Effective: 1 June 2017 | Last modified: 30 May 2017
I. General Provisions
1. Use of the Products and Services
MedAngel provides Products and Services to help patients and professionals to monitor medications’ temperature. MedAngel cannot guarantee the potency or safety of your medications or be responsible for any health problems that may arise while or in connection with the use of our Products or Services. We encourage you to consult with your healthcare provider before commencing the Products and Services and use as recommended by your healthcare provider. MedAngel may use third parties, in whole or in part, to provide Products and Services. Please note, not all Products are available in all jurisdictions. Please see the applicable Product and Services description to see which Products and Services are available in your country. The Products and Services may be updated or discontinued from time to time.
You will receive a user account for our personal use that requires an email and password. You are responsible for all activities that occur under your user account. You shall: (i) have sole responsibility for the accuracy, quality, integrity, legality, reliability, and appropriateness of all data you provide; (ii) maintain the confidentiality of your password and user account information; (iii) use your best efforts to prevent unauthorized access to, or use of, the Products and Services, and notify MedAngel promptly of any such unauthorized use; and (iv) comply with all applicable local, state, and federal laws in using the Products and Services.
The term of this Agreement will begin upon your successful registration and the activation of the Products and Services by MedAngel and will continue until you cease using the Product or Service unless a term is otherwise set forth in the registration. For those Product or Services subject to a limited term, this Agreement will automatically renew for successive equivalent terms unless terminated by either party as permitted herein.
(I) MedAngel reserves the right to refuse activation of a user for any reason and may suspend or terminate your access to the Products and Services if you (a) breach any term of this Agreement, or (b) engage in any conduct that MedAngel determines in its discretion may have an adverse effect on MedAngel or its reputation.
(II) You may terminate this Agreement for convenience upon written notice to MedAngel or its vendor or through the applicable cancellation process. MedAngel may terminate for convenience upon sixty (60) days written notice. Upon termination for convenience, MedAngel will refund any unused, pre-paid fees for the portion of the remaining Term, if applicable, using the same means of payment as you used for the original transaction unless you expressly agreed otherwise. You shall be responsible for any transaction fees associated with such refund.
(III) Upon termination, you will no longer have access to the Products and Services provided through the Products and Services. In addition to termination, MedAngel reserves the right to pursue any and all remedies available to it.
Products and Services fees for the Term will be paid in advance due upon registration and renewal, as applicable or upon scheduling certain Services. Where the transaction takes place via an online store such as iTunes or Google Play, such store sends the client a receipt which lists the product, the price and MedAngel as seller. In this instance, the purchase and payment process shall take place via the client‘s online store account. The online store’s GCU, over which MedAngel has no influence, apply. You acknowledge that access to the Products and Services many be suspended until payment is received in full. Unless otherwise stated, all Products and Services Fees are inclusive of any tax, levy, or similar governmental charge that may be assessed. You are solely responsible for all taxes based upon the provision, sale or use of the Products and Services, excluding any taxes based on MedAngel’s net income.
6. Intellectual Property
Except for the limited license and use rights expressly granted to you under this Agreement, all title to and the rights in the Products and Services, including ownership rights to patents (registrations, renewals, and pending applications), copyrights, trademarks, trade secrets, MedAngel’s or third party hardware, other technology, any derivatives of and all goodwill associated with the foregoing is the exclusive property of MedAngel and/or the applicable third party.
8. Non-Confidential Information
The information presented on or through the Products and Services is solely for informational and educational purposes. We make reasonable efforts to maintain current information but we cannot guarantee that the content is complete or up-to-date.
We also allow users to post content through Facebook, Twitter and other forms of social media. Please be aware that any content you post will be publicly available and will not be considered confidential information. MedAngel reserves the right to delete user content in its sole discretion.
Trademarks, Products and Services marks, graphics and logos used in connection with the Products and Services are the trademarks of their respective owners. You are granted no right or license with respect to any of the trademarks mentioned above and any use of such trademarks. You acknowledge and agree that all text, graphics, photographs, trademarks, logos, visual interfaces, artwork, computer code and all other related content contained on the Products and Services are owned by MedAngel, its service providers or other third parties and is protected by trade dress, copyright, patent and trademark laws, and various other intellectual property rights and unfair competition laws. Any reproduction, publication, further distribution or public exhibition of materials provided through the Products and Services, in whole or in part, is strictly prohibited. Except as expressly provided in this Agreement, no part of the Products and Services and no content may be copied, reproduced, republished, uploaded, posted, publicly displayed, encoded, translated, distributed or transmitted in any way (including “mirroring”) to any other computer, server, service or other medium for publication or distribution or for any commercial enterprise, without the express prior written consent of MedAngel or the applicable owner.
