Those activities are governed by the Software Agreement between you and EXINI (the
“Agreement”). By using the Site, you consent to our collection, use and disclosure practices, and other
of the Site.
3. Third Party Services and Analytics.
Our Site includes hyperlinks to websites, locations, platforms, or services operated by third parties (“Third Party Service(s)”). These Third Party Services may use Tracking
Technologies to independently collect information about you and may solicit Personal Information from you.
We may use Google Analytics and other Service Providers for analytics services. These analytics services may use Tracking Technologies to help EXINI analyze Site users and how they use the Site. Information generated by these services (e.g., your IP address and other Usage Information) may be transmitted to and stored by these Service Providers on servers in the U.S. (or elsewhere) and these Service Providers may use this information for purposes such as evaluating your use of the Site, compiling statistic reports on the Site’s activity, and
providing other services relating to Site activity and other internet usage. To the extent we combine information from Third Party Services with Personal Information we collect directly from you on the Site, we will treat the combined information as Personal
Interested to learn more about our products, book a demo!
When you use aPROMISE to process patient information related to a patient who is a resident of the EU, you are responsible for ensuring that your organization complies with GDPR. In terms of GDPR you, as the user of aPROMISE, are the data controller and EXINI, as the service provider, is the data processor. In advance of processing data with aPROMISE, be sure that you have explicit consent from the patient whose data you are capturing. When data is sent to aPROMISE, it is stored in a secure manner, and is encrypted in transit and at rest.
EXINI (‘we’ or ‘us’ or ‘our’) are committed and dedicated to ensuring the security and protection of the personal information that we process, and to provide a robust, continuous and consistent approach to data protection. Our objectives for GDPR and HIPAA compliance include the development and implementation of data protection roles, policies, procedures, controls and measures to ensure continuous safeguarding of the personal information under our remit.
How we are implementing GDPR and HIPAA
Policies & Procedures – Data protection policies and procedures to meet the requirements and standards of the GDPR and any relevant data protection laws, including HIPAA, are in place
Data Retention & Erasure – we have retention policies and are applying the privacy by design principle, meaning we store only data that is needed for the current task and only store it for as long as needed Data Breaches – as a medical device manufacturer we have breach procedures in place that ensure safeguards and measures to identify, assess, investigate and report any personal data breach at the earliest possible time
International Data Transfers & Third-Party Disclosures – when EXINI stores or transfers personal information outside the EU, we have robust procedures and safeguarding measures in place to secure,
encrypt and maintain the integrity of the data
Processor Agreements – when we use a third-party to process personal information on your behalf, we have data processor agreements and/or business associate agreements in place.