This privacy statement (“Statement”) applies to Elminda Ltd. which operate this website (the “Company” “we,” or “us” and the “Website”).
The security and privacy of your information are very important to us. Whether you are using one of our services as a customer, potential customer, end-user or just visiting our website, we want you to trust us with managing and protecting the information that you provide us with. We have prepared this statement to explain more about who we are and how we collect and manage your information.
This site is a general audience site which is neither designed nor intended to collect personal information from children and/or minors.
It is important to note that this statement applies to the Personal Data which might be collected and processed in the website as part of our daily business conduct. The Company is the Controller of such Personal Data under the GDPR.
This statement does not apply to the data collected through and during the use of the Company’s other products, including MyBNA System which is a product of the Company. MyBNA is a system used by Company’s customers to provide their patients and customers with services. Any inquiry or complaint regarding the data collected and managed by the Company’s customers while using the system should be addressed to the relevant customer which is the data controller with respect of such data.
- Who we are and how can you contact us
1 Shenkar St.,
Phone + 972-9-951-6476
Our Data Protection Officer (DPO) can be reached at: DPO@elminda.com
While you are visiting our website, we might collect some information about your use in our website upon your sole discretion and/or for our purposes, as set forth by this Privacy Statement.
Questions, comments, requests and complaints regarding this Statement and the information we hold are welcome and should be addressed to us by using the contact details above. All requests will be dealt with promptly and efficiently.
- Information we may collect from you
“Personal Data”, or personal information, means any information about an individual from which that person can be identified.
We collect Personal Data from you voluntarily when you provide such Personal Data to us, or via our services and websites with which you voluntarily interact. We may also obtain such Personal Data about you as may be provided to us in the course of our legitimate business activities.
You do not have to provide us with your information, but in some cases, if you do not, it may mean that you are unable to use our services. For example, we may be unable to complete a requested “contact form” inquiry, unless you’ll provide us with your contact details.
When you use our website and choose voluntarily to provide us with your information, we might collect and process the following information:
- Identity Data – including full name, username or any similar identifier, title, date of birth and gender and any other information provided by you upon your sole discretion.
- Contact Data – including email address and telephone numbers.
- Usage Data – includes information about how you use our website, System and services.
- Technical Data – includes internet protocol (IP) address, the device you are using, browser type and version, screen resolution, time zone setting and location, browser plug-in types and versions, operating system and platform and other technology on the devices you use to access this website.
- Job application data – include name, email, phone and a resume file, just if you have decided to voluntarily provide us with your data as part of being recruited by us;
- Marketing and Communications Data – includes your preferences in receiving marketing from us and our third parties and your communication preferences.
We also collect, use and share Aggregated Data such as statistical or demographic data for any purpose. Aggregated Data may be derived from your Personal Data but does not reveal your identity.
- How is your Personal Data Collected
We use different methods to collect data from and about you, including through:
- Direct interactions – You may give us your Identity, Contact and other Personal Data by filling in forms (e.g. “Contact Us” or “Newsletter Subscription”, “Registration Form” etc.) or by corresponding with us by phone, email or otherwise.
- Automated technologies or interactions – As you interact with our website, we may automatically collect Personal Data (please refer to the description below, under “Cookies Usage”).
- Third parties or publicly available sources – We may receive Personal Data about you from various third parties and public sources, e.g.: advertising and social networks, analytics providers, search information providers.
- Cookies Usage
We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser.
You have the option to opt-out of these cookies. But opting out of some of these cookies may have an effect on your browsing experience.
We may use various types of Cookies:
Essential Cookies – which are necessary for the site to work properly (usually appears under Elminda cookie tag);
Functional Cookies – designated to save your settings on the site – your language preference or other view preferences;
Session Cookies – used to support the functionality of the website – such Cookies are stored only temporarily during a browsing session and are deleted from your device when you close the browser.
Targeting Cookies – these cookies are used to collect information from you to help us to improve our products and services as well as serve you with targeted advertisements that we believe will be relevant to you (e.g. Google’s Cookies).
Social networks Cookies – Social Plug-In Cookies (e.g. Facebook and/or LinkedIn Cookies, pixels etc.) enabling sharing of information with your social networks accounts to be smooth and seamless.
Analytics Cookies – give us aggregated information which enables us to improve the way our website works, e.g. Google analytics.
Third party services used by us – for example, an external service supporting our career and recruiting options through the website (e.g. Comeet), or an external service which allows us to screen short videos in our website (e.g. Vimeo).
Managing cookies and opting out: aside from the Essential Cookies described above, you can always choose to configure your browser to reject all cookies or notify you when a cookie is set, but sometimes in that case, certain services, features, and functionality in our website may not be available to you.
- The purposes of the processing
We might use your data in order to: enable you to use our website and services in the most effective way, including the personalization of your experience by presenting content tailored to your interests; to meet or comply with any applicable rules, laws, regulations, codes of practice or guidelines issued by any legal or regulatory body; assess or evaluate the effectiveness of our services, as well as any technical and organizational measures designated for the protection of your Personal Data; Improve and secure our services and systems; protect our rights and legitimate interests, as well as defend against any lawsuit, legal claim or complaint; to conduct any other activities that are required to provide our services.
