- Who we are
- What information we collect
- How we use your information
- Who may use your information
- Third party links and services
- How we protect your information
- Where your information is processed
- Marketing Communications
- How long we keep your information
- Compliance with HIPAA and ISO 27001:2013
- Your rights
- How you can contact us
We do not knowingly collect or process data from anyone under the age of thirteen (13) years old.
Who are we?
What information do we collect?
Most of the personal data that M*Modal holds is not collected directly from individuals but is received from M*Modal customers who engage M*Modal (either directly or through a third party) to process personal data on the customer’s behalf. M*Modal does collect some personal data directly, including data related to M*Modal employees and investors and individuals who have made inquiries about using M*Modal’s products or services. Where personal data is supplied to M*Modal from a customer, that customer is responsible for ensuring that the individuals whose personal data it is are notified about the identity of the data controller or its representatives, the purposes for which it is collecting, processing and maintaining the data, and any further information that may be required by the circumstances under which the data are collected. Any questions, comments or concerns about the data practices of an M*Modal customer for whom M*Modal processes data should be addressed to that customer.
M*Modal also collects personal data that you provide to us on our Site, which may include:
- Contact information – [name, job title, company name, department, email address, physical mailing address and telephone number];
- Professional information – [such as your employment background, job description and related information];
- Transaction information – [your contact information, the products you are interested in, your purchasing requirements, your financial information including credit card or other payment information];
- Responses to surveys – [information you provide in responding to a survey on the website, via an app or email, on the telephone or otherwise];
We also collect information through means such as cookies – for more on this please see the next section below on how we use your information. We collect personal data from you only when you voluntarily provide it to us. You may withdraw your consent to us using your personal data at any time. Finally, we may use publicly accessible information to verify information we are provided with and to manage and expand our business.
How do we use your information?
Our primary purpose in collecting your personal data is to provide you with the services you requested and those which we believe will optimize your use of the Site. We may use your personal data for the following purposes:
- To contact you with additional information about M*Modal’s product offerings;
- To provide the information, services or support you request and related after-sales services;
- To identify you, and to contact you from time to time with product or service updates;
- To send other messages that are useful to the service we provide;
- To manage our relationship with you and to carry out any related administration;
- To promote our services, or the services of our partners, including by email and via social media platforms;
- To compare information for accuracy, and verify it with third parties;
- To carry out research, including market research, statistical research on Site traffic, sales and other commercial information to assist us in improving the services we provide to you and tailor the Site.
These technologies are used in analyzing trends, administering the Site, tracking users’ movements around the Site and to gather demographic information about our user base as a whole. We may receive reports based on the use of these technologies by these companies on an individual as well as aggregated basis.
As is true of most websites, we gather certain information automatically and store it in log files. This information includes IP addresses, browser type, internet service provider, referring/exit pages, operating system, date/time stamp, and clickstream data. We use this information, which does not identify individual users, to analyze trends, to administer the site, to track users’ movements around the site and to gather demographic information about our user base as a whole. We do not link this automatically-collected data to personal data.
Third parties with whom we partner to provide certain features on our Site or to display advertising based upon your web browsing activity use LSOs such as HTML 5 to collect and store information. Various browsers may offer their own management tools for removing HTML5 LSOs.
We may provide your personal data to companies that provide services to help us with our business activities such as offering customer service (Live Chat). These companies are authorized to use your personal data only as necessary to provide these services to us.
Applying to work with us
If you apply to work with us, we will use the information you supply to process your application and to monitor recruitment statistics. As a global business we may transfer your details outside of your home country and to other companies in our group. We will ask you to sign up to additional privacy terms if you apply for a job with us. Once a person has taken up employment with us, we will compile a file relating to their employment. At that stage we will give more details about how we hold employee data and we will expect the employee to sign up to additional privacy terms as part of their employment.
