(b) Our Third Party Service Providers.
We transfer information to our third party service providers to perform tasks on our behalf and to assist us in providing our Service. For example, we may share your information with service providers who assist us in performing core functions (such as hosting, data storage, and security) related to our operation of the Services. In the performance of our Service, we may share information from or about you with these third parties so that we can deliver the highest quality user experience.
(c) In the Event of Merger, Sale, or Change of Control.
We may transfer or assign information to a third party entity that acquires or is merged with us as part of the evaluation of an entry into such transactions, or in the course of a merger, acquisition, sale, or other change of control (such as the result of a bankruptcy proceeding).
(d) Other Disclosures.
We may disclose information about you if we have a good faith belief that disclosure of such information is helpful or reasonably necessary to: (i) comply with any applicable law, regulation, legal process or governmental request; (ii) enforce our agreements, including investigations of potential violations thereof; (iii) detect, prevent, or otherwise address fraud or security issues; or (iv) protect against harm to the rights, property or safety of ImageMover, our users, or the public.
YOUR DATA PROTECTION RIGHTS The right to access – You have the right to request Our Company for copies of your personal data or for information on how your information is processed. The right to rectification – You have the right to request that Our Company correct any information you believe is inaccurate. You also have the right to request Our Company to complete the information you believe is incomplete.
The right to erasure – You have the right to request that Our Company erase your personal data, under certain conditions.
The right to restrict processing – You have the right to request that Our Company restrict the processing of your personal data, under certain conditions.
The right to object to processing – You have the right to object to Our Company’s processing of your personal data, under certain conditions.
The right to data portability – You have the right to request that Our Company transfer the data that we have collected to another organization, or directly to you, under certain conditions.
If you reside in the EU/EEA, you may make this request through the Customer Organization requesting the Services. If you make a request in the US, we have one month to respond to you. If you would like to exercise any of these rights, please contact us according to the ‘Contact Us’ section below.
HOW WE PROTECT YOUR DATA
3. DATA STORAGE, RETENTION, TRANSFER
When you use the ImageMover Solutions in the EU/EEA, your data is stored locally by the Customer Organization located in the European Union. Personal data will only be stored for a limited time on our servers. Data is not retained by ImageMover beyond App access and successful transmission to the Customer Organization. Your personal data may be transferred outside of the country you reside for processing purposes. The country may have a different level of data protection than the EU/EEA. We will take appropriate safeguards to protect personal data in accordance with this policy.
When you use the App or Services in the United States, that data resides with our servers in the US. Data will be retained for as long as it is needed to: (i) fulfill the purposes for which we collected the information, and (ii) comply with applicable law.
4. DATA SECURITY
We take the protection of your information seriously and take reasonable and appropriate physical, administrative, and technical measures to protect the information collected through our Site. All data transfer in performing the Services is encrypted. While we implement commercially reasonable security measures to protect your privacy, please keep in mind that the Internet is not a 100% secure medium for communication, and we cannot guarantee that the information collected about you will always remain private when using our App and/or Services. As a result, while we strive to protect your personal information, we cannot guarantee the security of any information you transmit to us, and you do so at your own risk.
LINKS TO OTHER SITES OUR
APP MAY INCLUDE LINKS TO OTHER THIRD PARTY APPS AND WEBSITES AS A CONVENIENCE TO YOU. IF YOU CLICK ON ONE OF THOSE LINKS, YOU WILL BE TAKEN TO WEBSITES WE DO NOT CONTROL, AND THIS PRIVACY POLICY DOES NOT APPLY TO THOSE THIRD PARTY WEBSITES. THE INCLUSION OF ANY LINK DOES NOT IMPLY OUR ENDORSEMENT OF ANY OTHER APPS, SITE(S), OR ITS PRODUCT(S) AND/OR SERVICE(S). IMAGEMOVER IS NOT RESPONSIBLE FOR THE PRIVACY PRACTICES OR CONTENT OF ANY OTHER SITE.
5. CHANGES TO THIS PRIVACY POLICY
We reserve the right to amend the Privacy Policy at any time, for any reason, without notice to you, other than the posting of the amended Privacy Policy on our App or Service. We will provide you notice of material changes by indicating that the Privacy Policy has been updated and will indicate the date we made the update above. Your continued use of any of the Services after the changes have been made will constitute your acceptance of the changes. Please therefore make sure you read any such notice carefully. If you do not wish to continue using the Services under the new version of the policy, please cease using the Services.
6. CONTACT US
Any comments, concerns, or questions regarding our Privacy Policy may be addressed to regulatory@ImageMoverMD.com. Please note that email communications may not be secure. Accordingly, you should not include personal or other sensitive information in your email correspondence.
COOKIES POLICY
7. INFORMATION COLLECTED AUTOMATICALLY
Certain information on our Service is collected automatically by means of various software tools. We have a legitimate interest in using such information to assist in systems administration, information security and abuse prevention, to track user trends, and to analyze the effectiveness of our Service.
(a) Log Files.
Log files refers to the information that is automatically sent by your web browser or device (or otherwise automatically collected) each time you view or interact with our online Service. The information inside the log files may include IP addresses, type of browser, internet service provider, date/time stamp, referring/exit pages, clicked pages and any other information your browser may send to us.
(b) Device and Online Usage.
We may collect information about your computer, browser, mobile or other device that you use to access our Service. We may use cookies, pixels, log files and other techniques to collect such information, including IP address, device identifiers and other unique identifiers, browser type, browser language, operating system name and version, device name and model, version, referring and exit pages, dates and times of Service access, links clicked, features uses, crash reports and session identification information.
(c) Cookies.
We use cookies to make interactions with our Service easy and meaningful. When you visit our Service, our servers may send a cookie to your computer. We may use cookies that are session-based or persistent. Session cookies exist only during one session. They disappear from your computer when you close your browser software or turn off your computer. Persistent cookies remain on your computer after you close your browser or turn off your computer. We use cookies that enable you to navigate our Service and use its features, such as accessing secure areas of our Service. Because required cookies are essential to operate our Service, there is no option to opt out of these cookies. We use cookies to provide features and services such as:
Remembering your preferences and allowing you to enter your information less frequently;
Measuring the effectiveness of our sites, services, content, and advertising;
Providing other services and features that are only available through the use of cookies;
The Options/Settings section of most internet browsers will tell you how to manage cookies and other technologies that may be transferred to your device, including how to disable such technologies. You can disable our cookies or all cookies through your browser settings, but please note that disabling cookies may impact some of our Service features and prevent the Service from operating properly.
(d) Web Beacons and Similar Tracking Technologies.
When you use our Services, we may collect your IP address for certain purposes such as, for example, to monitor the regions from which you navigate our Services. We may also use web beacons alone or in conjunction with cookies to compile information about your usage of our Services and interaction with emails from us. Web beacons are clear electronic images that can recognize certain types of information on your computer, such as cookies, when you view a particular site tied to the web beacon. We may use web beacons to operate and improve our Services.
(e) Analytics Services.
We may use certain third party analytics services to improve the functionality, features, or delivery of our Service. We may also use these analytics services to record mouse clicks, mouse movements, scrolling activity, as well as any text that you type into our Service. For example, we use Google Analytics on our Service to track user trends and usage. For more information on Google Analytics’ processing of your information as it relates to our Service, please see http://www.google.com/policies/privacy/partners/. By using a browser plugin provided by Google, you can opt out of Google Analytics.
(f) Aggregated Or Deidentified Information.
We may de-identify your data or combine it (aggregate) within our discretion to share with our affiliates, agents, business partners, and/or other third parties for any purposes not prohibited by law.