Effective Date: October 1, 2022
Caidya (“Caidya”, “we”, us” or “our”) is committed to protecting the privacy and security of your personal information. This Caidya Privacy Policy (“Privacy Policy”) describes the types of personal information and other information we collect from and about you when you interact with us or use our websites, web portals, mobile applications, or other services (collectively, the “Services”) and how we use and share your information.
This Privacy Policy is directed to:
As you read this Privacy Policy, please consider the following important information:
The types of information that we may collect and receive from you while you use the Services are described in this section and include both information that you provide to us, information that we collect automatically when you use the Services, and information that we collect from third party sources.
Personal Information: Personal information is information from which an individual may be identified directly or indirectly. Personal information may include information such as your name, postal address, telephone number, email address, date of birth, device and browsing information, such as your IP address, and health, financial and professional information.
We may collect personal information that you provide to us through our Services. For example, you may provide your personal information to us: through your completing forms or setting up accounts on one of our websites or web portals; through an enrollment form to register for one of our programs or services; through your requests to receive marketing materials and information about our products or services; by contacting a Caidya customer service department; or by responding to Caidya questionnaires or surveys.
Cookies and other similar technologies: When you use our Services, we may also collect information relating to your usage or visits to our websites and your devices. This information is generally collected using server log files, cookies, “pixel tags,” and tools, such as, Google Analytics.
Server Log Files: Your Internet Protocol (IP) address is an identifying number that is automatically assigned to your computer by your Internet Service Provider (ISP). This number is identified and logged automatically in our server log files whenever you visit our websites, along with the time(s) of your visit(s) and the page(s) that you visited. We use the IP addresses of all visitors to our websites to calculate our websites’ usage levels, to help diagnose problems with website servers, and to administer the websites. We may also use IP addresses to communicate with or block access by visitors who fail to comply with our terms and conditions for use of our Services. Collecting IP addresses is standard practice on the Internet and is carried out automatically by many websites. However, Caidya does not combine traffic data with user accounts.
Cookies: Cookies are data that a web server transfers to an individual’s computer for record-keeping purposes. Cookies are an industry standard used by most websites and help facilitate users’ ongoing access to and use of a particular website. Cookies do not cause damage to your computer systems or files, and only the website that transferred a particular cookie to you can read, modify, or delete such cookie. If you do not want information collected using cookies, there are simple procedures in most browsers that allow you to delete existing cookies, to automatically decline cookies, or to be given the choice of declining or accepting the transfer of cookies to your computer. You can set your browser to refuse cookies, but some portions of our websites may not work properly if you refuse cookies. A session cookie is one that exists for the time-period that your browser is open. A persistent cookie is one that is saved on your device/computer even after the browser is closed. Like many websites, we may use both session cookies and persistent cookies. To find out how to see what cookies have been set and how to reject and delete cookies, please visit //www.aboutcookies.org.
Pixel Tags: Our websites may use so-called “pixel tags”, “web beacons”, “clear GIFs” or similar means (collectively, “pixel tags”) to compile aggregate statistics about website usage and response rates. Pixel tags allow us to count users who have visited certain pages on our websites, to deliver branded services, and to help determine the effectiveness of promotional or advertising campaigns. When used in HTML-formatted email messages, Pixel Tags can tell the sender whether and when the email has been opened.
Google Analytics: We may use Google Analytics, a web analysis service provided by Google, to better understand website usage. Google Analytics collects information such as how often users visit websites, what pages they visit and what other websites they used prior to visiting. Google uses the data collected to track and examine the use of the websites, to share such data with other Google services, or to personalize the ads of its own advertising network. Google’s ability to use and share information collected by Google Analytics is restricted by the Google Analytics Terms of Service and the Google Privacy Policy. To opt-out of analysis by Google Analytics on our websites, please visit //tools.google.com/dlpage/gaoptout.
The personal information that is collected in connection with our Services may be used in any of the following ways:
The information that we collect from your devices is used to better design our websites. We analyze the information we collect to enhance our websites’ security and to track the popularity of certain pages on the websites, the success of our email notifications, traffic levels on the websites, and other usage data, all of which helps us to provide content tailored to your interests and improve our websites and related Services.
We do not make any decisions about you based solely on automated processing of your information, including profiling, unless we inform you, as required by applicable laws.
We may share your personal information with third parties with whom we have contracted, as well as affiliates and business partners. We will require these recipients to use your personal information only for appropriate purposes and take appropriate measures to protect your personal information.
In the event that we sell or transfer all or a portion of our business or assets to a third party, such as in the event of a corporate sale, merger, reorganization, dissolution or similar event, we may transfer information that we have collected to such third party. We will require such a third party to continue to comply with this Privacy Policy.
We may disclose information if we believe it is necessary: (a) to comply with any law applicable to us, a request from law enforcement, a regulatory agency, or other legal process; (ii) to protect the legitimate rights, privacy, property, interests, or safety of Caidya, our patients, business partners, personnel, or the general public; (iii) to pursue available remedies or limit damages; (iv) to enforce our terms and conditions on our products or services; or (v) to respond to an emergency. We reserve the right to disclose personal information when we believe in good faith that such action is necessary to comply with a legal obligation.
In addition to the disclosures described in this Privacy Policy, we may share information about you with third parties when you consent to or request such sharing.
