Last Modified: May 15, 2019
MedeAnalytics, Inc., MedeAnalytics Parent Inc., and Maverick Holding, Inc. (collectively “MedeAnalytics” or “we”) value individual privacy, and we are committed to protecting individuals’ private information.
This Privacy Statement (this “Statement”) explains what information we collect, how we collect information, what we do with information we collect, and how you can contact us with questions about our privacy practices or to request changes or updates to information.
This Statement applies to information that we collect about you as an individual user (“you”) through your use of our public websites, at http://medeanalytics.com/ and http://www.medeanalytics.co.uk, and your use of online services available to clients that may be accessed via our websites (collectively, the “Site”).
The use of personal information collected through our service shall be limited to the purpose of providing the service for which the Client has engaged MedeAnalytics.
This Statement does not apply to:
- Data collected by other entities or through other MedeAnalytics products or services.
- Data collected by third party websites, or content or applications of third parties, that may be linked to or accessible from or on the Site.
- Data that is provided by a client through other means or in connection with the use of our products or services, and that is provided in accordance with a services agreement between us and our client. (In case there is a conflict between the terms of this Statement and the terms of a services agreement, the terms of the services agreement shall prevail.)
Information We Collect and How We Collect It
Information that You Provide to Us. When you register as a user, request information from us, subscribe to a service, or communicate with us through the Site, we may ask you to provide certain information about yourself, such as your name, email address, phone number, employer, or similar information. In these cases, you will know what information is collected through the Site because we collect the information you provide to us.
If there is information that you are required to provide to us or that we are required to collect, based on either law or contract, we will advise you of the requirement at the time we collect that information, and we will also provide information about any consequences of a failure to provide required information.
Information that We Collect Automatically As part of the standard operation of the Site, we automatically collect information from your computer or device, including IP address, domain name (that you visited from www.company.com, for example), referral or exit data (the last website that you visited before coming to the Site and the next website you visit afterwards), as well as browser and platform type (a Google browser or an Apple platform, for example). In addition, we collect information about how you use the Site, such as the date and time of your visit, the amount of time you spend on the Site, how often you visit the Site, the areas or pages that you spend the most time on, and other click-stream data.
In addition, with the assistance of our third party partners and service providers, we may use technologies such as web beacons, tags, Flash cookies or HTML5 to collect or use information about visitors to the Site and their actions on the Site.
For information about opting out of or managing the collection or use of such information, please see the section below regarding “Your Choices.”
How We Use Information We Collect
The personal information we collect via client services offered through our website will only be used for the purpose of providing those services to clients.
Other information that we collect, including your personal information, is used for the following purposes:
- To present the Site and its contents to you.
- To provide online services that you may access through the Site.
- To maintain and improve our products and services.
- To respond to your questions or requests for information, or to fulfill any other purpose for which you provide your information to us through the Site.
- To provide you with information about our services, product updates, industry education, invitations to upcoming events, and similar information.
- To conduct surveys to ensure the site is relevant to your needs, or to follow up with you personally to make sure your needs are being met.
- To better understand how visitors use the Site, including measuring and monitoring user traffic and using aggregate statistical analysis, which informs future enhancements and changes to the Site.
- To better understand how our clients use and interact with our products and services, including by combining information collected through the Site with information about our clients collected by other means.
- For any other purpose that we describe at the time we collect your information.
Referrals If you choose to use our referral service to tell a friend about our website, we will ask you for your friend’s name and email address. We will automatically send your friend a one-time email inviting him or her to visit the website. We will use information you submit only to send this email and track the success of the success of our referral program.
In addition, if you use the Site or access client services through the Site on behalf of one of our clients, we may combine information about you that is collected through the Site with information about you that has been provided by our client.
EU-U.S. Privacy Shield
We are responsible for the processing of personal information we receive under the Privacy Shield Framework, and for our subsequent transfers of that personal information to any third party acting on our behalf. As required under the Privacy Shield Framework, we enter into written agreements to require those third parties to provide at least the same level of protection that would be required under the Framework, to use information only for limited and specific purposes, and to meet other Framework requirements. We comply with the Privacy Shield Principles for all onward transfers of personal data from the EEA and the UK, including the onward transfer liability provisions.
With respect to personal information received or transferred pursuant to the Privacy Shield Framework, MedeAnalytics, Inc. is subject to the investigatory and enforcement powers of the U.S. Federal Trade Commission. In certain situations, we may be required to disclose personal information in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.
In compliance with the Privacy Shield Principles, MedeAnalytics commits to resolve complaints about our collection or use of your personal information. EEA and UK individuals with inquiries or complaints regarding our Privacy Shield policy should first contact MedeAnalytics at: MA.CPO@medeanalytics.com, or contact our Data Protection Officer, Eric Svetcov, at DataProtectionOfficer@medeanalytics.com, or as otherwise provided in this Statement under “Contact Us.” We are committed to addressing complaints raised to us and will investigate and seek to resolve any complaints within 45 days of receipt.
