Privacy Notice
Welcome to PrecisePK privacy notice and thank you for choosing to be part of our community.
PrecisePK is an industry-leading software company who introduces secure state-of-art tools to help hospitals and medical professionals implement more precise and efficient dosing. PrecisePK aims to integrate healthcare and computer science to offer medical professionals the tools necessary for optimal patient care. Our standards to reach therapeutic targets precisely, quickly, efficiently, and safely are high, and so is our commitment to protecting your personal information.
When you visit our website
https://www.precisepk.com (regardless of where you visit it from), use our services through the web application and/or software, or engage with us in any other way, you trust us with your personal information.
We take your privacy very seriously. In this privacy notice, we seek to explain to you in the clearest way possible what information we collect, how we use it and what rights you have in relation to it. We hope you take some time to read through it carefully, as it is important. If there are any terms in this privacy notice that you do not agree with, please discontinue use of our website, web application, software, and any other services.
This privacy notice applies to all information collected through our website and/or any related services, sales, marketing, or events (we refer to them collectively in this privacy notice as the "Services").
Please read this privacy notice carefully as it will help you make informed decisions about sharing your personal information with us.
1. Who Are We?
We are PrecisePK (company name Healthware Inc. and referred to as “PrecisePK”, "Company”, “we", "us" or "our" in this privacy notice). PrecisePK is the controller of your personal information, responsible for this website, committed to protecting your personal information and your right to privacy.
PrecisePK provides theoretical and individualized dosage recommendations, which may require users to input patients’ personal information or health data, or upload that data from their respective electronic health records. This information is used internally to provide services requested by the user. If you are a patient whose data has been input into our software or app, PrecisePK is required by law to take measures to protect the privacy and security of personal health information (“PHI”) and to comply with the terms and conditions of any applicable agreement
In such case, PrecisePK acts as a “Data Processor” (GDPR), “Service Provider” (CCPA) or “Business Associate” (HIPAA) of your data, and under the specific direction of our users, which are deemed “Data Controllers”, “Business”, or “Covered Entity”. The user, commonly a hospital or healthcare professional, is responsible for telling our Company how your Personal Information should be used or processed in those specific transactions.
If we are a Business Associate processing your protected identified health information, please check our HIPAA Privacy Statement for further information.
The current Privacy Notice is only applicable to the cases when Precise PK is the data controller of your data.
2. Contact Details
We have appointed a data protection officer who is responsible for overseeing questions in relation to this privacy notice. If you have any questions about this privacy notice, including any requests to exercise your legal rights, please contact us using the details set out below.
If you have any questions about this privacy notice or our privacy practices, please contact us by sending us an e-mail to
dpo@precisepk.com3. Do We Collect Information From Minors?
PrecisePK does not knowingly collect Personal Information from or market to children under 18 years of age. Moreover, our Services are intended for use by adults over the age of 18. By using the Services, you represent that you are at least 18. If we learn that personal information from users less than 18 years of age has been collected, we will deactivate the account and take reasonable measures to promptly delete such data from our records. If you become aware of any personal data we have collected from children under age 18, please contact us at
dpo@precisepk.com.4. What Is Personal Information?
“Personal information” is any information about an individual that can directly or indirectly distinguish or trace an individual’s identity, associate or link an individual to private information, distinguish one person from another, or be used to re-identify anonymous data.
Personal information is also known as Personal Information, Private Information, or Personally Identifiable Information. In some instances, organization (business) information is also considered personal information. This information may be stored both electronically and in physical documents. Personal Information may include, but is not limited to a name, address, phone number, email address, date of birth, place of birth, IP address, credit card number, identification number(s), photo ID’s, and other similar information. PrecisePK describes the Personal Information we collect in the sections below.
5. Privacy Principles
- PrecisePK is committed to protecting the privacy of the Personal Information of our employees, partners, clients and vendors.
- PrecisePK maintains physical, technological and administrative safeguards to protect Personal Information.