Caidya has relationships with third party advertising companies to place advertisements on this website and other websites, and to perform tracking and reporting functions for this website and other websites. These third party advertising companies may place cookies on your computer when you visit our websites or other websites so that they can display targeted advertisements to you. These third party advertising companies do not collect Personal Data in this process, and we do not give any Personal Data to them as part of this process. However, this Privacy Policy does not cover the collection methods or use of the data collected by these vendors. For more information about third party advertising, please visit the Network Advertising Initiative (NAI) at www.networkadvertising.org.
Our websites may contain links to third party websites, which are not operated or controlled by Caidya and for which Caidya is not responsible. The links from the websites do not imply that Caidya endorses or has reviewed the third party websites. Once you leave one of our websites, we are not responsible for the protection and privacy of any information you provide. We suggest contacting those third parties directly for information regarding their privacy practices.
Caidya operates in many countries around the world and your personal information may be accessible to or shared with any of our locations, our affiliates, consultants, contractors, service providers, suppliers and vendors in various countries for the purposes specified in this Privacy Policy.
The laws in certain countries may not provide the same level of protection as the laws in your country or region. When that is the case, and as required by applicable laws, we take steps to protect your information, such as by entering into contracts with recipients of your information or by implementing additional data protection safeguards.
By using our websites or Services or you are otherwise providing information to us, you hereby expressly consent to the transfer of your personal information outside your country or region.
Protecting the privacy of children is especially important to us. We take seriously our obligations under applicable laws concerning the collection of personal information from children. Our Services are not directed to children and we do not knowingly allow children to communicate with us or use any of our websites or Services. We request that children do not provide any personal information through our websites or in connection with the Services. If you are a parent and become aware that your child has provided us with personal information, please contact us at [email protected].
Caidya participates in the EU-US Data Privacy Framework, UK Extension to the EU-US Data Privacy Framework, and Swiss- U.S. Data Privacy Framework. Click here to learn more.
If you would like your personal information removed from our systems, changed or updated, you can click here and submit the form to [email protected]. If requested, we will promptly verify and delete your account and you will no longer receive emails or other communications from Caidya. Your removal from the mailing list or our systems will not remove records of past transactions or delete information stored in our data backups and archives where we are required to keep your data for legitimate business or legal requirements. Data on past transactions and data stored in backups and archives will be deleted in the normal course of our business.
Under certain laws, such as the European Union’s General Data Protection Regulation (GDPR), the California Consumer Privacy Act of 2018 (CCPA), the California Privacy Rights Act of 2020 (CPRA) or China’s Personal Information Protection Law and Cybersecurity Law (including their implementing regulations and national standards), you may have the following rights with respect to your personal information:
We will respond to your requests within the time period prescribed by applicable laws. Under certain circumstances, Caidya may ask you for specific information to confirm your identity and ensure the exercise of your rights. This is a security measure to safeguard personal information. We will notify you when your request is completed, if we deny your request to exercise your rights (because, for example, an exception applies), or if there is a fee associated with processing your request.
You may designate an authorized agent to exercise your rights on your behalf. In such case, we will also need to verify your agent’s identity and obtain proof of your authorization. We may need to deny a request from an agent whose identity or authorization we cannot verify.
If you believe that Caidya has processed information in a manner that is unlawful or breaches your rights, or has infringed applicable laws, you may have the right to complain directly to your local data protection authority. Without limiting any rights to complain directly to an authority, we are committed to protecting personal information, and complaints may be made directly to us.
We will not discriminate against you for exercising any data subject right you have under applicable law.
Caidya stores personal information and other data using reasonable physical, technical and administrative safeguards to secure information and data against foreseeable risks, such as unauthorized use, access, disclosure, destruction or modification. Please note, however, that while Caidya has endeavored to create secure and reliable websites for our users, the confidentiality of any communication or material transmitted to or from one of our websites or via e-mail cannot be guaranteed. You should take special care in deciding what information you transmit, upload, send, or otherwise submit to Caidya.
In case of a personal information security incident, as required by applicable laws, we will inform you in a timely manner and report the incident to the relevant regulatory authorities.
We retain your information for as long as it is necessary for the purposes set out in this Privacy Policy, unless required by law to retain it for a longer period of time. To determine the appropriate retention period for information, we consider the amount, nature and sensitivity of the information, the potential risk of harm from unauthorized use or disclosure of the information, the purposes for which we process the information, whether we can achieve those purposes through other means, and all applicable global legal, regulatory, and compliance requirements.
We may update this Privacy Policy from time to time. At a minimum, we will post an updated version on our websites. Caidya encourages you to review this Privacy Policy regularly for any changes. Any changes will be effective immediately upon posting of the revised Privacy Policy, and your continued use of our websites or our Services will be subject to the then-current Privacy Policy.
If you have any questions about this Privacy Policy or about our handling of your personal information, please contact us at: [email protected].
We endeavor to respond to your request as soon as reasonably possible in compliance with all applicable laws.
We are required to comply with the European Union’s and the United Kingdom’s General Data Protection Regulations (“GDPR”/”UKGDPR”), Switzerland’s Federal Act on Data Protection (FADP) and similar applicable local laws with regards to certain personal information we collect. The data controllers of your personal information are the Caidya entities referenced when we collect your personal information. Please contact us if you have any questions about the controller or controllers of your personal information.