If you have an unresolved privacy or data use concern that we have not addressed satisfactorily, please contact our U.S.-based third-party dispute resolution provider (free of charge) at https://feedback-form.truste.com/watchdog/request.
Under certain conditions, more fully described on the Privacy Shield website at http://www.privacyshield.gov/article?id=How-to-Submit-a-Complaint, you may be have the option to invoke binding arbitration when other dispute resolution procedures have been exhausted.
Disclosure of Your Information
We may disclose information about visitors to the Site, which does not identify individual users, without restrictions.
Personal information about you, that you provide or that we collect as described in this Statement, may be disclosed to third parties as follows:
- To our subsidiaries and affiliates.
- To agents and service providers who are bound by confidentiality obligations and who use the personal information only on our behalf.
- With your consent.
- To deliver requested products or services, or otherwise to fulfill a contractual obligation to you or to a client.
- To a buyer or other successor in the event of a merger, divestiture, restructuring, reorganization, dissolution, or other sale or transfer of some or all of our assets, whether as a going concern or as part of bankruptcy, liquidation, or similar proceeding, in which personal information held by us about users of the Site is among the assets transferred.
- As otherwise described in this Privacy Statement.
We may also disclose your personal information:
- As required by law, court order, or legal process, including responding to a subpoena, to respond to a government or regulatory request, or to cooperate with law enforcement investigations.
- To enforce our contractual rights, take precautions against liability, investigate suspected or actual illegal activities, or to investigate and defend ourselves against third party claims or allegations.
- When we believe that disclosure is necessary or appropriate to protect the rights, property, or personal safety of ourselves, our clients, or others.
Whenever we disclose personal information to a third party, we endeavor to minimize the disclosure to only information that is necessary for the purpose of that disclosure.
How Long We Hold Your Information
We retain personal information we process on behalf of our clients for as long as needed to provide services to those clients. We also maintain this personal information as needed to comply with our legal obligations, resolve disputes or enforce our agreements.
Accessing Your Information
Upon request, we will provide you with information about whether we hold any of your personal information within a reasonable timeframe. If you are a client, you can review and change your personal information on your account profile page.
If you are not a client and wish to access, correct, update, or delete personal information about you, please send us your request via http://www.medeanalytics.com/company/contact-medeanalytics, email us at MA.CPO@medeanalytics.com, or contact us by mail or phone as provided below. In responding to your request, we may request information from you and use information previously collected to verify your identity, or take other actions that we believe are appropriate. We will respond to you in a reasonable timeframe.
Information held on behalf of our clients In some cases, we may hold personal information as a service provider, solely on behalf of our clients (who determine the means and purposes of processing that personal information). In such cases, we may have no direct relationship with individuals whose personal information we hold, and any requests to access, correct, update or delete personal information about you should be made directly to our client. We will honor and support any instructions they provide us with respect to your personal information.
We may also not be aware that we have information about an individual. In these cases, we may encourage requests to be directed to our clients.
We have engaged third parties to manage our advertising on other sites, which may collect information and provide advertising to you based upon your browsing activities and interests. If you prefer not to have information used for the purpose of serving you personalized ads, you may opt-out or change your preferences at http://www.google.com/settings/ads, http://preferences-mgr.truste.com/ or if you are located in the European Union at http://www.youronlinechoices.eu/
To show videos on the Site, we have engaged a third party that uses local shared objects such as Flash cookies and local storage such as HTML5 to save content and viewing preferences (volume, for example). Flash cookies may be managed at http://www.macromedia.com/support/documentation/en/flashplayer/help/settings_manager07.html. Your browser may offer tools to manage HTML5.
Opting out of communications If you no longer wish to receive our newsletter or marketing emails, you may stop those communications by following the unsubscribe instructions included in these emails, by accessing the email preferences in your account settings page, or by contacting us via http://www.medeanalytics.com/company/contact-medeanalytics or as provided below under “Contact Us.”
The Site does not respond to “do-not-track” requests or similar browser settings.
We take reasonable steps and follow generally accepted industry data practices to protect the personal information submitted to us from accidental loss and from unauthorized access, use, alteration, and disclosure. Unfortunately, that there is no completely secure or error-free method of data transmission over the Internet, and we cannot guarantee the absolute security of your personal information.
You are also responsible for the safety and security of your information. It is your responsibility to keep secret any username and password that you use for client login or to access other features of the Site. Please do not share this information with any other person, and remember that you are responsible for any use of the Site when it is accessed with your username and password. If you ever suspect or believe that your username or password have been compromised or used by somebody else, please promptly tell us by emailing us at MA.CPO@medeanalytics.com.
