PUBLISHED ON: December 01, 2021
Inmed is committed to protecting the privacy of all individuals in respect of whom we hold any personal data, regardless of whether those persons are customers, potential customers, business partners or otherwise and regardless of how we have come to possess the personal data.
Inmed will ensure that all personal data that you submit to us, or which we collect, via various channels, including without limit via your interaction with our website, through written correspondence (including e-mail) is only used for the purposes set out in this policy and that it shall be held and stored safely and in compliance with the applicable laws.
What is Personal Data?
We generally collect personal data from you in the following ways:
- You may be required to complete a form on our website or landing pages in order to receive information and promotional material about products. The form will request personal data from you. This is usually limited to first name, last name and email address or other appropriate contact details.
- You may complete the contact us form on our website, requesting us to make contact with you. This form also requires that you provide us with your name and email address and also a phone number and a message. Depending on the nature of your message, it might also include personal data about yourself or about somebody else. Please do not include in your message any personal data of any kind about any other person unless you have their express and fully informed written permission to do so. Please note that if we receive from you any personal data relating to somebody else, then we will inform that person that we have received their personal data, specifying the type of personal data and the fact that we received that personal data from you.
- You may provide us with the personal data in your interactions with us through our social media pages, such as on Facebook, LinkedIn, Instagram and Google and others.
- We may have exchanged personal data from you at a trade show, meeting or similar types of events.
- We obtain certain information when your web browser accesses our website including your IP address, browser type, operating system, mobile network data, pages viewed and access times.
- You may have approached us directly by email or otherwise in connection with interest in our products or for business purposes and in the course of the communications provided us with personal data.
We collect statistical information regarding use of our website. This includes information about your browsing actions and patterns on the website, which we may use in order to provide you with a more personal experience. We also aggregate all statistical information regarding the browsing actions and patterns of all visitors to our website and this aggregated statistical information does not identify you.
How we Process your Personal data
“Processing” personal data means performing any operation or set of operations on personal data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction of the personal data.
The personal data that you provide to us or that we receive from other sources will be kept confidential. We will only hold, use and disclose your personal data in a manner that is fully compliant with Israeli law and the GDPR and in accordance with our legitimate business purposes, which include:
- If you conduct or may conduct business with Inmed then we will only use your personal data as is specifically required to communicate with you in connection with the relevant business. This might include:
- promoting new products and services to you
- responding to inquiries
- providing offers
- making introductions to other relevant persons
- advise you of news and industry updates
- advise you of events and promotions
- other relevant business correspondence
- for our internal business purposes, developing new products, enhancing the website, improving our services, identifying usage trends and visiting patterns, determining the effectiveness of our promotions, evaluating third party performance and meeting contractual obligations
- administrative purposes, such as sending you important information regarding our website, changes to our terms of business or policies, or other administrative information.
- To release personal data to regulatory or law enforcement agencies, if we are required or permitted to do so.
We will not process your personal data for any other reason than those stated above, unless we first receive your express prior written consent, or we are legally required to. The legal basis for processing your personal data is made up of one or more of the following reasons:
- The processing is necessary for the purposes of our (or a third party’s) legitimate interests, provided we have established that those interests are not overridden by your rights and freedoms, including your right to have your personal data protected.
- Compliance with applicable laws, regulations or other legal process. If we process your personal data in order to comply with a law, regulation or other legal process, then we will notify you of this in writing.
How we share your Personal data
Personal data that we collect is stored on third party servers that have been selected, among other reasons, based on their commitments to hold and protect the personal data from unauthorized access or transfer and that have provided commitments consistent with the GDPR and Israeli privacy protection laws.
Different members of Inmed personnel have different access rights to the personal data stored with the third-party servers, and different members of Inmed personnel have different permissions for what they may and may not do with the personal data, including with whom they may share personal data. Access and permission for each Inmed employee is set according to their responsibilities.