Sensitive Personal Data. We may process special categories of information (e.g., sensitive personal data that reveals racial or ethnic origin or genetic, biometric and health information, etc.) only where you give us your explicit consent, or when our processing is for scientific research purposes, necessary to meet a legal or regulatory obligation, in connection with the establishment, exercise or defense of legal claims, or is otherwise expressly permitted by law. If we need to collect your personal information by law or under the terms of a contract we have with you and you do not provide the requested information, we may not be able to perform the contract we have, or are trying to enter into, with you.
The servers where your personal data are stored may be located in the United States and other countries that have not been deemed by the European Commission to provide an adequate level of protection for personal data. In addition, we may share personal data with our affiliates and external service providers and third parties located outside of the EEA. When we transfer personal data out of the EEA to other countries that have not been deemed adequate, we will implement one or more of the safeguards deemed to provide appropriate safeguards by the European Commission, which may include EU Standard Contractual Clauses, transfers to organizations that protect personal data under binding corporate rules, or transfers to organizations that operate under an approved code of conduct or certification mechanism.
Effective Date: November 26, 2023
Click here to download or print a copy of this Privacy Policy.
This Privacy Notice is directed at individuals (“you”, “your”, “job applicants”, “contractors”, “employee(s)”) who provide dMedClinicial Company Limited and its affiliates and subsidiaries (hereinafter: “Caidya”, “we”, “us”, “our”) with personal information to: (1) apply for and seek employment opportunities with Caidya; (2) have decisions made regarding your employment status with Caidya; (3) are employees of Caidya (including full-time, part-time, outsourced, dispatched or interns); or (4) are contracted to work with Caidya.
Caidya is the data controller of your job applicant, contractor or employee personal information (i.e., the entity that determines why your personal information is collected and how your personal information is used). As such, Caidya is providing you with this Privacy Notice which describes how Caidya uses the personal information we collect about you and how you may exercise your rights regarding Caidya’s use of your personal information.
As you read this Privacy Notice, please keep in mind the following important information about how this Privacy Notice applies to you:
Caidya may collect and process any of the following categories and examples of personal information about you. Please keep in mind that this list includes the most common categories and examples of personal information Caidya collects about you, and not every category or example of personal information is contained in this list:
Sensitive Personal Information. Certain personal information Caidya collects about you may be considered sensitive personal information under applicable laws. To protect such sensitive personal information, we will:
Website Information. Our websites automatically collect the following information through cookies and other data collection technologies:
This information is necessary for the proper functioning of our websites and their services, as well as our internal business analytics purposes, such as audience measurement.
For more information on our cookies and other data collection technologies, please read the Cookies Policy or Privacy Policy applicable to the website you are accessing.
Required Information. The provision of certain types of personal information may be required in order for us to process your personal information for certain purposes. This may be because applicable laws necessitate that certain information is required as part of a job application, work as a contractor, or as an employee.
Required information will be marked as required at the time of collection of your personal information so that you are aware that it is required. If you decide not to provide the required information, Caidya may not be able to process your personal information or provide you with the services relevant to your carrying out the job responsibilities at Caidya.
In most cases, we collect your personal information directly from you, such as when you contact us via phone, electronic mail, mail or in person, when you submit information to us on our websites, send us your resume/CV or cover letter, complete an on-line application, form or survey, register for an account on our websites or when you request to receive materials and information from us.
If you are an employee or contractor, we may collect information about you as part of your employment with Caidya, including personal business contact information and location information, banking, benefits, healthcare, salary and stock information, or any other personal information collected by Caidya as part of your employment with the company, such as performance reviews, investigation information, etc.
Sometimes we may obtain your personal information from our authorized third-party sources who you direct or authorize to share your personal information with us, such as your current employer, individuals who serve as your references or other authorized representatives or affiliated organizations, such as job recruiters.
In addition, if you use our websites, we may collect information from your computer or other device through our use of cookies and other data collection technologies. For more information on cookies and other data collection technologies, please read the Cookies Policy or Privacy Policy applicable to the website you are using.
There are many ways we process your personal information, and the ways we process your personal information depends on why we collected it. Depending on your relationship and/or interactions with Caidya, as well as, applicable laws and our own procedures & requirements, Caidya may process your personal information for the following reasons and legal bases:
We do not undertake decisions based solely on automated processing of your personal information, including profiling, unless we inform you as may be required by applicable laws.
We may share your personal information within Caidya with Caidya subsidiary companies located in different countries or regions, with all authorized third parties with whom we have contracted, judicial, administrative or regulatory authorities, or as otherwise permitted by applicable laws. The type(s) of personal information we share and our purposes for sharing it depends on the role of the recipient. We do not, however, sell your personal information that we collect about you. For residences of the State of California, U.S.A,, we do not share your personal information for internet-based advertising or targeted marketing (see below section for California Residents).
Here are examples of who we share your personal information with and the purposes for sharing it:
We retain your personal information for as long as it is necessary for the purposes set out in this Privacy Notice, unless required by our legal obligations to retain it longer. To determine the appropriate retention period for information, we consider the amount, nature and sensitivity of the information, the potential risk of harm from unauthorized use or disclosure of the information, the purposes for which we process the information, whether we can achieve those purposes through other means and all applicable global legal, regulatory, and compliance requirements.
For example, the personal information collected via our job application process is retained in our job applicant database for use in future job searches and applications and for use if you are recruited for a future job opportunity. If you want your information deleted, please reach out to Caidya’s Privacy Team at: [email protected].