- PrecisePK permits only authorized employees and approved contractors, including but not limited to consultants, to have access to some or all Personal Information as needed.
- PrecisePK practices data minimization, meaning our intention is only to collect personal information essential for the provision and improvement of our services and products. Further, our retention and destruction practices keep Personal Information only as long as needed.
- PrecisePK supports your data access rights related to Personal Information and provides multiple ways for you to exercise those rights.
6. What Information Do We Collect About You?
We may collect, use, store and transfer different kinds of personal information about you which we have grouped together as follows:
- Identity Data includes first name, last name, username or similar identifier, gender, title, date of birth, profile picture, nationality, educational details (including details about your musical education and background) and employment details.
- Contact Data includes email address, residential address and mobile numbers.
- Financial Data includes bank account and credit card details.
- Transaction Data includes details about any purchase and payments to and from you and other details of services or any other transactions you enter into through our website which may include what you have purchased, information about the payment and card details.
- Technical Data includes internet protocol (IP) address, your login data, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform, and other technology on the devices you use to access this website
- Profile Data includes purchases or orders made by you, your interests, preferences, survey responses and feedback.
- Social Media Data including social media handles and other social media profile information that you make available to us or the public.
- Usage Data includes information about how you use our website, products and services.
- Marketing and Communications Data includes your preferences in receiving marketing from us and our third parties and your communication preferences.
- Compliance Data includes passport copy, government-issued ID, national ID card, driving license, any other photo ID MRZ enabled, identifiable id, selfie, source of funds, and proof of address (telephone bill/utility bill).
- Voluntarily given information includes any information that you choose voluntarily to share.
We also collect, use and share Aggregated Data such as statistical or demographic data for any purpose. Aggregated Data could be derived from your personal information but is not considered personal information in law as this data will not directly or indirectly reveal your identity. For example, we may aggregate your Usage Data to calculate the percentage of users accessing a specific website feature. However, if we combine or connect Aggregated Data with your personal information so that it can directly or indirectly identify you, we treat the combined data as personal information which will be used consistent with this privacy notice.
7. How Is Your Personal Information Collected?
We use different methods to collect data from and about you including through:
Direct interactions. You may give us your Identity, Contact, Financial, Profile, Transaction, Technical, Usage, Marketing and Communications, and Compliance data by filling in forms or by corresponding with us by post, phone, email or otherwise. This includes, but is not limited to, personal information you provide when you:
- Apply for and use our services.
- Communicate with us.
- Interact with us for the purpose of collaborating with us.
- Make payments concerning our services and products.
- Subscribe to our newsletter.
- Request marketing to be sent to you.
- Enter a competition, promotion or survey.
- Give us feedback.
- Enroll for a workshop, event, seminar, or webinar.
Automated technologies or interactions. As you interact with our website or any device application through which you may access our services, we will automatically collect Technical Data and Usage Data about your equipment, browsing actions and patterns. We collect this personal information by using cookies and other similar technologies. Please see our Cookie Notice for further details.
Third parties or publicly available sources. We may receive personal information about you from various third parties and public sources including, but not limited to:
- Companies that introduce you to us.
- Delivery and postal services.
- Card associations.
- Government and law enforcement agencies.
- Agents working on our behalf including fraud prevention agencies, analytics providers, advertisers.
- Companies providing due diligence and other screening activities.
- Media outlets (including social media outlets).
- Business registration websites.
8. How Do We Use Your Personal Information?
We will only use your personal information when the law allows us to. Most commonly, we will use your personal information in the following circumstances:
Personal Information: We primarily use the identification information to:
- To facilitate account creation and logon process. If you choose to register your account using your business email, we use the information you allowed us to collect to facilitate account creation and logon process for the performance of the contract.
- To send you marketing and promotional communications. Tell you about our products, services, and other offerings. We and/or our third-party marketing partners may use the personal information you shared to us for our marketing purposes if this aligns with your marketing preferences. You can opt-out of our marketing emails at any time.
