Privacy Policy
Helius Medical Technologies and its affiliated companies (“HELIUS”, “WE” or “US”) are committed to protecting and respecting your privacy and ensuring that your personal information is processed fairly and lawfully in line with all relevant privacy legislation. The purpose of this Privacy Statement is to set out the principles governing our use of personal information that we may obtain about you through this website (the “Site”) and in connection with our business and products. By using this Site, you agree to our use of the personal information that we obtain about you.
“Personal information” is information, or a combination of pieces of information, that could reasonably allow you to be identified, including, to the extent applicable, information defined as “personal data” and governed by the EU General Data Protection Regulation 2016/679.
Please note that our collection or use of your personal information may be governed by a separate privacy notice. If you receive a different notice at the time we collect your personal information, that privacy notice will govern how we use that personal information.
Please read this Privacy Statement carefully. We may change our Privacy Statement from time to time. We therefore ask you to check it occasionally to ensure that you are aware of the most recent version that will apply each time you access this Site. If a revision meaningfully reduces your rights, we will notify you. BY USING THIS SITE, YOU AGREE TO THIS PRIVACY STATEMENT. IF YOU DO NOT AGREE TO THIS PRIVACY STATEMENT, DO NOT USE THIS SITE.
For your convenience, this Site may contain links to a number of other websites. The privacy policies and procedures described here do not apply to those sites; we suggest contacting those sites directly for information on their data collection and distribution policies. Any reference to a linked site or any specific third-party product or service by name does not constitute or imply its endorsement by us, and you assume all risk with respect to its use.
YOUR DATA
We may collect, use, store and transfer the following information to provide, improve and protect our Site and in connection with our business.
The data we collect and process. You may give us personal information by visiting or interacting with the Site, filling in forms or submitting information on the Site, interacting with Helius or its business partners, by corresponding with us by phone, e-mail, SMS or otherwise, or through your employment by HELIUS. This personal information includes the following data which are referred to in this Privacy Statement as ‘your data’, ‘your personal data’ or ‘your personal information’:
- personal informationyou provide when you interact with the Site. The personal information you give us may include your name, title, company, mailing address, email address, phone number, password, resume information, feedback and any other information you choose to provide to us;
- professional details,such as job title, and organization;
- technical datasuch as your internet protocol (IP) address, your login data, the web page you visited before visiting our Site, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform and other technology on the devices you use to access our Site;
- usage datawhich tells us how you use our Site;
- marketing and communication datawhich tells us your preference in receiving marketing from us and our third parties and your communication preferences; and
- sensitive personal datasuch as your physical or mental health condition
We, our partners or our service providers may collect technical information automatically from your computer or mobile device over time and across different Sites through the use of cookies or similar tracking technologies. A cookie is a small text file that can be placed on your computer’s hard drive with your permission. Cookies help analyze web traffic and let us know when and how you visit a particular site. Cookies allow web applications to respond to and tailor your experience with our Sites according to your individual preferences, and to remember those preference for the next time you visit the Sites. A cookie does not give us access to your computer or provide any information other than the data you choose to share. The personal information we may obtain through cookies includes:
- Unique identifiers, such as IP address, browser type, operating system, the pages you view on the Sites, the pages you view immediately before and after you access the Sites, and the search terms you enter on the Sites, Internet or other electronic network activity information;
- General location data; and
- Inferences drawn from the above categories.
We also may obtain your personal information from third parties and sources, such as web hosting providers, analytics providers, and advertisers. In some cases, these third parties collect information on our behalf as our processors or service providers. In other cases, we collect information from third parties based on the account or privacy settings that you have established with those third parties. The information we collect from other sources may include any of the types of personal information listed above.
PURPOSES FOR WHICH WE WILL USE YOUR DATA
We will only use your personal data when the law allows us to. Most commonly, we will use your personal data in the following circumstances:
- Identification and authentication:We use your identification information to verify your identity when you access and use our Services, or otherwise engage with us, and to ensure the security of your personal information. This is necessary to provide the requested service.
- Communications:We may respond to and communicate with individuals and healthcare providers about requests, questions, comments, products, and services.
- Business operations:We process your personal information to provide the Services that you request and relationships with our actual and potential suppliers and customers. We use personal information to operate, evaluate, and improve our business, including developing new products and services; determining the effectiveness of the company’s sales, marketing and advertising; and performing accounting, auditing, billing, reconciliation, and collection activities.
- Service improvements:We analyze usage information, including site analytics, to continually improve the user experience.
- Customizing your experience:We may use your personal information to improve your experience of the Services, such as by providing interactive or personalized elements on the Services. We will also use your data to manage our relationship with you.
- Marketing:We may use your personal information in accordance with your preferences to build a profile about you, to understand your preferences, and to help determine which marketing materials would be of interest to you.
- Exercising or protecting rights:We may use your personal information to exercise or protect our legal rights, or the rights of you or a third party, where it is necessary to do so, for example to detect, prevent, and respond to intellectual property infringement claims or violations of law.
- Cookies and other technologies: We use technologies like cookies to provide, improve, protect, and promote our Site and our Products. HELIUS currently does not respond to Do Not Track requests.
