Personal Data Protection Policy
At www.mesimedical.com, we are aware of the importance of privacy and strive to have your personal data with us protected in accordance with the applicable law. To this end, we have also created internal rules and procedures, and established technical and organisational measures through which we ensure an adequate level of privacy and security when processing personal data, and exercising the rights of individuals.
In this Personal Data Protection Policy (hereinafter referred to as the Policy), all information on processing of personal data is collected at www.mesimedical.com, whose controller is MESI Ltd., Leskoškova cesta 11a, 1000 Ljubljana, who is therefore also the controller of your personal data: which personal data we collect, why we collect it and how we use it. You may contact us concerning any additional questions related to the processing of your personal data or to the exercising of your rights in relation to its processing at firstname.lastname@example.org, and the person authorised for personal data protection is Andreja Mrak.
Which personal data is processed and how is it obtained
- Personal data that we obtain from you
Personal data that you provide us with by filling in the forms on our website, or that you sending to us by phone, by e-mail or by other means. This also includes information that you indicate when you participate in discussions or other social media features on our website. The data that you communicate to us may include your name and surname, e-mail address and location or city and country of your location, title, type and address of the organisation where you work and the information of the contact person of this organisation (name, address, e-mail address, phone), the field of your work in the healthcare system, information on your local distributor of our products, the selection of products and the serial number of these products, and payment information.
Personal data that we collect from you. With each visit to our website, we shall automatically collect the following data:
- Technical information, including the Internet Protocol (IP) address used to connect your computer to the Internet, login information, browser type and version, time zone setting, browser types and versions, operating system and platforms.
- The information on your visit, including the full Uniform Resource Locators (URLs), the circuit to, through and from our site (including date and time), the products you have viewed or searched for, the response time of the site, uploading of errors, the length of visits to specific sites, the information on site interaction (for example scrolling, clicks and controlling the mouse), methods used to browse page from page, and any phone number used to call our customer service number.
- Personal data that we receive from other sources
This is data that we receive on you if you use any other website that we manage, or other products or their features or services and/or goods we provide. If we intend to combine and further process the personal data received in such a way together with the data collected on this website, we shall inform you thereof, and whenever necessary, also ask for consent. At the same time, we shall also inform you for what purpose if the latter is different from the one for which it was collected, we shall combine and further process your personal data so obtained.
We also work closely with other organisations, business partners and outworkers, including, for example, distributors and subcontractors of technical and payment services. If we shall receive information about you from them, we shall inform you thereof and of the purposes for which we intend to use the data if the purposes are different from the ones for which the data was obtained, and if necessary also ask for consent.
A cookie is namely a small file that requires permission to be installed on the computer’s hard drive and allows re-use. Cookies allow you to login to our website or to our services and adapt the online display to you. An online application can namely accommodate its activities to your needs and preferences by gathering and remembering information on your requests. The cookie in no way gives us access to your computer or any information about you, except the information that you choose to share with us. All cookies, except the necessary ones, can be accepted or rejected. Necessary cookies enable basic website features, such as site navigation and access to secure areas of the website. As the website cannot function properly without them, their installation does not require your special permission or the permission of the website user.
WHAT WE USE YOUR PERSONAL DATA FOR
The personal data that you provide to us shall be used:
- to meet our obligations arising from any commitments or contracts entered into between you and us, and to provide you with the information, services or goods which you requested from us, and to inform you of any changes in this regard;
- to ensure that you receive notifications and information, to which you have subscribed, including information about our services or goods, and for similar services or goods to those you have already ordered or purchased from us;
- that the content on the site shall be presented in the most effective way for you and your computer;
- to meet our legal obligations and healthcare services;
- to protect the vital interests of the individual and the (essential) public interest in the field of public health;
- to protect our legitimate interests and due to legal proceedings or as long these are possible, provided that your interests and fundamental rights do not prevail over them.
Personal data is not shared with persons outside the company or other organisations and/or unauthorised persons. With external workers with whom we cooperate for the needs of undisturbed operation (distributors and subcontractors for technical and payment services, etc.), we have concluded contracts in compliance with the legislation, our internal rules and procedures, and with appropriate safeguards for the protection of personal data. The external workers may use your personal data only for the purposes defined by the contract and in compliance with our instructions.
Personal data that we collect from you shall be used:
- to manage our website and for internal operations, including troubleshooting, data analysis, testing, research, statistical and research purposes;
- to improve our website, in order to ensure that its content is presented in the most effective way for you and your computer;
- to enable you to participate in the interactive features of our website when you decide to do so;
- as part of our efforts to make our website safe;
- to measure or understand the effectiveness of advertising;
- to suggest and recommend services to the users of our website that might interest them.
Personal data that we receive from other sources shall be combined with personal data provided to us by you, and with the data that we collect about you. This data and combined data shall be used for the above-stated purposes only.
HOW LONG DO WE STORE YOUR PERSONAL DATA
Personal data obtained for the purposes of concluding and implementing contractual obligations is stored for ten years after the termination of the contract or ten years after the completion of processing of personal data, or ten years after the completion of the court proceeding for the recovery of unpaid obligations. Other personal data is retained until the purpose for which it was collected is met. Personal data processed solely on the basis of your consent shall be retained for five years from the withdrawal of your consent, unless your interests or fundamental rights and freedoms prevail when the data is processed only until the withdrawal of the consent.
