The EU General Data Protection Regulation (GDPR) is a regulation in EU law on data protection and privacy for all residents within the European Union. It requires businesses to protect the personal data and privacy of EU citizens. It also requires that companies have appropriate data security in place to protect personal data. The GDPR comes into force on May 25, 2018.
MediBackup is compliant with new regulation requirements. It acts as a data processor for customers personal data; all processing of personal data is performed in accordance with privacy rights and regulations following the GDPR.
Information We Collect
Marketing: When you subscribe for our newsletter or information letter about the Services updates, you are asked for your name and email address.
Services Registration: When you register for our Services you provide us your personal information: First name, Last name, Email, Phone, Company name, and other details related to your business size and purpose of usage.
Device information: We collect information from and about the devices you use to access the Services. This includes things like IP addresses to identify your location, the operating system you use, and identifiers (HID) associated with your devices.
Customer Service: When you request technical support, we collect the information you give us by sending diagnostic logs (name, email, diagnostic information and configuration).
How We Process Personal Information
MediBackup processes personal data to set up, maintain and control your account, to communicate with you by providing feedback/report issue forms and chat. We also process your personal information to provide and improve our Services, as well as for the following purposes: usage analytics, managing support and contact requests.
Why and When We Share Your Information
We may disclose your personal information to trusted third parties who act for or on our behalf for further processing (such as storage or payment systems) and if we determine that such disclosure is reasonably necessary to comply with the law. In all other cases we do not share or distribute your personal data.
Protection & Retention of Personal Information
We provide the security of your personal information by using an SSL certificate on transfers and we store the provided information on secure servers. If a password is used to protect your accounts and personal information, it is your responsibility for the confidentiality and security of your password and you agree to change your password regularly. Do not share your password with anyone you don’t intend to.
Personal data is stored as long as you use our Services. Once you decide to stop using the Services, we can completely remove the account from our database. Also you can ask to restrict processing in accordance with data protection laws, as well as to object to any direct marketing from us, and to be informed about any automated notifications that we use. You can elect not to receive marketing communications by following the unsubscribe instruction in such communications.
Links to Other Sites
The Services are not directed to or intended for use by minors. Consistent with the requirements of the Children’s Online Privacy Protection Act, if we learn that we have received any information directly from a child under age 13 without a parent’s verified consent, we will use that information only to respond directly to that child (or their parent or legal guardian) to inform the child that they cannot use the Services.