Introduction

InductiveHealth Informatics (“InductiveHealth”) respects your privacy. This Privacy Statement informs you about our privacy practices including details of the personal data we collect, use, disclose and transfer as well as choices you can make and rights you can exercise about your data. This Privacy Statement is available from a link on the footer of every InductiveHealth web page.

This Privacy Statement applies to all InductiveHealth-owned websites, domains, services, applications, and products, and those of our subsidiaries, except that a privacy policy or statement specific to a program, product or service may supersede or be supplemented by this Privacy Statement. InductiveHealth understands that your privacy is important to you and that you care about how your data is used. InductiveHealth respects and values the privacy of everyone who visits this website and will only collect and use personal data in ways that are described here, and in a way that is consistent with our obligations and your rights under the law.

About Us

Since our founding in 2013, InductiveHealth has become a leading provider in disease surveillance systems throughout the United States. Inductivehealth partners with Federal, State, Tribal, Local, and Territorial jurisdictions to deliver unique and scalable disease surveillance solutions to fit our clients needs and the ever changing public health landscape. At InductiveHealth, our mission is to stop disease through technology. We believe that when epidemiologists and public health experts team up with with engineers and technologists, we have the ability to make that mission a reality.

The below table provides the contact information for InductiveHealth’ s Data Protection Office.

Data Protection Office:

Name: Gregory Smith

Email Address: privacy@inductivehealth.com

Postal Address: 3107 Clairmont Rd suite c, Atlanta, GA 30345

What Does This Policy Cover?

InductiveHealth respects your privacy. This Policy informs you about our privacy practices including details of the personal data we collect, use, disclose and transfer, as well as choices you can make and rights you can exercise about your data. This Privacy Statement is available from a link on the footer of every InductiveHealth web page.

This Policy applies to all InductiveHealth-owned:

Privacy Principles

We have an accountability-based program and are committed to the following principles, which are based on internationally recognized frameworks and fair information practices:

  • LAWFULNESS, FAIRNESS & TRANSPARENCY: We process personal data in accordance with the law, and with transparency and fairness to you. Our data processing activities are conducted: 1) with your consent; 2) in order to fulfill our contractual obligations;   3) for the legitimate interest of our company, or 4) in accordance with legal obligations.
  • NOTICE & CHOICE OF DATA USE: We are transparent and provide clear notice to you about the types of personal data collected and the purposes for which it is collected and processed. We will not use personal data for purposes that are incompatible with these Principles, our Privacy Statement, or specific notices associated with InductiveHealth Services.
  • DATA ACCESS: We provide you with reasonable access along with the ability to review, correct, amend, or delete the personal data you have shared with us, unless prohibited because of our legitimate interest or legal obligations.
  • DATA INTEGRITY & PURPOSE LIMITATION: We only use personal data for the purposes described at the time of collection or for additional compatible purposes in accordance with law. We take reasonable steps to ensure that personal data is accurate, complete, and current. We only collect personal data which is relevant and limited to what is necessary for the purposes for which it is collected. We will keep personal data for no longer than is necessary for the purposes for which it was collected and then we will securely delete or destroy it, unless required by law to maintain it.
  • DATA SECURITY: To protect personal data against unauthorized use or disclosure, we implement strong information security controls in our own operations and offer market-leading products and solutions with high levels of data security protection.
  • ACCOUNTABILITY FOR ONWARD TRANSFER: We acknowledge our potential liability for transfers of personal data among InductiveHealth entities or to third parties. Personal data will only be shared when third parties are obligated by contract to provide equivalent levels of protection.
  • RECOURSE, OVERSIGHT & ENFORCEMENT: We are committed to resolving any concerns regarding your personal data. We voluntarily participate in several international privacy programs that provide recourse to individuals if they feel InductiveHealth has not adequately respected their rights.

What Information We Collect About You?

Depending upon your use of InductiveHealth websites, we may collect and hold some or all the personal and non-personal data set out in the table below, using the methods also set out in the table. Please also see the Cookies section for more information about our use of Cookies and similar technologies and our below Cookie Policy.

