EEA Privacy notice
- About Preventice
- About this Privacy Notice
- How we use your Personal Information
- Legal basis for data collection and use
- Disclosure of your Personal Information
- Your European Privacy Rights
- Data Protection Officer
- Children’s Data Protection
- Retention periods
- International Transfers of Personal Data
- Changes to This Privacy Notice
- Other Websites
- Contact Information
1. About Preventice
Preventice Solutions, Inc., is a United States-based corporation focused on mobile health solutions and remote monitoring services that connect healthcare providers and patients threatened by cardiac arrhythmias.
Our tech-enabled, service-based approach utilizes our cloud-based infrastructure, data analytics and machine learning capabilities to facilitate the clinical decision-making of treating providers. We listen closely to the needs of our customers to create revolutionary remote care technologies and services that connect patients and providers in a way that redefines healthcare – and works without interruption to daily life. We operate in four states, and our subsidiaries include Preventice Services, LLC, and Preventice Technologies, Inc. (collectively, “Preventice”).
2. About this Privacy Notice
At Preventice, your privacy is important to us. We process personal data in different contexts, and we do so by fully respecting your privacy rights.
This website is intended for patients and healthcare providers and is operated by Preventice who is considered the processor of the information collected through our technology, devices and monitoring services.
This privacy notice applies to information collected by Preventice through our website, our monitors and portals, or in the course of our business activities; including all personal data in any format or medium, relating to all healthcare providers, patients, vendors and others who do business with Preventice.
Preventice reserves the right to change the terms of this notice and to make new notice provisions effective for all personal data that it maintains. Changes to this notice will be available by accessing our website www.preventicesolutions.com or by contacting us and requesting that a revised copy be mailed to you.
3. How we use your Personal Information
Personal data is information that relates to an identified or identifiable individual. The basis for the use of personal data is dependent on the context of your interactions with Preventice.
If you reside or otherwise find yourself in the territory of European Economic Area (EEA), Switzerland or the United Kingdom, Preventice is committed to facilitate the exercise of your rights granted by the applicable European Data Protection law. Otherwise, you can contact us at any time to discuss your privacy concerns.
- Cardiac and health related information. We process patient and study subject information related to arrhythmia monitoring, cardiac event, digital holter, pacemaker monitoring and ambulatory blood pressure monitoring, such as patient electrocardiogram data, date of birth and/or age, relevant symptoms and diagnoses, and other related information. This information may also include contact information for the patient or study subject, emergency contact information, mailing address, information about health insurance and/or other information necessary for Preventice to provide the technology and/or monitoring services. This information is owned by the data controllers, i.e. the physicians, healthcare practices, hospitals or clinical research controllers.
- Other personal data provided directly by you. We collect your contact details if you request information or submit questions to us, including other personal data that you decide to share with us.
- Business contact information. We collect business contact information from current and potential customers, and from marketing activities and events, such as names, telephone numbers, email addresses and physical or mailing addresses, in order to provide information regarding our products and services, facilitate healthcare provider or practice relationship set up and management, deliver monitoring services and supplies, and ensure quality, security and compliance. We also collect such information from current and potential business partners and vendors to assess and facilitate those business relationships.
- Job applicant and human resources related information. We may collect certain employment-related data if you apply for and/or accept employment with Preventice, such as a username and password, full name, email address, telephone number, mailing address, driver’s license number, social security number or other unique personal identifier, emergency contact information, educational and work experience information, certification and licensure information, resume, language(s), job and salary preferences and expectations, professional references, criminal history, and disability, veteran and diversity status, Preventice electronic activity information, employment benefit and beneficiary information, financial information, work performance and training information, and inferences drawn from any of the information above.
4. Legal basis for data collection and use
Preventice assigns a legal basis for each data collection and use.
Preventice only collects and uses personal data when there is a fair and legal basis for its collection and use. For instance, when the collection of personal data is to meet our legitimate interests, to comply with legal obligations, for the vital interest of our patients or when we have your authorization.