As Inmed personnel are generally located in Israel, when they access the personal data from the third-party servers, the personal data is effectively also transferred out of the EU to Israel and part or all of that personal data may be stored in Israel, such as when it is downloaded onto the Inmed employee’s hard drive.
How long we will hold your information
To the extent permissible by applicable law, we will retain your personal data for such period plus 24 further months as is necessary to satisfy or to fulfill the following:
- the purposes for which that personal data was provided;
- an identifiable and ongoing business need, including record keeping;
- a requirement to retain records that may be relevant to any notified regulatory investigations or active legal proceedings;
- comply with any applicable law, regulation, legal process, including, without limitation, court orders and/or compulsory disclosures required by governmental authorities;
- fulfill legitimate interests of Inmed that are not outweighed by your right to privacy.
- to make our website easier for you to use
- to help stop our online-forms from being used to send spam-email
- to monitor usage so we can spot trends and make improvements
- to identify individuals
- to store personal information
We have put in place reasonable administrative, organizational and technical safeguards and security measures to protect personal data from unauthorized access, disclosure, destruction or alteration, accidental loss, misuse or damage. We regularly review and monitor such safeguards and security measures and update them when we deem it to be required. However, no measures can provide an absolute guarantee against unauthorized access.
You should understand that the transmission of information via the internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your data while it is being transmitted to our website or sent to us by email via third party networks. Once we have received your information, we will use the procedures and security features described above to reduce the possibility of unauthorized access.
Your Rights in Connection with Your Personal Data Held by Us.
You have certain rights in relation to personal data about you that we hold. Details of these rights and how to exercise them are set out below. We will require evidence of your identity before we are able to act on any request with respect to exercising any rights. For convenience, please address any requests to us regarding your rights below by email to our Contact Person.
Right of Access
You have the right at any time to ask us for a copy of the personal data about you that we hold. Israeli law and GDPR provides certain instances where we may refuse your request for a copy of your personal data, or certain parts of the personal data that we hold. If we refuse your request or any element of it, we will provide you with our written reasons for doing so as soon as possible.
Right of Correction or Completion
If personal data we hold about you is not accurate, out of date or incomplete, you have a right to have the data rectified, updated or completed.
Right of Erasure
You have the right to request that personal data we hold about you is erased if:
- your personal data is no longer necessary for the purposes for which it was collected or otherwise processed;
- you wish to withdraw your consent on which the processing of your personal data was based and there is no other basis justifying such processing;
- you consider and can establish that your personal data has been unlawfully processed; or
- your personal data must be deleted in accordance with a legal obligation.
Right to object to or restrict processing
You have the right to object to our processing of your personal data and you also have the right to object to use of your personal data for direct marketing purposes.
Right of Data Portability
You have a right to receive any personal data that we hold about you in a structured, commonly used and machine-readable format, provided that:
- the personal data is data that you have provided to us previously; and
- the personal data is processed by us using automated means.
Please note that if you are requesting the personal data to be transferred to a third party’s system, we cannot guarantee technical compatibility with that system.
To the extent that we are processing your personal data based on your consent, you have the right to withdraw your consent at any time.
If you are unhappy about our use of your personal data, please do notify us, providing the reasons and we will endeavor to rectify the problem.
You may address any complaints to our Contact Person.
If you are based in the EU, you may also lodge a complaint with any Data Protection Authority set up to supervise and enforce the GDPR (“DPA“). There is a DPA in each EU member state and you may report to any DPA, although generally you will report to the DPA set up in the member state in which you are located. Here is a list of all DPAs and their contact details: http://ec.europa.eu/justice/article-29/structure/data-protectionauthorities/index_en.htm However, we do take your rights with respect to your personal data very seriously and will appreciate the chance to resolve any issues that you may have before you address a DPA.
Further Information on Data Protection and Personal Privacy
If you have any enquiries or if you would like to contact us about our processing of your personal data, including to exercise your rights as outlined above, please contact us by email: DPO@Inmedmd.com.
When you contact us, we will ask you to verify your identity.