Privacy policy

This Privacy Policy applies to the information collected by Indivi, a brand owned and operated by Healios AG. Throughout this policy, ‘Indivi,’ ‘we,’ ‘us,’ or ‘our’ refers to Healios AG, which operates under the Indivi brand as a Doing Business As (DBA) entity. We are committed to protecting your privacy and handling your information responsibly. Any mention of ‘Indivi’ in this policy encompasses the data practices of Healios AG under the Indivi brand.

Healios (“we” or “us”) is committed to protecting and respecting your privacy. This Privacy Statement (together with our Terms of Use) sets forth the terms and restrictions pertaining to the personal information we may collect from you on our website, or that you provide to us through this website, and which is used, handled and maintained by us. Please read the following Privacy Statement carefully to understand our practices regarding your personal data and how we will treat it. By accessing the Healios website at www.healios.io, including all related pages, you are accepting the practices as outlined in this Privacy Statement Statement. If you decide to visit the Healios Site and use our services, your visit and any possible dispute over privacy is subject to this Privacy Statement and our Terms of Use. If you do not agree to the terms of our Privacy Statement, please discontinue your use, and advise us of your specific objections, questions and concerns.

Information you provide to us

We may collect and process the following identifying information about you on our website:

Personal Information: We may receive and store information that personally identifies you, or that may, directly or indirectly, personally identify you, including your name, your working place (Institution/Company), your specialty and subspecialty and email address. Such information is referred to in this Privacy Statement as “personal information”;Log Data: As is true of most websites, our servers automatically collect and record information that the browser on your computer or mobile phone, tablet or similar device you use to access our Sites (a “Device“) sends whenever you visit our Sites (“Log Data”). Log Data may include Internet protocol (IP) addresses, browser type and language, referral and exit pages and URLs, language information, the domain from which you are visiting and additional information in respect to your usage and browsing of the Sites. We do not link this automatically collected data to other information we collect about you. We also may collect information about various aspects of your use of our Site or your participation in any Activity, such as the dates and time of your login, the content you have viewed, the pages you have visited, the searches and/or registrations you may have made and any clickstream data;Location Data: When you access our Sites on a mobile Device (such as a tablet or a mobile phone), we may collect information about your location through location information accessible through your Device. You can change the privacy settings of your Device at any time, in order to turn off the functionality of sharing location information. If you have any queries about the privacy settings of your Device, we suggest you contact the manufacturer of your Device or your mobile service provider for help;Cookies and Similar Tracking Technologies. We collect certain information by automated means, using technologies such as cookies, pixel tags, browser analysis tools, server logs and web beacons “cookie” technology. For example, when you visit our websites, we place certain cookies on your computer. Please see below our detailed Statement on how we use cookies and other tracking technology and your options relating to such use;Social Media Widgets: Our Sites also includes some social media features, such as a Facebook “like” button, and widgets, such as a “share” button. These features may collect your Internet Protocol address, which page you are visiting on the Site, and may set a cookie to enable the feature to function properly. Social media features and widgets are either hosted by a third party or hosted directly on the Site. Your interactions with these features are governed by the privacy statement of the companies that provide them.

We collect this information when you interact with us, for example when you communicate with our staff, attend one of our programmes, sign up to receive information by e-mail or visit our Sites. We also collect your personal data from publicly available sources, for instance when we try to identify potential attendees for a course in a certain domain.You are generally under no obligation to disclose personal data to us, unless you or your employer has a contractual relationship with us which foresees such obligation. Yet, in order to conclude and perform a contract, we must collect and process the personal data which is necessary for such conclusion and for the fulfilment of the contractual and associated obligations as well as for the fulfilment of legal obligations. Moreover, when using a website, it is necessary to process log data and certain other data. Also in relation to communications between you and us, we must process at least the personal data that you provide to us or that we provide to you.Many companies offer programs that help you to visit websites anonymously. While we will not be able to provide you with a personalized experience if we cannot recognize you, we want you to be aware that these programs are available.