- Fulfil and manage your orders. We may use your information to fulfil and manage your orders, payments, returns, and exchanges made through the Services.
- Request Feedback. We may use your information to request feedback and to contact you about your use of our Services.
- To protect our Services. We may use your information as part of our efforts to keep our Services safe and secure (for example, for fraud monitoring and prevention).
- To respond to legal requests and prevent harm. If we receive a subpoena or other legal request, we may need to inspect the data we hold to determine how to respond.
- To enforce our terms, conditions and policies for Business Purposes, Legal Reasons and Contractual
- To comply with a legal and compliance obligation.
- To operate and improve our consumer applications, and to further our marketing efforts. You may opt-out from receiving future promotional or marketing information from us, our affiliated companies, and our third-party vendors, or direct that we do not share your information with any affiliated companies or third-party vendors.
- To manage user accounts. We may use your information to manage your account and keep it in working order.
- To deliver services to the user. We may use your information to provide you with the requested service.
- To respond to user inquiries/offer support to users. We may use your information to respond to your inquiries and solve any potential issues you might have with the use of our services.
- For other Business Purposes. We may use your information for other Business Purposes, such as data analysis, identifying usage trends, determining the effectiveness of our promotional campaigns and to evaluate and improve our Services, products, marketing, and your experience. We may use and store this information in aggregated and anonymized form so that it is not associated with individual end-users and does not include personal information. We will not use identifiable personal information without your consent.
- On occasion, we use your identification information to validate your identity.
- Except as provided in this Privacy Notice, our Terms of Use, or as set forth when you submit the information, your personally identifiable information will not be sold to any third parties or used in any manner outside the scope of this Privacy Notice without your prior approval. We further reserve the right to disclose your information under limited circumstances, such as to cooperate with law enforcement or judicial authorities as required by law or legal process, to protect our own legal rights, or to protect the public good.
Non-personal identifiable information (Non-PII): We use Non-PII in a variety of ways, including to:
- Help analysis site traffic, understand customer needs and trends.
- Carry out targeted promotional activities.
- Improve our services and offerings.
As for usage tracking data, we primarily use that information to operate and improve our consumer applications, and to further our marketing efforts. You may opt-out from receiving future promotional or marketing information from us, our affiliated companies, and our third-party vendors, or direct that we do not share your information with any affiliated companies or third-party vendors.
We may use your Non-PII by itself or aggregate it with information we have obtained from others. We may share your Non-PII with our affiliated companies and third parties to achieve these objectives and others but remember that aggregate information is anonymous information that does not personally identify you.
Whenever you are online or on our applications, you run the risk that the information you provide will fall into the wrong hands. Although we implement and maintain commercially reasonable security procedures and practices to safeguard your privacy, we cannot guarantee the security of any information you provide to us. We accept no responsibility or liability for the activities of third parties.
By using our consumer applications and applications, you agree to our Terms of Use.
9. Disclosing Personal Information
We may disclose your personal information to any of our employees, officers, insurers, professional advisers, agents, suppliers or subcontractors insofar as reasonably necessary for the purposes set out in this notice.
We may disclose your personal information to any member of our group of companies (this means our subsidiaries, our ultimate holding company and all its subsidiaries) insofar as reasonably necessary for the purposes set out in this notice.
We may also from time to time need to disclose your personal information to certain third parties:
- Agents or Contractors of PrecisePK.
- We may need to disclose certain personal information to our Agents or Contractors to enable PrecisePK to process transactions or communicate with you. Where we do so it will be on the basis that these agents/contractors are required to keep the information confidential and secure, and will not use the information for any other purpose than to carry out the services they are performing for PrecisePK.
- Anti-Money Laundering and Regulatory Authorities.
- We may need to retain and disclose certain information about you to regulatory authorities and appropriate agencies to conduct anti-money laundering and trade sanction checks and to assist with fraud prevention, in particular, in compliance with our AML obligations and concerning trade sanctions. We will disclose this information as is required by law.