11. Disclaimer and Limitation of Liability
The Products and Services are provided on an “as is” basis and use of the Products and Services is at your sole risk. The company, its officers, directors, employees, agents, contractors, or third-party service providers specifically disclaim all warranties and conditions, whether expressed or implied, including but not limited to warranties of title, merchantability, fitness for a particular purpose, accuracy, integrity or completeness of the content, third party content or that the product or services will be error-free or uninterrupted. No oral advice or written information given by the company its officers, directors, employees, agents, contractors, or third-party service providers will create a warranty.
Except where prohibited by law or public policy, in no event will the company, its officers, directors, employees, agents, contractors, or third-party service providers be liable for any (1) any amounts in excess of fees paid during the applicable term or (2) indirect, incidental, special or consequential damages that result from your use of or inability to use the Products and Services, including but not limited to reliance by you on any information obtained from the Products and Services, regardless of the form of action.
You agree to defend, indemnify, and hold MedAngel, its officers, directors, partners, employees, contractors, agents, licensors, suppliers and third party service vendors, harmless from and against any claims, actions or demands, liabilities including without limitation, reasonable legal fees, alleged to result from your use of the Products and Services and third party medical devices.
You agree (1) that all matters relating to access to or use of the Products and Services, including all disputes, will be governed by the laws of the Netherlands.
The parties acknowledge that they have agreed that this agreement and all related documents be drawn up in the English language.
II. Product and Service Specific Provisions
During the term of this Agreement, MedAngel grants you a non-exclusive, non-transferable, non-sublicensible, revocable and limited right to access and use the Products and Services and any documentation made available to you by MedAngel solely for purposes of your personal use of the Products and Services in accordance with the terms of this Agreement.
The Products and Services are enabled by technology, software and certain content delivered electronically. You agree that you will not reverse-engineer, decompile, disassemble, translate, or otherwise attempt to obtain access to the source code of, any aspect of the Products and Services. You will not copy, reproduce, alter, create derivative works from, or otherwise modify the Products and Services. You will not lease, loan, sublicense, distribute, or otherwise provide others access to or with any aspect of the Products and Services except to an authorized user. Other than as expressly set forth in this Agreement, no license or other rights in or to the Products and Services are granted to you, and all such licenses and rights are hereby expressly reserved.
Effective as of May 25th, 2018
MedAngel (“MedAngel”, “We”, “Us”, “Our”) values your privacy and is committed to protecting your Personal Information. We understand it is important to you and we want you to know how we collect, use, share, and protect your information.
Med Angel B.V.
6534 AT Nijmegen
+31 (0)24 3010 241
If you have any questions or comments regarding your data protection, please contact us at firstname.lastname@example.org.
In the following, we reference two regulatory frameworks, the European General Data Protection Regulation and the EU-US Privacy Shield. Full text and more information can be found here.
Regulation (EU) 2016/679 (General Data Protection Regulation) (“GDPR”) on the protection of natural persons with regards to the processing of personal data and on the free movement of such data. The regulation came into force on 24 May 2016 and applies from 25 May 2018.
The EU-US Privacy Shield decision was adopted on 12 July 2016 and the Privacy Shield framework became operational on 1 August 2016. This framework protects the fundamental rights of anyone in the EU whose personal data is transferred to the United States for commercial purposes. The framework also brings legal clarity for businesses relying on transatlantic data transfers.
We may also release your Personal Information to third parties as required by law, when we believe disclosure is necessary to comply with a legal or regulatory requirement, judicial proceeding, court order or legal process served on us, to protect the safety, rights or property of patients, customers, the public or MedAngel, or defend MedAngel and its officers, directors, employees, attorneys, agents, contractors and partners, in connection with any legal action, claim, or dispute.
When contacting us, (for example via email, telephone, the chat window on our website or social media) Personal Information, such as name or email address will be collected to process the request. Personal information can be stored in a Customer Relationship Management System (“CRM System”) or similar platform.
