This Privacy Policy replaces the Privacy Policy version dated 26 June 2017.
Adherium (NZ) Limited and its affiliates (collectively “Adherium” or “we”) want to help you take control of your health by letting you track your medication use and set dose reminders. Our Smartinhaler™ and Hailie® technology platforms include electronic medication sensors (“Sensors”), mobile applications (“App”), the www.hailie.com, go.hailie.com, www.smartinhaler.com, smartinhalerlive.com websites (“Website”), data services and any related website or mobile application on or to which this Privacy Policy is linked or referenced (all together the “Services”).
We are committed to protecting your privacy and providing a safe experience with all aspects of the Services.
Adherium (NZ) Limited is the data controller, irrespective of where you live, with the exception of processing activities in relation to some product sales and product support activities for which Adherium North America, Inc. (if you live in the United States) or Adherium Europe Ltd (if you reside in the European Union) is the data controller. For the purposes of this policy we refer to Adherium (NZ) Ltd, Adherium North America, Inc. and Adherium Europe Ltd as “Adherium”.
This Privacy Policy explains how we collect, store, disclose, transfer and otherwise process your personal information when you use any element of the Services. In this Privacy Policy, “personal information” means information that identifies a person directly or indirectly and includes health-related information. Please take your time to read this Privacy Policy. If you do not agree to this Privacy Policy, please do not use the Services. If you have purchased the Services subject to this Policy and do not want to accept the Policy or if you have any questions about this Policy or our privacy practices, you can contact us at privacy@adherium.com.
When you use the Services, we ask you to provide certain personal information necessary for the Services and for us to carry out the activities as outlined below.
When you order a Sensor and subscribe to the Services via our online shop, you will need to create and log into your shop account to manage data relating to your order and subscriptions. To get started with the Services you will need to create a user account which will contain your prescription information and medication use data. For the purposes of this Privacy Policy, both accounts are referred to as the “Account”. You can create the Account through various means including through Website, App or, with some exceptions in the United States, your Healthcare Professional (as defined in the Terms of Service).
The following personal information is required to create an Account:
When you choose to log in into your Account using a third party social media or authentication service, you are giving us access to and permit us to store certain information from that third party service, for example your name, email address(es), current city, profile picture URL, and other personal information that the third party service makes available to us, and to use and disclose it in accordance with this Policy. Before you decide to use the third party services to log into the Account, please make sure you check your privacy settings on these third party services to understand what information is shared with us
The Sensors log information about your inhaler use from the moment you start using them. When you sync your Sensor with the App or website we receive the information collected by the Sensor:
From time to time when you use our App or Websites, we may ask you for information relevant to you tracking and improving the management of your respiratory health, including:
The Hailie® solution requires enabled Bluetooth® wireless technology to function. If you are an Android user, please note that Android requires coarse location permissions in order to use Bluetooth® wireless technology, as Bluetooth® can be used to derive your location.
If you are using the Services as part of a program offered by a third party (such as your Healthcare Professional or a healthcare plan), while registering you to use the Services the third party may, with your permission, have provided us with some of your personal information (for example, names, date of birth, contact information and other information you have agreed to us receiving). If this applies to you, please make sure you review the third party’s privacy policy.
When you access our Website, we collect and analyze technical information about user activities, such as user traffic patterns, IP addresses, browser types, browser language, operating system, software and hardware attributes, referring and exit pages and URL, the state or country from which you accessed the Website, platform type, the number of clicks, files you download, domain names, landing pages, pages viewed and the order of those pages, the time spent on a page, the terms used in searches on the Website, the time and date you access the Websites, upload or post content, error logs and other similar information.
Other than the health information described above, we do not knowingly and intentionally collect or maintain any information regarding users’ race or ethnic origins, political opinions, religious or philosophical beliefs or other sensitive information.
The Services are intended to help you learn more about your health. To do this, we collect and use your personal information for the following purposes:
We will only use your personal information for other purposes where you have given your valid consent to our use of your personal information for those purposes.
You do not have to provide all the personal information which we request, but if you do not provide the information you may not be able to register for and use parts of the Services. As a minimum requirement to create an Account, we collect the following information:
You may create an incomplete Account by providing only your email address, but you will not be able to track your medication use.
We respect your right to control who accesses your information. We share your personal information when:
We will use your information to create aggregated data sets which no longer identify you as a person. We will use aggregated data for any purpose at our sole discretion, for example, statistical modelling of medication adherence behavioral patterns or market segment research. If we transfer aggregated data to third parties, we will make sure there are measures in place to ensure the third party cannot identify you.
We take great care to make sure that your information is kept safe, but no system or electronic data transmission is completely secure.