- Credit Agencies.
- We may need to disclose certain personal information about you to credit agencies to conduct appropriate checks when you are transacting with us.
- Legal Disclosures.
- We may need to disclose certain personal information about you to credit agencies to conduct appropriate checks when you are transacting with us.⦁ While we will not voluntarily disclose your personal information we may disclose such information if we are required to do so by a law enforcement bodies, regulators, tax agencies or third parties under a legal requirement or valid court order, if we are lawfully requested by government or law enforcement authorities, if we are required to do so pursuant other legal processes, or if it becomes necessary to protect the rights or property of PrecisePK. Agents or Contractors of PrecisePK.
- We may need to disclose certain personal information to our Agents or Contractors to enable PrecisePK to process transactions or communicate with you. Where we do so it will be on the basis that these agents/contractors are required to keep the information confidential and secure, and will not use the information for any other purpose than to carry out the services they are performing for PrecisePK.
- We may also employ the services of third-party service providers to help us in certain areas, such as website hosting, physical security, marketing, and market research. Where third-party service providers receive your information, we will remain responsible for the use of your personal information. We take appropriate steps to ensure that such third parties treat your Personal Information with the same consideration that we do.
- Third parties to whom PrecisePK may choose to buy, sell, transfer or merge parts of our business or our assets. In these types of transactions, information about Customers as well as aggregated and anonymized data is typically one of the business assets that is transferred. Moreover, if PrecisePK, all or a portion of our business and assets, were acquired, user information would be one of the assets that are reviewed and transferred or acquired by a third party. You acknowledge that such transfers may occur and that any acquirer of PrecisePK may continue to use your Personal Data as outlined in this Privacy Notice.
We require all third parties to respect the security of your personal information and to treat it conforming to the law. We do not allow our third-party service providers to use your personal information for their purposes and only permit them to process your personal information for specified purposes and following our instructions.
10. Retaining Personal Information
We will only retain your personal information for as long as reasonably necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, regulatory, tax, accounting or reporting requirements. We may retain your personal information for a longer period in the event of a complaint or if we reasonably believe there is a prospect of litigation with respect to our relationship with you.
To determine the appropriate retention period for personal information, we consider the amount, nature and sensitivity of the personal information, the potential risk of harm from unauthorized use or disclosure of your personal information, the purposes for which we process your personal information and whether we can achieve those purposes through other means, and the applicable legal, regulatory, tax, accounting or other requirements.
We maintain a retention procedure which we apply to records in our care. In all cases, where your information is no longer required, we will ensure it is disposed of securely and, where required by applicable law, we will notify you when such information has been disposed of.
In some circumstances, we will anonymize your personal information (so that it can no longer be associated with you) for research or statistical purposes, in which case we may use this information indefinitely without further notice to you.
11. Marketing
Promotional offers from us
We may use your Identity, Contact, Technical, Usage, Marketing and Communication, Social Media and Profile Data to form a view on what we think you may want or need, or what may be of interest to you. This is how we decide which products, services and offers may be relevant for you (we call this marketing).
You will receive marketing communications from us if you have requested information from us or services from us and you have opted-in to receiving that marketing.
Third-party marketing
We will get your express opt-in consent before we share your personal data with any third party for marketing purposes.
Opting out
You can ask us to stop sending you marketing messages at any time by sending us an email to dpo@precisepk.com or by following the unsubscribe function present in every marketing communication sent to you.
12. Third-Party Links
This privacy notice applies only to PrecisePK products, services and information collected by our website; however, our website may contain links to third-party websites, plug-ins, and applications.
Please be aware that clicking on those links or enabling those connections may allow third parties to collect or share data about you. We do not control these third-party websites and are not responsible for their privacy policies. When you leave our website, we encourage you to read the privacy notice of every website you visit.
