Privacy Policy

Meditech’s privacy policy applies to all personal information collected about any person it is in contact with as part of its normal business operations.


 Meditech is committed to respecting and protecting your privacy. This is accomplished through the Meditech Group Code of Corporate Responsibility and Business Ethics and our commitment to manage data in an appropriate manner. Specifically, Meditech provides this Privacy Statement to inform you of our privacy policy and practices; what type of information is being collected, for what purposes information is being collected, how the information is used, how the information is secured, the choices and means we offer you for limiting its use and disclosure, and how you can contact Meditech for further inquiry or comment. 

Meditech’s privacy policy applies to all personal information collected about any person it is in contact with as part of its normal business operations. 

All references to Meditech in this document shall include all businesses in the Medical division of Meditech Group plc. The following listing provides you with quick links to specific areas within the Meditech Privacy Statement:  
1.   Meditech and the U.S. – E.U. Safe Harbor for Privacy
2.   Web sites
3.   The types of information we collect
4.   How your information is used
5.   Who we share your information with
6.   How we keep your personal information accurate
7.   How we keep your personal information secure
8.   The choices you have
9.   How you can access your personal information
10. Children’s privacy
11. Changes to our global privacy statement
12. Comments

 
1. Meditech and the U.S. 
E.U. Safe Harbor for Privacy 
The U.S. Department of Commerce and the European Commission have developed a "safe harbor" framework of data protection principles ("Safe Harbor"). This Safe Harbor is designed to provide U.S. organizations with a means to satisfy the European Union's legal requirement that adequate data protections be afforded to personally identifiable information transferred from the European Union to the United States. 

Meditech has self-certified with Safe Harbor that its Privacy Policies are consistent with the U.S. - E.U. Safe Harbor Privacy Principles which include Notice, Choice, Onward Transfer, Security, Data Integrity, Access and Enforcement. 

For more information on Safe Harbor, please see http://www.export.gov/safeharbor or contact your local HR representative.

2. Web sites 
This Privacy Statement is applicable to all Meditech’s owned websites and domains world-wide (“Meditech websites”).

You may visit most of our websites without providing any personal information. However, sometimes we need information in order to provide you services that you request. 

The Meditech websites may provide links to third-party websites for your convenience and information. However, Meditech does not control those sites or their privacy practices and Meditech does not endorse or make any representations about third-party websites. We encourage you to review the privacy policy used by these third-party organizations before submitting your personal information.

3. The types of information we collect 
Meditech may collect personal (or personally identifiable) and non-personal information in connection with our business operations, such as information from customers, vendors, employees and others. 

Personal or personally identifiable data is information that is associated with an individual’s name or personal identity. It is information that identifies or can be used to identify, contact or locate the person to whom such information pertains or from which identification or contact information of an individual person can be derived. Personally identifiable information includes, but is not limited to name, home and/or business address, phone number, fax number, email address, financial profiles (information such as bank details, direct debit information with the process of paying you as an employee) and social security number.

Once you choose to provide us with personal information, it will be used by us only to support your relationship with Meditech. 

On our websites, Meditech collects and analyzes non-personal information to evaluate how visitors use the Meditech websites. Non-personal information we collect may include the pages visited on the Meditech websites, unique URLs visited within the Meditech websites browser type and IP address. Most non-personal data is collected via cookies or other analysis technologies.

4. How your information is used 
The collection and use of personal information in the business context is essential to the conduct of many of Meditech’s business functions and operations. 

Externally, Meditech uses your personal information to provide you with services and products and to help us better understand your needs and interests. Specifically, we use your information to help you complete a transaction or order, to communicate with you, to provide service, support and education, to update you on services and benefits, and to support our marketing promotions. Occasionally, based on the information you provide us, we may contact you for sales and market research regarding Meditech products and/or services. 

Internally, Meditech collects all employee related information for single source recovery, storage, and to carry on the Human Resource activities of a global company; which includes, but is not limited to, (for U.S. federal reporting purposes) where an employee is currently located, career development, and maintenance of employee records. 

Meditech utilizes other IT systems to track and inventory computer assets and software located on the Meditech network as well as track network and server storage utilization for the purpose of managing overall performance and capacity. The information captured by these systems is limited to the hardware details of the device, the software details of the device, the user ID code, the date/time of user-is logon/usage, the identification of the logon user-id as well as network traffic details including external Internet usage. The information gathered is not used as part of any regular employee monitoring program. The information is used for equipment management, for evaluating software compliance and for overall server and network management. The information may on occasion be used to investigate and resolve specific problems reported on hardware devices or issues relating to network performance as the automated systems do monitor and alerts us if they suspect misuse of IT assets. Meditech does reserve the right to investigate suspected misuse.

Personal information collected may also be combined with information you provide Meditech through other sources such as product registration, call centers or public events such as trade shows or seminars.  

Personal data given to Meditech may be transferred across state and country borders for the purposes of data consolidation, storage and simplified customer and employee data management. Information transferred will stay within Meditech at a USA location or within a European country. 

Non-personal data is aggregated for reporting about Meditech website usability, performance and effectiveness. It is used to improve customer and employee experience, usability and site content.