Changes to Our Privacy Statement
We may update this Privacy Statement to reflect changes to our information practices. If we make any material changes to how we treat the personal information of visitors to the Site, we will provide a notice on the Site by updating the date the Statement was last revised. We encourage you to periodically review this Statement to learn of any changes to how we treat the personal information of visitors to the Site.
Please feel free to contact us with any questions, comments, complaints, or suggestions regarding this Privacy Statement or our information practices. You can contact us via http://www.medeanalytics.com/company/contact-medeanalytics, by email at MA.CPO@medeanalytics.com, DataProtectionOfficer@medeanalytics.com or by postal mail or telephone at:
501 W. President George Bush Highway, Suite 250
Richardson, TX 75080
We hope that our Data Protection Officer can address any concerns or complaints, but if you are a resident of a country in the European Economic Area, you may also lodge complaints with a supervisory authority, particularly the supervisory authority in your place of residence, place of work, or in the place where any alleged improper acts occurred.
For Residents of the European Economic Area
Why We Are Able to Collect and Use Your Personal Information
We rely on our legitimate interests and the legitimate interests of our clients as the legal basis for processing data concerning users of the Site who are residents of the European Economic Area (and, or including, the United Kingdom, and collectively referred to as the “EEA”). Specifically, it is necessary for us to process personal data in order to pursue our legitimate interests in ensuring the proper operation and furthering our understanding of the Site and services accessed through the Site. Also, for people who use the Site or access services on behalf of one of our clients, we collect and process information as a necessary part of the services that we provide to our clients.
In some cases, where we ask for your consent to use information about you, your consent acts as the legal basis for our use of that data. In those cases, you have the right to withdraw your consent at any time. If you would like to withdraw your consent, please contact us or our Data Protection Officer via webpage contact form (http://medeanalytics.co.uk/company/contact), by email at DataProtectionOfficer@medeanalytics.com or as otherwise provided in this Statement under “Contact Us.”
Transfer of Your Personal Information Out of the European Economic Area
For the purposes described in this Statement, we may transfer personal information out of the EEA as follows:
- To the United States, including for purposes of recruiting through our online portal, as well as for purposes of communications and engagement with our customers, vendors and service providers.
- In connection with data practices described above, under How We Use Information We Collect.
These countries may not have enacted laws that provide the same level of protection of personal information as the laws of the EEA, and the European Commission has not issued any formal decision that these countries provide an adequate level of protection of personal information.
Transfers of personal information to other countries will be performed under standard contractual clauses approved by the European Commission, as permitted pursuant to Article 46(2)(d) and (5) of the General Data Protection Regulation (Regulation 2016/679).
If you would like more information about our transfer of data outside of the EEA or copies of relevant documents, please contact us or our Data Protection Officer via webpage contact form (http://medeanalytics.co.uk/company/contact), by email at DataProtectionOfficer@medeanalytics.com or as otherwise provided in this Statement under “Contact Us.”
Rights of Residents of the European Economic Area
If you are a resident of a country within the EEA, you have certain individual rights under the General Data Protection Regulation (Regulation 2016/679) or related local legislation. You have the right to obtain confirmation from us as to whether or not we process personal information about you. And if we do process your personal information, your other rights include:
- The right to access your personal information and receive certain information about our privacy practices.
- The right to have us correct incorrect information that we hold concerning you, or to complete incomplete information.
- The right to request that we erase information concerning you and to have that information erased under certain conditions.
- The right to restrict our processing of information concerning you under certain conditions.
- The right to object to our processing of information concerning you under certain conditions.
- The right to object to our use of information concerning you for direct marketing, or for profiling relating to direct marketing.
- The right to receive personal information that you provided to us in a structured and commonly-used, electronic format and the right to transmit that information to another entity, in certain situations.
- The right to object to decisions based on automated processing of information concerning you, if those decisions have legal effects or similarly significant effects.
If you would like to exercise any of these rights, please contact us or our Data Protection Officer via webpage contact form (http://medeanalytics.co.uk/company/contact), by email at DataProtectionOfficer@medeanalytics.com or as otherwise provided in this Statement under “Contact Us.”
Please understand that, before responding to your request, we may ask you for additional information in order to verify your identity.
If we hold information concerning you on behalf of one of our clients, please understand that we may not be aware that we have your information because we avoid receiving personally identifying details from many of our clients. Or, if we are aware that we hold or process information about you on behalf of a client, we may not be able to accommodate your request to exercise these rights, and we may direct you or your request to our client who controls that data.
In addition, we may not be obligated to fulfill your request to exercise your rights if we are restricted by applicable local laws, or when fulfilling your request would negatively impact the rights and freedoms of other individuals.
We may decline to fulfill requests or charge a reasonable fee based on our administrative costs if requests are clearly excessive or unfounded, and particularly in cases where requests are repetitive.