Terms and Conditions of Use
Privacy Shield and Safe Harbor
The Federal Trade Commission (FTC) has jurisdiction over Md7, LLC’s compliance with the Privacy Shield.
The following definitions apply to our Policy: “Data Subject” means all living individuals about whom we hold Personal Data. “Data Controller” means Md7, LLC which is the organization who determines the purposes for which, and the manner in which, any Personal Data is processed and used in our business. “Data Processor” means any person or organization that processes Personal Data on our behalf. “Electronic” means relating to technology having electrical, digital, magnetic, wireless, optical, electromagnetic, or similar capabilities. “Encrypted” means the transformation of data through an algorithmic process or an alternative method that is at least as secure, so that the data can only be accessed with confidential key or password. “Personal Data” means information (whether stored electronically or in paper based filing systems) relating to a living individual who can be identified from that data (or from that data and other information in our possession). Personal Data does not include information that is encoded or anonymized or publicly available information that has not been combined with non-public personal information. “Processing” is any activity that involves use of the Personal Data. It includes obtaining, recording or holding the Personal Data, or carrying out any operation or set of operations on the Personal Data including organizing, amending, retrieving, using, disclosing, erasing or destroying it. Processing also includes transferring Personal Data to third parties. “Sensitive Personal Data” means Personal Data that reveals race, national origin, political opinions, religion or philosophical beliefs, or trade union membership, or that concerns criminal convictions, health, marital status, or sexual orientation, preference or activities.
This Policy applies to Personal Data regarding our employees, customers and vendors received by Md7, LLC in the United States from the EEA and Switzerland in any format, including electronic, paper or otherwise.
Administration Of This Policy
Our Chief Technology Officer is responsible for ensuring compliance with the law and with this Policy. Any questions or concerns about the interpretation or operation of this Policy or about what may or may not be done with regard to Personal Data should be taken up in the first instance with the Chief Technology Officer, Md7, LLC, 10590 West Ocean Air Drive, Suite 300, San Diego, CA 92130.
Personal Data we may collect
We may collect and process the following Personal Data:
- Details necessary to perform human resource functions including but not limited to, name, address, date of birth, employee medical information, social security numbers and details, employee driver’s license numbers and details, state identification card numbers and details and account numbers and details.
- Other information including Personal Data from customers and vendors may be collected for legitimate business purposes or in order to comply with local, state or federal laws or regulations. This may include information collected though input forms on our website or through other means where individuals or companies may request information about our products and services and provide basic contact and financial information such as name, address, telephone number, email address, income and other financial or non-financial information depending on the expressed need.
- Our website uses “cookies” (which may include session cookies and persistent cookies) and other similar technologies. A cookie is a text file that is anonymously placed on your hard disk by a web page server; a session cookie is deleted once the user exits our website, while a persistent cookie remains after exiting the site. Cookies cannot be used to run programs or deliver viruses to your computer. Cookies or other technologies allow us to monitor certain statistics which help us improve our services. Most web browsers automatically accept cookies, but can be modified to decline cookies if you prefer.
A Special Note About Children’s Privacy
Children are not eligible to use our services. You must be at least 18 years old to use this website and we ask that minors under the age of 18 do not submit any Personal Data to us. We do not knowingly collect, use or disclose Personal Data about visitors under 18 years of age.
Use of Personal Data
We may use Personal Data in the following ways:
- To carry out our obligation arising from contracts of employment, including but not limited to payroll functions and reporting to the Internal Revenue Service or state or local equivalent and enrolling employees in health or other benefit programs.
- To carry out our obligations arising from contracts with vendors and customers, including but not limited to payment authorization, tax reporting, marketing and collection.
- We take reasonable steps to ensure that Personal Data is relevant to its intended use, accurate, complete and current.
- Personal Data may be processed in the United States or other locations where we have operations or offices.
Employees, customers and vendors providing Personal Data to Md7, LLC consent to their Personal Data being processed in this way. All Md7, LLC employees who handle personal data from Europe and Switzerland are required to comply with the principles stated in this Policy, and may access and use Personal Data only if they are authorized to do so and only for the purpose for which they are authorized.
Our Responsibility for Personal Data
We will strive to protect Personal Data:
Md7, LLC uses reasonable efforts to maintain the accuracy and integrity of Personal Data and to update it as appropriate to protect Personal Data from loss, misuse, and unauthorized access, disclosure, alteration, or destruction, taking into due account the risks involved in the processing and the nature of the data.
- We have reasonable security procedures in place so that any Personal Data we hold is kept in accordance with this Policy.