- Consent. In some instances, we may request your consent in order to process your personal data for a specific purpose.
- Contract. We may process your personal data if it is necessary for purposes of a contract that we have with you, or in your interest, or because we must take specific steps prior to entering such a contract.
- Legitimate interests. We may process your personal data to conduct our day-to-day business operations, provide cardiac monitoring technologies and services, facilitate coordination and communication with healthcare providers, process payments and for other business purposes.
- Vital interests. We may process your personal data because it is necessary to save or protect an individual’s life.
- Compliance with laws and regulations. We may process your personal data because it is necessary to comply with a law or regulation.
5. Disclosure of your Personal Information
- Data Controllers. We may share your personal data with data controllers such as an ordering or treating healthcare provider, a study sponsor or investigator, or other appropriate individuals at a hospital, clinic or other such facility participating in your study, diagnosis or care.
- Third-Party Business Associates and/or Sub processors. We may share your personal data with third-party business associates and/or sub processors that perform various activities on behalf of Preventice, such as those that provide services related to report processing, billing, quality, security, compliance, legal, product development, information technology and other such services.
- Insurance companies and other payers. Your personal data may be disclosed to obtain payment for healthcare services provided.
- Government agencies, authorities and other regulatory bodies. We may disclose your personal data to a public health, security, intelligence or other such authority, that is permitted by law to collect or receive the information, for public health oversight, audits, investigations, inspections and related purposes, national security or intelligence purposes, for certain military and veteran’s activities, to report adverse events, product defects, problems or biologic product deviations, to track products in order to enable product recalls, to make repairs or replacements, to conduct post-marketing surveillance, or other such purposes as may be required by applicable law, regulation or guideline.
- Emergency Situations. In certain circumstances, where the health or security of an individual may be endangered, we may share your personal data with an emergency contact, healthcare worker, emergency responder or other such individual.
- Funeral Directors and Medical Examiners. We may disclose personal data to funeral directors, medical examiners, coroners and other such parties to carry out these duties consistent with applicable law.
- Researchers. We may disclose your personal data to researchers when certain conditions have been met such as when their research has been approved and established protocols are in place to ensure the privacy and security of your personal data.
- To protect our legal rights. We may disclose your personal data in certain circumstances where doing so is necessary to protect our legal rights.
We may share your personal data within the group of companies which may be located outside the European Economic Area. Any transfer of your data will be subject to ensuring that we safeguard your privacy. For additional information see Section 10 International Transfers of Personal Data.
In connection with the sale or merger of one or more of our brands or a part of our business to a different company, we reserve the right to transfer your personal information to a new owner, business partner and/or their advisors. In all such cases, however, we will take reasonable steps to help safeguard your personal information.
6. European Rights
If you reside or otherwise find yourself in the territory of the European Economic Area, Switzerland or the United Kingdom, we are committed to facilitating the exercise of your rights granted by the data protection laws of these territories. You can also contact us at any time to discuss your privacy concerns.
- Right to access, rectification, restriction of processing, erasure, and data portability. We provide you with access to your own personal data. We may charge a reasonable fee for the administrative costs of complying with the request if: (1) it is manifestly unfounded or excessive; or (2) you make requests of further copies following a request of your data. In addition, we will rectify your personal data when it is incorrect or inaccurate, and we will ensure the right to erasure, portability and to restriction of processing when these rights are not incompatible with other legal obligations.
- Right to object. For all marketing materials, you can opt-out anytime, and free of charge. Each individual marketing email that we send out gives recipients the chance to easily opt out of future marketing, but you can also contact us. The right to object for other processing activities will be balanced to ensure that it is not incompatible with local regulations or our legitimate interests.
- Right to withdraw consent at any time. When we use your information based on your consent, you have the right to withdraw such consent at any time.
- Rights in relation to automated decision making and profiling. Preventice does not engage in automated decision making including profiling.
- Right to lodge a complaint with your supervisory authority. If you are not satisfied with our response or how we process your personal data, you can complain to the data protection authority of your habitual residence, place of work or place of the alleged infringement.
