At Carilex Medical Group we are committed to maintaining the accuracy, confidentiality and security of your personal information. This Privacy Policy describes the personal information that Carilex Medical Group collects from or about you, and how we use and to whom we disclose that information.
Carilex Medical has adopted a series of Privacy Policies in order to address the specific privacy concerns of certain groupings of individuals and specific issues relating to the use of our website, customer database, and email server. This Privacy Policy applies to the personal information of all individuals who, including but not limited to, has or seek to have business relationship with Carilex Medical Group, or who seek to be, are, or were employed by Carilex Medical Group.
The Carilex Medical Group (“Carilex”) includes the parent company, Carilex Medical Inc. and its affiliated entities.
All references in this Privacy Policy to "Carilex", "we", "us", "our" and like terms should be interpreted accordingly.
It is Carilex’s policy to comply with the privacy legislation within each jurisdiction in which we operate. Sometimes the privacy legislation and / or an individual's right to privacy are different from one jurisdiction to another. This Privacy Policy was developed to guide the activities of Carilex. In addition, specific privacy practices may be adopted to address the specific privacy requirements of particular jurisdictions.
This Privacy Policy has a limited scope and application and the rights and obligations contained in this Privacy Policy may not be available to all individuals or in all jurisdictions. If you are unsure if or how this Privacy Policy applies to you, please contact the office of our Privacy Officer for more information.
In addition to the examples listed above, personal information also includes information such as name, home address, telephone, personal email address, date of birth, customer identification number, employee identification number and marital status, and any other information necessary to Carilex’s business purposes, which is voluntarily disclosed to Carilex.
In addition to the examples listed above, personal information also includes information such as name, home address, telephone, personal email address, date of birth, customer identification number, employee identification number and marital status, and any other information necessary to Carilex’s business purposes, which is voluntarily disclosed to Carilex.
From time to time, we may utilize the services of third parties in our business and may also receive personal information collected by those third parties in the course of the performance of their services for us or otherwise. Where this is the case, we will take reasonable steps to ensure that such third parties have represented to us that they have the right to disclose your personal information to us.
Where permitted or required by applicable law or regulatory requirements, we may collect information about you without your knowledge or consent.
The type of data we collect from you will depend upon the type of interaction you have with us:
When you are a customer or vendor, we may collect the following types of personal data in the context of our interaction with you: full name, employer name, work contact details (including address, phone number, fax number and email address), account number, financial information (including card number, card expiration date, bank details and VAT-number), credit check information, logo, photos, videos, biographies and CV’s for educational programs, contract information (including start and end date of rental of products), insurance information and order and delivery information (such as ship to locations);
When you are a patient using one of our products or services, we may collect the following personal data or sensitive personal data about you: your name, date of birth, date of death, gender, address, phone number, identification number, wound details (including descriptions, measurements and photographs), other health-related information, therapy information (including therapy date, prescription information and diagnosis);
When you apply for a job at Carilex we may collect the following personal data: full name, contact details (i.e., address, phone number and email address, etc), date of birth, driver’s license details, passport details, work permit if applicable, employment history and education details, names and contact details of referees, next of kin details (in the event of an emergency), bank details, tax code. Information not relevant to the application will not be collected; and
In addition to the data which you actively provide to us through our websites (for example, by submitting your email address), we may collect certain personal data by automated means, such as cookies, internet tags, web beacons and similar automated data collection means when you visit our websites.
Cookies are files that websites send to your computer or other internet-connected device to uniquely identify your browser or to store information or settings on your device. Your browser may tell you how to be notified when you receive certain types of cookies and how to restrict or disable certain cookies. Please note, however, that without cookies you may not be able to use all of the features of our websites and online services.
In conjunction with gathering information through cookies, our web servers may log information such as your browser type and version, as well as the domain from which you access the internet. We also record the address of the web page that referred you to our websites and the IP address of the device you use to connect to our websites. We also log information about your interactions with the websites, such as which pages you visit, date and time of your visit, search terms you used and links on which you clicked. To control which web servers collect information by automated means, we may place tags on our web pages called “web beacons,” which are small files that link web pages to particular web servers and their cookies. We also may send instructions to your device using JavaScript or other computer languages to gather the types of personal data described above. We may use third party web analytics services on our websites, such as those of Google Analytics. These service providers help us analyze how visitors use the websites. The information obtained for this purpose (including your IP address and other information collected by automated means) will be disclosed to or collected directly by these service providers.