Applicable law may require HELIUS to identify a legal basis in order to process your personal information. Such bases include:
- Consent:We will rely on your consent, where required by law, to use (i) technical information (including general location data) derived from cookies and similar tracking technologies; and (ii) your personal information for marketing purposes.
- Performance of a contract:We will process any of your personal information identified in this Policy as necessary to perform our contractual obligations with customers or suppliers.
- Complying with legal obligations:We may process your personal information to carry out fraud prevention checks or comply with other legal or regulatory requirements, such as those related to information security or consumer transaction law, when required by law.
- Legitimate interests:Any personal information not processed under the other bases identified in this section will be processed in furtherance of our legitimate interests. We have legitimate interests in providing and maintaining our Services, responding to your communications, improving and customizing our Services, exercising or protecting the rights of HELIUS or you or a third party, and operating our business effectively. Where we rely on legitimate interests to process your personal information, we will balance our need to process that information with any risks such processing poses to your rights and freedoms.
SHARING YOUR DATA
We may share information as discussed below, but we won’t sell it to advertisers or third parties.
- To inform third-party entities that provide services to us:We may share your personal information with third parties that perform marketing services and other business operations. For example, we may partner with companies to process secure payments, fulfill orders, optimize services, send newsletters and marketing messages, support email and messaging services, and analyze information. These service providers may include advertising agencies, technical support, or website analytics providers, which will use your personal information only in the ways described in this Policy.
- Where required by law:We may share your personal information with law enforcement agencies, courts, other government authorities or other third parties where we believe necessary to comply with a legal or regulatory obligation, or otherwise to protect our rights or the rights of any third party.
- In the context of a transaction:We may share your personal information with potential transaction partners, service providers, advisors, and other third parties in connection with the consideration, negotiation, or completion of a corporate transaction in which we are acquired by or merged with another company or we sell or transfer all or a portion of our assets or business. Should such a sale or transfer occur, we will use reasonable efforts to obligate the entity to which we transfer your personal information to use it in a manner consistent with this Policy.
- Anonymize:We may also anonymize or de-identify your personal information in such a way that you may not reasonably be re-identified by us or any other company and may use this anonymized information for any other purpose.
PROTECTING YOUR DATA
We only process personal data where we have a legal basis for doing so. We review the personal data we hold periodically to ensure it is being lawfully processed.
Before transferring personal data to any third party (e.g. suppliers, partners and back office support), we seek to establish that there is a legal reason for making the transfer, which may include your consent.
We have implemented measures and procedures that protect the privacy of individuals and help ensure that data protection is integral to all processing activities. This includes implementing measures which may include, for example:
- Pseudonymization;
- Anonymization;
- Cyber/data security controls; and
- A data retention policy.
YOUR RIGHTS
You have certain rights regarding the personal information we hold about you, subject to local law. These may include the right to access, correct, delete, restrict or object to our use of, or receive a portable copy in a usable electronic format of your personal information. You also may have a right to lodge a complaint with your local data protection or privacy regulator.
We also encourage you to contact us to update or correct your information if it changes or if the personal information we hold about you is inaccurate. Where you have provided your consent to any use of your personal information, you can withdraw this consent at any time. Please note that we may require additional information from you in order to honor your requests.
If you would like to discuss or exercise any rights you may have under applicable law, please contact us. Please note that you may need to provide additional information for us to respond to certain requests.
If you wish to not receive our emails, you may click the “unsubscribe” link in any email communication.
This website is intended for use only by U.S. residents and you have indicated that you are a U.S. resident by entering this website.
If you are visiting from the European Union or other regions with laws governing data collection and use that may differ from U.S. law, please note that you are transferring your personally identifiable information to the United States which does not have the same data protection laws as the EU and by providing your personally identifiable information You consent to: (a) the use of your personally identifiable information for the uses identified above in accordance with this privacy policy; and (b) the transfer of your personally identifiable information to the United States as indicated above.
WHERE WE STORE AND TRANSFER YOUR DATA
The Site is controlled by HELIUS from its offices in the United States. HELIUS may store and use information in the United States and other jurisdictions; any personal data provided to HELIUS will be transmitted to or within those jurisdictions. HELIUS also may transfer information and personal data to other jurisdictions to facilitate HELIUS’s third party processors’ access to and/or processing of information and/or personal data.
HELIUS makes no representation that materials on this Site are appropriate or available for use in other locations, and access to them from territories where their contents are illegal is prohibited. Those who choose to access this Site from other locations do so on their own initiative and are responsible for compliance with applicable local laws.
DATA RETENTION
We retain your personal information for as long as necessary to carry out the purposes set out in this Policy, unless a longer retention period is required by applicable law.
To determine the appropriate retention time for your personal information, we consider the amount, nature, and sensitivity of personal information, the potential risk of harm from unauthorized use or disclosure of your personal information, the purposes for which we process your personal information, and whether we can achieve these purposes through other means, as well as applicable legal requirements. In some circumstances we may anonymize personal information so that it may no longer be associated with an individual, and in such cases we may use that anonymized information without further notice to you and outside of this Policy (because, once anonymized, it ceases to constitute “personal information”).
