INTELERAD PRIVACY POLICY

Last Update: March 2022

Introduction

Intelerad Medical Systems Incorporated and its affiliates (collectively, “Intelerad”) is committed to protecting your privacy and we have prepared this privacy policy (“Privacy Policy”) to explain how we collect, use and disclose any Personal Information (as further defined) that we collect. “Personal Information” is defined as any information that can be used to identify an individual.

This Privacy Policy applies to the processing of your Personal Information when you visit our website at www.intelerad.com or a website of any of Intelerad’s affiliates (the “Site”), if you contact us by any means and if you make use of any of Intelerad’s products, subscription and support services, software or mobile applications.

This Privacy Policy is incorporated into and forms part of our Terms of Use, which outline the terms and conditions you agree to when accessing and using the Site. By accessing and using the Site, you agree and consent to the collection, use and disclosure of your Personal Information as outlined in this Privacy Policy. If you do not agree with this Privacy Policy, please do not use the Site.

The types of Personal Information Intelerad collects:

We currently collect and process the following information:

  • Personal identifiers, contact details and characteristics (for example, name and e-mail address when you subscribe to newsletters, when you contact our sales or marketing team, or when you interact with Intelerad as a prospective client or partner);
  • Website user statistics (when you visit the Site certain data will be collected automatically. This may include (but is not limited to) some or all of the following: How you connect to the internet (including IP address), how you engage with the Site, screen resolution, information about the device software you are using such as internet browser and location data (city, region of the IP address you used when accessing the Site). We also collect information about which website you came to the Site from, the fact that you visited the Site before and how you interact with the Site and services. Having access to this information helps us better understand our customers and improve our marketing;
  • Employee data;
  • Delivery information, physical address, business contact information
  • Demographic information
  • Payment information (Where you opt for services or products from Intelerad which carry a cost, we will ask you to provide some payment information. Payment information may include some or all of the following: credit card and debit card details.)

How Intelerad gets your Personal Information and why we have it:

Most of the Personal Information we process is provided to us directly by you for one of the following reasons:

  • to enable you to access the Site and use Intelerad’s products and services;
  • to enable Intelerad to deliver the services you have asked for and to give you the best possible experience when you engage with us (via the Site and apps or otherwise) and when you use our products and services;
  • to let you know about significant changes to our products, Terms of Use or this Privacy Policy;
  • to provide and improve customer support;
  • to send marketing communications;
  • for internal training purposes;
  • to maintain our records and other administrative functions;
  • for complaint and dispute resolution;
  • to improve data accuracy and completeness.
  • when you access our training materials;
  • when you ask to receive online information from us;
  • when you request a demo for a product;
  • when you ask to get a copy of a White Paper/Case Study/ebook
  • when you participate in a review, survey or similar type activity;
  • when you otherwise participate in features of the Site that ask for Personal Information.

We also receive Personal Information indirectly, from the following sources in the following scenarios:

  • by using technologies such as cookies;
  • directly from our healthcare professional customers (clients who use our products and services in the healthcare industry) and their patients in order to enable us to provide the necessary  software service and upgrades, software development and customer service and support to ensure patient safety at all times.

Who has access to your Personal Information?

As a general rule, we will only share your Personal Information with those that need access to the information for us to achieve the purpose for which we have collected it, or to comply with an obligation imposed by law. Internally, we will only share your Personal Information on a “need-to-know” basis, i.e. with employees who need access to the Personal Information to perform a task on our behalf.

We also share it with:

  • companies within the Intelerad group who manage some parts of the services for us;
  • social media platforms, advertising networks, affiliate networks and search engines to help target and measure our marketing;
  • suppliers who provide services to us which require access to your Personal Information; and
  • Resellers, distributors and agents involved in delivering the services we provide where necessary for them to do so.

Where a healthcare provider accesses your health information and stores a copy of your Personal Information, that copy will be governed by that healthcare provider’s privacy policy. Others at that facility (for example an on-call doctor) may be able to view your Personal Information. Intelerad is not responsible for the content, performance, or privacy policies of third-party healthcare providers.