We will keep a record of your unsubscribe request, if any, for as long as is necessary to comply with that request. We may also retain certain job application information if required to do so by applicable laws or to defend or prosecute our legal rights.
In addition, Caidya will keep your personal information during:
Caidya operates in many countries around the world and your personal information may be accessible to or be shared with our subsidiary companies, authorized service providers, Judicial, administrative and regulatory parties and agents, advisors, consultants and representatives in various countries for the purposes specified in this Privacy Notice.
Keep in mind that the data privacy and data protection laws or regulations in certain countries may not provide the same level of protection as those in your country or region. When that is the case, and as required by applicable laws, we take legally required steps to protect your personal information when transferred to another country or region, such as entering into contracts with recipients of your information and/or implementing additional safeguards to protect your personal information.
While we have established reasonable physical, administrative and technical measures to protect your personal information from unauthorized access or disclosure, we cannot guarantee its absolute security. You should take special care in deciding what information you transmit, upload, send or otherwise submit to us, unless it is required by Caidya as part of your contract work or employment.
Under certain laws, such as the European Union’s General Data Protection Regulation (GDPR), The Swiss Data Protection Act, The UK Data Protection Act (UK-GDPR), the California Consumer Privacy Act (CCPA), the California Privacy Rights Act (CPRA) or China’s Cybersecurity Law and Personal Information Protection Law (PIPL), including their implementing regulations and national standards, you may have the following rights with respect to your personal information:
Depending on your country of residence and the country where the Caidya entity processing your personal information is established, you may have additional local rights with respect to our processing of your personal information. For example, you may also have the right to raise questions or concerns directly with your local data protection authority.
Please note that some of the personal information that we collect and process about you may be exempt from the rights outlined above.
You can submit your request directly to Caidya by sending us an email at [email protected].
We will respond to your requests within the time period prescribed by applicable laws. Under certain circumstances, Caidya may ask you for specific information to confirm your identity and ensure the appropriate exercise of your rights. This is a security measure to safeguard personal information. We will notify you when your request is completed, if we deny your request to exercise your rights (because, for example, an exception applies), or if there is a fee associated with processing your request.
You may designate an authorized agent to exercise your rights on your behalf. In such case, we will also need to verify your agent’s identity and obtain proof of your authorization. We may need to deny a request from an agent whose identity or authorization we cannot verify.
If you believe that Caidya has processed information in a manner that is unlawful or breaches your rights, or has infringed applicable laws, you may have the right to complain directly to your local data protection authority. Without limiting any rights to complain directly to an authority, we are committed to protecting your personal information, and you may also lodge your complaint(s) directly with us by email to [email protected] or [email protected].
We will not discriminate against you for exercising any of your rights that you have under applicable data privacy and data protection laws.
If you are a California resident and a job applicant of Caidya, the personal information we collect about you in these circumstances is exempt from the rights that are described in the YOUR CHOICES AND RIGHTS Section of this Privacy Notice.
When you are a prospective employee of Caidya, we may collect, use and share the following personal information from you:
We collect and share this personal information for a number of purposes including: managing your job application, conducting pre-employment screening and background checks, fulfilling our legal obligations, improving our recruiting processes and websites, and for our everyday business purposes such as processing payroll, safeguarding Caidya property and defending against misuse or fraud. We may also use your personal information in the event of a sale or transaction of Caidya or Caidya subsidiary companies, including some or all of Caidya’s assets.
We do not sell personal data of California job applicants and we do not share personal data of California job applicants for internet-based advertising or targeted marketing.
If you have questions about this Privacy Notice, you may contact us at: [email protected].
Data Transfers. We may process your personal information outside of China with other Caidya entities or by sharing your personal information with our third-party service providers who will use your personal information to provide services to Caidya or provide services to you as described in this Privacy Notice. In compliance with China’s PIPL, we may be required to obtain your consent to transfer your personal information outside of China. You may be asked to sign a data transfer consent form when applying for a job with Caidya, during employment orientation, or when it is necessary for Caidya to seek consent from its employees. If you do not provide your consent, or if you withdraw your consent at a later period in time, we may no longer be able to provide certain services to you as described in this Privacy Notice, or you may no longer be able to adequately perform your employment responsibilities.
Please contact us at: [email protected] if you have any questions regarding the transfer of your personal information from China.
We are required to comply with the European Union’s and the United Kingdom’s General Data Protection Regulations (“GDPR”), Switzerland’s Federal Act on Data Protection (FADP) and similar applicable local laws with regards to certain personal information we collect. The data controllers of your personal information are the Caidya entities referenced at the beginning of this Privacy Notice. Please contact us if you have any questions about the controller or controllers of your personal information at: [email protected].
Sensitive Personal Information. We process special categories of personal information (e.g., sensitive personal information that reveals racial, sex or ethnic origin, genetic, biometric and health information, political and trade union affiliations, etc.) only where you give us your explicit consent, or when our processing is for scientific research purposes, necessary to meet a legal or regulatory obligation, in connection with the establishment, exercise or defense of legal claims, or is otherwise expressly permitted by applicable laws.
If we need to collect your sensitive personal information by law or under the terms of a contract we have with you and you do not provide the requested information, we may not be able to process your job application or related requests.
