PRIVACY POLICY


Privacy Policy

This Privacy Policy describes MedoSync’s privacy practices in relation to information that we collect through our website, online forms and via other services provided by us offline. MedoSync takes your privacy seriously. This Privacy Policy outlines: 

 

1. Who we are. 

2. What information we collect about you. 

3. How we collect the information. 

4. How we use that information. 

5. How we share information that we collect. 

6. How we store and secure information that we collect. 

7. Your rights as a data subject. 

8. How you can access and control your information. 

9. Other important details. 

 

This Privacy Policy does not apply to the practices of third parties that MedoSync does not own or control. 

Who are we

MedoSync is a technology platform that allows for the efficient and accurate collation, completion, submission, tracking and reconciliation of health insurance claims. 

 

If you have a query in relation to how your data is handled, you can contact us by email or phone: 

Email: dataprotection@medosync.com

What information we collect about you

MedoSync collects the following information: 

  • Personal Data. “Personal Data” is information that, directly or indirectly, identifies you or another individual and which may include: Name, title, company name, job function, expertise, postal address, telephone number, email address, date of birth, age, browser and device information (including IP Address), and information collected through cookies and other similar technologies. If you submit any Personal Data relating to other people to us or to our service providers, you represent that you have the authority to do so and to permit us to use the information in accordance with this Privacy Notice. 

  • Special categories of Personal Data (sensitive data) is collected, when provided by you, and may include: Gender and medical records. 

  • Other Information. “Other Information” is any information that does not and cannot be used to reveal your identity or that of another individual, such as information which has been fully and permanently anonymised. We use this information for other purposes as described below. 

How we collect the information

MedoSync collect Personal Data, Sensitive Data and Other Information in a number of ways: 

 

 

Purpose of collection 

From you: 

MedoSync collects information such as your name, date of birth, age, gender, phone number, personal email, work email, personal address, work address and medical records when you voluntarily provide this data to us. 

Offline: 

We may collect information from you offline, such as during phone calls with our employees, or when you contact us. 

Information from other sources: 

MedoSync collects information from clinics and hospitals (such as your name, date of birth, age, gender, phone number, personal email, work email, personal address, work address and medical records) when you voluntarily provide this data on your insurance claim form and consent for this information to be provided to us, by your clinic or hospital. 

Via your browser or device: 

Certain information is collected by most browsers or automatically through your device, such as your Media Access Control (MAC) address, computer type (Windows or Macintosh), screen resolution, operating system name and version, device manufacturer and model, language, Internet browser type and version, and the name and version of the site you are using. Your IP Address is a number that is automatically assigned to the computer that you are using by your Internet Service Provider (ISP). An IP Address may be identified and logged automatically in our server log files whenever you access the website, along with the time of the visit and the page(s) that you visited. Collecting IP Addresses is standard practice and is done automatically by many websites, applications and other services, such as Google Analytics. MedoSync may use IP Addresses to calculate usage levels of the web site, to administer the site and to diagnose problems with servers. 

Via cookies and other similar technologies: 

“Cookies” include commonly used pieces of information in the form of small files that are placed on an individual’s device to enable the individual to more easily communicate and interact with the website. When you visit a website, it can send one or more cookies to your device. These cookies enable us to store information about your device which helps us, amongst other things, to provide you with a good experience when you browse and enhance the level of services and functions provided. Please review our Cookies Policy (which can be found on our website) for more information. 

Via recruitment and employment processes 

We will process certain personal information about our employees, that we collect during the job interview process, at the start of employment and during the course of employment. We process this personal data to the extent permitted or required under applicable law, for purposes connected with employment, such as human resources, payroll management and administration.  

How we use that information

We use Personal Data: 

 

  • To facilitate the claiming of the cost of health treatments or investigations that have been carried out i.e., assisting a patient to submit a health insurance claim to their health insurer.  

  • To send information and materials regarding our products and services. To send administrative information such as changes to our terms, conditions, and policies. 

  • To send you marketing communications, with your consent, including via email in compliance with applicable laws and in accordance with your preferences, that we believe may be of interest to you. 

  • To administer and protect our business and platform (including troubleshooting, data analysis, testing, system maintenance, support, reporting and hosting of data). 

  • For our business purposes, such as data analysis, audits, developing new products, enhancing, improving or modifying our website and services, identifying usage trends, determining the effectiveness of our operations and expanding our business activities. 

