This policy applies to all people who provide information to Spaulding Medical including employees, customers, website users, and Spaulding software system users. This policy describes how Spaulding Medical collects and uses personal information to complete everyday business operations.
This policy does not include practices from third parties. Any links on our website for external webpages are not under the control of or endorsed by Spaulding Medical. If you follow a link to any of these websites, please note that they have their own privacy policies, which should be reviewed prior to submitting any personal data to those sites.
Information We Collect
All information collected by Spaulding Medical is provided by you. This data is collected when you apply for a job, request a trial, submit feedback, purchase goods and services, or otherwise actively send us information via our website, phone, or email. Information collected may include, but is not limited to, your first and last name, email address, phone number, company name, and any other data provided. It is important to note that we collect the minimum data required to operate our business. Additional data may be collected when using the Spaulding Medical device and associated software systems. Refer to “Spaulding Electrocardiograph, Client Application, and WebECG Use” for further details.
It is assumed that by providing us with this information, you are consenting to its processing. No data will be collected without your knowledge or consent.
Information Use and Integrity
Spaulding Medical will use the personal information and data in ways that are compatible with the purpose for which they were collected. Data is typically used for contact purposes but may also be used to set up user accounts or employee profiles, if applicable.
If data is to be used for a purpose other than its original intent, you will be notified and requested to provide consent prior to any further processing.
You may request to stop all processing at any time. Data will be removed and no longer processed so long as it is not required as part of a contractual or legal obligation. If applicable, data may be anonymized or pseudonymized such that it is no longer recognized as your information.
Spaulding Medical strives to maintain current and accurate records. Contact Spaulding Medical to rectify any inaccurate data. We may also request periodic updates to ensure our records are correct.
Your data may be shared with third parties as they provide services to us and may process information for us. We reserve the right to use or disclose your personal information if required by law, or if we reasonably believe that such actions are necessary to protect our rights, your safety, or the safety of others. All applicable laws and regulations will be followed when handling and sharing personal data.
Please contact us with any requests to view your personal data stored by Spaulding Medical.
Data Retention and Deletion
Data collected by Spaulding Medical is only retained for the purposes described above and is retained for as long as we consider it to be potentially useful or required for legal purposes. At any time, you may request to have your information removed from our system. Data will be removed so long as it is not required as part of a contractual or legal obligation. If applicable, data may be anonymized or pseudonymized such that it is no longer recognized as your information.
Such rights of objection, correction, access, and deletion are subject to certain limitations. Individual requests will be completed within the time allotted by relevant regulations starting with Spaulding Medical confirming the request. Where permitted, charges may apply, which will be determined by Spaulding Medical and communicated upfront.
Spaulding Electrocardiograph, Client Application, and WebECG Use
Policies outlined in “Scope” and “Information We Collect” still apply, but use of our hardware and software systems may require further data collection and processing.
Our system works such that an electrocardiogram (ECG) is recorded using our electrocardiograph device (Spaulding Electrocardiograph) and software application (Client Application). This information is then transferred to our cloud-based web application (WebECG) for automatic interpretation and is available for viewing by a certified cardiologist for final interpretation. A paper electrocardiogram may also be provided to Spaulding Medical for upload into the cloud-based system.
To create a user account, Spaulding Medical requests a full name and email address. We will request consent when collecting this information and it is used solely for the purposes of creating an account and setting up requested email notifications.
When acquiring an ECG, the Client Application will store the GPS location for the current site collecting the data if permissions are granted to the application. This feature may be enabled or disabled at any time in your mobile device system settings (i.e. phone, tablet, laptop, etc.); refer to the applicable owner’s manual for instructions.
A minimum of birth year and gender are collected as they are required to perform an accurate ECG interpretation. Other information may be collected such as full birthdate and initials, but this is determined by the site, not Spaulding Medical.
Data collected from the Patient/Subject will be used to interpret the ECG and provide a diagnosis. This data may be shared with a certified cardiologist to perform this analysis or used to create reports. All data will be managed in a confidential manner and follow applicable laws and regulations.
It is the responsibility of the applicable site to obtain informed consent from the Patient/Subject prior to collecting the personal information and acquiring and ECG. Any information provided to Spaulding Medical will be treated in a confidential manner and follow the policies outlined within this document.
Spaulding Medical seeks to use reasonable security measures to help protect your personal data from loss, misuse, and alteration. Any transmission of your data is at your own risk as the transmission of information via the internet is not completely secure. We will, however, do our best to protect your personal data from unauthorized access.
By providing your email address to Spaulding Medical, you acknowledge and agree that we may notify you via email in the event of a security breach involving your personal information.
To learn more about cookies and how to delete or disable them on your system, please refer to the following website: http://www.aboutcookies.org.
MailChimp: we use MailChimp for email distribution services. For those that receive our occasional market emails, MailChimp acts as a repository for the details provided. When you read an email sent via Mailchimp, it may be able to record the time and date you opened the email, how often the email was opened, and the country location of where the email was opened.
Microsoft Outlook: we use Microsoft Office to provide our email. If you contact us, your contact information, email address, and messages will be stored and processed within Microsoft Outlook.
PayPal: we use PayPal as a method of receiving payments and maintaining information about financial transactions. PayPal will retain your contact details including email address and payment method.
SysAid: we use SysAid to provide customer support. If you are our customer and require support, your contact details including email and messages sent to us will be stored and processed within SysAid.
WooCommerce: we use WooCommerce to manage our online orders and billing. If you make purchases through our website, WooCommerce will retain your contact details and payment information.
Individuals in the European Union are protected under the General Data Protection Regulation (GDPR) which provides the following rights for individuals:
The right to be informed about the information Spaulding Medical collects and how it is used.
The right to request a copy of the personal information being held and in a readable format.
The right to rectify any information that is inaccurate or outdated.
The right to erasure of personal data.
The right to restrict processing of data that is not used for legitimate purposes.
The effective date identified at the top of this document indicates when the policies within this document are valid and enforced. If providing data to Spaulding Medical after the effective date, it is assumed you have read, understood, and accept this policy.