Information shared with us is given expressively on a voluntary basis and with your consent. When providing us with contact details, like email address or telephone number, you also consent to us contacting you via those communication channels, in order to answer your request.
When communicating with us through email, our website chat, or social media channels, please be aware, that we cannot secure any sensitive Personal Information such as health information sent through these channels, because such information can be accessed by other internet users. If you send us a question, our use and disclosure of that information will be limited to the minimum necessary to respond to your question.
1. Social Media
We maintain an online presence on social networks and platforms in order to communicate with customers, interested individuals and our users and to inform about our services. When using the respective networks and platforms, the terms and conditions and the data policies of the respective operator of these networks and platforms apply.
2. CRM System – Zendesk
We use Zendesk’s CRM system, Zendesk, Inc., 989 Market Street # 300, San Francisco, CA 94102, USA, to process requests from users faster and more efficiently (legitimate interest in accordance with Art. 6 (1) f GDPR).
Zendesk is certified under the EU-US Privacy Shield, thereby agrees to comply with European Data Protection Laws.
Zendesk uses your personal information only for technical processing of inquiries and does not pass them on to third parties. The use of Zendesk requires at minimum the specification of a valid email address. Using a pseudonym is possible. When processing your request, it may be necessary to collect further data (for example name, address, email address used to sign up in the app, mobile device used).
3. Website Chat – Drift
We use a website chat integration, Drift.com, Inc. 3 Copley Place, Suite 7000, Boston, Massachusetts 02116, USA, to faster process requests from our users and provide a direct point of contact to interested website visitors (legitimate interest in accordance with Art. 6 (1) f GDPR).
Drift is certified under the EU-US Privacy Shield, thereby agrees to comply with European Data Protection Laws.
With the following information, we inform you about the contents of our newsletter as well as sign-up, sending and statistical evaluation as well as your right to withdraw consent. Our interest lies in the use of a user-friendly and secure newsletter system, which serves both our business interests and delivers relevant information to our users.
Content of the newsletter: With consent of the recipient, we send newsletters, emails and other electronic notifications with information about us and our services (hereinafter “newsletter”) based on our legitimate interests in the direct marketing according to Art. 6 (1) f GDPR.
Double opt-in and tracking: Registration for our newsletter is a so-called double-opt-in procedure. After signing up, you will receive an email asking you to confirm your registration. Your sign up for the newsletter will be tracked in order to prove your consent. This includes the storage of sign up and confirmation time, as well as the IP address.
Information required: To subscribe to the newsletter, it is sufficient to provide your email address.
Unsubscribe/Revoke Consent: You may unsubscribe from our newsletter at any time. A link to cancel the newsletter can be found at the end of each newsletter. We may save the submitted email addresses for up to three years based on our legitimate interests before we delete them to document prior consent.
5. Newsletter – MailChimp
The Rocket Science Group LLC is certified under the EU-US Privacy Shield, thereby agrees to comply with European Data Protection Laws.
We use this mailing service provider based on our legitimate interests according to Art. 6 (1) f GDPR and a contract data processing agreement according to Art. 28 (3) GDPR. MailChimp may use the data of newsletter recipients after pseudonymisation, meaning that the personal data can no longer be attributed to a specific user without the use of additional information, to optimize or improve their own services. However, MailChimp does not use your Personal Information to contact you directly or to share with third parties.
III. Website Use: Analytics and Advertising
You can instruct your browser to refuse all cookies or to indicate when a cookie is being sent. The “Help” feature on most browsers provides information on how to accept cookies, disable cookies or to notify you when receiving a new cookie. When visiting our website, we will ask if you choose to accept or not accept cookies. If you do not accept cookies, you may not be able to use some features of our Service. You can learn more about cookies here.
2. Google Analytics
In our legitimate interest in analysis, optimization and improvement of our online services, and in accordance with Art. 6 (1) f GDPR, our website uses Google Analytics, a web analytics service provided by Google, Inc. (“Google”). Google Analytics uses “cookies”, which are text files placed on your computer, to help the website analyse how users use the site. The information generated by the cookie about your use of the website (including your IP address) will be transmitted to and stored by Google on servers in the United States.
In case of activation of the IP anonymization, Google will shorten/anonymize the last octet of the IP address for Member States of the European Union as well as for other parties to the Agreement on the European Economic Area. Only in exceptional cases, the full IP address is sent to Google servers in the USA and then shortened.