13. Do We Use Cookies And Other Tracking Technologies?
We use cookies and similar tracking technologies, like web beacons and pixels, to collect information about your use of our services. Cookies are small files, typically comprised of letters and numbers, that your computer or mobile device saves when you visit certain websites. When you return to the websites that save cookies on your device or visit other websites that use the same cookies, the websites recognize such cookies and your browsing device.
You can set your browser to refuse all or some browser cookies, or to alert you when websites set or access cookies. If you disable or refuse cookies, please note that some parts of this website may become inaccessible or not function properly. For more information about the cookies we use, please see our Cookies Notice.
14. Processing Location
We process your personal information in the US. For users located in Canada, California, Nevada, or the European Union, please see Sections 10,11 and 12 for more detailed information.
If the applicable law of your place of residence is none of the above, please contact us at
dpo@precisepk.com for further details.
15. If Your Fail To Provide Personal Information
Where we need to collect personal information by law, or under the terms of a contract we have with you, and you fail to provide that data when requested, we may not be able to perform the contract we have or are trying to enter into with you. In this case, you may not be able to use our services and we will notify you if this is the case at the time.
16. Change Of Purpose
We will only use your personal information for the purposes for which we collected it unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose. If you wish to get an explanation as to how the processing for the new purpose is compatible with the original purpose, please contact us.
If we need to use your personal information for an unrelated purpose, we will notify you and we will explain the legal basis which allows us to do so.
Please note that we may process your personal information without your knowledge or consent, in compliance with the above rules, where this is required or permitted by law.
17. International Users
Information that we collect may be stored and processed in and transferred between any of the countries in which we operate to enable us to use the information as per this notice.
By providing us with your personal data, you expressly consent to our transferring your personal data to countries or jurisdictions which may not provide the same level of data protection as your home country, including without limitation countries or jurisdictions outside the EEA and the US.
Please contact us if you want further information on the specific mechanism used by us when transferring your personal data.
18. European Union Residents And The General Data Protection Regulation
In the event that the General Data Protection Regulation “GDPR” (a privacy law applicable to consumers residing in the European Economic Area) applies to a specific transaction and/or a specific consumer, any such consumer has the below rights.
- Right of access. You have the right to obtain from us confirmation as to whether or not Personal Information concerning you is processed, and, to request access to the Personal Information.
- Right to correct or update. You have the right to correct or update inaccurate Personal Information about you.
- Right to restrict processing. Under certain circumstances, you have the right to restrict the processing of your Personal Information. In such instances, your Personal Information may only be processed by us for limited purposes.
- Right to object. Under certain circumstances, you have the right to object to the use or processing of your Personal Information where we no longer have a legitimate or legal need to process it; to object to your Personal Information being processed for direct marketing purposes, and object to automated decision making (including profiling) where the decision would have a legal or similarly significant impact on you.
- Right to data portability. Under certain circumstances, you have a right to receive a copy of your Personal Information, which you have provided to us, in a machine-readable format and the right to transmit that Personal Information for use in another party’s service.
- Right to be forgotten. Under certain circumstances, you have the right to request that your Personal Information be erased. Some Personal Information may be in backup archives and/or must be retained for legal or compliance reasons.
- Right to complain. You have the right to make a complaint at any time to the competent supervisory authority. The contact details of the EU supervisory authorities can be found at https://edpb.europa.eu/about-edpb/board/members_en. We would, however, appreciate the chance to deal with your concerns before you approach a supervisory authority so please contact us in the first instance at dpo@precisepk.com.
To make any of these requests, we may require that you verify your identity to the exercise of any of these rights.
Under certain circumstances, and in the event of a data breach involving your Personal Information that is likely to result in a risk to your rights and freedoms, we are required to notify the applicable supervisory authority within 72 hours after becoming aware of such a breach.
We and some of our external third parties are based outside the EEA so the processing of the personal data involve a transfer of data outside the EEA.
Whenever we transfer your personal data out of the EEA, we ensure a similar degree of protection is afforded to it by ensuring at least one of the following safeguards is:
- We will only transfer your personal data to countries that have been deemed to provide an adequate level of protection for personal data by the European Commission.
