This document sets out the PRIVACY and COOKIES Policies (the “Policy”) of HEARTGENETICS – Genetics & Biotechnology, S.A., a Company incorporated and existing in Portugal with Company’s Identification number 510575994 its successors and permitted assigns (“HeartGenetics”) applying when You as a Professional (“You”) provide to HeartGenetics any personal data of identified or identifiable individuals (“Data”) including when You upload Data into the Registration Form available for filling at http://www.HeartGenetics.com website (“Website”).
You must read this Policy carefully. If You have any reservations, doubts, objections to this Policy You should resume and exit from the Website refraining from uploading any Data into the Website including through the filling of the Registration Form of You as a Professional user of the Website and refrain from further using the Website.
HeartGenetics reserves the right to change this Policy at any time without prior notice. Any amended Policy will be integrated herein from time to time. Completion of the Registration Process with HeartGenetics and continued usage of Your Credentials to login and use the Website implies that You are aware of this Policy, that You acknowledge and accept this Policy as amended and in force from time to time.
Applicable from July 17th, 2017.
What Data and how is Your Data collected?
All products and services provided by HeartGenetics are reserved to professional (not consumer) use only (“Professional”). To the far extent that a Professional is an individual or is a legal representative of a Corporate Professional this Policy shall apply to any Data submitted or disclosed to HeartGenetics as part of the Registration Process or otherwise, including name, email address, phone, professional qualification or licensing details.
Registration and enrolling of You as a Professional is strictly processed offline through HeartGenetics backend. The Website does not process any automatic registration service.
For further information on Registration Process please revert to Website Terms and Conditions here.
HEARTGENETICS WILL ONLY COLLECT DATA THAT IS VOLUNTARILY DISCLOSED AND SUBMITTED BY YOU AND THAT YOU AUTHORISE HEARTGENETICS TO COLLECT, STORE, PROCESS AND/OR MANAGE ACCORDING TO THIS POLICY. YOU MAY REFUSE TO GRANT ANY AUTHORISATION FOR DATA COLLECTION, STORAGE, PROCESSING AND/OR MANAGEMENT AND YOU MAY WITHDRAW ANY PREVIOUS GRANTED CONSENT AT ANY TIME.
Any of the latter actions may only prevent HeartGenetics backend to complete or maintain Your registration as a Professional You therefore becoming unable to purchase any products or subscribe any services from HeartGenetics. Access and visualization by You of the Website may not be impacted substantially.
HeartGenetics may also collect, store, process and manage corporate details (of You not as an individual) in respect and in connection with your business relationship with HeartGenetics (“Corporate Data”).
As a Corporate Professional registering with HeartGenetics You expressly grant to HeartGenetics a fully paid, royalty free, non-exclusive, sub-licensable, perpetual, worldwide license for HeartGenetics to access, collect, store, process, maintain, analise and manage Your Corporate Data for the intended business purposes of HeartGenetics including those relating to Your activity, any feedback from end customers, Your premises, services or products offered, prices, promotions and geo location.
As You enroll with HeartGenetics as a Professional HeartGenetics may contingently access, process and manage Your Data for the purposes of providing You certain HeartGenetics Services or further interacting with You according to what may seem to be of Your interest.
HeartGenetics may collect, process and/or manage genetic data of anonymously submitted samples of genetic material.
HeartGenetics offline devices (v.g. HeartGenetics HEARTDECODE®) under Your use and sole control – as a Professional – may also contingently be used (solely and directly) by You or others under Your control to store and manage genetic information of Your identified and/or identifiable patients, Data which You may upload into the offline device as part of Your rightful medical/lab practice. You are and shall remain in control of such Data at all times and You are and shall remain solely liable for the collection, storage, processing and managing of such Data in compliance with the Data Privacy Laws applicable to You and Your professional practice. UPON WARNING BY HEARTGENETICS THAT A PROGRAMMED UPGRADE OR REMOTE TECHNICAL ASSISTANCE TO THE OFFLINE HEARTGENETICS DEVICES WILL TAKE PLACE, YOU AGREE THAT YOU WILL BE COMPELLED TO IMMEDIATELY REMOVE ANY DATA FROM OFFLINE HEARTGENETICS DEVICES PRIOR TO SUCH TECHNICAL INTERVENTION.