Information you provide directly to InductiveHealth:

  • Contact Data – We may collect personal and/or business contact information including your first name, last name, mailing address, telephone number, fax number, email address, and other similar data.
  • Payment Data – We collect information necessary for processing payments and preventing fraud, including credit/debit card numbers, security code numbers, and other related billing information.
  • Account Data – We collect information such as how you purchased or signed up for InductiveHealth Services, your transaction, billing and support history, the Services you use and anything else relating to the account you create.
  • Location Data – We collect geolocation data when you enable location-based services or when you choose to provide location-related information during product registration or when interacting with our website.
  • Security Credentials Data– We collect user IDs, passwords, password hints, and similar security information required for authentication and access to InductiveHealth accounts.
  • Demographic Data – We collect, or obtain from third parties, certain demographic data including, for example, country, gender, age, preferred language, and general interest data.
  • Preferences – We collect information about your preferences and interests as they relate to InductiveHealth Services (both when you tell us what they are or when we deduce them from what we know about you) and how you prefer to receive communications from us.
  • Social Media Data – We may provide social media features that enable you to share information with your social networks and to interact with us on various social media sites.
  • Other Unique Identifying Information – Examples of other unique information that we collect from you include product serial numbers, information you provide when you interact in-person, online or by phone or mail with our services centers, help desks or other customer support channels, your responses to customer surveys or contests or additional information you have provided to us to facilitate delivery of InductiveHealth Services and to respond to your inquiries.

Information automatically collected about your use of a InductiveHealth product or service:

  • Product Usage Data – We collect product usage data such as log-in, log-off, duration, pages.
  • Device Data – We collect information about your computer, printer and/or device such as operating system, firmware, amount of memory, region, language, time zone, model number, first start date, age of device, device manufacture date, browser version, device manufacturer, connection port, warranty status, unique device identifiers, advertising identifiers and additional technical information that varies by product.
  • Application Data – We collect information related to InductiveHealth applications such as location, language, software versions, data sharing choices and update details.
  • Performance Data – We collect information regarding the performance of individual device hardware components, firmware, software, and applications.
  • Website Browsing Data – We collect information about your visits to and your activity on our InductiveHealth websites, applications or websites “powered by” another company on our behalf including the content (and any ads) that you view and interact with, the address of the website from which you arrived and other clickstream behavior (such as the pages you view, the links you click or which items you’ve added to your shopping basket).

Information from third-party sources:

  • Fraud prevention or credit reporting agencies – Data collected to prevent fraud and in connection with credit determinations.
  • Analytics Providers – We also receive non-personal data, such as aggregated or de-identified demographic/profile data, from third-party sources such as companies that specialize in providing enterprise data, analytics and software as a service.

How We Use Information About You?

Under the Data Protection Legislation, we must always have a lawful basis for using personal data. The following table describes how we may use your personal data and our lawful bases for doing so.

Performance of a contract:

  • Registering you on our Site: First Name, Last Name, Title, Company, Email, Phone, Country, and Status/Province
  • Providing and managing your Account: First Name, Last Name, Title, Company, Email, Phone, Country, and Status/Province
  • Personalizing and tailoring your experience on our Sites: Contact Data, Payment Data, Account Data, Other Unique Identifying Information
  • Providing and managing your access to Our Site: Name, Email, Phone Number, Address, Payment Details, IP address, device ID and/or location
  • Administering Our Site: Contact Data, Account Data, Location Data, and Other Unique Identifying Information
  • Administering our business: Contact Data, Payment Data, Account Data, Location Data, Security Credentials, Social Media Data, Other Unique Identifying Information
  • Supplying our products and services to you: Contact Data, Payment Data, Account Data, Location Data, Security Credentials, Social Media Data, Other Unique Identifying Information
  • Managing payments for our products and services: Contact Data, Payment Data, Account Data, Other Unique Identifying Information

Legitimate Interest:

  • Personalizing and tailoring our products and services for you: Contact Data, Payment Data, Account Data, Other Unique Identifying Information.
  • Communicating with you: Contact Data, Account Data, Location Data Other Unique Identifying Information
  • Supplying you with information by email or post that you have opted-in to our marketing: Contact Data, Account Data, Location Data, Demographic Data, Preferences, Social Media Data, Other Unique Identifying Information
  • Manage your Data Subject Access Request: Contact Data
  • Administering our User Acceptance Testing (UAT) Environment to improve our product and services: Any Data Type

How We Share Your Information?

