PRIVACY POLICY

Last updated 02/08/2024

Information You Provide to Us

• If you visit our website we may collect Personal Data from you, such as your first and last name, gender, email and mailing addresses, professional title, company name, and password when you create an account to log in to our network (“Account”).
• If you tell us where you are (e.g., by allowing your mobile device to send us your location), we may store and use that information as part of our product development or quality control processes.
• Certain Services, such as two-factor authorization, may require our collection of your phone number. We may associate that phone number to your mobile device identification information.
• We retain information on your behalf, such as files and messages that you store using your Account.
• If you provide us feedback or contact us via email, we will collect your name and email address, as well as any other content included in the email, in order to send you a reply.
• When you load content (text, images, messages, comments or any other kind of content that is not your email address) on our Site, the information contained in your content will be stored in our servers and authorized users will be able to see it.
• We also collect other types of Personal Data that you provide to us voluntarily, such as your operating system and version, product registration number, and other requested information if you contact us via email regarding support for the Services.
• 

Information Collected via Technology

• Information Collected by Our Servers. To make our Site and Services more useful to you, our servers (which may be hosted by a third-party service provider) collection information from you, including your browser type, operating system, Internet Protocol (“IP”) address (a number that is automatically assigned to your computer when you use the Internet, which may vary from session to session), domain name, and/or a date/time stamp for your visit.
• Log Files. As is true of most websites, we gather certain information automatically and store it in log files. This information includes IP addresses, browser type, Internet Service Provider (“ISP”), referring/exit pages, operating system, date/time stamp, and clickstream data. We use this information to analyze trends, administer the Site, track users’ movements around the Site, gather demographic information about our user base as a whole, and better tailor our Services to our users’ needs. For example, some of the information may be collected so that when you visit the Site or the Services again, it will recognize you and the information could be used to serve advertisements and other information appropriate to your interests. Except as noted in this Privacy Policy, we do not link automatically-collected data to Personal Data.
• Cookies. Like many online services, we use cookies to collect information. “Cookies” are small pieces of information that a website sends to your computer’s hard drive while you are viewing the website. We may use both session Cookies (which expire once you close your web browser) and persistent Cookies (which stay on your computer until you delete them) to provide you with a more personal and interactive experience on our Site. This type of information is collected to make the Site more useful to you and to tailor the experience with us to meet your special interests and needs.
• Pixel Tags. In addition, we may use “Pixel Tags” (also referred to as clear Gifs, web beacons, or web bugs). Pixel Tags are tiny graphic images with a unique identifier, similar in function to Cookies, that are used to track online movements of website users. In contrast to Cookies, which are stored on a user’s computer hard drive, Pixel Tags are embedded invisibly in web pages. We do not tie the information gathered by Pixel Tags to our users’ Personal Data.
• Mobile Services. We may also collect information from your mobile device if you have downloaded our Application(s). This information is generally used to help us deliver the most relevant information to you. Examples of information that may be collected and used include your geographic location, how you use the Application(s), and information about the type of device you use. In addition, in the event our Application(s) crash on your mobile device, we will receive information about your mobile device model and software version and device carrier, which allows us to identify and fix bugs and otherwise improve the performance of our Application(s). This information is sent to us as aggregated information and is not traceable to any individual and cannot be used to identify an individual.
• Analytics Services. In addition to the tracking technologies we place, other companies may set their own cookies or similar tools when you visit our Site. This includes third party analytics services, including but not limited to Google Analytics (“Analytics Services”), that we engage to help analyze how users use the Site. We may receive reports based on these parties’ use of these tools on an individual or aggregate basis. We use the information we get from Analytics Services only to improve our Site and Services. The information generated by the Cookies or other technologies about your use of our Site and Services (the “Analytics Information”) is transmitted to the Analytics Services. The Analytics Services use Analytics Information to compile reports on user activity. The Analytics Services may also transfer information to third parties where required to do so by law, or where such third parties process Analytics Information on their behalf. Each Analytics Services’ ability to use and share Analytics Information is restricted by such Analytics Services’ Terms of Use and Privacy Policy. By using our Site and Services, you consent to the processing of data about you by Analytics Services in the manner and for the purposes set out above. For a full list of Analytics Services, please contact us at privacy@korioclinical.com.
• 
  