We may retain details of candidates who may be of interest to us, either now or in the future, for up to one year. If you would not like us to do that please let us know. Additionally, if your circumstances change – for example you no longer wish to be considered by us for employment – please let us know that too.
Who may use your information?
We may disclose your personal data to enforce our policies, to comply with our legal obligations or in the interests of security, public interest or law enforcement in any country where we have entities or affiliates. For example, we may respond to a request by a law enforcement agency or regulatory or governmental authority. We may also disclose data in connection with actual or proposed litigation, or to protect our property, security, people and other rights or interests.
We share your information with third parties who help deliver our products and services to you. Examples include hosting our web servers, analyzing data, providing marketing assistance, and providing customer service. These companies will have access to your personal information as necessary to perform their functions, but they may not use that data for any other purpose.
We may also share your personal data:
- With companies in our group and/or our affiliates; or
- With any third party you have asked us to share your personal data with – such as Facebook or any other social media site if you have asked us to connect with your account.
You may have accessed our website through a hyperlink from the website of one of our trading partners. If so, you consent to your personal details and purchase information, including behavioural patterns, being shared with that trading partner in accordance with our contractual relationship with them.
Similarly, your personal information may be passed on to a successor in interest in the unlikely event of a liquidation, bankruptcy or administration.
Please remember that when you share information publicly on the Site, for example a comment on a blog post, it may be indexable by search engines, including Google, which may mean that the information is made public.
Third party links and services
The Site may contain links to third parties’ websites. We are not responsible for the privacy practices or the content of those websites. Therefore, please read carefully any privacy policies on those links or websites before either agreeing to their terms or using those websites.
If you have asked us to share data with third party websites (such as social media sites), their servers may not be secure.
Note that, despite the measures taken by us and the third parties we engage, the internet is not secure. As a result, others may nevertheless unlawfully intercept or access private transmissions or data.
How Do We Protect Your Information?
We take what we consider to be appropriate technical and organisational measures to guard against unauthorised or unlawful processing of your personal data and against accidental loss or destruction of, or damage to, your personal data. While no system is completely secure, we believe the measures implemented by the Site reduce our vulnerability to security problems to a level appropriate to the type of data involved. We have security measures in place to protect our user database and access to this database is restricted internally. However, it remains your responsibility:
- Where you have a user account for the Site:
o To log off or exit from the Site when not using it;
o To ensure no-one else uses the Site while your device is logged on to the Site (including by logging on to your device through a mobile, Wi-Fi or shared access connection you are using);
o To keep your password or other access information secret. Your password and log in details are personal to you and should not be given to anyone else or used to provide shared access for example over a network. You should use a password which is unique to your use of the Site – do not use the same password as you use for another website or email account; and,
- To maintain good internet security. For example if your email account or Facebook account is compromised this could allow access to your account with us if you have given us those details and/or permitted access through those accounts. If your email account is compromised it could be used to ask us to reset a password and gain access to your account with us. You should keep all of your account details secure. If you think that any of your accounts have been compromised you should change your account credentials with us, and in particular make sure any compromised account does not allow access to your account with us. You should also tell us as soon as you can so that we can try to help you keep your account secure and if necessary warn anyone else who could be affected.
Where is your information processed?
We may need to transfer your personal data to the United States, Canada, India, Australia, and/or the United Kingdom, all of which may be located outside the European Economic Area, for the purpose of servicing, implementing, supporting, and maintaining M*Modal supplied products and services; for management and administration functions; and to comply with M*Modal’s legal obligations. To the extent applicable, any transfer of your data will be subject to a European Commission approved contract that will safeguard your privacy rights and give you remedies in the unlikely event of a security breach.
If you have given permission, we may share your personal data with organisations who are our business partners and we or they may contact you (unless you have asked us or them not to do so) by mail, telephone, SMS, text/picture/video message, fax, email, other about products, services, promotions, and special offers that may be of interest to you. If you prefer not to receive any further direct marketing communications from us or our business partners, you can opt out at any time. See further ‘Your rights’, below.