We will not share any of your personal data with any third parties for any purposes, subject to the following exceptions:

  • In some limited circumstances, we may be legally required to share certain personal data, which might include yours, if we are involved in legal proceedings or complying with legal obligations, a court order, or the instructions of government.
  • We may share your personal data to comply with laws or to cooperate with a legal investigation or a request from a government authority.
  • We may share your personal data to protect our legal rights and legitimate interests, and those of our business partners, service providers, and customers.
  • We may share your personal data to protect the legal rights, safety, and security of users of our websites and prevent fraud.
  • We may share your personal data with other companies in our group for legitimate business purposes. This includes subsidiaries and/or our holding company and its subsidiaries.
  • We may share your personal data with service providers who help us with: development, maintenance, and support of our websites and mobile applications, marketing research and analysis, communications, and customer service. We do not authorize these service providers to use or disclose your personal information except as necessary to perform tasks we have asked them to do for us or to comply with legal requirements.

If we sell, transfer, or merger part of our business or assets, your personal data may be transferred to a third party.  We may sometimes contract with the following third parties to supply certain products and/or services.

If any of your personal data is shared with a third party, as described above, we will take steps to ensure that your personal data is handled safely, securely, and in accordance with your rights, our obligations, and the third party’s obligations under the law, as described above.

In addition to your rights under the Data Protection Legislation, when you submit personal data via InductiveHealth websites, you may be given options to restrict our use of your personal data. In particular, we aim to give you strong controls on our use of your data for direct marketing purposes (including the ability to opt-out of receiving emails from us which you may do by unsubscribing using the links provided in our emails at the point of providing your details and by managing your Account).

You may access certain areas of InductiveHealth websites without providing any personal data at all. However, to use all features and functions available on InductiveHealth websites you may be required to submit or allow for the collection of certain data. You may restrict our use of Cookies. For more information, see the below Cookies section.

If you want to know what personal data we have about you, you can ask us for details of that personal data and for a copy of it (where any such personal data is held). This is known as a “subject access request.”

All subject access requests should be made in writing and sent to the email or postal addresses shown in the Contact Us section. To make this as easy as possible for you, a DATA SUBJECT ACCESS REQUEST FORM is available for you to use. You do not have to use this form, but it is the easiest way to tell us everything we need to know to respond to your request as quickly as possible.

There is not normally any charge for a subject access request. If your request is ‘manifestly unfounded or excessive’ (for example, if you make repetitive requests), a fee may be charged to cover our administrative costs in responding.

We will respond to your subject access request within one month of receiving it. Normally, we aim to provide a complete response, including a copy of your personal data within that time. In some cases, however, particularly if your request is more complex, more time may be required up to a maximum of three months from the date we receive your request. You will be kept fully informed of our progress.

Your Rights Regarding Your Information

Under Data Protection Law, you have the following rights, which we will always work to uphold:

  • The right to be informed about our collection and use of your data. This Privacy Policy should tell you everything you need to know, but you can always contact us to find out more or to ask any questions using the details in the Contact Us section.
  • The right to access the personal data we hold about you. Data Subject Access Request section will tell you how to do this.
  • The right to have your personal data rectified if any of your personal data held by us is inaccurate or incomplete. Please contact us using the details in the Contact Us section to find out more.
  • The right to be forgotten, e., the right to ask us to delete or otherwise dispose of any of your personal data that we hold. Please contact us using the details in the Contact Us section to find out more.
  • The right to restrict (e., prevent) the processing of your personal data.
  • The right to object to us using your personal data for a particular purpose or purposes.
  • The right to withdraw consent. This means that, if we are relying on your consent as the legal basis for using your personal data, you are free to withdraw that consent at any time.
  • The right to data portability. This means that, if you have provided personal data to us directly, we are using it with your consent or for the performance of a contract, and that data is processed using automated means, you can ask us for a copy of that personal data to re-use with another service or business in many cases.