- Where we use certain service providers, we may use specific contracts approved by the European Commission which give personal data the same protection it has in Europe.
18. Canadian Residents and the personal information protection and electronic documents act
Under Canada’s Personal Information Protection and Electronic Documents Act (“PIPEDA”), business who collect the personal information of Canadian residents are required to adhere to series of privacy principles concerning their handling of such information, including the principles of accountability; purpose; consent; limited collection; limited use, disclosure and retention; accuracy; safeguards; openness; access; and compliance.
This Privacy Notice explains our support for the principles of accountability; purpose; consent; limited use, disclosure and retention; safeguards; openness; and access. The principles of limited collection, accuracy, and compliance are addressed below:
Limited Collection
We limit the information that we collect about you to that which is necessary to support our business and to deliver our products and services to you in line with this Privacy Notice.
Corrections
You can make corrections to any personal information that we have collected about you by updating your account settings and preferences. If you require assistance in making these corrections, please contact us directly using the information and methods provided in the “Contact Details” section of this Privacy Notice.
Complaints and Access Requests
If you are a Canadian resident and wish to request more information about our privacy practices, to request details regarding the personal information about you that we have collected, or to file a complaint, please refer to the “Contact Details” section of this Privacy Notice for more information.
Transmissions of Personal Information Across International Borders
The personal information of Canadian residents may be transmitted to the facilities of third-party service providers in the European Union for processing and storage in accordance with the purposes described in this Privacy Notice. All parties involved will abide by the terms of this Privacy Notice. Our service providers are subject to certain safeguards, including the execution of a Non-Disclosure Agreement and the requirement that any personal information provided to them be destroyed upon completion of the service or returned to us. Personal information processed in the US may be lawfully accessed by American courts, law enforcement and national security agencies as described in the “Sharing of Personal Information We Collect” section of this Privacy Notice.
19. California Consumers
Your California privacy rights
Persons with disabilities may obtain this notice in alternative format upon request by contacting us at dpo@precisepk.com.
California Civil Code Section 1798.83, also known as the “Shine The Light” law: Residents of the State of California have the right to request information from PrecisePK regarding other companies to whom the company has disclosed certain categories of information during the preceding year for the other companies’ direct marketing purposes. If you are a California resident and would like to make such a request, please email dpo@precisepk.com.
California Consumer Privacy Act: The California Consumer Privacy Act (“CCPA”) provides California residents with the right to receive certain disclosures regarding the collection, use, and sharing of “Personal Information,” as well as the right to know/access, delete, and limit the sharing of Personal Information. The CCPA defines “Personal Information” to mean “information that identifies, relates to, describes, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer or household.” Certain information we collect may be exempt from the CCPA because it is considered public information (e.g., it is made available by a government entity) or covered by specific federal privacy law, such as the Gramm–Leach–Bliley Act, the Health Insurance Portability and Accountability Act, or the Fair Credit Reporting Act.
To the extent that we collect Personal Information that is subject to the CCPA, that information, our practices, and your rights are described below.
Right to notice at collection regarding the categories of personal information collected
You have the right to receive notice of the categories of Personal Information we collect, and the purposes for which those categories of Personal Information will be used. This notice should be provided at or before the time of collection. The categories we use to describe the information are those enumerated in the CCPA.
Personal identifiers:
- We collect your name, phone number, and email address and contact address when you create an account or complete a transaction. If you choose to create an account, you will also be asked to create a username, and we will assign one or more unique identifiers to your profile. We use this information to provide the Services, respond to your requests, and send information and advertisements to you.
- We collect payment information when you provide it to us, which may be your credit card number or a bank account when you complete a transaction. You have the option to store this information to your account or set up a recurring transaction. We use this information to streamline and facilitate payments and transactions.
- We collect your IP address automatically when you use our Services. We use this information to identify you, gauge online activity on our website, measure the effectiveness of online services, applications, and tools, and to serve targeted advertisements based on your online activities.