IP Addresses

We may collect and store information about your computer, including where available your IP address, operating system and browser type, for system administration and to report aggregate information. This is statistical data about users’ browsing actions and patterns, and does not identify any individual.

Cookies

Our website may use tracking cookies to distinguish you from other users of our website. This helps us to provide you with a more personalized and welcoming experience when you browse our website, and also allows us to continually improve our site. Healios employs cookies in order for its server to recognize a return visitor as a unique user. The cookies placed by the Healios server are readable only by us, and cookies cannot access, read or modify any other data on a computer. The “help” portion of the toolbar on most browsers will instruct you on how to prevent your browser from accepting new cookies, how to command the browser to tell you when you receive a new cookie, or how to fully disable cookies. We strongly recommend that you leave the cookies activated, however, because cookies enable you to take advantage of most of Healios’ most important features and functionality.Cookies (sometimes referred to as browser cookies) are small packets of data that a website stores on your Device’s hard drive allowing your Internet browser to save and retrieve information about your visit to the website. You can find more information about cookies at www.allaboutcookies.org and www.youronlinechoices.eu.

We may use both session cookies (which expire once you close your Internet browser) and persistent cookies (which stay on your Device until you delete them) to help us collect non-personal information about various aspects of your use of our Sites or your participation in any of the Activities, and to enhance your experience using the Sites. Cookies can also help enable the detection of certain kinds of fraud. If you do not want us to place a cookie on your Device’s hard drive, you may be able to turn that feature off on your Device. Please consult your Internet browser’s documentation for information on how to do this and how to delete persistent cookies. However, if you decide not to accept cookies from us, the Sites may not function properly.Pixel tags and web beacons are tiny graphic images placed on website pages, emails and social posts that allow us to determine whether you have performed a specific action. When you access these pages, open or click an email, or share a post on social media, the pixel tags and web beacons generate a notice of that action. These tools allow us to measure responses to our communications and improve our web pages and promotions.Some web browsers may transmit Do Not Track signals to websites with which the browser communicates, telling the websites not to follow its online movements. Because of differences in how browsers interpret this feature, it is not always clear whether Users intend for these signals to be transmitted, or whether they are even aware of them. Therefore, our Site currently does respond to such Do Not Track signals.

You may block cookies by activating the settings on your browser that allows you to refuse the use of all or some cookies. However, if you use your browser settings to block all cookies (including essential cookies) you may not be able to access all or parts of our site.We may use third-party analytics services (such as Google Analytics) to analyse your use of the Sites, compile reports on activity, collect demographic data, analyse performance metrics, and collect and evaluate other information relating to the Sites and mobile and Internet usage. These third parties use cookies and other technologies to help analyse and provide us this data. We do not have access or control over the cookies placed by these analytics providers. When you access and use the Sites, your Log Data and other non-personal information may be processed by these analytics providers in the manner and for the purposes set out in this Privacy Statement. More information about the analytics tools we use can be found in these links. You may opt out of Google’s use of cookies by updating your Internet browser’s ad settings here.We may also use third-party remarketing services to advertise on third party websites to previous visitors to our Site. It could mean that we advertise to previous visitors who have visited our Site or are participating in any Activity (for example sign-up to receive our newsletters). These third-party remarketing service providers use cookies to serve ads based on a past visit to the Site. Any data collected by such third-party remarketing service providers will be used in accordance with this Privacy Statement and the privacy Statement of such third party remarketing services providers.

How we protect your information

We take commercially reasonable steps to protect your information from loss, misuse, and unauthorised access, use, disclosure, alteration, or destruction. When personal information is transferred over the Internet, we encrypt it using Transfer Layer Security (TLS) with SHA-256 with RSA encryption or similar technology. You should note, however, that no security system is impenetrable. We cannot guarantee the security of our databases or the databases of the third parties with which we may share such information, nor can we guarantee that the information you supply will not be intercepted while being transmitted over the Internet. In particular, e-mails sent to us may not be secure, and you should, therefore, take special care in deciding what information you send to us via email.We use third-party vendors and hosting partners to provide the necessary hardware, software, networking, storage, and related technology required to run our Activities. Where practical, we seek to obtain confidentiality agreements that are consistent with this Privacy Statement and that limit others’ use or disclosure of your personal information.