The providers of third party plug-ins and widgets on our websites, such as embedded videos and social media-sharing tools, may use automated means to collect information regarding your use of the websites and your interactions with the plug-ins and widgets. This information is subject to the privacy policies or notices of the providers of the plug-ins and widget.
We use the following types of cookies:
| Name of Cookie | Purpose of Cookie | Session/Persistent Cookies |
|---|---|---|
| JSESSIONID | Session |
To the extent required by local applicable law, we will obtain your consent before collecting your personal data via cookies or similar automated means.
Please also note that our websites may contain links to third party websites, which are not subject to this EU Privacy Policy or our privacy standards and procedures. Please be aware that we are not responsible for, nor do we endorse, the content or privacy of these third party sites. We strongly encourage you to review the privacy policies applicable to such sites before interacting with them.
In general, we may collect the above mentioned personal data or sensitive personal data from individuals when they:
Furthermore, we may collect personal data in a variety of ways depending on your interaction with us:
We may use your personal information without your knowledge or consent where we are permitted or required by applicable law or regulatory requirements to do so.
We process personal data when it is necessary for the purposes of the legitimate interests pursued by us and/or by a third party partner, except where such interests are overridden by the interests or fundamental rights and freedoms of individuals, such as the following:
We also process personal data when it is necessary for complying with our obligations under local national applicable law, including our statutory and financial reporting, adverse event reporting, and tax obligations.
In addition, we process personal data when it is necessary for the performance of a contract to which the individual is a party or in order to take steps at the request of the individual prior to entering into a contract, such as the following:
Finally, we process personal data when the individual has given (explicit) consent to the processing of his or her personal data for one or more specific purposes. This is the case for the following purposes:
In addition to the purposes listed above, personal data and/ or sensitive personal data collected from you during your visit to our websites may be used to:
Carilex limits the processing of your personal data and/or sensitive personal data to what is strictly necessary for the purposes for which it is collected.
We may share your personal information with our employees, contractors, consultants and other parties who require such information to assist us with establishing, managing or terminating our relationship with you, including: parties that provide products or services to us or on our behalf and parties that collaborate with us in the provision of products or services to you. In some instances, such parties may also provide certain information technology and data processing services to us so that we may operate our business. We may share personal information with such parties both in and outside of your home jurisdiction, and as result, your personal information may be collected, used, processed, stored or disclosed in Taiwan, United Kingdom, Italy, San Marino, United States of America, and in some cases, other countries.
When we share personal information with such parties we typically require that they only use or disclose such personal information in a manner consistent with the use and disclosure provisions of this Privacy Policy.
In addition, personal information may be disclosed or transferred to another party in the event of a change in ownership of, or a grant of a security interest in, all or a part of Carilex through, for example, an asset or share sale, or some other form of business combination, merger or joint venture, provided that such party is bound by appropriate agreements or obligations and required to use or disclose your personal information in a manner consistent with the use and disclosure provisions of this Privacy Policy, unless you consent otherwise.
Further, your personal information may be disclosed:
The work output of Carilex’s employees, whether in paper record, computer files, or in any other storage format belongs to us, and that work output, and the tools used to generate that work output, are always subject to review and monitoring by Carilex.
In the course of conducting our business, we may monitor employee activities and our premises and property. For example, some of our locations are equipped with surveillance cameras. These cameras are generally in high risk areas or plant sites. Where in use, surveillance cameras are there for the protection of employees and third parties, and to protect against theft, vandalism and damage to Carilex’s goods and property. Generally, recorded images are routinely destroyed and not shared with third parties unless there is suspicion of a crime, in which case they may be turned over to the police or other appropriate government agency or authority. Pursuant to our Acceptable Use of Computer Systems, Equipment, Infrastructure and Internet Systems Policy, we have the capability to monitor all employees' computer and e-mail use.
This section is not meant to suggest that all employees and affiliates will in fact be monitored or their actions subject to constant surveillance. We have no duty to so monitor. It is meant to bring to your attention the fact that such monitoring may occur and may result in the collection of personal information from employees and affiliates (e.g. through their use of our resources). When using Carilex equipment or resources employees and affiliates should not have any expectation of privacy with respect to their use of such equipment or resources.