- We maintain security measures and technology to assist us so that Personal Data is not disclosed either orally or in writing or via the internet or by any other means, accidentally or otherwise, to any unauthorized third party.
- We use physical, administrative and technical procedures to limit access to Personal Data as described in this policy.
- Although Md7, LLC uses industry standard efforts to safeguard the confidentiality of your Personal Data when you transmit it over the Internet, such as firewalls and Secure Socket Layers, perfect security does not exist on the Internet.
Sensitive Personal Data
Sometimes it is necessary to process Sensitive Personal Data. This may be to ensure that our workplace is a safe place for everyone, or to ensure compliance with federal and/or state laws and regulations such as equal opportunity monitoring. We will give individuals the opportunity to affirmatively and explicitly consent to the processing and disclosure of their Sensitive Personal Data.
Disclosure And Transfer Of Personal Data
Website Links to Other Sites:
Our website contains links that may direct users to other websites. This Policy applies to information provided to Md7 only. Md7 is not responsible for the privacy practices of or the content contained in other websites that may be accessible by links from our website and the privacy practice on those sites may differ from that of Md7, LLC. We are not responsible for any product or services that you download, purchase, or otherwise receive in any manner or form, from a third party website.
Md7, LLC will not send email communications and advertisements unless you submit your email address to us. Providing your email address to us represents your affirmative consent to receive email communications. To stop receiving emails from Md7, please follow the opt-out instructions below or those included in the email you have received.
Data Subject Access Requests
A. Right to Access. We provide Data Subjects with reasonable access to the Personal Data we hold about them. To learn what information we hold about you or to correct, amend or delete that information please submit a written request to our Chief Technology Officer at the address above.
B. Requests for Personal Data. Md7, LLC will track each of the following and will provide notice to the appropriate parties under law and contract when either of the following circumstances arise: (a) legally binding request for disclosure of the Personal Data by a law enforcement authority unless prohibited by law or regulation; or (b) requests received from the Data Subject. If Md7, LLC receives a request for access to his/her Personal Data from an Individual Customer, then, unless otherwise required under law or by contract with such Individual Customer, Md7, LLC will refer such Data Subject to the Individual Customer.
C. Satisfying Requests for Access, Modifications, and Corrections. Md7, LLC will endeavor to respond in a timely manner to all reasonable written requests to view, modify, or inactivate Personal Data.
Enforcement and Oversight of Our Policy
Md7, LLC will conduct periodic compliance audits of our privacy practices to verify adherence to this Policy and the Privacy Shield and Safe Harbor principles. We conduct an annual self-assessment of our practices with respect to Personal Data to verify that representations we make about our Personal Data privacy practices are true and that related privacy policies have been implemented as represented. Any employee found to have violated this Policy is subject to disciplinary action, up to and including termination of employment.
Questions or Complaints
Individual customers may contact Md7, LLC with questions or complaints concerning this Policy by sending written notice to Chief Technology Officer, Md7, LLC, 10590 West Ocean Air Drive, Suite 300, San Diego, CA 92130. Md7, LLC resolves to respond to questions or complaints within forty-five (45) days of receipt.
Enforcement and Dispute Resolution
Customers, vendors and employees may file a complaint with Md7, LLC in connection with the processing of their Personal Data under the Privacy Shield (EU) or Safe Harbor (Swiss) Principles, as applicable. Md7 commits to resolve complaints about your privacy and our collection or use of your personal information. If you do not receive timely acknowledgement of your complaint, or if your complaint is not satisfactorily addressed by Md7, LLC, information about how EU Individual Customers may file a complaint can be found at https://www.privacyshield.gov/article?id=How-to-Submit-a-Complaint. Information about how Swiss individuals may file a complaint can be found at https://build.export.gov/main/safeharbor/swiss/eg_main_018511.
We also cooperate with the following dispute resolution bodies to address individuals’ complaints regarding privacy issues: (i) for Customer and vendor complaints, we cooperate with JAMS, a third party dispute resolution provider, in accordance with its applicable commercial rules; and (ii) for complaints concerning our handling of employee Personal Data, we cooperate with the relevant EU data protection authorities and the Swiss Federal Data Protection and Information Commissioner. We will take steps to remedy any issues arising out of a failure to comply with the Privacy Shield (EU) or Safe Harbor (Swiss) Principles. Please contact us as specified above to address any complaints regarding our Personal Data practices. Md7, LLC also resolves to promptly respond to questions from the U.S. Department of Commerce. To the extent Md7, LLC becomes subject to an FTC or court order based on non-compliance, any relevant Privacy Shield related sections of any compliance or assessment report submitted to the FTC will be made public.
Changes in this Policy