GENERAL PRIVACY POLICY
This Privacy Policy applies to personal data Marimedx processes on customers and vendors, on job applicants and on visitors on the website of Marimedx. These data subjects are also collectively referred to as "you" in this Privacy Policy.
The terms "Marimedx" and the "Company" refer to all Marimedx entities, as applicable, and all references in this Privacy Policy to "we", "us", "our" and like terms should be interpreted accordingly. If you are unsure of how this Privacy Policy applies to you, please contact us using the contact form on the webpage.
1. Purpose and compliance with the law
It is Marimedx policy to comply with applicable data protection legislation. This Privacy Policy is based on the General Data Protection Regulation 2016/679 ("GDPR"). In addition, each Marimedx entity may be subject to additional requirements when it comes to processing personal data, depending on national legislation. For US Residents, please refer to this link.
2. Personal data collected by Marimedx
For this Privacy Policy, personal data means any information relating to an identified or identifiable individual, i.e., information that can be traced directly or indirectly to a specific individual. Personal data does not include anonymous data or non-personal data (i.e., information that cannot be associated with or tracked back to a particular individual).
2.1 Customers – legal entities
Marimedx processes data on representatives of customers such as name, e-mail address, phone number, correspondence history, etc. We process the data to fulfill contractual obligations with the customer in question and for marketing purposes. The processing is based on Marimedx's legitimate interests.
2.2 Customers – individuals
Marimedx processes data on customers who are individuals for invoicing purposes. The data processed is the customer's name, address, e-mail/phone number, information on product/s bought, and, as applicable, information received by doctors treating the customer (as patient). The processing is based on a contract between us and the customer.
2.3 Website
When you visit the Marimedx website, we collect IP address, browser version, and session detail in relation to our use of cookies. The processing may be necessary for the site to work. In other instances, we use the data for analytical and marketing purposes. Further information on what cookies we use, the basis for the processing, and how to turn off the cookies can be found in our Cookie Policy.
If you contact us via our contact form, we also process the personal data provided, including your name, e-mail address, and the subject of your request. The processing is necessary for Marimedx to reply to your request.
2.4 Job applicants
When individuals apply for work at Marimedx, we process the applicant's personal data. That includes the applicant's name, title, gender, national ID number, address, postal code, town/city, country, e-mail address, telephone, education and training data, work experience, previous employers, curriculum vitae, as well as other information voluntarily submitted by an applicant. We process the data to be able to select the best candidate for the position and to communicate with the applicants. The processing is based on the applicant's request to enter into a contract with Marimedx.
3. When do we disclose your personal data?
We may share your personal data with third parties acting as our service providers. That includes employment agencies in relation to our processing of job applicants and various IT service providers, which may access our data for technical support services or host data on our behalf as part of the services.
Further, your personal data may be disclosed as permitted or required by applicable law or regulations or to comply with valid legal processes such as search warrants, subpoenas, or court orders.
In addition, personal data may be disclosed or transferred to another party in the event of a change in ownership of Marimedx.
4. How is your personal data protected?
Marimedx aims to maintain physical, technical, and procedural safeguards that are appropriate to the sensitivity of the personal data in question. These safeguards are designed to protect your personal data from loss and unauthorized access, copying, use, modification, or disclosure.
5. Retention of your personal data
Except as otherwise permitted or required by applicable law or regulations, Marimedx keeps your personal data only for as long as we believe is necessary to fulfill the purposes for which the personal data was collected. This implies that Marimedx deletes your personal data when such data is no longer necessary.
As a general rule, we delete the personal data of our business contacts 4 years after the end of our business relationship. In terms of individual customers invoicing data is retained for 7 years. Job applications for a specific, advertised position will be stored for 6 months, while unsolicited applications are stored for up to 12 months. After that time, the application and all data relating to it will be securely deleted unless you consent to a longer retention time. You may, at any time, withdraw your application.
6. Updating your personal data and the right to rectification
It is important that personal data in our records is both accurate and current. If your personal data happens to change during the course of your relationship with Marimedx, please keep us informed of such changes.
You are entitled to request rectification of inaccurate data on you. Taking into account the purpose of the processing, you also have the right to have incomplete personal data completed.
7. Access to your data
You are entitled to request access to the personal data we process on you and information on the processing. You may also be entitled to a copy of the personal data undergoing processing. Where you have provided us with your data, which we process based on your consent or our contract with you, you may have the right to receive such data in a machine-readable format or to have the data transferred to a third party.
8. Right to erasure and restriction of processing
Under certain circumstances, you may have the right to request us to erase personal data concerning you with undue delay, such as where the personal data is no longer necessary in relation to the purpose for which they were collected or otherwise processed or if you withdraw your consent and where there is no other legal ground for the processing.
You may also have the right to restrict further processing of your data where certain requirements are fulfilled, such as if the processing is unlawful and you prefer the restriction of data processing instead of the erasure of the data.
9. Inquiries or concerns
If you want to use any of your rights referred to in this Privacy Policy or if you have any questions regarding our processing of your data, please get in touch with us by using the contact form on our website.
Note that the rights relating to your personal data are not absolute. In the event we cannot approve your request in relation to your personal data, we will strive to inform you of the reasons why, subject to any legal or regulatory restrictions.
If your request is approved, the necessary action will be taken within one month of receipt of the request. That period may be extended by two further months where necessary, taking into account the complexity and number of requests. However, we will always inform you of the reason for such a delay within a month of receipt of the request. Rejections of requests will also be acted on within these timelines. If you are not satisfied with our response, you are entitled to make a written submission to the applicable data protection authority where Marimedx entity is established.
10. Revisions to this Privacy Policy
Marimedx may, from time to time, make changes to this Privacy Policy to reflect changes in our legal or regulatory obligations or in the manner in which we deal with your personal data. We will communicate any revised version of this Privacy Policy. Any changes to this Privacy Policy will be effective from the time they are communicated.