5. Who we share your information with 
The personal information provided by you is used only for the express purposes stated at the location where you provide it. We will use your personal information only for business purposes within Meditech, which may include its communication to our affiliates, subsidiaries and third party service providers. All service providers are required to keep confidential the information received on behalf of Meditech and may not use it for any purpose other than to carry out the services they are performing for Meditech. These service providers may change, or we may contract with additional service providers to better accommodate our customers. Meditech will not share personal information with any other third parties without your permission, unless required by law enforcement action, subpoena, or local law.  

We do not share personally identifiable data collected with third parties except for limited instances. We may disclose personal data if we are required to do so by law or if in our good faith judgment, such action is reasonably necessary to comply with legal process, to respond to any claims, or to protect the rights of Meditech, its customers, employees and the public. In the event of an acquisition of all or part of Meditech by another company, or in the event that Meditech were to sell or dispose of all or a part of the Meditech business, the acquirer would have access to the data maintained by that Meditech business, which could include personal data, subject to applicable law. Similarly, data may be transferred as part of a reorganization or insolvency proceedings.

6. How we keep your personal information accurate 
Meditech strives to keep your personal information accurate. We have implemented technology, management processes and policies to maintain customer and employee data accuracy. We will provide you with access to your information. To protect your privacy and security, we will also take reasonable steps to verify your identity, such as a password and user name, if applicable, before granting access to your data. 

With respect to our websites, certain areas may limit access to specific individuals through the use of passwords and other personal identifiers.

7. How we keep your information secure 
Meditech is committed to protecting the information you provide us. To prevent loss, misuse, unauthorized access or disclosure, to maintain data accuracy, and to ensure the appropriate use of the information, Meditech has appropriate physical and managerial procedures in place to safeguard the information we collect. We undertake all reasonable steps in order not to allow your personal information to be seen by any third parties other than those, which have been engaged by Meditech to provide services to you. We will only disclose your data to other third-parties if compelled to do so for legal or regulatory purposes.

We may store data in locations other than your country of residence. In such cases Meditech will endeavor to ensure that there are adequate levels of protection for your data taking into account applicable legal and regulatory requirements, including those relating to privacy and data protection. For information that is stored on Meditech owned laptop computers, we take prudent steps to properly protect the information with the installation of encryption software. 

With regards to our externally viewed website, we use Secure Sockets Layer (SSL) encryption when collecting or transferring personal data. SSL encryption is designed to make the information unreadable to anyone but us. This security measure is working when you see either the symbol of an unbroken key or closed lock (depending on your browser) on the bottom of your browser window. 
 
8. The choices you have 
Meditech will give you the opportunity to affirmatively and explicitly consent to the disclosure of personal information to a non-agent third party or the use of the information for a purpose other than the purpose for which it was originally collected or subsequently authorized by your prior to any action taking place.

9. How you can access your personal information 
Meditech provides individuals about whom it maintains personal information with a reasonable opportunity to examine their information, to challenge its accuracy and to have it corrected, amended or deleted as appropriate, subject to certain exceptions. 

Upon request to your local HR representative, individuals will be given reasonable access to the personal information Meditech holds about them. Reasonable access applies to both the process of accessing personal information and the types of personal information to be accessed. In terms of the process, reasonable access means, for example, that requests for access are made during normal business hours, following standard procedures, and that the frequency of access requests is not excessive. In terms of the types of personal information to be accessed, reasonable access means recognizing certain exceptions discussed below. If Meditech denies an individual access, however, Meditech will provide such individual with the reason(s) for denying access and a contact point for further inquiries. 

If notified that personal information Meditech maintains is incorrect, where requested, and provided with appropriate supporting documentation, Meditech will either correct the information or direct the individual to the source of the information for correction. If, upon review, Meditech believes that the existing information is correct, Meditech will inform the individual. If the individual continues to dispute the accuracy of the information, Meditech will note that dispute in the individual’s record upon request.  

There are some exceptions to the obligation to provide access. These may include access to confidential or proprietary information, such as situations in which granting access might have to be balanced against the privacy interests of others. In addition, access may be denied when the information requested relates to an ongoing investigation of the individual, litigation or potential litigation or where the burden or expense of providing access would be disproportionate to the risks to the individual’s privacy.  

You can consult, revise, correct or delete your personal data by contacting your local HR representative.  

10. Persons legally defined as children (Children) 
Meditech is committed to protecting the privacy needs of children and we encourage parents and guardians to take an active role in their child’s online activities and interests. For this reason, and in compliance with certain laws, we do not intentionally collect personally identifiable information from children, nor do we offer any content targeted to children. 

11. Changes to our global privacy statement 
At times it may be necessary for Meditech to make changes to this Privacy Statement. Meditech reserves the right to update or modify this Privacy Statement at any time and from time to time without prior notice. Please review this Statement periodically, and especially before you provide any personal information. This Privacy Statement was last updated on 31 March 2009.  

12. Comments 
We value your opinions. 

Please direct any comments, complaints or questions about our Privacy Statement, Privacy Policy or Privacy practices to: 

Meditech Group
Tel: +86 4000410018


or 

privacy [at] meditech.cn

Please direct your inquiries regarding your personal data or with your local HR representative.