WEBSITE AND SOCIAL MEDIA
Last updated on May 29, 2019
1. PREAMBLE AND CONSENT
1.2. Please read carefully this Policy, which explains how your personal data will be collected, used and protected, before using the Website and our dedicated pages on the social media and platforms. Your access and use of the Website and social media pages are conditional upon your acceptance of, and compliance with this Policy.
1.4. Please also note that you have the right to withdraw your consent at any time, it being however specified that such withdrawal: will not affect the lawfulness of processing based on your consent before its withdrawal; may prevent you from using some features of our Website or dedicated pages on social media.
2. GENERAL PRINCIPLES
2.1. Our Website and social media platforms contain the following information and provide the following services: information about the services offered by our company and its affiliates, various channels to get in touch with us (contact forms, forms to become a partner), links to other websites and social media platforms.
3. PERSONAL DATA WE COLLECT AND PURPOSE OF COLLECTION
A. GENERAL INFORMATION
3.1. Data we collect via our website and social media are divided based on the following three sources: Cookies, analytics and other similar tools (below B), Communication by the user (below C), Third-party sources (below D).
B. COOKIES AND OTHER SIMILAR TOOLS
1. Personal Data concerned
3.2. Cookies are files with small amount of data which are sent to your browser from a website and stored on your device (computer or mobile device). Tracking technologies also used are beacons, tags, and scripts to collect and track information and to improve and analyze our Website.
3.3. Through cookies and similar technologies, we may collect Personal Data from you when you visit our Website or dedicated pages on social media. We may log in particular usage data when you view or click on content.
3.4. List of the Cookies we use: Session Cookies: Cookies used to operate our Website Preference Cookies: Cookies used to remember your preferences and various settings. Security Cookies: Cookies used for security purposes. Analytics Cookies: Cookies used to collect data in order to improve our products and services. These cookies are further addressed in Section 3.d.1 below.
3.5. The following information and Personal Data are collected through cookies and similar tools: IP address of the requesting internet-enabled device, date and time of access, accessed resources on the Website, name and URL of the retrieved file, website/application from which the access was made (referrer URL), browser you use and, if necessary, the operating system of your internet-capable computer as well as the name of your access provider, location of the requesting internet-enabled device.
C. COMMUNICATION BY THE USER
1. Personal Data concerned
3.10. We collect Personal Data offered by you voluntarily when, on our Website, you fill out a contact form.
3.11. These data may include your names, title, gender, date of birth, nationality, address, country of residence, e-mail address, telephone number and copies of your correspondence.
2. Purpose of collection and processing
3.12. We use the Personal Data you provide us with for the following purposes: to provide customer support, to provide you with a service as a partner. 3. Lawful basis for processing
3.13. The lawful basis we rely on to process the Personal Data you provide us is the consent to the processing of your Personal Data.
D THIRD-PARTY SOURCES
1. Personal Data concerned
3.14. We may collect Personal Data about you from other sources, such as Personal Data you make available on social media.
3.16. We use a third-party web application firewall from Infomaniak, a Swiss company, to help maintain the security and performance of our Website. The service checks that traffic to the site is behaving as would be expected. The service will block traffic that is not using the site as expected. To provide this service, Infomaniak processes Website visitors’ IP addresses. 2. Purpose and lawful basis for processing
3.17. The purpose for collecting your Personal Data from other sources is to support our business and to maintain and to constantly look to improve our Website and the services it offers to our users.
3.18. The legal basis we rely on to process your personal data is of our legitimate interests.
4. PERSONAL DATA COLLECTED BY THIRD PARTIES (LINKS TO OTHER WEBSITES AND SOCIAL MEDIA)
4.2. Our Website and our dedicated pages on social media contain links that direct you to the YouTube and LinkedIn social networks (the “Social network”), in order to connect you with the content displayed in these platforms. When you access a Social network via our Website or one of our dedicated pages on social media, responsibility for compliance with data protection is to be guaranteed by the respective providers.
4.3. If you establish a connection with the Social network of your choice or another website, your browser connects directly to the provider’s servers. Through this integration, the Social network or the other website receives the information that your browser previously accessed the corresponding page of our Website or our dedicated page on a social media, even if you do not have a profile or are currently not logged in to your account. This information (including your IP address) will be transmitted from your browser directly to a provider’s server and stored there. If you are logged in to your account, the provider can immediately assign the visit to our Website or our dedicated page on a social media to your profile. If you interact with the Website or our dedicated page on a social media, for example by clicking a “Like” or “Share” button, this information will also be transmitted directly to the provider’s server and stored there.