Privacy laws do not generally require Carilex to obtain your consent for the collection, use or disclosure of personal information for the purpose of establishing, managing or terminating your relationship. In addition, we may collect, use or disclose your personal information without your knowledge or consent where we are permitted or required by applicable law or regulatory requirements to do so.
To the extent that your consent is required, we will assume, unless you advise us otherwise, that you have consented to Carilex collecting, using and disclosing your personal information for the purposes stated above (including any other purposes stated or reasonably implied at the time such personal information was provided to us).
Where your consent was required for our collection, use or disclosure of your personal information, you may, at any time, subject to legal or contractual restrictions and reasonable notice, withdraw your consent. All communications with respect to such withdrawal or variation of consent should be in writing and addressed to our Privacy Officer.
Carilex endeavors to maintain physical, technical and procedural safeguards that are appropriate to the sensitivity of the personal information in question. These safeguards are designed to protect your personal information from loss and unauthorized access, copying, use, modification or disclosure.
Except as otherwise permitted or required by applicable law or regulatory requirements, Carilex endeavors to retain your personal information only for as long as it believes is necessary to fulfill the purposes for which the personal information was collected (including, for the purpose of meeting any legal, accounting or other reporting requirements or obligations). We may, instead of destroying or erasing your personal information, make it anonymous such that it cannot be associated with or tracked back to you.
It is important that the information contained in our records is both accurate and current. If your personal information happens to change during the course of your relationship with us, please keep us informed of such changes.
In some circumstances we may not agree with your request to change your personal information and will instead append an alternative text to the record in question.
You can ask to see the personal information that we hold about you. If you want to review, verify or correct your personal information, please contact the office of our Privacy Officer using the contact information set out below. Please note that any such communication must be in writing.
When requesting access to your personal information, please note that we may request specific information from you to enable us to confirm your identity and right to access, as well as to search for and provide you with the personal information that we hold about you. We may charge you a fee to access your personal information; however, we will advise you of any fee in advance. If you require assistance in preparing your request, please contact the office of our Privacy Officer.
Your right to access the personal information that we hold about you is not absolute. There are instances where applicable law or regulatory requirements allow or require us to refuse to provide some or all of the personal information that we hold about you. In addition, the personal information may have been destroyed, erased or made anonymous in accordance with our record retention obligations and practices.
In the event that we cannot provide you with access to your personal information, we will endeavor to inform you of the reasons why, subject to any legal or regulatory restrictions.
We may transfer your personal data and/or sensitive personal data to recipients located outside of the EU, for example, when we store your data on servers that are located at our headquarter in Taiwan. In each case, Carilex shall take the necessary measures to ensure that all personal data and/or sensitive personal data transferred to recipients in countries outside of the EU receives an adequate level of protection as required by EU data protection law. Carilex has implemented appropriate international data transfer agreements based on the EU Standard Contractual Clauses.
If you have any questions about this Privacy Policy or concerns about how we manage your personal information, please contact the office of our Privacy Officer by telephone, in writing or by e-mail. We will endeavor to answer your questions and advise you of any steps taken to address the issues raised by you. If you are unsatisfied with our response, you may be entitled to make a written submission to the Privacy Commissioner applicable for your jurisdiction.
We have appointed a Privacy Officer to oversee compliance with this Privacy Policy. The contact information for our Privacy Officer is as follows:
+886-3-328-7882
privacyofficer@carilexmedical.com
Carilex may from time to time make changes to this Privacy Policy to reflect changes in its legal or regulatory obligations or in the manner in which we deal with your personal information. We will communicate any revised version of this Privacy Policy. Any changes to this Privacy Policy will be effective from the time they are communicated, provided that any change that relates to why we collect, use or disclose your personal information will not apply to you, where your consent is required to such collection, use or disclosure, until we have obtained your consent to such change. This Privacy Policy was last reviewed January 1, 2018.
Any interpretation associated with this Privacy Policy will be made by the Privacy Officer. This Privacy Policy includes examples but is not intended to be restricted in its application to such examples, therefore where the word 'including' is used, it shall mean 'including without limitation. This Privacy Policy does not create or confer upon any individual any rights, or impose upon Carilex any rights or obligations outside of, or in addition to, any rights or obligations imposed by the privacy laws applicable to such individual's personal information. Should there be, in a specific case, any inconsistency between this Privacy Policy and such privacy laws, this Privacy Policy shall be interpreted, in respect of that case, to give effect to, and comply with, such privacy laws.