How we retain your information

We retain your personal data for as long as it is necessary for the purposes for which the data is collected, and as long as we have a legitimate interest in keeping personal data, for example to enforce or defend claims or for archiving purposes and IT security. We also retain your personal data as long as it is subject to a legal retention obligation.

Uses made of the information

We use information held about you in the following ways:

to ensure that content from our site is presented in the most effective manner for you and for your computer;to provide you with information, products or services that you request from us or which we feel may interest you, where you have consented to be contacted for such purposes;to carry out our obligations arising from any contracts entered into between you and us;to notify you about changes to our service.

We do not disclose information about identifiable individuals, but we may provide third parties with aggregate information about our users to analyse for various purposes, including improving service content and delivery, or outcomes analysis. Where we provide aggregated information, information about identifiable individuals will not be identifiable within the aggregated data.

Correcting and updating personal information and service options

We use information held about you in the following ways:

to ensure that content from our site is presented in the most effective manner for you and for your computer;to provide you with information, products or services that you request from us or which we feel may interest you, where you have consented to be contacted for such purposes;to carry out our obligations arising from any contracts entered into between you and us;to notify you about changes to our service.

We do not disclose information about identifiable individuals, but we may provide third parties with aggregate information about our users to analyse for various purposes, including improving service content and delivery, or outcomes analysis. Where we provide aggregated information, information about identifiable individuals will not be identifiable within the aggregated data.

Disclosure of your information

We will not share your personal information with others, except as described in this Privacy Statement. We may disclose your personal information to third parties:

in the event that we sell or buy any business or assets, in which case we may disclose your non-identifiable personal data to the prospective seller or buyer of such business or assets;if Healios or substantially all of its assets are acquired by a third party, in which case non-identifiable personal data held by it about its customers will be one of the transferred assets.

If we are under a duty to disclose or share your personal data in order to comply with any legal obligation, or in order to enforce or apply our terms of website use or our terms of telephone service use; or to protect the rights, property, or safety of Healios. This includes exchanging information with other companies and organizations for the purposes of fraud protection and credit risk reduction.We may share aggregate information with our partners. This aggregate information does not contain personally identifiable information and therefore cannot identify any specific individual. When the user signs up for use of specific services, we will share names or other contact information that is necessary for the third party to provide these services only after permission of the user. The parties providing such services are not allowed to use personally identifiable information except for the purpose of providing these services.

Links

Our site may contain links to and from the websites of our partner networks, advertisers and affiliates. If you follow a link to any of these websites, please note that these websites have their own privacy policies, and that we do not accept any responsibility or liability for these policies. Please check these policies before you submit any personal data to these websites.

