Effective Date: 9/18/19
Panalgo (formerly known as Boston Health Economics, LLC; “BHE” or “We”) collects certain information through the products and services we provide (collectively, our “Services”).
We have used our best efforts to make this Policy easy for You to read and understand, but please email email@example.com or call 781-290-0808 if you have any questions.
What “Data” is covered under this Policy?
Generally, Data includes any information We collect about you, whether from you directly or through service providers and partners, and all Data is covered by this policy. Specifically:
- “Non-Personal Data” is information that We could not use to identify any living individual.
- “Personal Data” is data about any living individual that can be used to identify the individual. This includes data that could identify an individual on its own as well as data that can only identify someone when combined with other data We have (regardless of whether We already have the other data or are just likely to have it in the future).
- We call Data about how our website is used “Usage Data,” and it’s important to recognize that some Usage Data is Non-Personal Data (like time measurement), while some is Personal Data (like an IP address).
- We refer to Non-Personal Data and Personal Data, collectively, as “Data” in this Policy.
Data We Collect
- We collect Data from individuals who use our Services as well as from our partners and vendors (we explain this more in this Policy). This could include anyone from users who are given access to our software because of their employer’s subscription to prospective customer contacts to individuals with no ties to the healthcare industry who read our blog.
- We collect the following types of Personal Data (this is typically collected from You directly):
- Your name, including first name and last name
- Contact information, including e-mail address and telephone number
- Business information, including company name, office addresses, identification numbers, and job titles
- We collect the following types of Usage Data (this is typically collected automatically):
- Number of page visits
- Browsing patterns
- Time spent on the Panalgo website
- Type of browser
- Internet Protocol (IP) address
- We also use “cookies” to collect certain information. Data collected through cookies may include Usage Data (whether or not personal) and Personal Data. A cookie is a string of data our system sends your computer and then uses to identify your computer when you return to our website.
- You can set up most browsers to refuse all cookies or to notify you of any cookies you receive. If you don’t accept cookies, you may not be able to use our Services as efficiently (and you may not be able to use some features of our Services at all).
- Our Services are not intended to collect Data from children or from anyone under 18. If you are aware of children’s information collected through our Services, please contact us immediately at firstname.lastname@example.org.
Our Use of Personal Data
- We use Personal Data to create account credentials, communicate with you about the Services we provide you, offer you additional Services, provide you with general Panalgo updates, support your use of the Services, administer and invoice you for Services, and as necessary to enforce our rights and prevent imminent harm to persons or property.
- Do Not Track Notice
- Do Not Track (“DNT”) is a setting in a web browser that directs websites not to track your behavior. You can activate the DNT settings through most browsers.
- We do not track users over time and across third party Websites, so we do not respond to DNT signals.
- We have not authorized any third party to track consumers or visitors while they are on our Website, and we are aware of no such tracking.
- We collect information about visitors to our website as well as contact information provided voluntarily through our contact form. We may use this information for activities such as understanding who is visiting us, tailoring our messages, and responding to contact requests. We do not sell this information to anyone. You may opt out of any future contacts from us at any time, by unsubscribing via sent email or contacting us via the phone number given on our website.
Retention of Personal Data
We retain Personal Data so long as it serves the purposes listed in this Policy, including to operate our Services, send You notices and other general messages (unless you’ve unsubscribed), to collect and monitor traffic and other usage statistics at our website, to resolve disputes, to enforce the terms of contracts for our Services, and to comply with our legal obligations.
Transfer of Personal Data
Contractor and Other Third Party Access to Data (including Personal Data)
- We give certain independent contractors access to Data. Those contractors assist us with general business management, such as marketing efforts, security controls, support ticket tracking, and other efforts that allow us to offer the Services. All of these contractors are required to sign contracts in which they promise to protect Personal Data using procedures reasonably similar to ours.
- We also may disclose Data (including Personal Data) to attorneys, collection agencies, or law enforcement authorities to address potential AUP violations, other contract violations, or illegal behavior. We also disclose Data demanded in a court order or otherwise required by law or to prevent imminent harm to persons or property.
- We may share Data in connection with a corporate transaction, like a merger or sale of our company, or a sale of all or substantially all of our assets or of the product or service line you received from us, or a bankruptcy.
- As noted above, we compile statistics from Data collected through cookies. We may publish those statistics or share them with third parties, but not in a format that includes Personal Data.
- Amongst other internal policies, We employ administrative, physical, technical, and other safeguards to protect your Data. These include:
- Administrative Safeguards
- Audit Log Review
- Segregation of Duties
- Access Control
- Physical Safeguards
- RFID (datacenter) and key protected doors
- Cameras in our datacenters
- Off-site backups in remote location with restricted access
- Technical Safeguards
- User IDs and passwords
- Security patches
- Records Monitoring
- Record Retention Policies
- Employee Training
- Vendor Oversight Programs
- Although We take reasonable steps selecting vendors who make limited and legal use of your Personal Data, we cannot guarantee the security of Personal Data. By using our Services, you acknowledge and agree that we make no such guarantee.
Accessing and Correcting Your Personal Data
You can access and change any Personal Data we store by contacting us via e-mail, at email@example.com.
Special Terms related to the European Economic Area
If you are in the European Economic Area (“EEA”), the provisions of this Section apply to you:
- Legal Basis for Processing. We may process your Personal Data for a number of reasons, including:
- You have given us permission to do so
- The processing is in our legitimate interests and it’s not overridden by your rights
- The processing is necessary to provide the Services to You
- To protect your vital interests
- We need to process the Data in order to comply with the law
- Your Rights Under the General Data Protection Regulation (“GDPR”). If you wish to know what Personal Data we hold about you, to have us remove it, or otherwise to exercise your rights, please contact us at firstname.lastname@example.org. In some cases, you also have the following rights related to your Personal Data:
- The right to access, update, or delete your Personal Data.
- The right of rectification—to have your information altered if it is inaccurate or incomplete.
- The right to object to our processing of your Personal Data.
- The right of restriction—to request that we restrict how we process your Personal Data.
- The right to data portability—to receive a copy of the information we have on you in a structured, machine-readable, and commonly used format.
- The right to withdraw consent to our processing of your Personal Data.
- The right to complain to an EEA data protection authority (a government agency) about our management of your Personal Data.
You may also reach us by mail at:
265 Franklin Street
Boston, MA 02110