Data transfers. Caidya is a global company with offices in China, the United States, and the European Economic Area. As such, Caidya may transfer or provide access to your personal information to its subsidiary companies and affiliates, authorized service providers or collaborators or other third parties in these countries and others that may not provide the same level of protection to your personal information as in your country of residence. When we do so, in the absence of an adequacy decision concerning the recipient country, we rely on safeguards such as approved model contracts (for example the EU’s standard contractual clauses or the UK’s international data transfer agreement), after having carried out an assessment of the level of protection of your rights on the territory of the third country where the recipient of your personal information is established.
Your Data Subject Rights. Rights you may have under the GDPR and related regulations with regards to the personal information we collect and maintain about you are described in the section YOUR CHOICES AND RIGHTS. Under the GDPR, the exercise of these rights may be limited or delayed dependent upon the legal basis for processing your personal information, for example:
Cookies, pixel tags, and other trackers (hereinafter “Cookies”) are small files that allow for storing or retrieving information on your browser or your device (computer, tablet, mobile, etc.) when visiting our websites. Cookies are widely used on websites, mobile applications, software or emails. When you first visit our websites and again if you delete the Cookies or the Cookies expire or change, you will be asked which Cookies you consent to.
Cookies do not recognize you personally, but rather the device you use. Cookies simply give information about your browsing activities in order to recognize the device later on in order to improve the browsing experience, save your preferences or even adapt the services offered to you on the websites. To find out more about cookies, including how to see what cookies have been set, visit www.aboutcookies.org or www.allaboutcookies.org.
We may use the following types of cookies on our websites:
Most web browsers allow some control of most cookies through the browser settings. For example, there are simple procedures in most browsers that allow you to delete existing cookies. If you want to set your computer or mobile web browser to reject all cookies by default, please visit the home page for your browser for instructions. If you reject all cookies, you may still use our websites; however, this may affect the functionality of some areas of our websites.
In addition, your Internet Protocol (IP) address (an identifying number that is automatically assigned to your computer by your Internet Service Provider) is identified and logged automatically in our server log files whenever you visit our websites, along with the time(s) of your visit(s) and the page(s) that you visited. We use the IP addresses of all visitors to our websites to calculate website usage levels, to help diagnose problems with the website servers, and to administer the websites. We may also use IP addresses to communicate with or block access by visitors who fail to comply with our Terms of Use (where applicable).
We do not track our website users over time or across third-party websites to provide targeted advertising. At this time, we do not respond to “Do Not Track” signals from your web browser due to the lack of an established industry standard. For more information about “Do Not Track” signals, please visit https://allaboutdnt.com/.
You may contact us at any time if you have questions or concerns about this Privacy Notice or our practices. Please send an email to: [email protected].
We will endeavor to respond to your request as soon as reasonably possible in compliance with applicable laws.
To protect your privacy and security, we take reasonable steps to verify your identity before granting access to or making corrections with your personal information. Note that despite any requested removal of or change to your personal information there may be residual information that will remain within our databases and other records.
We strive to accommodate all individuals regardless of disabilities. If you need to receive the information contained in this document in a different format, please contact us at: [email protected].
We aim to regularly update this Privacy Notice to reflect our practices. Therefore, we recommend that you periodically review this Privacy Notice. In case of material changes, we may take steps to notify you before they become effective.
Effective Date: September 1, 2024
Caidya (“Caidya”, “we”, “us” or “our”) is committed to protecting the privacy and security of your “Consumer Health Data” (defined below). This Consumer Health Data Privacy Notice supplements all other Caidya Privacy Notices with respect to your Consumer Health Data and applies to our collection of Consumer Health Data subject to the Washington State My Health My Data Act (the “MHMDA”) as well as other similar state consumer health data laws.
This Consumer Health Data Privacy Notice describes the health data that we may collect about you; how we may use that information; and the choices you may make with respect to it.
In this Consumer Health Data Privacy Notice, we use the term “Consumer” to mean: (1) residents of Washington State, and (2) other individuals whose Consumer Health Data we collect in Washington State, consistent with the definition of “Consumer” in the MHMDA. Also consistent with the MHMDA, we use the term “Consumer Health Data” in this Consumer Health Data Privacy Notice to mean personal information that is linked to, or reasonably linkable to, a Consumer and that identifies the Consumer’s past, present, or future physical or mental health status.
This Consumer Health Data Privacy Notice does not apply to any other personal data we collect which may otherwise be covered under one of our other existing Privacy Notices which you will find here at: https://www.caidya.com/privacy-policy/.
We, or our third-party business partners, may collect the following categories of Consumer Health Data about you:
The types of Consumer Health Data we collect about you depends on your relationship with Caidya. Not all of the categories of Consumer Health Data may apply to you. If the nature of your relationship with Caidya changes, additional or different categories of Consumer Health Data may also apply.
If our third-party business partners collect and use your Consumer Health Data on our behalf, this Privacy Notice may not apply and you should consult our third party business partners’ Privacy Notices for more information regarding their privacy practices. (see WHO WE MAY SHARE CONSUMER HEALTH DATA WITH below for more information).
As described further in our other existing Privacy Notices, we may use your Consumer Health Data: (1) to respond to your requests for information about our products and services or to manage or develop our business relationship with you (e.g., to respond to questions, invite you to events, etc.); (2) to determine your eligibility for certain Caidya products, services, or other information; (3) to provide and improve Caidya products and services; (4) in accordance with the terms and conditions of Caidya’s programs; (5) to operate, manage, and maintain our business; (6) to respond to your inquiries and fulfill your requests; (7) to send you administrative information and marketing communications about a particular Caidya product; (8) for our research, development and collaboration efforts including our clinical studies; or (9) for regulatory reporting, such as adverse event reporting or to communicate product safety information to you or for pharmaceutical transparency reporting.