5. SHARING YOUR PERSONAL DATA WITH THIRD PARTIES / HOSTING
5.1. We may give certain independent contractors and affiliates access to the Personal Data you made available to us through our Website or our dedicated pages on social media in order to assist us with the operation of our Website or our dedicated pages on social media, as well as data management and marketing activities.
5.2. In order to provide access to our Website, we have decided to store your Personal Data on Infomaniak’s servers located in Switzerland.
5.3. Your Personal Data may be transferred to a buyer or other successor in the event of a merger, divestiture, restructuring, reorganization, dissolution or other sale or transfer of some or all of European Health Corporation SA’s assets, whether as a going concern or as part of bankruptcy, liquidation or similar proceeding, in which personal information held by European Health Corporation SA about our Website users is among the assets transferred.
5.5. The purpose for sharing your personal data to the above-mentioned third-party is to support our business and to maintain and to constantly look to improve our Website and the services it offers to our users. The lawful basis we rely on to process your personal data is our legitimate interests.
6. SHARING YOUR PERSONAL DATA WITH AUTHORITIES
6.2. We attempt to notify users about legal demands for their Personal Data when appropriate in our judgment and technically feasible, unless prohibited by law or court order or when the request is an emergency. We may dispute such demands when we believe, in our discretion, that the requests are overbroad, vague or lack proper authority, but we do not promise to challenge every demand.
6.3. The purpose for sharing your Personal Data to the above-mentioned authorities is to comply with a legal obligation to which we are subject.
7. ANO COMMERCIAL DISCLOSURE OF YOUR PERSONAL DATA
8.CROSS-BORDER DATA TRANSFER
8.1. As indicated above, we use the services provided by Google Ireland Limited and your Personal Data is shared with this company. Google Ireland Limited does not guarantee that data are stored in the European Union only, and your Personal Data may thus be transferred to the United States.
9. PROTECTION OF YOUR PERSONAL DATA AND DATA BREACH NOTIFICATION
9.1. We exercise commercially reasonable efforts to prevent unauthorized exposure or disclosure of your Personal Data. In particular, we implement and maintain measures (comprising administrative, physical, and technical safeguards) for managing unauthorized disclosure or exposure of your Personal Data.
9.2. In the event of a data breach, or in the event that we suspect a data breach, we will (i) do our best efforts to promptly notify you, where technically feasible, and (ii) cooperate with you to investigate and resolve the data breach, including without limitation by providing reasonable assistance to you in notifying injured third-parties. We will give you prompt access to such records related to a data breach as you may reasonably request; provided that we shall not be required to provide you with records belonging to, or compromising the security of, other users.
9.3. In the event of a data breach, or in the event that we suspect a data breach, we will in addition notify the competent authorities in accordance with applicable law.
10.MANAGEMENT OF YOUR PERSONAL DATA (YOUR RIGHTS)
10.1. Right to access, update or to delete the information we have on you: Whenever made possible, you can access, update or request deletion of your Personal Data by contacting us at the following at: firstname.lastname@example.org.
10.2. Right of rectification: You have the right to have your Personal Data rectified if that information is inaccurate or incomplete.
10.3. Right to object: You have the right to object to our processing of your Personal Data.
10.4. Right of restriction: You have the right to request that we restrict the processing of your Personal Data.
10.5. Right to data portability: You have the right to be provided with a copy of the Personal Data we have on you in a structured, machine-readable and commonly used format.
10.6. Right to withdraw consent: You have the right to withdraw your consent at any time where we relied on your consent to process your Personal Data.
10.7. Right to complain to an Authority: You have the right to complain to a data protection Authority about our collection and use of your Personal Data. For more information, please contact your local data protection authority in the European Economic Area (EEA) or in Switzerland.
10.8. Please note that we may ask you to prove your identity before responding to requests based on the previous rights or somehow related to your Personal Data.
11. RETENTION OF YOUR PERSONAL DATA
11.1. We retain the Personal Data you provide to the extent necessary to (i) provide you with access to and use of our Website or our dedicated pages on social media, (ii) to the extent necessary to comply with our legal obligations (for example, if we are required to retain your data to comply with applicable laws), and (iii) resolve disputes.
11.2. The storage period of cookies depends on their purpose and is the same for everyone.
11.3. We may retain de-personalized (anonymous) information after the deletion of your Personal Data.
12.3. The new version will become effective on the date it is posted, which will be listed at the top of the page as the new effective date.
13.1. Our failure to enforce any right or provision of this Policy will not be considered a waiver of those rights.
13.2. If any provision of this Policy is held to be invalid or unenforceable by a court, the remaining provisions of this Policy will remain in effect.