  • For recruitment and employment purposes, such as staff management, performance review, training records, appointments, removals, personal development and administration. 

  • As we believe to be necessary or appropriate: (a) under applicable law, including laws outside your country of residence; (b) to comply with legal process; (c) to respond to requests from public and government authorities including public and government authorities outside your country of residence; (d) to enforce our terms and conditions; (e) to protect our operations; (f) to protect our rights, privacy, safety or property, you or others; and (g) to allow us to pursue available remedies or limit the damages that we may sustain. 

We have set out below, in a table format, a description of all the ways we plan to use your personal data, and which of the legal bases we rely on to do so. We have also identified what our legitimate interests are where appropriate. 

Note that we may process your personal data for more than one lawful ground depending on the specific purpose for which we are using your data. Please contact us if you need details about the specific legal grounds we are relying on to process your personal data where more than one ground has been set out in the table below. 

Purpose/Activity 

Type of data 

Lawful basis for processing including basis of legitimate interest 

To submit a patient’s insurance claim form to the health insurer. 

Personal data, Sensitive data. 

With the patient’s consent. 

 

Where processing is necessary in the performance of a contract with a hospital or clinic. 

To send information and materials regarding our products and services. To send administrative information such as changes to our terms, conditions, and policies. 

Personal data 

 

Where processing relates to the performance of a contract with a hospital or clinic. 

 

To send hospitals and clinics marketing communications, including via email in compliance with applicable laws and in accordance with your preferences, that we believe may be of interest to you. 

Personal data, 

Other information 

With the consent of the personnel within the hospital and/or clinic. 

To administer and protect our business and platform (including troubleshooting, data analysis, testing, system maintenance, support, reporting and hosting of data). 

Personal data, 

Other information 

Necessary for our legitimate interests (for running our business, provision of administration and IT services, network security, to prevent fraud and in the context of a business reorganisation or group restructuring exercise). 

 

Necessary to comply with a legal obligation. 

For our business purposes, such as data analysis, audits, developing new products, enhancing, improving or modifying our platform and services, identifying usage trends, determining the effectiveness of our operations and expanding our business activities. 

Personal data, 

Other information 

Necessary for our legitimate interests (to study how customers use our products/services, to develop them, to grow our business and to inform our marketing strategy). 

For recruitment and employment purposes, such as staff management, performance review, training records, appointments, removals, personal development and administration. 

Personal data,  

Sensitive data. 

Necessary for the performance of our contract with each employee. 

As we believe to be necessary or appropriate: (a) under applicable law, including laws outside your country of residence; (b) to comply with legal process; (c) to respond to requests from public and government authorities including public and government authorities outside your country of residence; (d) to enforce our terms and conditions; (e) to protect our operations; (f) to protect our rights, privacy, safety or property, of you or others; and (g) to allow us to pursue available remedies or limit the damages that we may sustain. 

Personal data, 

Sensitive data. 

Necessary to comply with a legal obligation. 

 

Necessary for our legitimate interests to prevent fraud. 

 

 

How we share information that we collect

We share your Personal and Sensitive Data with your health insurance company using appropriate organisational and technical measures in order to protect your data.  

If you would like more information about the safeguards that are in place in connection with these transfers, please contact us using the contact details in Section 1.9. 

 

We may release Personal Data as we believe necessary and appropriate to law enforcement, tax, fraud prevention, credit risk agencies and other companies and organisations for the reasons given under Section 1.4 above. 

 

We use and disclose Other Information for any purpose, except where we are required to do otherwise under applicable law. If we are required to treat Other Information as Personal Data under applicable law, then we would use or disclose it in the same way that we use and disclose Personal Data. In some instances, we may combine Other Information with Personal Data (such as combining your name with the name of your organisation). If that combination permits you to be identified, we will treat the combined information as Personal Data for as long as it is combined. 

How we store and secure information that we collect

We have implemented appropriate organisational, technical, and administrative measures to protect data within our organisation, including security controls to prevent unauthorised access to our systems. While we take reasonable steps to secure your data from loss, misuse, interference and unauthorised access, modification and disclosure, you should be aware no security procedures or protocols are ever guaranteed to be 100 percent secure from intrusion or hacking, and there is therefore always some risk assumed by sharing Personal Data online. If you have reason to believe that your interaction with us is no longer secure, please immediately notify us in accordance with the Contact Us section below. 