- We collect your Device ID automatically when you use our Services. We use this information to monitor your use, and the effectiveness of, our Services, to identify you, and to provide you with targeted information and offers.
Protected classifications: We collect your age in order to comply with laws that restrict collection and disclosure of personal information belonging to minors.
Commercial information: When you engage in transactions with us, we create records of goods or services purchased or considered or returned, as well as purchasing or consuming histories or tendencies. We use this information to measure the effectiveness of our Services and to provide you with targeted information, advertisements, and offers.
Internet or other electronic network activity information: We collect information about your browsing history, search history, interaction with websites, and applications or advertisements automatically when you utilize our Services. We use this information to gauge online activity on our website, measure the effectiveness of online services, applications, and tools, and to serve targeted advertisements based on your online activities.
Geolocation data: As described above, we collect your IP address automatically when you use our Services. We may be able to determine your general location based on your device’s IP address. When you use the Services for the first time, we may ask for your permission to collect your precise location (i.e., your GPS coordinates). If you allow your device to provide us with this information, we use it to make improvements to our products and services and to provide recommendations and deliver relevant advertising.
Audio, electronic, visual, or similar information: If you contact us via phone, we may record the call. We will notify you if a call is being recorded at the beginning of the call. We may collect your photographic or video image, or similar information. We use this information to monitor our customer service, maintain the security of our systems and physical locations, and train employees.
Inferences drawn to create a profile about a consumer reflecting the consumer’s preferences or characteristics: We may analyze your actual or likely preferences through a series of computer processes. On some occasions, we may add our observations to your internal profile. We use this information to gauge and develop our marketing activities, measure the appeal and effectiveness of our Services, applications, and tools, and to provide you with targeted information, advertisements, and offers.
We may use any of the categories of information listed above for other business or operational purposes compatible with the context in which the Personal Information was collected.
We may share any of the above-listed information with Service Providers, which are companies that we engage for business purposes to conduct activities on our behalf. Service Providers are restricted from using Personal Information for any purpose that is not related to our engagement. The categories of Service Providers with whom we share information and the services they provide are described in this Privacy Notice.
Right to know about the personal information collected, disclosed or sold
You have the right to request that we disclose to you the Personal Information we collect, use, disclose, or sell. With a view to processing your request to know/access your Personal Information or delete your Personal Information, we may ask you to take additional steps to verify your request or identity.
Verification procedures
In order to process your request to know about or delete the personal information we collect, disclose, or sell, we must verify your request. We do this by:
- Providing personal identifiers we can match against information we may have collected from you previously, and
- Asking you to confirm your request using the email address or telephone account stated in the request.
If you have authorized someone else to make requests on your behalf, we will require that you provide notarized statements confirming the identity and authority of that person.
Right to know/access information
You have the right to request access to Personal Information collected about you and information regarding the source of that information, the purposes for which we collect it, and the third parties and service providers with whom we share it. To protect our customers’ Personal Information, we are required to verify your identity before we can act on your request.
Right to request deletion of information
You have the right to request in certain circumstances that we delete any Personal Information that we have collected directly from you. To protect our customers’ Personal Information, we are required to verify your identity before we can act on your request. We may have a reason under the law why we do not have to comply with your request, or why we may comply with it in a more limited way than you anticipated. If we do, we will explain that to you in our response.
Right to information regarding participation in data sharing for financial incentives
You have the right to be free from discrimination based on the exercise of your CCPA rights. We may run promotions from time to time wherein we incentivize a consumer to share certain pieces of information with us. Participation in these incentives is voluntary, and you may opt-out of the data sharing at any time.
Right to opt-out of the sale of personal information to third parties
Though PrecisePK does not sell Personal Information to third parties, California law requires that we maintain a separate webpage that allows you to opt-out of the sale of your Personal Information in the future, which can be accessed by visiting our “Do not sell my info” webpage.
