TD-500: Last Updated: May 27, 2020
Article 1 – GENERAL
1.1 MIM Software Inc., incorporated under the laws of the State of Ohio, with a registered office at 25800 Science Park Drive - Suite 180, Cleveland, OH 44122 (USA), takes responsibility for the processing of your personal data as a "data controller."
- The Health Insurance Portability and Accountability Act of 1996, as amended by the Health Information Technology for Economic and Clinical Health Act, Title XIII of Division A of the American Recovery and Reinvestment Act of 2009, and the regulations promulgated thereunder (collectively, "HIPAA");
- The Federal Trade Commission Act (15 U.S.C. §§41-58) ("FTC Act"); and
- The EU Regulation of 2016 concerning the protection of individuals with regards to the processing of personal data, regarding the free movement of such data and repealing Directive 95/46/EC ("GDPR").
Article 2 – PERSONAL DATA MIM SOFTWARE COLLECTS
2.1 MIM Software does not collect the sensitive information of its users (e.g., data relating to race or ethnic origin, religious beliefs, criminal record, physical or mental health, or sexual orientation). MIM Software shall, where necessary, obtain your express consent to collect and use such information.
2.2 The Website and our Services collect only personally identifiable information that is specifically and voluntarily provided by you.
2.3 The personal data MIM Software may collect includes:
- Category 1: Your internet protocol address ("IP-address").
- Category 2: In general, when you subscribe to our emails, fill out questionnaires, or ask us to contact you, you may provide us with your contact details (e.g., your name, email address, your contact details including telephone number, address, country and social media information).
- Category 3: Data obtained by placing cookies (see Article 7).
- Category 4: Information about your use of the Website, such as the sections of the Website you visited, the date and time you have accessed the Website, and the materials posted to or downloaded from the Website.
- Category 5: Information about your use of our Services, such as your contact details (e.g., your name, email address, your contact details including telephone number, address, country); and if payment is made through MIMcloud or the Website, and your credit card information.
- Category 6: Data acquired through your participation in a trade show or event through which consent is secured by the organizer of the event for the purpose of use by vendors.
2.4 You are not obligated to provide us with your personal data; however, choosing not to may make the delivery of several Services not possible.
Article 3 – HOW WILL MY PERSONAL DATA BE USED?
3.1 General Purpose
MIM Software collects and processes your personal information in order to offer you a safe, comfortable, and personalized experience each time you visit the Website or use our Services.
The information we collect about you is primarily processed to help us ensure proper technical functioning and to improve the quality and content of the Website and our Services, all of which is based on the lawful purposes of consent for the Website, legal obligations and contractual necessity for our Services, or legitimate interest as allowed under GDPR. With that said, your personal data will be processed only for the following (internal) purposes:
With that said, your personal data will only be processed for the following (internal) purposes:
- To provide Services or to enable MIM Software to execute an agreement which you initiated. (Categories 1, 2, 3, 4, 5)
- To retain certain data such as your IP-address for purposes of troubleshooting, medical records auditing, and ensuring security. (Category 1)
- To reach out to potential new MIM Software employees. As such, MIM Software processes your personal data to employ recruitment strategies taking optimum advantage of opportunities to create a first-rate MIM Software workforce. (Categories 1, 2, 3, 4)
- To inform you about MIM Software's product offerings, via targeted advertising, promotional offers, or updates. (Categories 2, 3, 4, 6)
- To capture your opinion, and for statistical purposes, to maintain and enhance our Services. (Categories 1, 2, 3, 4, 6)
- To create your account to have access to certain Services. (Category 5)
MIMcloud uses email and/or MIMcloud account messages to deliver important information. The delivery methods are configurable in your account profile.
The Website may contain message boards, a chat room, personal web pages or profiles, forums, bulletin boards, and other interactive features (collectively, "Forums"), that allow users to post, submit, publish, display, or transmit to other users or other persons content or materials (including but not limited to medical image scans, collectively, "User Content") on or through the Website. User Content must always be anonymized prior to posting on a Forum.
MIMcloud tracks usage for the purpose of billing. Each transaction only details the action (e.g., download, upload, etc.), the time, the user(s) involved, and a reference to the encrypted study that was involved. The contents of the study itself remain unknown.
With regard to credit card payments, credit card information is processed by a third party in accordance with Article 3.3. Credit card information is neither stored in MIMcloud nor the Website.
3.2 Direct marketing:
MIM Software may also use your personal information for the purpose of marketing our products and services. If you do not want to receive marketing material from us, you may opt out or exercise your right to object (Article 5) as detailed below:
- For electronic communications, click on the unsubscribe function in the communication;
- Go to https://www.mimsoftware.com/support/email-opt-out;
- Email MIM Software at firstname.lastname@example.org; or
- Call MIM Software at 866-421-2536.