WHERE DO WE STORE YOUR PERSONAL DATA
Personal data that we collect from you shall be processed and retained within the European Economic Area (“EEA”). It is referred to the United States only if you share your data through social media (more on this topic in the Chapter “Sharing personal data through social media”), or if you agree to the installation of cookies for monitoring of statistics (more on this topic in the Chapter “Cookies”). It shall be processed by employees who work with us, and also by external workers or employees of our external partners who have concluded a corresponding contract with us or are bound by professional secrecy. This includes personnel who, inter alia, are engaged in the fulfillment of contractual obligations and the provision of support services. By submitting your personal information, you agree to this transfer, storage or processing. We will take all the necessary steps to ensure that your information is treated securely and in compliance with the General Data Protection Regulation, the applicable law and our internal acts.
The transfer of information via the Internet is not completely secure. Although we shall do our best to protect your personal data, we cannot guarantee the safety of transferring your data to the mesimedical.com website; every transfer is at your own risk. When we receive your data, we will use strict procedures and security features to prevent unauthorised access.
HOW WE PROTECT YOUR PERSONAL DATA
We have established strict technical and organisational measures to ensure the protection of your data. Namely, in such a way as to protect the premises, equipment, system and application software (including input/output units). It ensures the traceability of processing, an effective method of blocking, destruction, erasure and, if possible, anonymisation, pseudonymisation, and encryption of personal data. It ensures the ongoing confidentiality, integrity, and resilience of processing systems and services, and the ability to restore the availability and access to personal data in a timely manner in the event of a security incident. The procedures for regular testing, assessment and evaluation of the effectiveness of technical and organisational measures, including the training of persons who process personal data and ensure the lawfulness of processing are carried out. The employees who use your personal data are bound to protect it with due diligence. By entering into a contract, all external workers are also bound to the latter.
SHARING PERSONAL DATA THROUGH SOCIAL MEDIA
Our website also includes integrated buttons for sharing of social media, Twitter Inc., 795 Folsom St., Suite 600, San Francisco, CA 94107, USA, XING, operated by XING AG, Dammtorstraße 30, 20354 Hamburg, Germany; Facebook, 1601 South California Avenue, Palo Alto, CA 94304, USA and LinkedIn Corporation, 2029 Stierlin Court, Mountain View, CA 94043, USA. Furthermore, a button to share an e-mail is also integrated. Share buttons can be identified by using a particular logo; and they are adapted in compliance with the personal data protection.
Only if and when you click a particular share button on our website, a direct link is established between your browser and the server of the operator’s specific social media. According to the statements of the operators of these social media sites, no personal data is obtained from social media without clicking on a particular share button. Such data, including an IP address, is acquired and processed only with registered members. If you do not want to list a visit on our site to your individual social media user account, log out of the individual social media user account.
Hereby, we draw attention to the fact that we are not informed of the content of the data transmitted and its use by social media from their operators. Further information regarding the use of data by social media can be found in their data protection statements.
You may unsubscribe from receiving our notifications and information, and request a rectification, deletion, processing restriction, data transfer or access to personal information at email@example.com, at any time. We also guarantee the entire remaining respect for privacy, as determined by the applicable legislation and internal acts of MESI Ltd. It is always possible to appeal against our decision by making a request to the supervisory authority.
In case of violation of personal data protection, we at MESI Ltd. shall immediately conduct all internal and external proceedings and measures (also technical and organisational) to protect the rights of the individual person. The supervisory authority and the individual person shall also be informed thereof in the manner and under the terms of the applicable legislation.
AMENDMENTS AND SUPPLEMENTS OF THIS POLICY
All amendments and supplements to this Policy shall be published on this website, and whenever appropriate, also sent to you by e-mail.
In addition to this Policy, we also provide other information on privacy and personal data included or embedded in our product or their features, which you can view in the rules and/or settings associated with such services or goods prior to their purchase or use. Although your data shall always be addressed in accordance with this Policy, the purchase or use of such services or goods may also be based on your agreement with the licence terms and other applicable rules at the time of purchase or use of the product or its feature. Since such licence terms and other applicable rules may differ from this policy, read the applicable terms carefully before purchasing or using such a service or goods.
DO YOU HAVE ANY ADDITIONAL QUESTIONS?
Questions, comments and requirements in relation to this personal data protection policy are welcome. You can address them to firstname.lastname@example.org.
Table: List of cookies
Cookies for statistics monitoring allow us to understand the way the visitors use the website by anonymously collecting and reporting information about user behaviour on the website.
|Cookie name||Service provider||Country||Retention period||Purpose (description)|
|_utma||Google Analytics||USA||2 years||stores the number of visits (per each visitor), the time of the first visit, the previous visit and the current visit|
|_utmb||Google Analytics||USA||10 minutes||checks how fast the visitor leaves the site or how long they stay on it|
|_utmc||Google Analytics||USA||30 minutes||checks how fast the visitor leaves the site or how long they stay on it|
|_utmt||Google Analytics||USA||session||indicates the type of a request, which may be one of: an event, a transaction, an element or a customised variable|
|_utmz||Google Analytics||USA||6 months||checks whether the visitor came from a search engine (and, if so, the search keyword used), link or a previous page (e.g. bookmark)|