PERSONAL DATA PROTECTION POLICY

(the “Policy”)

This website is produced by Clariance SAS (“Clariance”).  All content, information, software and material provided on or through this web site (“Site”) is owned and operated by Clariance.

  

1. Definition.

Personal data is any and all information relating a person that is or may be identified (“Identifiable Person”). An Identifiable Person is a person who may be identified, directly or indirectly, including by reference to an identifier or to one or more factors specific to the physical, physiological, mental, economic, cultural or social identity of that person.

2. Purpose.

As part of our operations and efforts to better serve healthcare professionals, we need to obtain and process information. This information includes any offline or online data that makes a person identifiable.

The purpose of this Policy is the protection of your privacy and personal data that makes you an Identifiable Person. Clariance is committed to ensuring this protection by controlling the use of any and all personal information you disclose on the Site.

Clariance hereby undertakes to treat information of employees, customers, stakeholders and other interested parties with the utmost care and confidentiality.

With this Policy, we ensure that we gather, store and handle data fairly, transparently and with respect towards individual rights.

3. Controller.

Clariance shall act as the controller of any and all personal data collected on this Site. As Controller, Clariance will be in charge of collecting and processing all such personal data.

Clariance has named a Data Protection Officer (“DPO”) who shall be in charge of the application of this Policy and of Clariance’s ongoing compliance with the Policy. The DPO may be contacted at all times by email at data.protection@clariance-spine.com.

4. Scope.

This policy refers and applies to any and all personal information collected on the Site from any party (employees, job candidates, customers, suppliers etc.). The personal information that may be collected and processed on this Site include:

  • Identity and contact details, including without limitation your name and email address;
  • Professional information, including as applicable, your company, position, whether or not you are a healthcare professional, your resume and references respecting any job application;
  • Your communications with us;
  • Traffic data, including IP addresses or device and system identifiers.

5. Access.

Data collected on this Site may only be disclosed to or accessed by Clariance’s personnel and third parties authorized by Clariance, such as its business partners or its service providers as the need may be in the course of its activities.

6. Users’ rights.

As Controller, Clariance shall comply with all applicable personal data protection law and regulations, including the European Union’s General Data Protection Regulation 2016/679 (“GDPR“), which aim to ensure you better control over the use of your data. These laws allow you the right of information, access, rectification, erasure and portability of your data as well as the right to object to the use of your data, the whole in accordance with said laws.

In accordance with the aforementioned law and regulations, you may exercise these rights at your convenience. Clariance will, at all times, comply with all rights afforded to its users by applicable law.

You may exercise said rights by writing our DPO at data.protection@clariance-spine.com. You will then be contacted within reasonable delay in order to verify your identity before your request is processed.

Where communications are sent to individuals based on their request or consent, including without limitation newsletters and product-related documentation, the option for the individual to revoke their consent or  unsubscribe is available and may be exercised at any time by the individual, and Clariance shall  ensure the reflection of such revocation in a timely manner. For any help in that regard, the individual  may contact the DPO at data.protection@clariance-spine.com.

7. Obligations and Commitments of Clariance.

Clariance is committed to provide every effort to perform its obligations towards the protection of the personal data of all users of the Site in accordance with the highest standards of personal data protection. Any personal data shared by any user of the Site will be processed by Clariance and may only be used by Clariance and its authorized partners.

Clariance is committed to complying with all applicable personal information protection legislation and regulations in the collection and processing of your personal data, including the GDPR, which requires that personal data shall be:

a. processed lawfully, fairly and in a transparent manner in relation to individuals;

b. collected for specified, explicit and legitimate purposes and not further processed in a manner that is incompatible with those purposes; further processing for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes shall not be considered to be incompatible with the initial purposes;

c. adequate, relevant and limited to what is necessary in relation to the purposes for which they are processed;

d. accurate and, where necessary, kept up to date; every reasonable step must be taken to ensure that personal data that are inaccurate, having regard to the purposes for which they are processed, are erased or rectified without delay;

e. kept in a form which permits identification of data subjects for no longer than is necessary for the purposes for which the personal data are processed; personal data may be stored for longer periods insofar as the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes subject to implementation of the appropriate technical and organizational measures required by the GDPR in order to safeguard the rights and freedoms of individuals; and

f. processed in a manner that ensures appropriate security of the personal data, including protection against unauthorized or unlawful processing and against accidental loss, destruction or damage, using appropriate technical or organizational measures.

To carry out such responsibilities, Clariance is committed to:

  • Restrict and monitor access to your personal data;
  • Train employees in online privacy and security measures;
  • Use secure networks protecting online data;
  • Establish appropriate data protection practices.

8. Breach.

Clariance shall ensure that personal data is stored securely using modern software that is kept-up-to-date and appropriate measures are put in place to ensure the safety of the information and to avoid its unauthorized sharing.

In the unlikely event of a breach of security leading to an unauthorized disclosure of, or access to, personal data, Clariance shall promptly assess the risk to users’ rights and freedoms and notify any identified user whose personal data has been disclosed or accessed.

9. Right to Modify.

Clariance shall retain the right to modify the present Policy for any reason it deems necessary, including but not limited to comply with any changes or modification to relevant legislation. If any modification to this Policy is made, the updated version of the Policy shall be published and made available on this Site without delay.

© Clariance SAS. July 2020. All rights reserved.