We may also use your Consumer Health Data for our own business purposes including: data analysis, internal audits, developing new products or services or improving existing products or services, identifying usage trends, determining the effectiveness of promotional campaigns, preventing fraud, and for other everyday business purposes, such as contract management, website administration, fulfillment, analytics, corporate governance, reporting and legal compliance.
Additionally, we may use your Consumer Health Data to comply with applicable law, legal processes, responding to requests from public and government authorities, and to protect our rights, operations, and enforce our terms of service.
Further, we or one of our third-party partners may de-identify or anonymize your Consumer Health Data so that it cannot reasonably be reidentified by us or by another person (“De-Identified Data”), and we may use this De-Identified Data for any reason permitted by applicable law. If we de-identify information that was originally based on your Consumer Health Data, we will maintain and use that information in de-identified form and will not attempt to re-identify the data, except as otherwise permitted under applicable law.
Please, note that Caidya does not and will not sell your Consumer Health Data to any third parties.
We, or our third-party business partners, may collect Consumer Health Data directly from you, as well as from the following sources:
We may share your Consumer Health Data with third parties, such as:
Subject to certain legal limitations and exceptions, you have the following rights with respect to any Consumer Health Data we may collect about you:
If you would like to exercise your rights pursuant to the MHMDA or similar consumer health data laws, please submit your request to: [email protected]. We will endeavor to fulfill your request to exercise these rights, but sometimes, we may have legal grounds or obligations to reject your request.
We will respond to your requests within forty-five (45) days of its receipt. If we require more time (up to 45 additional days), we will inform you of the reason and extension period in writing. Under certain circumstances, Caidya may ask you for specific information to confirm your identity and ensure the exercise of your rights. This is a security measure to safeguard your Consumer Health Data. We will notify you when your request is completed or if we deny your request to exercise your rights (because, for example, we cannot properly verify your identity).
You may designate an authorized agent to exercise your rights on your behalf. In such case, we will also need to verify your agent’s identity and obtain proof of your authorization. We may need to deny a request from an agent whose identity or authorization we cannot verify.
If you believe that Caidya has processed your Consumer Health Data in a manner that is unlawful or breaches your rights, or has infringed applicable laws, you may have the right to complain directly with the Washington State Attorney General at: www.atg.wa.gov/file-complaint. Without limiting any rights to complain directly to your state authority, we are committed to protecting your Consumer Health Data and complaints may also be made directly to us.
We will not discriminate against you for exercising any right you have under applicable law.
We may update this Privacy Notice from time to time. At a minimum, we will post an updated version on our websites. Caidya encourages you to review this Privacy Notice regularly. Any changes will be effective immediately upon posting of the revised Privacy Notice, and your continued use of our websites or our products or services will be subject to the then-current Privacy Notice.
If you have any questions about this Privacy Notice or about our handling of your Consumer Health Data or other information we collect about you, please contact us at: [email protected].
You may also contact us by mail at the address below. If you choose to contact us by mail, please be sure to provide us with your name, address, email address, and/or phone number you would like us to respond to.
Caidya
Attn: Privacy Officer
2700 Wycliff Road
Suite 340
Raleigh, NC 27607
Effective Date: October 17, 2024
This Privacy Notice (“Privacy Notice”) is directed at patients (and/or their care givers, guardians, parents or representatives, collectively “patients”), health care professionals and other medical professionals such as pharmacists, statisticians, staff or other representatives of medical offices, hospitals, and academic and medical centers (“HCPs”) who provide Caidya (“Caidya”, “we”, “us”, “our”) with personal information and/or personal data (“Personal Information”) we receive for such purposes including but not limited to: (1) management and support of clinical trials including such services as clinical development, study start-up and patient recruitment services; (2) safety data reporting (e.g., pharmacovigilance services for clinical trials and post-marketing activities); (3) medical writing; (4) regulatory services; (5) clinical data management; (6) clinical analytics, biometrics and biostatistical analytics; (7) clinical technology and ecosystem services; and (8) any other related activities or services provided by Caidya.
This Privacy Notice describes how Caidya uses the Personal Information we collect about you and how to exercise your rights.
As you read this Privacy Notice, please keep in mind the following important information about how this Privacy Notice applies to you:
Caidya may collect and process any of the following categories and examples of Personal Information about you. Please keep in mind that this list includes the most common categories and examples of Personal Information Caidya collects about you. Please note that not every category or example of Personal Information is contained in this list:
Sensitive Personal Information. Certain Personal Information Caidya collects about you may be considered Sensitive Personal Information under applicable laws. To protect such Sensitive Personal Information, we will:
Website Information. Our Websites automatically collect the following information through cookies and other data collection technologies:
This information is necessary for the proper functioning of our Websites and their services, as well as our internal business analytics purposes, such as audience measurement.
For more information on our cookies and other data collection technologies, please read the OUR COOKIES POLICY section below, or the privacy notice applicable to the website you are accessing.
Required Information. Required information will be marked as required at the time of collection of your Personal Information so that you are aware that it is required. If you decide not to provide the required information, Caidya may not be able to process your Personal Information.