For more information about our use of your personal data or exercising your rights as outlined above, please contact us using the details provided in the Contact Us section.

Further information about your rights can also be obtained from the Information Commissioner’s Office or your local Supervisory Authority.

If you have any cause for complaint about our use of your personal data, you have the right to lodge a complaint with the Information Commissioner’s Office. We would welcome the opportunity to resolve your concerns ourselves, however, so please contact us first, using the details in the Contact Us section.

Marketing

With your permission and/or where permitted by law, we may also use your personal data for marketing purposes, which may include contacting you by email with information, news, and offers on our products and services. You will not be sent any unlawful marketing or spam. We will always work to fully protect your rights and comply with our obligations under the Data Protection Legislation, and you will always have the opportunity to opt-out. We will always obtain your express opt-in consent before sharing your personal data with third parties for marketing purposes, and you will be able to opt-out at any time.

You have a right at any time to stop other companies in our Group or us from sending you marketing messages or giving your information to other InductiveHealth companies.

You may unsubscribe from our marketing communications by clicking on the “unsubscribe” link located on the bottom of our e-mails, updating your communication preferences, or by sending us email us at PRIVACY@INDUCTIVEHEALTH.COM or postal mail to InductiveHealth Informatics, 3107 Clairmont Rd suite c, Atlanta, GA 30345, Attention: Privacy Office. Customers cannot opt out of receiving transactional emails related to their account with us or the Subscription Service.

Cookies

InductiveHealth websites use analytics services provided by Google Analytics and Bing Analytics. Website analytics refers to a set of tools used to collect and analyze anonymous usage information, enabling us to understand better how InductiveHealth websites are used. This, in turn, enables us to improve InductiveHealth websites and the products and services offered through it.

We use Google Analytics and Bing Analytics, to help us measure visitors and trends for our websites. For more information about how Google collects, uses, and shares your information, please visit the Google Privacy Policy-Partners WEBSITE.

The analytics service(s) used by InductiveHealth websites use(s) Cookies to gather the required information. You do not have to allow us to use these Cookies, however, whilst our use of them does not pose any risk to your privacy or your safe use of InductiveHealth websites, it does enable us to improve InductiveHealth websites continually, making it a better and more useful experience for you.

The analytics service(s) used by InductiveHealth websites use(s) the following Cookies:

  • A first party cookie associated with Google Universal Analytics. This appears to be a new cookie, and as of Spring 2017, no information is available from Google. It appears to store and update a unique value for each page visited.
  • A first party cookie associated with Google Universal Analytics, according to the documentation it is used to throttle the request rate – limiting the collection of data on high traffic sites. It expires after 10 minutes.
  • A first party cookie associated with Google Universal Analytics – which is a significant update to Google’s more commonly used analytics service. This cookie is used to distinguish unique users by assigning a randomly generated number as a client identifier. It is included in each page request in a site and used to calculate visitor, session and campaign data for the site’s analytics reports. By default, it is set to expire after 2 years, although this is customizable by website owners.
  • A first party cookie associated with Google Universal Analytics – which is a significant update to Google’s more commonly used analytics service. This cookie is used to distinguish unique users by assigning a randomly generated number as a client identifier. It is included in each page request in a site and used to calculate visitor, session and campaign data for the site’s analytics reports. By default, it is set to expire after 2 years, although this is customizable by website owners.
  • A third-party cookie widely used by Microsoft as a unique user identifier. It can be set by embedded Microsoft scripts. Widely believed to sync across many different Microsoft domains, allowing user tracking. The main purpose of this cookie is: Targeting/Advertising

In addition to the controls that we provide, you can choose to enable or disable Cookies in your internet browser. Most internet browsers also enable you to choose whether you wish to disable all Cookies or only third-party Cookies. By default, most internet browsers accept Cookies, but this can be changed. For further details, please consult the help menu in your internet browser or the documentation that came with your device.

You can choose to delete Cookies on your computer or device at any time. However, you may lose any information that enables you to access InductiveHealth websites more quickly and efficiently including, but not limited to, login and personalization settings.