Google is certified under the EU-US Privacy Shield and thereby agrees to comply with European Data Protection Laws. Further information concerning the terms and conditions of use and data privacy can be found at here.
On behalf of us, Google will use this information for the purpose of evaluating your use of the website, compiling reports on website activity for website operators and providing other services relating to website activity and internet usage to the website provider. Google will not associate your IP address with any other data held by Google.
Personal Information of users will be deleted or anonymized after 14 months.
3. Facebook-Pixel, Custom Audiences and Facebook-Conversion
In our legitimate interest in analysis, optimization and improvement of our online services, and in accordance with Art. 6 (1) f GDPR, our website uses “Facebook-Pixel” by the social network Facebook (Facebook Inc., 1 Hacker Way, Menlo Park, CA 94025, USA, or for Members of the European Union, Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland, (“Facebook”)).
Facebook is certified under the EU-US Privacy Shield and thereby agrees to comply with European Data Protection Laws. Further information concerning the terms and conditions of use and data privacy can be found at here.
By using Facebook Pixel, it is possible for Facebook to determine our website visitors as a target group for the display of advertisements (“Facebook ads”). We might also use Facebook Pixel to show Facebook ads we might run only to those Facebook users who have shown an interest in our website or who have certain features (eg. interests in certain topics or product, as determined by websites visited by them), which we transmit to Facebook (“Custom Audiences”). Facebook Pixel helps us show Facebook ads to relevant audiences and understand the effectiveness of Facebook ads for statistical and market research purposes, in which we see whether users were redirected to our website after clicking on a Facebook ad (“conversion”).
The processing of the data by Facebook falls under Facebook’s Data Policy. Find more information on how to display Facebook Ads in Facebook’s Data Policy. For specific information and details about Facebook Pixel and how it works, visit the help section of Facebook.
You may object to the capture by the Facebook Pixel and use of your data to display Facebook Ads. To set which types of ads you see within Facebook, you can go to a page set up by Facebook and follow the instructions for usage-based advertising settings. The settings are platform independent, meaning that they are adopted for all devices, such as desktop computers or mobile devices.
Our store is hosted on Shopify Inc. , 150 Elgin St., 8th Fl, Ottawa, ON K2P 1L4, Canada or for Residents of the European Economic Area: Shopify International Limited, c/o Intertrust Ireland, 2nd Floor 1-2 Victoria Buildings, Haddington Road, Dublin 4, D04 XN32, Ireland. They provide us with the online e-commerce platform that allows us to sell our products and services to you in our legitimate interest to pursue business, and in accordance with Art. 6 (1) f GDPR.
Shopify is certified under the EU-US Privacy Shield and thereby agrees to comply with European Data Protection Laws.
Your data is stored through Shopify’s data storage, databases and the general Shopify application. They store your data on a secure server behind a firewall.
If you choose a direct payment gateway to complete your purchase, then Shopify stores your credit card data. It is encrypted through the Payment Card Industry Data Security Standard (PCI-DSS). Your purchase transaction data is stored only as long as is necessary to complete your purchase transaction. After that is complete, your purchase transaction information is deleted. All direct payment gateways adhere to the standards set by PCI-DSS as managed by the PCI Security Standards Council, which is a joint effort of brands like Visa, MasterCard, American Express and Discover. PCI-DSS requirements help ensure the secure handling of credit card information by our store and its service providers.
V. App Use
1. What kind of data is collected?
By creating an account, you voluntarily provide us with your email address. Furthermore, we collect information about the MedAngel sensors added to your app (MAC address and given name), the name of the medication assigned, and time-temperature records. This information is collected and stored in a pseudonymised way. This means that the data can be processed in such a manner that it can no longer be attributed to a specific person without the use of additional information, as defined uner Art. 4 GDPR.
2. Storage of Your Information
The information described above is stored locally on your mobile device as well as on servers hosted in Europe.
In our legitimate interest in analysis, optimization and improvement of our services, and in accordance with Art. 6 (1) f GDPR, we use Mixpanel, Inc. 405 Howard St., Flr 2, San Francisco, CA 94105, USA, to track and analyse user interactions with our mobile apps and to send targeted messages to our app users via email.
Mixpanel is certified under the EU-US Privacy Shield and thereby agrees to comply with European Data Protection Laws.