We use encryption for all data in transit to protect your personal information. We also use organizational controls to restrict access to employees with the need and right to perform the services described in this Privacy Policy and ensure that this access is audited (unless you decide to share your data as described above).
You are responsible for maintaining the security of your account credentials. Adherium will treat access to the Services through your account credentials as authorized by you. Unauthorized access to password-protected or secure areas is prohibited and may lead to criminal prosecution. We may at our discretion suspend your use of all or part of the Services without notice, if we suspect or detect any breach of security. If you believe that information you provided to us is no longer secure, please notify us immediately using the contact information provided below. If we become aware of a possible security breach, we will ensure that it is addressed in accordance with applicable laws.
Regardless of where you live, we take care to ensure your personal information is kept safe and your right to privacy is respected. If we store or process your information in a country outside your country of residence, then, before we transfer information, we will make sure that there are appropriate legal and technical measures in place, so your information is kept private and secure in accordance with the laws of your country of residence. We store user information on secure servers hosted by Amazon Web Services (AWS) and access it from New Zealand, a country which the European Commission has recognized meets European privacy standards. The location that your data is held in depends on the region selected during account creation and login. If you select:
If you deactivate your account, your information is retained on our secure servers for as long as permitted or required under applicable law. If you want to erase your Account information, you can contact us at privacy@adherium.com.
You can access most of your personal information in the App or Website directly, or you can request a copy of all information stored about you by asking us at privacy@adherium.com.
We take care to ensure that your personal information is accurate and up-to-date. However, if any information we hold is incorrect or inaccurate, you can send us a request to correct it by contacting us at privacy@adherium.com. You can also ask us to restrict processing of that information while we verify whether it is accurate.
You can stop the collection of your information by uninstalling the App at any time and by stopping use of the Sensor. You can also ask us to erase your personal information. When you ask us to erase your account, your information will be de-identified and access to your account will no longer be possible. You can also object to having your personal information processed for statistical analysis purposes by contacting us in writing. Please note, if you withdraw your consent to Adherium processing your personal information, this will not affect the lawfulness of any processing done prior to you withdrawing consent.
Please send your requests for access, modification, or erasure to privacy@adherium.com. We work hard to respond to all requests in a timely manner. In some circumstances and in accordance with applicable laws, we may refuse certain requests, for example, we will decline requests that are vexatious or technically infeasible. In such cases, we will provide you with our reasons for the decision.
Where it is technically feasible for us to do so, you can request a copy of any personal information that you have provided us, in a structured, commonly-used and machine-readable format, so you can transmit it to another data controller, by emailing privacy@adherium.com. Please note, we will not disclose any derivative information (for example, algorithmic results) or information which may compromise any of our intellectual property or confidential business information.
If we use automated processing of your personal information to give you feedback on your use of the Services and improve the management of your chronic condition, we will do so for information purposes only and not to make any decisions which could produce a legal effect or significantly affect you.
Our Website or App may contain links to websites or applications offered by third parties that we do not control. Any information you provide on third party sites is governed by their privacy policies, not ours. We are not responsible for information that you provide to such third parties.
Some users can purchase our Products through the Shopify ecommerce platform. As part of its platform operations, Shopify collects information as described in its Privacy Policy at https://www.shopify.com/legal/privacy.
We use a third party payment processor to process credit card payments made to us. In connection with the processing of credit card payments, we do not retain any information such as your credit card number. Instead, all information about your credit card is provided directly to our third party processor, Stripe. Please see Stripe’s privacy policy at https://stripe.com/us/privacy.
Minors are permitted to use the Services only with the prior consent of a parent or guardian. We do not knowingly collect any information from minors, unless we have received verifiable consent from a parent or legal guardian. If we become aware that a user is a minor and has provided personal information without the consent of a parent or legal guardian, we will delete such information as required by law. If you know of a minor user whose information may have been collected without consent from a parent or legal guardian, please email us at privacy@adherium.com.
Adherium also uses analytics services, such as Google Analytics or Mixpanel. Generally, analytics services do not identify individual users. Many analytics services allow you to opt out of data collection. For example, to learn more about Google Analytics practices and to opt out, visit www.google.com/settings/ads or by downloading the Google Analytics opt-out browser add-on at https://tools.google.com/dlpage/gaoptout. To find out about Mixpanel practices, visit privacy policy section of https://mixpanel.com/legal/terms-of-use/ and to opt out, visit https://mixpanel.com/optout.
By using our sites and apps, you agree to us storing and accessing cookies and similar technologies on your device.
Cookies are simple text files which are sent to and stored on your device when you visit a website or use an app. A cookie typically contains the name of the domain (internet location) from which the cookie originated, the “lifetime” of the cookie (i.e., when it expires) and a randomly generated unique number or similar identifier. A cookie also may contain information about your computer, such as user settings, browsing history and activities conducted while using the Services.