Your rights as a data subject

At any point while we are in possession of or processing your personal data, you, the data subject, have the following rights:

 

  • Right of access – you have the right to request a copy of the information that we hold about you. 

  • Right of rectification – you have a right to correct data that we hold about you that is inaccurate or incomplete. 

  • Right to be forgotten – in certain circumstances you can ask for the data we hold about you to be erased from our records. 

  • Right to restriction of processing – where certain conditions apply, you have a right to restrict the processing. 

  • Right of portability – you have the right to have the data we hold about you transferred to another organisation. 

  • Right to object – you have the right to object to certain types of processing such as direct marketing. 

  • Right to object to automated processing, including profiling – you also have the right not to be subject to the legal effects of automated processing or profiling. 

  • Right to complain and judicial review: in the event that MedoSync refuses your request under rights of access, we will provide you with a reason as to why. You have the right to complain as outlined in Section: Other important details.

How you can access and control your information

If you would like to access, correct, amend, remove, object or limit the use or disclosure of any Personal Data about you that has been collected and stored by MedoSync, or have it transferred to another organisation, please notify us at dataprotection@medosync.com  so that we may consider and respond to your request in accordance with applicable law. 

You can opt-out of receiving marketing messages from MedoSync by unsubscribing through the unsubscribe or opt-out link in an email or by sending an email to dataprotection@medosync.com. We will comply with your request(s) as soon as reasonably practicable. Please note that if you opt-out of receiving marketing-related emails from us, we may still send you important administrative messages. 

For your protection, we only implement requests with respect to the Personal Data associated with the particular email address that you use to send us your request, and we need to verify your identity before implementing your request. We will action your request within one month. 

Please note that we need to retain certain information for recordkeeping purposes and/or to complete any transactions that you began prior to requesting such access, change or deletion. 

Other important informations

How long MedoSync will retain your Personal Data 

To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements. We operate a Data Retention Policy and Schedule, which can be viewed by request to dataprotection@medosync.com. 

 

In some circumstances we may anonymise your personal data (so that it can no longer be associated with you) for research or statistical purposes in which case we may use this information indefinitely without further notice to you.

Third Party Sites 

Some websites, social media and applications permit you to link to other websites on the Internet through direct links or through applications such as “share” or “like” buttons, and other websites likewise may contain links to our sites. The information practices or content of such other websites is governed by the privacy statements of those websites and not by this Privacy Policy. We encourage you to review the privacy notices found on such other websites, services and applications to understand how your information is collected and used by them. 

 

Similarly, please note that we are not responsible for the collection, use and disclosure policies and practices (including the data security practices) of other organisations, such as Apple, Facebook, Google, LinkedIn, Microsoft, Twitter or any other app developer, app provider, social media platform provider, operating system provider, wireless service provider, or device manufacturer, including any Personal Data you disclose to other organisations through or in connection with the Apps or the Social Media Page.

Personal data of Children 

MedoSync may process information about minors under the age of 18, where their information has been provided, and where the processing has been consented to, by the parent or legal guardian.  

Changes to this Privacy Policy 

MedoSync may amend this Privacy Policy from time to time. The “date amended” appears at the bottom of this privacy policy and this date indicates when the Privacy Policy was last revised. 

Contact Us 

Your privacy is important to us. If you have any questions, concerns, or complaints regarding this privacy policy, the way we collect and handle your information, please contact: 

Email:  dataprotection@medosync.com  

 

Because email communications are not always secure, please do not include bank account information or other sensitive (special categories of personal data) information in your emails to us. 

 

Your right to make a complaint 

MedoSync will take any privacy complaint seriously and any complaint will be assessed by an appropriate person with the aim of resolving any issue in a timely and efficient manner. We request that you cooperate with us during this process and provide us with any relevant information that we may need. 

 

You also have the right to complain to a data protection authority about our collection and use of your Personal Data. Their contact details are as follows: 

 

Data Protection Commission 

21 Fitzwilliam Square South 
Dublin 2 
D02 RD28 
Ireland 

Privacy Policy – Date Amended: 27 April 2022. 

OUR SITE USES COOKIES

Cookies help us deliver the best experience on our website. By using our website you agree to the use of cookies.

Find out how we use cookies.