Some of these third-party healthcare providers will be covered by federal and state health privacy laws (such as the Insurance Portability and Accountability Act, or “HIPAA”), and those laws will govern how they may use and share your information. HIPAA requires that you must authorize these providers to send information to Intelerad. With that authorization, you also give them permission to send certain especially sensitive types of health information (such as mental health or substance abuse records) that are protected by federal and state laws and require special authorization. When you ask Intelerad to send your health information to others, you will also be giving Intelerad permission to send those sensitive types of health information.

The lawful basis for processing your Personal Information:

Under the General Data Protection Regulation (GDPR), the lawful bases we rely on for processing Personal Information are:

  • Your consent. You are able to withdraw your consent at any time and/or “unsubscribe” from receiving e-mail or other communications at any time. You can do this by contacting Intelerad at the contact details as set out below.
  • We have a legitimate interest, meaning that the processing is necessary for the purposes of the legitimate interests pursued by Intelerad, such as processing employee or client data and administrative transfers within the Intelerad group of companies.

How Intelerad stores your Personal Information:

The security of your Personal Information is important to us.  We use reasonable and appropriate physical, technical and administrative industry safeguards to protect information from unauthorized use, disclosure or access of the Personal Information we collect on the Site.

We will make reasonable efforts to protect Personal Information stored on the Site servers from unauthorized access using commercially available computer security products (for example, firewalls), as well as carefully developed security procedures and practices.  Notwithstanding our security safeguards it is impossible to guarantee 100% security in all circumstances.

We keep your Personal Information only for such period necessary to achieve our purposes for collecting the information and to meet any applicable legal obligations. Where your Personal Information is stored by Intelerad as part of its hosting services, we will store such data indefinitely, or until such time as you request your Personal Information be removed or transferred to another system, or until your healthcare provider terminates their hosting services with us. In all cases, our need to use your Personal Information will be reassessed on a regular basis, and information which is no longer required for any purposes will be disposed of securely.

Transfer of Personal Information across borders:

  • Some or all of the Personal Information we collect may be stored on computers or servers located outside of the country in which we obtain the Personal Information, including countries whose protection of data protection laws may differ from the jurisdiction in which you live. This is in order to allow for the performing of centralized functions for our group of companies. As a result, this information may be subject to access requests from governments, courts, law enforcement officials, and national security authorities in those jurisdictions according to the applicable laws in those jurisdictions. Subject to such applicable laws, we will use reasonable efforts to ensure the appropriate protections are in place to maintain such protections of the Personal Information that are equivalent to those that apply in the country in which we obtain the Personal Information.
  • Where we transfer Personal Information from the United Kingdom or anywhere in the European Union to a country that has data protection laws adequate to the GDPR, such transfer is made on the basis of an adequacy decision by the European Commission under Article 45 of the GDPR.
  • Where we transfer Personal Information from anywhere in the world to a country or territory which does not have an adequacy status as determined by the European Commission, we ensure that appropriate safeguards are put in place which provide sufficient guarantees for an adequate level of protection of the Personal Information as well as effective and enforceable rights for you to rely on. In other words, whenever we transfer your Personal Information cross border, it will receive a similar level of protection as described in this Privacy Policy. We do this by ensuring that the European Commission’s Standard Contractual Clauses (“SCC’s”) have been agreed to between Intelerad and its affiliates and that a copy of those SCC’s can be obtained by contacting Intelerad’s DPO at privacy.request@intelerad.com.

