We may also request that you provide us with information to collect payment from your credit or debit card. After a transaction, this private information (credit cards, social security numbers, financial data, etc.) will not be stored on our servers.
You may request that we delete this information at any time, or unsubscribe from emails through your account settings or by following the detailed instructions at the bottom of each email.
We use some of the information we collect to help us screen for potential risk and fraud (in particular, your IP address), and more generally to improve and optimize Medica Healthy (for example, by generating analytics about how our customers browse and interact with the site or application, and to assess the success of our marketing and advertising campaigns).
We use the Personal Information that we collect generally to fulfill any bookings made through Medica Healthy, to communicate with you, screen for potential risk or fraud; and when in line with the preferences you have shared with us, provide you with information or advertising relating to our products or services.
We strive to protect your information using international protection standards and implement a variety of security measures to maintain the safety of your personal information when you place a booking or enter, submit, or access your personal information.
We scan our website and application regularly for security holes and vulnerabilities to ensure your visit to our site is as a secure as possible. We protect our website through a Web Application Firewall, which filters and monitors the traffic between a web-application and the internet. It detects and blocks common application layer vulnerabilities at the network edge.
We offer the use of a secure server. All supplied sensitive/credit information is transmitted via Secure Socket Layer (SSL) technology and then encrypted into our Payment Gateway Providers’ database only to be accessible by those authorized with special access rights to such systems and are required to keep the information confidential.
We store our data with external provider that holds industry-recognized certifications and audits, including PCI DSS Level 1, ISO 27001, FISMA Moderate, FedRAMP, HIPAA, and SOC 1 (formerly referred to as SAS 70 and/or SSAE 16) and SOC 2 audit reports.
We also ensure all of our data is password protected, and enabled with multi-factor authentication. Not every member of the Medica Healthy team is able to access any data collected, only those with specific roles are permitted to view the data collected. When we store your data on our servers, we personalize and encrypt it to maintain anonymity and provide an additional layer of security in case of a data breach.
The criteria used to determine the period of storage of personal data is the respective statutory retention period. After the expiration of that period, the corresponding data is routinely deleted, as long as it is no longer necessary for the fulfillment of our services.
We process and store your personal data only for the period necessary to achieve the purpose of storage. Accordingly, if we have your email address because we provide certain services to you, we keep that email address throughout the time we provide those services to you.
Essentially, we maintain your data until the deletion of your account. You can view the data we collect from you at any time, and may request its deletion at any time through your account settings.
Cookies are small files that a site or its service provider transfers to your computer’s hard drive through your Web browser (if you allow) that enables the Website or the service providers’ systems to recognize your browser, capture and remember certain information.
If you prefer, you can choose to have your computer warn you each time a cookie is being sent, or you can choose to turn off all cookies via your browser settings. Like most websites, if you turn your cookies off, some of our services may not function properly.
We do not sell, trade, or otherwise transfer to outside parties your personally identifiable information. This does not include trusted third parties who assist us in operating our Website, conducting our business, or servicing you, so long as those parties agree to keep this information confidential. We may also release your information when we believe release is appropriate to comply with the law, to enforce our Website’s policies, or protect our rights or others’ rights, property, or safety. However, non-personally identifiable visitor’s information may be provided to other parties for marketing, advertising, or other uses.
All payment details and personally identifiable information will NOT be stored, sold, shared, rented or leased to any third parties.
We implement Google Analytics features that use Display Advertising information for Google Analytics Demographics and Interest Reporting.
You may opt-out of Google Analytics for Display Advertising, to prevent your data from being used by Google Analytics, by going to the Google Analytics opt-out page.
You have the right granted to obtain from us the confirmation as to whether or not personal data concerning you is being processed. You can contact us at any time to claim this right.
You have the right to request the information that is currently being processed by us. You can also ask us for the purposes of the processing, the categories of personal data concerned; the recipients or categories of recipients to whom the personal data have been or will be disclosed, in particular recipients in third countries or international organizations; where possible, the envisaged period for which the personal data will be stored, or, if not possible, the criteria used to determine that period; the existence of the right to request from the controller rectification or erasure of personal data, or restriction of processing of personal data concerning the data subject, or to object to such processing; the existence of the right to lodge a complaint with a supervisory authority; where the personal data are not collected from the data subject, any available information as to their source.
You have the right to let us know when your information changes, and the information we have on file is no longer accurate. Considering the purposes of the processing, you shall have the right to have incomplete personal data completed, including using providing a supplementary statement.
You have the right to request the erasure of personal data without undue delay.
You shall have the right to receive the personal data concerning you, which was provided to a controller, in a structured, commonly used and machine-readable format.
You shall have the right to object at any time to processing of personal data concerning you. We shall no longer process the personal data in the event of the objection, unless we can demonstrate compelling legitimate grounds for the processing which override the interests, rights and freedoms of you, or for the establishment, exercise or defense of legal claims.
You have the right to withdraw your consent to processing of your personal data at any time.