Please note that your right to opt-out does not apply to our sharing of Personal Information with service providers, who are parties we engage to perform a function on our behalf and are contractually obligated to use the Personal Information only for that function.
We may also disclose information to other entities when required by law or to protect PrecisePK or other persons, as described in our Privacy Notice.
How to submit a request
You may submit a request to exercise your rights by sending an email to dpo@precisepk.com.
Authorized agent
You may authorize another individual or business registered with the California Secretary of State, called an authorized agent, to make requests on your behalf. We require that you and the individual complete notarized affidavits as a way to verify the identity of the authorized agent and confirm that you have authorized them to act on your behalf.
20. Nevada Consumers
Residents of the State of Nevada have the right to opt-out of the sale of certain pieces of their information to other companies who will sell or license their information to others. We disclose contact information to third parties that may want to market products or services to you. To opt-out of such sales, please email us at dpo@precisepk.com.
21. Security of Personal Information
We have put in place appropriate security measures to prevent your personal information from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. Besides, we limit access to your personal information to those employees, agents, contractors and other third parties who have a business need to know. They will only process your personal information on our instructions, and they are subject to a duty of confidentiality.
We have put in place procedures to deal with any suspected personal information breach and will notify you and any applicable regulator of a breach where we are legally required to do so.
We will store all the personal information you provide on our secure (password- and firewall-protected) servers. We have also implemented physical access restrictions for our data centres and authorization controls for data access as part of our information security management system.
All electronic financial transactions entered into through our website will be protected by encryption technology.
You are responsible for keeping the password you use for accessing our website confidential; we will not ask you for your password (except when you log in to our website).
Amazon Web Services. Our software is hosted on Amazon Web Services (“AWS”), a cloud computing service. Compliance reports are provided for free online to any users who register an account with AWS. Information about AWS is given here (https://aws.amazon.com/security/).
HIPAA Compliance. All data stored or processed by the Software will be in full compliance with the requirements of the Health Insurance Portability and Accountability Act of 1996 as amended (“HIPAA”). No patient identifying information, as defined under HIPAA (“PHI”), is ever accessed or shared by employees or personnel of the Company at any time. PHI collected by the Software is automatically stored in an encrypted database without human involvement. All our databases are securely encrypted and used in strict compliance with HIPAA requirements. All Protected Health Information (PHI) as defined under HIPAA is kept private and will only be accessible to valid license holders, and all the communications regarding PHI will occur solely between such valid license holders and the Software. We only use non-PHI information for data processing, research and improving the user experience in compliance with HIPAA regulations. No PHI is ever shared with any person or entity other than the valid license holders. The Company will back-up all data on encrypted databases which will only be accessible to valid license holders.
During verification of Software licenses and database use, only non-PHI, and information related to the applicable Software license and use is accessed by PrecisePK. The Company may use non-PHI to improve its processing of the pharmacokinetics data, show data analytics to the license holders, improve user experience; however, all such use will be in strict compliance with HIPAA requirements.
Physical Measures. We limit access to all PrecisePK personnel workstations to authorized personnel only. Visitor presence is recorded and escorted. Restricted areas are locked.
Organizational measures. We limit workforce access to the minimum necessary to accomplish the intended purpose.
22. Changes to the Website privacy notice and your duty to inform us of changes
We keep our privacy notice under regular review and may make updates and changes from time to time.
You should check this page frequently to ensure you are happy with any changes to this notice. The updated version will be indicated by “Last updated on” date and the updated version will be effective as soon as it is accessible.
If we make material changes to this privacy policy, we may notify you by email or through a pop-up message on our website.
All personal information that you provide to us must be true, complete, and accurate, and you must notify us of any changes to such personal information. The personal information we hold about you must be accurate and current. Please keep us informed if your personal information changes during your relationship with us.
23. CONTACT US
If you have any questions or concerns about this notice, please do not hesitate to send us an email to dpo@precisepk.com
This privacy notice was last updated on 31st August 2020.