You can exercise any of the above rights by contacting us using any of the methods in the Contact Information section below.
Preventice will attend to your request in a timely manner within thirty (30) days after receiving your request and appropriate identity-verifying information. If for any reason we need to extend this time period, we will contact you.
7. Data Protection Officer
Preventice has appointed a Data Protection Officer.
For any inquiries regarding this notice or about our handling of your information, you can contact our Data Protection Officer via mail at: 1717 N. Sam Houston Parkway West, Suite 100, Houston, TX 77038, Attn: Data Protection Officer; or via email at email@example.com.
8. Children’s Data Protection
Preventice does not knowingly solicit or collect personal information from or about children through its services or technologies except as permitted under applicable law. Where consent may be required for purposes of a cardiac study or clinical research, parents or legal guardians must provide consent on behalf of any minors (with the age of minority as determined by the relevant jurisdiction). This website is not intended for use by minors without the explicit consent of a parent or legal guardian. If your child has submitted personal information and you would like to request that such information be deleted from our records, you may do so by contacting us via the contact options below.
9. Retention periods
Preventice applies the storage limitation principle to retain personal data in our records only for the length of time required to fulfill the purpose for which the data was collected. We will only retain your personal data for as long as it is necessary to achieve the purposes listed above, or alternatively, until you object to the processing of your data or withdraw the consent which you have previously provided. However, where Preventice is required by law, regulation or contractual obligation to retain your personal data longer, or where your personal data is required for Preventice to assert or defend against legal claims, we will retain your personal data until the end of the relevant retention period or until the claims in question have been settled.
10. International Transfers of Personal Data
Preventice is based and established in the United States. The personal data we collect from you may be transferred to and stored outside of the European Economic Area as it may be processed by Preventice or by our service providers located outside of the European Economic Area. If you are based in the European Economic Area, please be informed that the United States is not on the list of countries that the European Commission considers adequate to the protection of personal data. However, we transfer data based on Standard Contractual Clauses we entered with third parties and maintain appropriate technical and organizational measures to ensure privacy and security to the extent possible.
We may modify this policy at any time in our sole discretion, and all modifications will be effective immediately upon our posting of the modifications on this website. The time stamp you see on the policy will indicate the last date it was revised. If material changes are made, we will place a prominent notice on our website for at least thirty (30) days prior to the change taking effect, or, we will communicate with you directly by email.
Preventice remains accountable for onward transfers of EU, Swiss or United Kingdom personal data to third party agents acting on Preventice’s behalf, where those parties have processed personal data in a manner inconsistent with the Principles, unless Preventice proves it is not responsible for the event.
12. OTHER WEBSITES
13. Contact Information
For additional information, concerns or questions about how your personal data is used, or to exercise any of your rights outlined above, please contact:
Preventice Solutions, Inc.
Attention: Data Protection Officer
1717 N. Sam Houston Parkway West, Suite 100
Houston, TX 77038 E-mail: firstname.lastname@example.org Telephone: +1-281-760-0500 or +1-888-747-1442
Alternatively, you can also contact Preventice’s EU or UK Representative for data processing matters:
VeraSafe Czech Republic s.r.o.
Prague 1, 11002
Czech Republic Contact Form: https://www.verasafe.com/privacy-services/contact-article-27-representative
VeraSafe United Kingdom Ltd.
37 Albert Embankment
London SE1 7TL
Contact Form: https://verasafe.com/public-resources/contact-data-protection-representative
Please note, when you contact us, you will be required to appropriately verify your identity.
The U.S. Federal Trade Commission has jurisdiction over Preventice’s compliance with Privacy Shield. If you have an unresolved privacy or data use concern that Preventice has not addressed satisfactorily, please contact our U.S.-based third-party dispute resolution provider, JAMS Privacy Shield Program, free of charge. Under certain conditions, more fully described on the Privacy Shield website, you may be entitled to invoke binding arbitration when other dispute resolution procedures have been exhausted.
Last Updated December 2020