Some cookies are deleted when you close the browser on your device (session cookies). Other cookies remain on your device until their expiry or removal (persistent cookies). Some cookies relate to the functionality of the website and improve your user experience (functional cookies). Other cookies allow us to collect statistics (aggregated and anonymous) on the use of the website by our visitors or customers (analytical cookies). Some cookies may be essential for us to provide certain interactive functions or to ensure online environment.
Adherium uses cookies to improve and help personalize users’ experience with our Websites. For example, we use functional cookies to make logging in to our account a little easier and to track some operational features of our Website. This includes things like, your authentication information so you don't have to log in every time, your language and time zone settings and information about the last patient you were looking at, so you can pick up where you left off when you come back to the site. We also use analytical cookies to analyze and improve our Services. For example, to understand how users reach and use our Website and what improvements we should make to the Services and Website.
Cookies that we commonly use are listed below. This list is not exhaustive but describes the main reasons we typically set cookies. As we adopt additional technologies, we may gather information through other methods.
If you are a go.hailie.com portal user, we use the following cookies on the portal:
Cookie | Purpose/Expiration |
---|---|
ASPXANONYMOUS | A unique ID for users who are not authenticated so their usage can be tracked between screens. |
ASPXFORMSAUTH | Used to determine if a user is authenticated. |
ASP.NET_Sessionld | Unique identifier for an authenticated user. |
PageLanguage | Language selected by the user to be displayed. |
SelectedDevice | Last selected device serial number to conveniently select it by default. |
SelectedPatient | For Healthcare Professionals, last selected patient to conveniently select them by default. |
TimeZoneOffset | Current time zone offset to correctly localize times displayed on the screen and to provide a default time zone value for any manually entered times. |
_AntiXsrfToken | Token used to prevent Cross-Site-Request Forgery attacks against the user to prevent someone from spoofing requests from the user. |
_ga | Google Analytics to analyze and understand service usage patterns for product development, and service improvement. Opt out using tools.google.com/dlpage/gaoptout |
access_token | Token required to be able to access Adherium’s APIs. Expires every 20 mins. |
refresh_token | Token used to refresh access_tokens when they expire. Expires in 1 month or when the password changes. |
Our store is hosted on Shopify Inc. They provide us with online e-commerce platform that allows us to sell our Products and services to you. Shopify Inc. privacy policy, including information about cookies and similar tracking technologies can be found here: https://www.shopify.com/legal/privacy.
All payments made through our websites are processed by Stripe.com. Stripe Cookies and Similar Technologies Policy can be found here: https://stripe.com/cookies-policy/legal.
If you want to manage your cookie settings in your browser, select the ‘help’ section of your browser (e.g., Google Chrome, Mozilla Firefox, Apple Safari, Internet Explorer) for more information. Your browser will allow you to change your cookie preferences.
You are free to delete cookies, but you may not get the full experience of our websites. If you decide to block or disable some or the cookies you may not be able to have access to certain features of the Hailie® solution. For example, to complete a purchase on our Website, you will need to accept cookies sent by the online shop website.
We review our privacy practices regularly. We may update this Privacy Policy from time to time. We will provide you with advance notice of material revisions to this Privacy Policy. We will not make revisions that have a retroactive effect unless we are legally required to do so or to protect other users. Your continued use of the Services after the Effective Date constitutes your acceptance of this Privacy Policy, as amended. As of the Effective Date, the amended Privacy Policy supersedes all previous versions of or agreements, notices or statements about this Privacy Policy.
You can confirm you are looking at our latest Privacy Policy by clicking here, or you can request previous versions at privacy@adherium.com.
If you have any questions or concerns about our Privacy Policy or if you would like to make a privacy complaint, please contact us by email at privacy@adherium.com or in writing at Adherium (NZ) Ltd, PO Box 106612, Auckland 1143, New Zealand.
We will respond to all communications as soon as reasonably possible. If you are not satisfied with our response, let us know because we are always trying to improve, or if you want you can make a complaint to the relevant privacy regulator in your region (see below).
UK: Information Commissioner’s Office: https://ico.org.uk/for-the-public.
New Zealand: Office of the Privacy Commissioner: https://www.privacy.org.nz/your-rights/how-to-complain/.
Australia: Office of the Australian Information Commissioner: https://www.oaic.gov.au/individuals/how-do-i-make-a-privacy-complaint.
Elsewhere: we can assist you with identifying the appropriate regulator in your region.
Please note: references to “we”, “us” and “our” and Adherium are references to Adherium (NZ) Limited and its affiliates. “You” and “your” refer to users of the Services, including individuals who use the Services to monitor patients and other users of the Service.