Confidentiality

Healios has implemented procedures to reasonably protect data security and the use and disclosure of Identifiable Information. “Identifiable Information” means information about a participant in one of Healios’ research programs or service offerings, which information reveals the identity of the participant or reasonably could be used to identify the participant. Healios protects the identity of participants in these programs; Healios does not disclose Identifiable Information unless the participant has permitted such disclosure or it is allowed or required by law. Healios has implemented procedures designed to protect the privacy and security of Identifiable Information, which procedures are described here. Healios uses and discloses Identifiable Information only as appropriate under and described in this Statement Statement. Healios stores or maintains Identifiable Information obtained in the course of administering its services and in its research programs in secure locations and limits access to Identifiable Information to workforce members and third parties that need to have such access in order to achieve only these specific purposes. Healios’ workforce members use and disclose Identifiable Information only as described in this Statement or as permitted or required by law. When Healios receives Identifiable Information from sources other than the participant or user, Healios enters into confidentiality agreements with the entity(ies) that provide such information to Healios. Those confidentiality agreements require protections at least as stringent as those described in this Statement. Healios enters into confidentiality agreements with subcontractors and other third parties to which Healios provides Identifiable Information. Those confidentiality agreements require the third parties to implement protections for the privacy and security of such information at least as stringent as those described in this Statement. Prior to providing research results to clients, Healios removes Identifiable Information. At the conclusion of each research program, Healios uses reasonable efforts to destroy or de-identify (make anonymous) all Identifiable Information, unless the participant has agreed to be re-contacted about future research programs or Healios is otherwise required by contract or permitted or required by law to maintain such information. Healios does not and would not knowingly use or disclose Identifiable Information in violation of any privacy or security law or agreement. If we are ordered to use or disclose Identifiable Information in a legal proceeding, Healios will take reasonable steps within the context of that legal proceeding to inform the court or other decision-maker of the confidentiality of the information, and Healios will take reasonable steps to otherwise maintain the confidentiality of such information. Healios uses reasonable and appropriate safeguards to protect the security of Identifiable Information, including specifically the confidentiality and integrity of such information.

Your rights

You are entitled to ask for details of the information we hold about you and how we process it and to receive a copy of your personal data. You may also have your data rectified or deleted, restrict our processing of that information, and object to the processing of your personal data. You may also choose to withdraw your consent. Please note that even after you have chosen to withdraw your consent we may be able to continue to process your personal information to the extent required or permitted by law. You may also lodge a complaint in relation to our processing of your personal data with a competent local supervisory authority.In addition, you may manage your receipt of non-transactional communications by clicking on the “unsubscribe” link located at the bottom of any of our emails. Subject to applicable law, we will use reasonable efforts to process such requests in a timely manner. You should be aware, however, that it is not always possible to completely remove or modify information in our subscription databases.Should you have a request regarding the processing of your personal data you may contact us via letter, email or telephone via the following contact details: Healios AG, Postfach, CH-4001, Basel, Switzerland, privacyandsecurity@indivi.io.

Children’s Privacy Protection

We understand the importance of protecting children’s privacy in the interactive online world. The Sites are not designed for or intentionally targeted at children 18 years of age or younger. We do not knowingly collect or maintain personal information from children under the age of 18 through the Sites. If you are under 18, please do not give us any personal information. We encourage parents and legal guardians to monitor their children’s Internet usage and to help enforce our Privacy Statement by instructing their children never to provide personal information through the Sites without their permission. If you have reason to believe that a child under the age of 18 has provided personal information to us, please contact us, and we will endeavour to delete that information from our databases.

International transfer of information

We may transfer your personal data to recipients abroad, including in countries that do not provide the same level of protection as Swiss or EU/EEA law. Before we do so we will implement appropriate measures to protect your personal data, for example by requiring the recipient to agree to data processing agreements (if you would like to receive a copy of these agreements, please contact us. These agreements are usually based on the EU standard clauses, which you may review here). We may also transfer personal data with your explicit consent and in certain other situations as permitted by applicable law.

Governing Law

This Privacy Statement is construed in accordance with and shall be governed by the substantive laws of Switzerland, without regards to principles of conflicts of laws thereof.

Changes to our privacy Statement

Healios reserves the right, and may amend this Privacy Statement. Use of information we collect is subject to the Privacy Statement in effect at the time such information is used. If we make changes to our privacy Statement, we will notify you by posting the revised notice on our Site and/or sending you an email so you are always aware of what information we collect, how we use it and under what circumstances if any, it is disclosed.

Questions and concerns

Questions, comments and requests regarding this privacy Statement are welcomed and should be addressed to privacyandsecurity@indivi.io. Ensuring your privacy is very important to us, and we will make every effort to answer any questions which you may have and to resolve your concerns.

Revision history:

August 2017: Initial version Privacy Statement for MyHealios and Circady
December 2019: Updated Privacy Statement for generic Healios use
February 2020: Children’s’ privacy protection and transfer paragraphs added
April 2021: Minor editorial updates