3.3. Transfer to third parties:
We provide access to our employees in order to process your personal data.
MIM Software will not disclose your personal data to third parties, unless it is necessary in the context of providing our Services and/or optimizing them. To that end, MIM Software may appeal to third parties in order to:
- send you newsletters;
- capture your opinion on our products and services;
- optimize your experience on our Website;
- The Website uses HubSpot® (https://legal.hubspot.com/privacy-policy) to analyze user activity in order to improve web performance, and ultimately, user experience.
- facilitate recruitment of potential new MIM Software employees;
- facilitate credit card transactions;
- Credit card transactions are handled through Braintree Payment Solutions. Credit card data is encrypted and protected. MIM Software does not have access to the full credit card number and the information MIM Software has is only used to verify payment was made and in cases where there is a suspicion of fraud.
- provide mobile applications;
- Mobile MIM™ and VueMe™ ("Mobile Applications") use Google LLC's Firebase (https://firebase.google.com/), a secure mobile application, to assist MIM Software in improving its Mobile Applications.
- provide cloud services; or
- MIMcloud operates on the Google App Engine platform (https://policies.google.com/privacy) and Amazon S3 (https://aws.amazon.com/privacy). These cloud services provide a secure, protected computing environment for users to view MIMcloud accounts.
- operate the Website.
- The Website operates on the Heroku platform (https://www.heroku.com/policy/security). to provide a secure, protected computing environment for users to view the Website.
Please see the links above to see how these third parties will be obligated to use your personal data.
It is however possible that MIM Software will disclose your personal data:
- If MIM Software is obligated to do so, following a court order or to comply with imperative laws and/or regulations, or to safeguard and defend our rights.
- In case of whole or partial reorganization or cession of MIM Software's activities, whereby MIM Software reorganizes, transfers, ceases business activity or in case MIM Software goes bankrupt, your personal data may be transferred to new entities or third parties.
MIM Software will, if reasonably possible, try to inform you in advance of such transfers, unless revealing this information is subject to legal constraints. Informing you beforehand is not always possible.
Article 4 – HOW LONG WILL WE HOLD YOUR PERSONAL DATA?
MIM Software only processes your personal information for as long as necessary. This means that we do keep a record of your data for as long as it is required or justified by the law or by another legal obligation, or for the period for which this would be necessary for the aforementioned purposes. Based on the categories of data described in Section 2.2, we hold your data as follows:
- Category 1: Your IP-address will be stored for the functioning of the Website for up to 1 week. With regard to MIMcloud, your IP-address will be stored during the duration of your MIMcloud account and for 10 years after account termination.
- Category 2, 5 and 6: Your name, email address, telephone number, and country will be stored for the duration of your relationship with MIM Software and for 10 years thereafter.
- Category 3: Data obtained by placing cookies for the duration of the browsing session (see Article 7).
- Category 4: Information about your use of the Website will be stored indefinitely for further statistical research without being linked to your identity. Personal data will be anonymized, so it becomes impossible to identify you based on this data.
Article 5 – YOUR RIGHTS AS A DATA SUBJECT
5.1. Right of access and right to obtain a copy
You have the right to freely obtain access to your personal data, as well as to be informed about MIM Software’s purpose for processing such data.
5.2. Right to rectification, erasure, or restriction
You have the choice to share your personal data with MIM Software. You also have the right to request MIM Software rectify your personal data or have it erased. You can also request the processing of your personal data to be restricted.
When you choose not to share data, or when you request that we erase your personal data, it may prevent us from providing you with several Services and access to the Website.
5.3. Right to object
You have the right to object to the processing of your personal data when you have legitimate reasons to do so. You also have the right to object to the use of your personal data for purposes of direct marketing. In such case, specific reasoning will not be requested.
5.4. Right to data portability
You have the right to obtain your personal data which is processed by MIM Software in a structured, commonly used, and machine-readable format and/or to transfer this data to another data controller.
5.5. Right to withdraw consent
When the processing is based on prior consent, you have the right to withdraw this consent.
5.6. Automated decisions and profiling
The processing of your personal data does not include profiling, nor will you be subjected to automated decisions.
5.7. Exercising your rights
You can exercise the above-mentioned rights by sending an email with an enclosed copy of your government-issued identification card to email@example.com.
5.8. Right to file a complaint:
For EU residents using the Website or our Services: If you have any complaints about the way MIM Software collects, uses, and/or processes your personal data, you have the right to file a complaint with the Belgian Privacy Commission or supervisory authority, which is the Lead Supervisory Authority of MIM Software:
Belgian Data Protection Authority,
Drukpersstraat 35, 1000 Brussels,
However, you are always free to contact your own European or EU-vested authority.