It is recommended that you keep your internet browser and operating system up-to-date and that you consult the help and guidance provided by the developer of your internet browser and manufacturer of your computer or device if you are unsure about adjusting your privacy settings.

Your California Privacy Rights

If you live in California, California law allows you to request and obtain from us once a year, free of charge, a list of the third parties which we have disclosed your personal information (if any, and as defined under California law) for the third party’s direct marketing purposes in the prior calendar year, as well as the type of your personal information disclosed to them. If you live in California and would like to request this information, please send your request in an email to PRIVACY@INDUCTIVEHEALTH.COM.

Transferring Your Information to Other Countries

Our websites are provided from within and are subject to laws of the United States. If you are located inside the United States, your personal information is being transferred to, stored, used, and shared in the United States.

Other Websites and Social Media

Our websites contain links to other websites. This privacy policy only applies to InductiveHealth websites and mobile applications so when you visit or use other websites or mobile applications you should read their own privacy policies. Our websites, mobile applications, and communications may contain links to social media websites such as Facebook, LinkedIn, Twitter, and, or GitHub, etc., and social media features, such as the Facebook “Like” and “Share” buttons.

Social media sites and features may collect and use Personal Information from you. We have no control over and are not responsible for the privacy practices, policies, or content of any Social Media websites or Features, even if you link to them from, or use them, on InductiveHealth websites or mobile applications. This Privacy Policy does not apply to any Social Media websites or Features. When you link to Social Media websites or use their Features, you should read their own privacy policies.

Security of Your Information

The security of your personal data is essential to us, and to protect your data; we take a number of important measures, including the following:

  • Information security policy: Our Information security policy states the use of appropriate technical and organizational security measures throughout the data importer’s organization to protect personal data against unauthorized and unlawful processing and against accidental loss, damage or destruction. It will further describe the measures to be taken, and individuals to be notified, in the event of an actual or suspected data or security breach.
  • Information security officer: Appointed a duly skilled, qualified and experienced employee with responsibility for ensuring the security of personal data processed by the data importer throughout its organization.
  • Physical security: Access to data processing facilities will be restricted to duly authorized employees and contractors who have been issued with security badges.  Access to these locations are reviewed monthly.
  • Firewall and anti-virus: Our Sites implement an appropriate firewall, anti-virus, anti-spyware and other anti-malware software and technologies on all networks and systems it uses to process personal data. The data importer will update its firewall, anti-virus, anti-spyware and other anti-malware software and technologies on a regular basis to better protect against the- current virus, spyware, and other malware threats.
  • Encryption: All personal data processed by the data importer on behalf of the data exporter shall be transmitted in encrypted format only, including personal data processed by the data importer on portable media or portable devices.
  • Access controls: Implement technical access controls that restrict access to personal data; it processes to duly authorized employees and contractors only. The data importer will further maintain a log of all access to personal data on its systems by any individual. Duly authorized employees and contractors will be permitted to access personal data only to the extent necessary for the performance of their duties. The data importer will identify and appoint a system administrator with overall responsibility for granting, changing or voiding data access privileges to its data processing systems.
  • Usernames / passwords: Access to personal data will be controlled through access privileges (described above), usernames and confidential passwords. No two employees or contractors may share or use the same username. Employees and contractors will be required to change their passwords on a regular basis. All employee passwords will be stored in encrypted format and must be at least eight characters long consisting of one uppercase letter, one lowercase letter, one numeral, and one symbol.
  • Data separation: Ensure that personal data it processes on behalf of the data exporter is kept logically and/or physically separate from all other data processed by the data importer.
  • Disaster recovery / business continuity: Implement appropriate disaster recovery and business continuity plans that will ensure the availability, security, integrity and (where necessary) restoration of the personal data on the occurrence of a force majeure or similar business interruption event.

Changes to Our Privacy Policy

We keep this privacy policy under regular review, and we will place any updates on our websites.  This privacy policy was last updated on October 10, 2023.

How to Contact Us

Please contact us if you have any questions about our privacy policy or information we have about you:

InductiveHealth Informatics
Data Protection Office
3107 Clairmont Rd suite c

Atlanta, GA 30345
PRIVACY@INDUCTIVEHEALTH.COM