The most common way we collect your Personal Information is directly from you, such as when you contact us via phone, electronically via email or in person; when you complete a form or survey on-line or that we send to you; when you contract with us; when you provide services to us; when you register for an on-line account; or when you request to receive from us clinical, corporate, marketing, medical or investor materials.
We may also collect your Personal Information from a variety of other sources including but not limited to: our business partners, specialty pharmacies, health insurance companies, your healthcare provider, public sources (such as websites, social media and other digital platforms, publication databases, journals, societies, editorial board websites, national registries, professional directories and third-party healthcare professional databases), or from our third-party vendors and service providers.
In addition, if you use our Websites, we may collect information from your computer or other devices through our use of cookies and other data collection technologies.
The ways we process your Personal Information depend on why we collected it. Depending on your relationship and/or interactions with Caidya, as well as applicable laws and our own procedures and requirements, Caidya may process your Personal Information for the following reasons:
Our legal bases for processing your Personal Information may be: (1) in furtherance of a contract between Caidya and you; (2) Caidya’s legitimate business interests; (3) due to a legal or regulatory obligation; or (4) your consent.
We do not undertake any decisions based solely on automated processing of your information, including profiling, unless we inform you as required by applicable laws.
We may share your Personal Information within Caidya, business partners, with all authorized third parties with whom we have contracted, judicial, administrative, or regulatory authorities, or as otherwise permitted by applicable laws. The type(s) of Personal Information we share and our purposes for sharing it depends on the role of the recipient. We do not, however, sell your Personal Information that we collect about you. For residences of the State of California, U.S.A., we do not share your Personal Information for internet-based advertising or targeted marketing (see below section for California Residents).
Here are examples of who we share your Personal Information with and the purposes for sharing it.
We retain your Personal Information for as long as it is necessary for us to carry out the purposes for which we collected it as set out in this Privacy Notice unless we are required by law to retain it for a longer period of time. When we determine the appropriate retention period for your Personal Information, we consider the amount, nature and sensitivity of the information, the potential risk of harm from unauthorized use or disclosure of the information, the purposes for which we process the information, whether we can achieve those purposes through other means, and all applicable legal, regulatory, and compliance requirements.
When we communicate with you via email, send newsletters, or respond to your requests to receive information from us, your information may be kept until you decide to unsubscribe and the information you provide via your requests will be kept at least until their complete processing. We will keep a record of your unsubscribe request for as long as is necessary to comply with that request.
In addition, Caidya will keep your Personal Information:
Caidya operates in many countries around the world and your Personal Information may be accessible to or be shared with our subsidiary companies, authorized service providers, Judicial, administrative, and regulatory parties and agents, advisors, consultants, and representatives in various countries for the purposes specified in this Privacy Notice.
Keep in mind that the data privacy and data protection laws or regulations in certain countries may not provide the same level of protection as those in your country or region. When that is the case, and as required by applicable laws, we take legally required steps to protect your Personal Information when transferred to another country or region, such as entering into contracts with recipients of your information and implementing additional safeguards.
While we have established reasonable physical, administrative, and technical measures to protect your Personal Information from unauthorized access or disclosure, we cannot guarantee its absolute security. You should take special care in deciding what information you transmit, upload, send or otherwise submit to us.
You may choose not to provide your Personal Information to us; however, in doing so, you may not be able to continue your relationship or interactions with us or use certain services.
At any time, you can choose to opt out from our marketing communications by using the unsubscribe feature in any marketing email you have received. If you unsubscribe from marketing, we may still send you email communications that are relationship or transactional in nature.
Under certain laws, such as the European Union’s General Data Protection Regulation (GDPR), The Swiss Federal Act on Data Protection (FADP), The UK Data Protection Act (UK-GDPR), the California Consumer Privacy Act (CCPA), the California Privacy Rights Act (CPRA) or China’s Cybersecurity Law and Personal Information Protection Law (PIPL), including their implementing regulations and national standards, you may have the following rights with respect to your Personal Information:
Depending on your country of residence and the country where the Caidya entity processing your Personal Information is established, you may have additional local rights with respect to our processing of your Personal Information. For example, you may also have the right to raise questions or concerns directly with your local data protection authority. Please note that some of the Personal Information that we collect and process may be exempt from the rights outlined above.
You can submit your request directly to Caidya by sending us an email at: [email protected].
We will respond to your requests within the time period prescribed by applicable laws. Under certain circumstances, Caidya may ask you for specific information to confirm your identity and ensure the appropriate exercise of your rights. This is a security measure to safeguard Personal Information. We will notify you when your request is completed, if we deny your request to exercise your rights (because, for example, an exception applies), or if there is a fee associated with processing your request.
You may designate an authorized agent to exercise your rights on your behalf. In such case, we will also need to verify your agent’s identity and obtain proof of your authorization. We may need to deny a request from an agent whose identity or authorization we cannot verify.
If you believe that Caidya has processed information in a manner that is unlawful or breaches your rights, or has infringed applicable laws, you may have the right to complain directly to your local data protection authority. Without limiting any rights to complain directly to an authority, we are committed to protecting your personal information, and you may also lodge your complaint(s) directly with us.
We will not discriminate against you for exercising any of your rights that you have under applicable data privacy and data protection laws.