This does not affect a procedure before a civil court. If you have suffered damages caused by the processing of your personal data, you may file a claim for damages.
Article 6 – SAFETY AND CONFIDENTIALITY
6.1 MIM Software undertakes all reasonable efforts to prevent (i) unauthorized access to your personal information, and (ii) loss, abuse or alteration of your personal data, by using physical, administrative and technological measures to protect the information maintained.
Unfortunately, no one – including MIM Software – can guarantee 100% security when it comes to transmitting or forwarding any personal information over the internet, or any other methods of electronic storage. If you have particular security concerns about the unauthorized disclosure of certain personal information, it is your responsibility to not transmit that information over the internet.
Nevertheless, you are responsible for providing MIM Software with accurate information. If the information you provide is incomplete or seemingly incorrect, MIM Software reserves the right to postpone indefinitely certain actions or other Services.
6.2 You shall be solely responsible for your own User Content, such as content you upload to the Website, and the consequences of posting, submitting, and/or publishing it. MIM Software does not endorse any User Content or any opinion, recommendation, or advice expressed therein. MIM Software may, but is not obligated to, review and monitor, before and/or after User Content has been submitted. It is impossible for us to monitor or review all User Content. MIM Software is not responsible or liable to any third party for the content or accuracy of any User Content posted by you or any other user of the Website or our Services, and MIM Software expressly disclaims any and all liability in connection with User Content to the fullest extent permitted by applicable law.
6.3 You will maintain your MIM Software account(s) to be accurate and current. You are solely responsible for maintaining the confidentiality of your password(s). You are solely responsible for restricting access to your computer(s). You agree to accept responsibility for all activities occurring under your accounts that are due to your conduct, inaction, or negligence. If you become aware of any suspicious or unauthorized conduct concerning your account, or if you suspect someone has stolen your password, you must contact MIM Software immediately by email at the email address firstname.lastname@example.org. MIM Software may, at its own discretion, bar registration from the Website or any specific Service. You are responsible for maintaining and protecting your login and password information. Do not lose your password, and do not share it with any other person.
For the Website, if your password is lost, stolen, or forgotten, you may reset your password by going to https://www.mimsoftware.com/portal/forgot-password or by contacting MIM Software at the email address email@example.com.
For MIMcloud, if your password is lost, stolen, or forgotten, you may reset it by answering your security questions or by having your group administrator reset it, if you are a managed user. If you forget both your password and your security question responses, you must contact MIM Software to have the data in your account deleted since such data cannot be recovered.
7.1 What is a cookie?
A "cookie" is a small text file that can be sent from a web server to your computer that is then stored on your computer. When a cookie is stored on your computer, each subsequent request to the same domain name will also send along the data stored in the cookie until the cookie expires or is deleted. A server can only give you a cookie if you make a request to that server. The cookie is only stored if your browser/client is configured to store cookies.
7.3 Kinds of cookies we use:
- Strictly necessary cookies - As the name suggests, these cookies are strictly necessary to enable you to move around or remain logged into the Website or to provide certain information you have requested.
- Tracking cookies - These cookies are used to record information such as how you initially came to a website and how long you stayed and which pages you viewed. These tracking cookies are also third-party cookies (see below).
- Third-party cookies - For cookies set by third parties, we kindly refer you to the statements set forth by these parties on their respective websites. Beware, we do not have any influence on the content of these statements nor on the content of the cookies of these third parties. Though, these cookies can also be disabled by browser settings.
- MIM Software uses Google Ads, which offers a remarketing function by creating remarketing lists of the people visiting the Website. By using this function, MIM Software is able to contact you through ads once you have visited the Website or while you are visiting other websites or platforms that form part of the Google Display Network.
7.4. Your permission:
When you first visit the Website or MIMcloud, you express your implicit approval to accept our different kinds of cookies.
You can block cookies by altering your browser's settings. The rejection of these cookies may inhibit some functionalities on the Website and MIMcloud.
Currently, some browsers offer a "do not track" or "DNT" option, which sends a signal to websites visited indicating a visitor's tracking preference. MIM Software does not currently respond to these signals, because no common industry standard for DNT has been adopted by industry groups, technology companies, or regulators. The third-party providers MIM Software uses may or may not do anything in response to this signal.
More information on cookies can also be found via the following link: http://www.allaboutcookies.org
More information on online behavioral advertising and online privacy can be found via the following link: http://www.youronlinechoices.eu
Article 8 – APPLICABLE LAW AND JURISDICTION