We use targeted email messaging through Mixpanel to, for example, offer you support following your registration. You can opt out of these emails at any time through a link included in the email. We also use Mixpanel to track actions made in the app, the time they were made, on which app platform, type of mobile device, time zone, country, region, city, and the number of sensors added to the app and operating system.
4. Creation of Anonymous Data
We may create anonymous data records from personal information by excluding information (such as your name) that makes the data personally identifiable to you. We use this anonymous data to analyze request and usage patterns so that we may enhance the content of our Services and improve Applications and Site navigation. We reserve the right to use anonymous data for any purpose and disclose anonymous data to third parties in our sole discretion.
On occasion, we may make arrangements with certain customers or business partners to share certain de-identified aggregate pattern information in order to assist such customers or business partners to improve their service (such as evaluating patterns, utilization, usage and trends). We may also share such information with you or other users of our service. This type of information may be based in part on information related to you, but does not allow for the personal identification of any individual (in other words, it is “de-identified”). This information will not be used by the customer or business partner for marketing and/or any purpose other than as set forth above.
We remove your identity from your Personal Information (contact, health and/or financial) and may work with it as anonymous (“de-identified”) information. De-identified individual information is information about a user presented in a form where information about one anonymous user would be indistinguishable from information relating to other anonymous users. De-identified individual information is not in a form that allows anyone studying the information to personally identify any user.
Aggregate information is information that describes the habits, usage patterns and/or demographics of users as a group but does not reveal the identity of particular users. Your anonymous data is combined with the anonymous data of other users and becomes statistics. We may use aggregate information to understand the needs of our user community and determine what kinds of programs and services we can offer to you. We could use this anonymous information to give potential users or business partners a picture of our community and services. Aggregate information may be provided or sold to third parties. Absolutely no personal identifying information is included in the aggregate reports; each individual remains anonymous.
VI. How We Keep Your Information Secure
Your Personal Information is stored on servers hosted in Europe. We seek to safeguard the security of your Personal Information and have implemented reasonable security measures consistent with applicable laws, safe harbors, and accepted practices to protect the confidentiality of your Personal Information. We have put in place a variety of information security measures to protect your Personal Information, including encryption technology, to protect your Personal Information during data transport and at rest. We limit the access to your Personal Information to employees who need it for the execution of their duties.
Despite our efforts, however, we cannot guarantee the absolute security of your Personal Information, nor can we guarantee that information that you provide will not be intercepted while being transmitted to us over the Internet. There is always some risk that an unauthorized third party may find a way around our security systems or that transmissions of your Personal Information over the Internet will be intercepted.
Therefore, we urge you to also take every precaution to protect your Personal Information when you are on the Internet or using the App. In order to protect your privacy, never share your sign-in name or password and always log out of the App when you are finished using the service.
VII. Your Rights
You have the right to withdraw consent to process your personal information at any time, with effect to future processing of that data according to Art. 7 (3) GDPR. We will continue to provide our services if they do not depend on the withdrawn consent.
You have the right to obtain from us confirmation as to whether or not personal information is being processed, to obtain access to a copy of the personal data and more information according to Art. 15 GDPR (Right of access by the data subject).
You have the right to obtain from us the rectification of inaccurate personal data concerning you as described in Art. 16 GDPR. In certain circumstances, you may have a broader right to the erasure of personal information that we hold about you according to Art. 17 GDPR (Right to erasure ‘right to be forgotten’) – for example, if it is no longer necessary in relation to the purposes for which it was originally collected. Please note, however, that we may need to retain certain information for record keeping purposes, to complete transactions, or to comply with our legal obligations. This is, for example, applicable to invoices.
You may have the right to request that we restrict the processing of your personal information in certain circumstances (for example, if you believe that the personal information we hold about you is inaccurate or unlawfully held) according to Art. 18 GDPR (Right to restriction of processing).
You have the right to request a copy of your personal information in a structured, machine readable and commonly used format and to request that we transfer the personal information to another data controller without hindrance as described in Art. 20 GDPR (Right to data portability).
If you consider that we do not adequately handle your data protection rights or have any questions regarding this matter, please contact us at email@example.com.
If you submit an inquiry or complaint to MedAngel but do not receive acknowledgement from us or think the complaint or concern has not been satisfactorily addressed, you also have the right to lodge a complaint to a data protection supervisory authority about our collection and use of your personal information (Art. 20 GDPR). For more information, please contact your local data protection authority.