What about cookies? Cookies Policy
Cookies are alphanumeric identifiers that HeartGenetics may transfer to Your computer’s hard drive through Your Web browser to enable HeartGenetics’ systems to recognize Your browser and tell HeartGenetics how and when Website is visited and by how many people also permitting to enhance Your user experience (UX) (“Cookies”). Cookies may keep track of Your movements within the Website, help You navigate or advise navigation, remember Your navigation history, theme selection, preferences and other customization functions (if/as available).
The Website uses the following Cookies:
- Google Analytics® (i.e, _ga, _gid) which is an analytics tool from Google® that interprets level of engagement and usage by You of the Website and its functionalities.
- WordPress (wordpress admin, wordpress plugins, wordpress logged in modules) aimed at identifying who You are. For further information please hit https://codex.wordpress.org/WordPress_Cookies;
- E-commerce module of Woocommerce® (woocommerce_cart_hash, woocommerce_items_in_cart, wp_woocommerce_session) which contain information about the cart as a whole and helps to know when the cart data changes. The wp_woocommerce_session_ cookies contain a unique code for each customer so that it knows where to find the cart data in the database for each customer. No personal information is stored within these cookies.
You may also choose to refuse, delete or accept Cookies through selection of appropriate functions in the “options” or “preferences” sections of the web browser. You should further navigate the “Help” menu of the web browser to properly understand and configure its Cookies preferences.
Refusal of Cookies or their deletion may only cause the Website not to function as properly as usual or some of its features might be disabled.
By using the Website, You consent to the processing of Your corporate data by Google in the manner and for the purposes set out above. In case You intend to disable tracking of navigation history in the internet please disable Google Analytics at http://www.google.com however please note that if You do this You may not be able to use the full functionality of the Website.
In order to further understand what Cookies are all about, understand what Cookies were installed and how can they be managed and/or deleted by You please visit http://www.allaboutcookies.org.
Anonymous Information. How does it work?
HeartGenetics may share generic aggregated demographic information not linked to any personal identified information regarding visitors and users of the Website for the purposes outlined above.
Non-personal identification information may include the browser name, device name, type of computer and technical information about users, means of connection to the Website, such as the OS and/or the ISP utilized by user or other similar non-personal technical information.
When HeartGenetics shares such information it shares it in a distinctive database so that information remains anonymous at all material times and cannot be reverted to be understood and processed as Data.
What does HeartGenetics collect Your Data for?
HeartGenetics may collect, store, process and manage Your corporate data for the following purposes:
- To enable HeartGenetics and its partners and subcontractors in the operation and maintenance of the Website and to support HeartGenetics in providing and further improve the providing of its services to You;
- To alert you on product or services updates, technical bulletins, news, highlights, special offers that may be of interest to You;
- To help You finding services or products better suited to Your corporate needs such as the most appropriate genetics report or assessment, available kits and/or nearest labs or medical facilities;
- To make the Website more relevant and easier to navigate by You and/or to help You solve any navigation problems You may find whilst using the Website;
- To send periodic emails If You decide to register and/or join HeartGenetics’s newsletters or mailing lists (if/as available).
If You would like to unsubscribe from receiving future emails, pushups or news from HeartGenetics, please visit the Email Preferences section of Your User Profile and/or follow the instructions contained in the unwanted e-mail message. However, PLEASE NOTE that in all cases you will continue to receive all system e-mails (e.g. those regarding forgotten user passwords) and legal notices (e.g. updates to our policies) from HeartGenetics.
How does HeartGenetics protect Your Data?
HeartGenetics shall collect, store, process and manage Your Data only in accordance to this Policy and the Data Privacy Laws in force – as amended from time to time- within the European Union.
HeartGenetics adopted appropriate technical and organizational measures intended to protect Your Data against accidental loss, destruction, or alteration; unauthorized disclosure or access; or unlawful destruction.