If you are a California Consumer, in the past twelve (12) months, we may have collected the categories of personal information about you described in the CATEGORIES OF PERSONAL INFORMATION WE COLLECT AND PROCESS ABOUT YOU section of this Policy. That information was collected for the purposes described in the WHY WE PROCESS YOUR PERSONAL INFORMATION section of this Policy and may have been shared with the third parties identified in the WHO WE SHARE YOUR PERSONAL INFORMATION WITH section of this Policy.
You can exercise your data subject access rights as described in the YOUR CHOICES AND RIGHTS section of this Policy by sending us an email at [email protected] or you may write to us at:
Caidya Inc.
Attn: Privacy Officer
2700 Wycliff Road
Suite 340
Raleigh, NC 27607
Some of the Personal Information that we collect, share or use may be exempt from California state law because it is regulated by other federal or state laws that apply to us.
We do not sell your Personal Information, and we do not share your Personal Information for internet-based advertising or targeted marketing.
We are required to comply with the European Union’s and the United Kingdom’s General Data Protection Regulations (“GDPR”), Switzerland’s Federal Act on Data Protection (FADP) and similar applicable local laws with regards to certain Personal Information we collect. The data controllers of your Personal Information are Caidya and/or Caidya’s business partners or clients. Please contact us if you have any questions about the controller or controllers of your Personal Information at: [email protected].
Sensitive Personal Information. We process special categories of Personal Information (e.g., Sensitive Personal Information that reveals racial, sex or ethnic origin, genetic, biometric and health information, political and trade union affiliations, etc.) only where you give us your explicit consent, or when our processing is for scientific research purposes, necessary to meet a legal or regulatory obligation, in connection with the establishment, exercise or defense of legal claims, or is otherwise expressly permitted by applicable laws.
If we need to collect your Personal Information by law or under the terms of a contract we have with you and you do not provide the requested information, we may not be able to perform the contract we have or are trying to enter into with you.
Data transfers. Caidya is a global company with offices in the United States, the European Economic Area, China, India, South America, among other locations. As such, Caidya may transfer or provide access to your Personal Information to its subsidiary companies and affiliates, authorized service providers or collaborators or other third parties in these countries and others that may not provide the same level of protection to your Personal Information as in your country of residence. When we do so, in the absence of an adequacy decision concerning the recipient country, we rely on safeguards such as approved model contracts (for example the EU’s standard contractual clauses or the UK’s international data transfer agreement), after having carried out an assessment of the level of protection of your rights on the territory of the third country where the recipient of your Personal Information is established. For more information about Caidya’s use of the model contracts, please contact us at: [email protected].
Your Data Subject Rights. Rights you may have under the GDPR and related regulations with regards to the personal information we collect and maintain about you are described in the section YOUR CHOICES AND RIGHTS. Under the GDPR, the exercise of these rights may be limited or delayed dependent upon the legal basis for processing your Personal Information, for example:
Cookies, pixel tags, and other trackers (hereinafter “Cookies”) are small files that allow for storing or retrieving information on your browser or your device (computer, tablet, mobile, etc.) when visiting our websites. Cookies are widely used on websites, mobile applications, software, or emails. When you first visit our websites and again if you delete the Cookies or the Cookies expire or change, you will be asked which Cookies you consent to. In addition to the information below, you may read more about our Cookie Policy on our websites and in our websites’ on-line Privacy Notices.
Cookies do not recognize you personally, but rather the device you use. Cookies simply give information about your browsing activities in order to recognize the device later on in order to improve the browsing experience, save your preferences or even adapt the services offered to you on the websites. To find out more about cookies, including how to see what cookies have been set, visit www.allaboutcookies.org.
We may use the following types of cookies on our websites:
Most web browsers allow some control of most cookies through the browser settings. For example, there are simple procedures in most browsers that allow you to delete existing cookies. If you want to set your computer or mobile web browser to reject all cookies by default, please visit the home page for your browser for instructions. If you reject all cookies, you may still use our websites; however, this may affect the functionality of some areas of our websites.
In addition, your Internet Protocol (IP) address (an identifying number that is automatically assigned to your computer by your Internet Service Provider) is identified and logged automatically in our server log files whenever you visit our websites, along with the time(s) of your visit(s) and the page(s) that you visited. We use the IP addresses of all visitors to our websites to calculate website usage levels, to help diagnose problems with the website servers, and to administer the websites.
We do not track our website users over time or across third-party websites to provide targeted advertising. At this time, we do not respond to “Do Not Track” signals from your web browser due to the lack of an established industry standard. For more information about “Do Not Track” signals, please visit https://allaboutdnt.com/.
You may contact us at any time if you have questions or concerns about this Privacy Notice or our practices. Please send an email to: [email protected].
We will endeavor to respond to your request as soon as reasonably possible in compliance with applicable laws.
To protect your privacy and security, we take reasonable steps to verify your identity before granting access to or making corrections with your Personal Information. Note that despite any requested removal of or change to your Personal Information there may be residual information that will remain within our databases and other records.
We strive to accommodate all individuals regardless of disabilities. If you need to receive the information contained in this document in a different format, please contact us at: [email protected].
We aim to regularly update this Privacy Notice to reflect our practices. Therefore, we recommend that you periodically review this Privacy Notice. In case of material changes, we may take steps to notify you before they become effective.
Explore our news and updates as we liberate the clinical research process.
News
07/22/2024
News
06/12/2024