- The Legal Basis for the processing of your Personal Data
We will only process and use your Personal Data when the law allows us to, i.e. when we have a Lawful Basis for such usage. Such lawful and legal basis can be any of the following:
- Processing actions which are related to your reservations and/or requests, to carry out our obligations arising from any contracts entered between you and us. For example, contacting you per “Contact” form filled by you;
- Our use of your information is necessary to meet responsibilities we have to our regulators, tax officials, law enforcement, or otherwise meet our legal responsibilities;
- Our use of your information is in our legitimate interest as a commercial organization. For example, to operate and improve our services and to keep people informed about our products and services. In these cases, we will look after your information at all times in a way that is proportionate and respects your privacy rights, making sure our legitimate interest is not overridden by your interests or fundamental rights and freedoms;
In general, and as detailed above, we do not rely on consent as a legal basis for processing your Personal Data. Yet, in any case in which you have provided your consent to our processing of your information, you can withdraw this consent at any time by contacting us through the contact details provided above.
- Data Recipients
We may disclose your Personal Data to third parties in a variety of circumstances in the ordinary course of operating our business, such as:
- Disclosure of Personal Data to persons authorized to process personal data, in our organization, or third-party service providers, qualified as data processors, providing us with services supporting our website and ordinary course of business, e.g. system, storage and computing services, as well as marketing efforts, in accordance with applicable law;
- When we have a legal obligation to do so, or when where are allowed to do so under our legitimate interests.
In any such communication we will take steps to make sure such transfer is carefully managed to protect your privacy rights:
- transfers within our group and affiliates, will be subject to an agreement / policies and procedures made to ensure that your data receives an adequate and consistent level of protection as required by applicable law;
- transfers to any subcontractor or processor will be subject to contractual terms ensuring the security and protection of any Personal Data under any such sub-processor, in accordance with applicable law provisions;
any requests for information we receive from law enforcement or regulators will be carefully validated before the disclosure of any Personal Data.
- Data Processing Location
Any transfer of data which originates in the European Union (“EU”) to a country outside of the European Economic Area (EEA), shall be made in compliance with the provisions of chapter 5 of the GDPR. Such transfer can be made to countries which are recognized as providing an adequate level of legal protection or where we can be satisfied that alternative arrangements are in place to protect your privacy rights, e.g. the EU-US Privacy Shield.
As part of that it’s important to note that Elminda Ltd. Is headquartered in Israel, a country which is considered by the European Data Protection Board to be offering adequate level of Personal Data protection regulation.
- Links to other sites
Our website may include links to third-party websites, plug-ins and applications. Clicking on those links or enabling those connections may allow third parties to collect or share data about you. We do not control these third-party websites and are not responsible for their privacy statements. When you leave our website, we encourage you to read the privacy notice of every website you visit.
- How we secure your information
We are committed to protecting the security of your Personal Data. We use a variety of security technologies and procedures to help protect your Personal Data from unauthorized access and use. However, the collection, transmission and storage of information can never be guaranteed to be completely secure. Yet, we take steps to ensure that appropriate security safeguards are in place to protect your information, and we will continue to revise our policies and implement additional security features.
- Storage of Personal data
We will only store your Personal Data for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements. We have defined data retention periods for any data item in our systems, ensuring minimization of retention periods.
In some circumstances we may anonymize your Personal Data (so that it can no longer be associated with you) for research or statistical purposes in which case we may save and use this information indefinitely without further notice to you.
- Data Subjects’ rights under EU data protection laws and the CCPA
Under EU law, EU residents and individuals, have certain rights to apply to us to provide information or make amendments to how we process data relating them. Similarly, under the California Consumer Privacy Act (“CCPA”), California residents have similar rights. Those rights might include:
- right to access your Personal Data – you can ask us to confirm whether or not we have and use your Personal Data, and if so, you can ask for a copy of your data;
- right to correct your Personal Data – you can ask us to correct any of your Personal Data which is incorrect, after verifying the accuracy of the data first;
- right to erase your Personal Data – you can ask us to erase your Personal Data if you think we no longer need to use it for the purpose we collected it from you. you can also ask for such erasure in any case in which the process of your data was based on your consent, or where we have used it unlawfully or where we are subjsect to a legal obligation to erase your Personal Data. any request for such erasure will be subject to our obligations under the law (g. our obligation to keep some records for tax or customs purposes);
- right to restrict our use in your Personal Data – you can ask us to restrict our use of your Personal Data in certain circumstances;
- right to object to how we use your Personal Data – you can object to any use of your Personal Data which we have justified by our legitimate interest if you believe your fundamental rights and freedoms to data protection outweigh our legitimate interest in using the information;
- you can always require us to refrain from using your data for direct marketing purposes;
- you can ask us to transfer your information to another organization and/or provide you with a copy of your Personal Data (Portability Right);
- You have the right to lodge a complaint at any time before the relevant supervisory authority for data protection issues. however, we will appreciate the chance to deal with your concerns before you approach the authorities, so please feel free to contact us in the first instance.
We may not always be able to do what you have asked. In addition, not all of those rights apply in every jurisdiction. For example, if it would impact the duty of confidentiality we owe to others, or if we are otherwise legally entitled to deal with the request in a different way. In addition, the Portability Right doesn’t apply under the CCPA. So not always we will be able or obliged to provide you with those rights. However, we encourage you to contact us with any such request, and we will be happy to assist you.
- Special Notification for California Residents
We do not sell your personal information for the intents and purposes of the CCPA. We can use your personal data for our purposes, but only as described above or after the de-identification or anonymization of such data, including aggregate data which can no longer associated to you.
- Changes to this Privacy Statement
We reserve the right to change this statement from time to time at our sole discretion. If we make any changes, we will post those changes here so that you can see what information we gather, how we might use that information and in what circumstances we may disclose it. By continuing to use our site or our services or otherwise provide data after we post any such changes, you accept and agree to this statement as modified.
Effective as for January 2020