INFORMATION SECURITY
We implement technical and organizational measures to maintain a level of security appropriate to any risks presented to the personal information we process. These measures seek to ensure the ongoing integrity and confidentiality of personal information. Please note that no security measures can be 100% secure; however, we evaluate and test our chosen measures on regular basis in order to protect your personal information in accordance with this Policy and applicable law.
DO NOT TRACK
We do not currently respond to web browser “do not track” signals or other mechanisms that provide a method to opt out of the collection of information across the networks of websites and online services in which we participate. For more information, visit www.allaboutdnt.org.
INTERNATIONAL DATA PROCESSING & TRANSFER
We process information collected from or about you in any country in which HELIUS operates, as permitted by applicable law. In some cases, your information may be transferred to, stored, and processed in a country that is not regarded as ensuring an adequate level of protection for information under applicable laws(such as from the European Economic Area (“EEA”) to outside the EEA). When we conduct such transfers, we put in place appropriate safeguards (such as standard contractual clauses) in accordance with applicable legal requirements. Information located outside of your home country may be subject to access by that country’s government or its agencies under a lawful order. For more information on the appropriate safeguards in place or to obtain a copy of the standard contractual clauses, please contact us.
THIRD-PARTY WEBSITES
This Policy applies solely to the information collected by HELIUS. Our Sites may contain links to websites not owned or controlled by HELIUS. HELIUS does not have any control over these third-party websites. We encourage you to be aware of these other third-party websites and their privacy statements, as we cannot control and are not responsible for privacy policies or practices of third-party websites.
Contact
Have questions or concerns about our Privacy Statement? Contact us at privacy@heliusmedical.com or 215-944-6102.
Effective Date: Aug 13th, 2021
PRIVACY NOTICE FOR CALIFORNIA RESIDENTS
The following applies only to California residents:
Personal Information Collection and Purposes of Use
We collect Personal Information for the following purposes:
to respond to your inquiries and to fulfill your requests;
to send you important information regarding our relationship with you or regarding this website, changes to our terms, conditions, and policies and/or other administrative information;
for audits, to verify that our internal processes function as intended and are compliant with legal, regulatory, or contractual requirements;
for fraud or crime prevention, and for technical security monitoring purposes;
to facilitate the development of new products and services;
to enhance, improve or modify our website or products and services;
for data analysis that will allow us to understand website usage trends;
to determine the effectiveness of our promotional campaigns, so that we can adapt our campaigns to the needs and interests of our users.
to better understand you, so that we can personalize our interactions with you and provide you with information and/or offers tailored to your interests;
Your Privacy Rights
You have the following rights regarding our collection and use of your personal information. To exercise those rights, you must submit a request to privacy@heliusmedical.com. We may ask you to provide additional information to verify your request. We may not discriminate against you if you exercise your rights as described in this notice. For example, we may not deny goods or services to you, or charge you different prices or rates, or provide a different level of quality of products or services.
Right to Information
You have the right to request the following information regarding the personal information we have collected about you:
Categories of personal information collected about you, and sources from which collected;
Our purpose for collecting personal information;
Categories of third parties with which the personal information was shared; and
Specific pieces of personal information collected about consumers.
You have the right to request the following information regarding the personal information we have sold or disclosed about you:
Categories of your personal information sold in the preceding 12 months;
Categories of third parties to whom your personal information has been disclosed;
Categories of personal information that we disclosed about consumers for a purpose.
Right to Opt Out of Sharing, Disclosure, or Sale of Personal Information
You have the right to direct us to not share, disclose, or sell your personal information. To exercise this right, you or your authorized representative may submit a request to privacy@heliusmedical.com
Right to Request Deletion
You have the right to request that we delete the personal information we have about you. However, we are not required to delete information if it is necessary to retain your information to:
Complete the transaction for which the personal information was collected, provide a good or service requested by you, or a transaction reasonably anticipated within the context of our or one of our affiliate’s ongoing business relationship with you, or to otherwise perform a contract we have with you.
Detect security incidents, protect against malicious, deceptive, fraudulent or illegal activity or prosecute those responsible for that activity.
Debug to identify and repair errors that impair existing intended functionality.
Exercise free speech, ensure the right of another consumer to exercise his or her right of free speech, or exercise another right provided for by law.
Comply with the California Electronic Communications Privacy Act pursuant to Chapter 3.6 (commencing with Section 1546) of Title 12 of Part 2 of the Penal Code.
Engage in public or peer-reviewed scientific, historical, or statistical research in the public interest that adheres to all other applicable ethics and privacy laws, when deletion of the information is likely to render impossible or seriously impact the achievement of such research, if you have provided informed consent.
Facilitate solely internal uses that are reasonably aligned with your expectations based on your relationship with us or one of our affiliates.
Comply with a legal obligation.
Otherwise use the personal information, internally, in a lawful manner that is compatible with the context in which it was provided.
Contact Us
You can contact us with questions about this Privacy Notice for California Residents or to exercise your rights as described in this Notice at privacy@heliusmedical.com