How long do we keep your information?
Compliance with HIPAA and ISO 27001:2013
M*Modal provides technical controls and safeguards that support its customers’ compliance policies and procedures. Although compliance with the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”) is the responsibility of every healthcare organization, M*Modal is dedicated to ensuring that its products and services make it easier for them to reach that goal.
M*Modal has also established a corporate HIPAA Privacy Officer to facilitate and manage the privacy needs of its customers, and a Chief Information Officer and Chief Information Security Officer to protect the security of customer and internal data. These roles include the following responsibilities:
- Implement corporate privacy and security policies, and ensure effective corporate-wide privacy and security awareness;
- Validate that current operational and technical business practices ensure the privacy and security of protected health information;
- Develop, implement and monitor a privacy and security awareness, education and training program, as well as a compliance program;
- Assist our customers in the ongoing process of negotiating and finalizing the required Business Associate Agreements.
If you choose to use our referral service to tell a friend about employment opportunities with M*Modal, we will ask you for your friend’s name, email address and contact number. We will send your friend an email or call him or her, inviting him or her to visit the site or otherwise gauging his or her interest in one or more open positions. M*Modal stores this information for the sole purpose of contacting your friend and tracking the success of our referral program. Your friend may contact us at firstname.lastname@example.org to request that we remove this information from our database.
We post customer testimonials, comments and reviews on our Site which may contain personal data. We obtain the customer’s consent via email to post such customer’s name along with the testimonial, prior to posting the testimonial. If you wish to update or delete your testimonial, you can contact us at email@example.com.
Our Site offers publicly accessible blogs or community forums. You should be aware that any information you provide in these areas may be read, collected, and used by others who access them. To request removal of your personal information from our blog or community forum, contact us at firstname.lastname@example.org. In some cases, we may not be able to remove your personal information, in which case we will let you know if we are unable to do so and why.
Although M*Modal receives, handles and in some cases, stores personal data, M*Modal’s customers are typically the custodians of the permanent copies of such personal data and the permanent official copies of dictation audio are managed by M*Modal’s customers. In the case of health records, all requests by individuals concerned for access to such records, such as to correct, update or delete it, should be directed to the relevant M*Modal customer to ensure that the individuals concerned receives access to his or her official, final health record. In the event that the relevant M*Modal customer does not respond to your request in a reasonably adequate or timely manner, please contact us at email@example.com and we will escalate your request with such M*Modal customer. In such cases, we will respond to your request within 30 days.
As explained above, you have the right to opt-out of receiving communications from us. In addition, to the extent permitted by the laws of your country, you may have the right to object to the processing of your personal data for direct marketing purposes. If your objection is not to direct marketing in general, but to direct marketing by a particular channel e.g. email or telephone, please specify the channel you are objecting to.
Further, to the extent permitted by the laws of your country, you may also have the right to access, correct, delete, restrict, be forgotten, or object to processing of, or request data portability of the personal data collected about you subject to some conditions and exceptions. You can find out more about these rights in the EU by reading the General Data Protection Regulation here: http://www.eugdpr.org/the-regulation.html.
To the extent permitted by the laws of your country, you also have the right to lodge a complaint with a data protection regulator.
If you wish to inquire about any of this then please direct your queries to firstname.lastname@example.org.
How to contact us?
5000 Meridian Boulevard
Franklin, TN 37067
Phone: +1 615-798-6000
Fax: +1 866-796-5127
The legislation below is not part of the policy but is provided by way of background as (non-exhaustive) source legislation for the use of the MModal legal team. If any of these laws are changed, replaced or amended we would recommend that the policy is reviewed.
Data Protection Act 1998 (UK) – the UK Data Protection Bill 2017 has been introduced to replace the Act with new legislation (to implement the GDPR)
General Data Protection Regulation (EU)