Sensitive data exchange between the Website and You is most unlikely to occur. However when/if such becomes the case HeartGenetics shall use SSL secured communication channel with encryption and protected digital signatures.
NOTWITHSTANDING THE LATTER PLEASE BE ADVISED THAT HEARTGENETICS CANNOT ENSURE FULL NETWORK SECURITY OVER THE WEB AND USE OF THE WEBSITE MAY EXPOSE YOU AND YOUR DATA TO RISKS SUCH AS IDENTITY THEFT, FRAUD OR FRAUDULENT ACTION BY THIRD PARTIES OUT OF HEARTGENETICS’S CONTROL THAT MAY CAUSE YOU IRREPARABLE LOSS AND/OR DAMAGE OF UNQUANTIFIABLE IMPACT.
YOUR DISCRETION ON THE USE OF THE INTERNET, THE WEBSITE AND THE DISCLOSURE OF YOUR DATA ALONG WITH ANY CONSENTS IN RESPECT THEREOF ARE STRONGLY ADVISED.
To whom may HeartGenetics disclose Your Data?
HeartGenetics is not in the business of selling, trading, or renting Data and therefore exchange or sharing of Data with third parties is strictly limited and is only made in accordance to the applicable laws subject however to the following:
- HeartGenetics may share Administrator data for purposes of Website security and/or fraud prevention.
- HeartGenetics does not use third party service providers to help in the operation of HeartGenetics’s business namely in the business of genetics’ analysis and reporting.
- In respect of the operation of the WEBSITE however HeartGenetics may resource from third parties support for certain updating and administration activities. Any sharing of Your Data with such third parties shall ALWAYS exclude any and all genetic data and any reports or information in respect thereof and shall be limited and strictly as needed so that third parties may pursue the limited purposes of WEBSITE’s maintenance and administration. Any and all disclosure of Your Data (if any) shall ALWAYS be in accordance to the consents You might have provided and only as/if permitted by Law.
- HeartGenetics shall not disclose Your data outside HeartGenetics’s controlled subsidiaries and affiliates (if any) and the HeartGenetics’ partners network used by HeartGenetics for the above cited purposes except (1) if You otherwise permit or direct; (2) as required by law; or (3) imposed by judicial or administrative subpoena or order.
Should any authorities or law enforcement agent contact HeartGenetics with a demand for Your Data except as may be prohibited by Law (1) HeartGenetics will promptly notify You and provide You with a copy of the demand/order; (2) HeartGenetics will attempt to redirect authorities to You – by providing them with Your basic contacts information – so that they may obtain information directly from You; (3) HeartGenetics will reasonably effort not to provide information in excess of that required to satisfy the compelled disclosure order; (4) HeartGenetics shall to the maximum extent permitted procure not to provide (i) direct, indirect, blanket or unfettered access to Your Data; (ii) the platform encryption keys used to secure Your information or the ability to break such encryption.
HeartGenetics will not disclose Administrator Data outside HeartGenetics or its controlled subsidiaries.
Where does HeartGenetics process Your Data?
Except as described below, Your information may be transferred to, stored and processed within the European Union only.
HeartGenetics abides by the European Union Data Privacy laws regarding the collection, storage, processing, management and retention of Data from European Union nationals.
Who is Your Data Processor?
HEARTGENETICS – Genetics & Biotechnology, S.A. is the Processor of Your Data.
Should You intend to exert any of Your rights to access, rectify or delete Your Data please contact:
HEARTGENETICS – Genetics & Biotechnology, S.A.
Biocant Park, Núcleo 4, Lote 4A
What are Your rights?
You are entitled to access, rectify or request deletion of Your Data at any time and to such effect You should contact the Data Processor to the contacts and address identified in the content above.
HeartGenetics will reasonably assist You on the exercise of Your rights.
What Laws and Jurisdiction?
Your Data will be collected, stored, processed and managed by Data Processor according to this Policy and the European Union Laws on Data Privacy as amended and in force from time to time to the extent applicable to Your Data. No further laws shall apply to Your information and/or data.
Any disputes on Data Privacy or Your Information shall be resolved by the Civil Courts of Coimbra (Portugal).
Last Revised July 17th, 2018