MEDERA INC. PRIVACY POLICY
1. INTRODUCTION
This Privacy Policy applies to users ("you" or "your") of the Medera website (www.medera.ai), Medera’s products and services, and any prospective users, including patients and clinicians. It describes:
- What personal data we collect and why;
- Legal bases for processing;
- How your data is shared and stored;
- How long we retain data; and
- Your rights regarding your personal data.
2. WHO WE ARE
Medera Inc. is a digital healthcare company headquartered at 2181 Greenwich Street, San Francisco, CA 94123, USA. Medera complies with HIPAA and U.S. privacy laws for data collected from U.S. residents. Overseas data is handled in compliance with the GDPR.
If you have any questions regarding this policy, you may contact us via email at info@medera.ai or at the mailing address: Data Protection Enquiries, CTO, 2181 Greenwich Street, San Francisco, CA 94123 .
3. CHANGES TO YOUR PERSONAL INFORMATION
Please ensure the information we hold about you is accurate and up to date. Notify us of any changes to your personal data or if any data we hold is incorrect.
4. PERSONAL DATA WE COLLECT
We may collect the following categories of personal data, depending on your use of our website, services, or products:
| Category | Data |
|---|---|
| Identity Data | Name, address, date of birth, title, IP address, or other location data |
| Contact Data | Email address |
| Correspondence Data | Information you provide in communications with us |
| Marketing and Communication Data | Preferences for receiving marketing and other communications |
5. COLLECTION OF PERSONAL DATA
We collect personal data when:
- You access or interact with our website, products, or services;
- You contact us via email, phone, or other communication channels;
- You submit any inquiries or complaints;
- You request services, technical support, or customer care;
- You participate in surveys, competitions, or provide feedback;
- You install and use Medera Google Chrome extensions.
6. HOW WE USE YOUR PERSONAL DATA
We process personal data in compliance with U.S. privacy laws, including HIPAA, and GDPR for overseas data. We only process data where necessary:
- To perform an agreement or contract;
- To comply with a legal obligation;
- For legitimate business purposes, such as improving our services or ensuring security;
- With your consent (e.g., for marketing communications).
You have the right to withdraw consent at any time by contacting us or following the unsubscribe link in communications.
7. LEGAL BASES FOR PROCESSING PERSONAL DATA
| Purpose | Data | Lawful Basis |
|---|---|---|
| Providing services and the website | Identity, Contact, Correspondence | Performance of a contract, compliance with legal obligations |
| Operating and protecting our systems | Identity, Contact, Correspondence | Compliance with legal obligations, legitimate business interests |
| Customer support and relationship management | Identity, Contact, Correspondence, Marketing Data | Performance of a contract, legitimate business interests |
8. DATA DISCLOSURE
We may share your data with third-party service providers for purposes including IT services, security, and payment processing, but only when necessary and under contract to ensure data protection. We comply with HIPAA regulations for health data and ensure that your medical information is protected and used solely for healthcare purposes. Data disclosed to overseas processors is handled according to GDPR standards.
9. DATA STORAGE AND TRANSFER
We store personal data on servers located within the United States. For data collected outside of the U.S., we comply with GDPR requirements, ensuring proper protections are in place before any data transfer.
10. DATA RETENTION
We will retain your personal data only as long as necessary to fulfill the purposes for which it was collected, including legal, accounting, or reporting requirements. For health-related data, we comply with HIPAA regulations on retention periods.
11. YOUR RIGHTS
You have the following rights regarding your personal data:
- Access: You can request access to your data at any time.
- Correction: You can request corrections to your data.
- Deletion: You can request the deletion of your data under certain circumstances.
- Objection: You may object to data processing where legitimate interests are the legal basis.
- Withdrawal of Consent: You can withdraw consent for marketing communications at any time.
12. CHANGES TO THIS POLICY
We may update this Privacy Policy periodically to reflect changes in our services or legal requirements. We encourage you to review it regularly. The last update was on October 1, 2024.
13. CONTACT US
For any questions regarding this Privacy Policy, or to exercise your data rights, contact us at: info@medera.ai or mail us at 2181 Greenwich Street, San Francisco, CA 94123, USA.
medera