Your rights with regards to your Personal Information:

Under data protection law, you have the following rights:

  • You have the right to ask us for copies of your Personal Information we hold.
  • You have the right to ask us to rectify your Personal Information we hold which you think is inaccurate. You can either contact your care provider to correct the information, or you can contact us directly, by e-mailing us at privacy.request@intelerad.com. You also have the right to ask us to complete your Personal Information we hold which you think is incomplete.
  • You have the right to ask us to erase your Personal Information we hold in certain circumstances. To do so, email us at privacy.request@intelerad.com and we will delete your information from our files. To do this, we will require you to provide us with your name, address, and telephone numbers so that we may handle your request accurately.
  • If you wish to be removed from our mailing list, please adjust your account profile information accordingly. Alternatively, you can let us know by emailing us at privacy.request@intelerad.com with the Subject heading ‘Unsubscribe’.
  • You have the right to withdraw your consent for us to process your Personal Information where we rely on such consent as the basis for the processing. To withdraw your consent, e-mail us at privacy.request@intelerad.com.
  • You have the right to ask us to restrict the processing of your Personal Information in certain circumstances.
  • You have the right to object to our processing of your Personal Information in certain circumstances.
  • You have the right to ask that we transfer your Personal Information you gave us to another organisation, or to you, in certain circumstances.
  • You are not required to pay any charge for exercising your rights. If you make a request, we have one month to respond to you.
  • Please contact us at any of the contact details set out at the start of this Privacy Policy if you wish to make a request.

Information Obtained Through Automated Means

We use cookies and similar technologies, such as web beacons used for web analytics, to enhance functionality and navigation for users of the Site.

Information tracked through these mechanisms includes but is not limited to:

  • Your IP address;
  • Your cookie ID;
  • Your web browser version; and
  • Past visits to the Site.

Intelerad does not use a technical solution that would enable us to respond to your browser’s Do Not Track signals.  Therefore, if you wish to disable cookies, please refer to your browser help menu to learn how to do so. Please note that if you do disable cookies in your browser settings, you may find that certain sections of the Site will not work.

Privacy Policy changes and questions

Intelerad reserves the right, at its discretion, to change, modify, add, or remove portions of this Privacy Policy at any time. If a change is made, we will post the updated Privacy Policy on the Site and we encourage you to check our Privacy Policy periodically. By using the Site or any of Intelerad’s products, subscription and support services, software or mobile applications following the posting of a change in the Privacy Policy, you consent to the updated Privacy Policy.

Questions or complaints

If you have any concerns or questions about our use of your Personal Information, please let us know by contacting us in any of the following ways:

  • By telephone: +1 866 951 6222
  • By mail: Intelerad Customer Relations
    800 De Maisonneuve E. Blvd., 12th floor
    Montreal, Québec
    H2L 4L8
    Canada
  • You can also contact our data protection officer at: privacy.request@intelerad.com

If you’re still unhappy with any aspect of how we handle your Personal Information you also have the right to contact the relevant supervisory authority as set out below:

  • If you are located in the United Kingdom, you can contact the Information Commissioner’s Office (ICO), the supervisory authority that regulates the handling of Personal Information in the UK. You can contact them by:
    • Going to their website at https://ico.org.uk/.
    • Phone on 0303 123 1113
    • Post to Information Commissioner’s Office, Wycliffe House, Water Lane, Wilmslow, SK9 5AF
  • If you are located in Canada, you can contact the Office of the Privacy Commissioner (OPC), the supervisory authority that regulates the handling of Personal Information in Canada. You can contact them by:
    • Going to their website at https://www.priv.gc.ca/en/
    • Phone on 1-800-282-1376
    • Post to Office of the Privacy Commissioner of Canada, 30 Victoria Street, Gatineau, Quebec, K1A 1H3
  • If you are located in Australia, you can contact the Office of the Australian Information Commissioner (OAIC), the supervisory authority that regulates the handling of Personal Information in Australia. You can contact them by:
    • Going to their website at https://www.oaic.gov.au/
    • Phone on 1300 363 992
    • Post to Office of the Australian Information Commissioner, GPO Box 5218, Sydney NSW 2001
  • If you are located in New Zealand, you can contact the Office of the Privacy Commissioner (OPC), the supervisory authority that regulates the handling of Personal Information in New Zealand. You can contact them by:
    • Going to their website at https://www.privacy.org.nz/
    • Phone on 0800 803 909
    • Post to Office of the Privacy Commissioner, PO Box 10 094, Wellington 6143