General Use of Personal Data

We use Personal Data in the following ways:

• facilitate the creation of, and secure, your Account on our network;
• identify you as a user in our system;
• identify you as a recipient of our Services;
• provide improved administration of our Site and Services;
• provide the Services you request;
• improve the quality of your experience when you interact with our Site and Services;
• send you a welcome email to verify ownership of the email address provided when your Account was created; 
• send you administrative notifications via email and other communication means, such as security, or support and maintenance advisories;
• respond to your inquiries related to employment opportunities or other requests;
• make telephone calls to you, from time to time, as part of secondary fraud protection or to solicit your feedback, and
• periodically send you free newsletters and emails that directly promote the use of our Site or Services. When you receive newsletters or promotional communications from us, you may indicate a preference to stop receiving further communications from us and you will have the opportunity to “opt-out” by following the unsubscribe instructions provided in the email you receive or by contacting us directly (please see contact information above). Despite your indicated email preferences, we may send you service-related communications, including notices of any updates to our Terms of Use or Privacy Policy.
• 
  

Creation of Anonymous Data

We may create Anonymous Data records from Personal Data and/or PHI by excluding information that makes the data personally identifiable. We use this Anonymous Data to analyze request and usage patterns so that we may enhance the content of our Services and improve Site navigation. We may also use this Anonymous Data to perform outcome studies, market research, improve manufacturing processes, or assess patient engagement. We may share this Anonymous Data with third parties for similar use by such third parties. We reserve the right to use Anonymous Data and aggregated and other de-identified information for any purpose and disclose Anonymous Data to third parties in our sole discretion.

Third-Party Websites

Our Site may contain links to third party websites.  When you click on a link to any other website or location, you will leave our Site and go to another site and another entity may collect Personal Data or Anonymous Data from you.  We have no control over, do not review, and cannot be responsible for, these outside websites or their content.  Please be aware that the terms of this Privacy Policy do not apply to these outside websites or content or to any collection of your Personal Data after you click on links to such outside websites.  We encourage you to read the privacy policies of every website you visit.  The links to third-party websites or locations are for your convenience and do not signify our endorsement of such third parties or their products, content or websites.

Disclosure of Personal Data and PHI 

Authorized third-party vendors that provide infrastructure services, technical support services, vendors that provide other services to the company and limited members of the Human Resources, Engineering, Finance, and Customer Support departments of Korio may access and otherwise process Personal Data and PHI in connection with their job responsibilities or contractual obligations. Some of these personnel and third-party vendors are located around the world, including in countries that may not provide the same level of data protection as the home country of the individual. The Company takes appropriate steps to ensure that such personnel and third-party vendors are bound to duties of confidentiality and the Company implements measures such as standard data protection contractual clauses to ensure that any transferred Personal Data remains protected and secure.

Where do we store and process personal data and PHI?

Personal Data and PHI are stored in the location specified by the owner of the data. For Patient PHI, the Korio Customer is responsible for determining the location the data should be stored and communicating that requirement to Korio. Korio stores data that is created in the United States of America in the United States of America and data that is created in the European Union in the European Union. If a Customer wishes to change the data storage location, this request may be communicated to Korio. Data may be moved to a jurisdiction outside of where it was created for processing. For data created in Europe, Korio will obtain the proper consent from either the Visitor, Healthcare Professional, or Customer to move the data for processing, including to locations outside of the European Union.

How do we secure personal data?

The Company maintains reasonable security measures to safeguard Personal Data and PHI from loss, interference, misuse, unauthorized access, disclosure, alteration or destruction. The Company also maintains reasonable procedures to help ensure that such data is reliable for its intended use and is accurate, complete, and current.

How long do we keep your personal data and PHI for?

Korio only keeps data for as long as the data is needed to perform the Services or for as long as required by law or regulation.

Your Rights to your Personal Data and PHI

If you would like to view, request changes to, or ask for the deletion of any of your Personal Data please contact customer service at privacy@korioclinical.com. You can stop a new collection of information by ceasing usage of the web application or terminating your account.