AG Mednet, Inc. Privacy Policy

1.   Introduction

AG Mednet, Inc. (“AGM”) a corporation headquartered in the United States (“US”) respects the privacy of the clients, employees, business partners, and individuals, among others, with whom it interacts. AGM treats personal information in accordance with both the laws and regulations of the countries from which the information is collected and in which it does business.

The AG Mednet, Inc. Privacy Policy (“Privacy Policy”) provides information on the collection, use and processing of personal information by AGM in connection with its interactions with you, including its website and its commercially available products and services (“Services”). As used in this Privacy Policy, personal information is any information relating to an individual that can be used to identify that individual either on its own or with other readily available data (“Personal Information”). Personal Information does not include information that has been encoded, encrypted, anonymized or publicly available.

AGM complies with the EU-US Privacy Shield Framework and Swiss-US Privacy Shield Framework (the “Privacy Shield Framework(s)”) as set forth by the US Department of Commerce (“USDC”) in consultation with the European Commission (“EC”) and Swiss Administration (“SA”) regarding the regarding the collection, use, and retention of Personal Information transferred from EU and European Economic Area (“EEA”) member countries and Switzerland.

AGM has certified to the USDC that it adheres to the Privacy Shield Principles. If there is any conflict between the policies in this Privacy Policy and the Privacy Shield Principles, the Privacy Shield Principles shall govern. To learn more about the Privacy Shield program, and to view AGM’s certification page, please visit https://www.privacyshield.gov/

2.   Scope

This Privacy Policy applies to the processing by AGM of the Personal Information of visitors, users and other parties impacted by the use of AGM Services, customers and prospective customers and their representatives, and suppliers and business partners and their representatives.

AGM also complies with the Privacy Shield Frameworks regarding the collection, use, and retention of Personal Information transferred from EU and European Economic Area (“EEA”) member countries and Switzerland to the US pertaining generally to clinical research site staff such as investigators, health care professionals, project managers and administrators and potential and active clinical research participants and patients (to the extent the transferred data sets are not key-coded as outlined under the Privacy Shield Supplemental Principle 14).

3.   Responsibility for Personal Information

All AGM employees, contractors or other third-parties working on behalf of AGM are responsible for adhering to this Privacy Policy. The extent to which AGM employees, contractors or other third-parties have access to Personal Information shall be: (i) controlled on the basis of business and security requirements; (ii) consistent with job requirements; and, (iii) modified to the extent job requirements change.

AGM has also designated both a Privacy Officer and a Security Officer, who are responsible for all data privacy policies, procedures, compliance and related issues.

4.   Collection of Personal Information

AGM collects Personal Information to operate effectively and efficiently and in delivering its Services. Personal Information includes, among others:

  • Name and contact information. First and last name, email address, postal address, phone number, and other similar data.
  • Username, passwords, password hints, and similar security information used for authentication and account access.
  • Transactional data. Services ordered, support questions and emails, financial details, and payment methods.
  • Company data. Name, size, location of the company you work for and your role within the company.
  • IP information. IP address and information that may be derived from IP address.

AGM collects some information by using cookies, small text files that contain a string of characters and uniquely identify a browser on a device connected to the Internet. AGM uses cookies to collect online information such as IP address, browser type, device details and behavioral information (pages viewed, etc.). You can set your computer to warn you each time a cookie is sent or turn off all cookies through your web browser (e.g., Internet Explorer, Chrome, or Firefox). Check your browser HELP menu to learn the correct way to change or update your browser.

Within AGM’s Clinical Trial System (CTS), AGM does not collect Personal Health Information (PHI) nor make decisions on when, where or how PHI is collected. AGM’s Clinical Trial System (CTS) does provide features to properly de-identify images (prior to leaving the sender’s workstation) and enforce de-identification workflows according to protocol requirements.

5.   Use of Personal Information

AGM uses Personal Information to establish and manage its relationship with its clients and to perform any related functions, including providing Services and related communications to you.

For example, AGM may use Personal Information to:

  • Provide and improve its Services through business operations, such as Customer Support.
  • Communicate and deliver functionality and support.
  • Market its Services.
  • Manage security.
  • Comply with applicable laws and regulations

Certain Personal Information will be reported to government and regulatory authorities where required by law and for tax or other purposes. Personal Information may also be released to external parties as required or permitted by employment or other statutes and regulations, or by legal process, as well as to parties to whom individuals expressly authorize AGM to release their Personal Information. AGM will not sell any Personal Information to any third party other than in connection with the sale or transfer of all, or substantially all of AGM’s business or assets, or in connection with a merger, consolidation, or other reorganization.

AGM may be forced to disclose Personal Information when compelled by a lawful request made by a recognized public authority or where required to meet national security and or law enforcement requirements. AGM is subject to the investigatory and enforcement powers of the Federal Trade Commission (“FTC”) and or the Food and Drug Administration (“FDA”).

Personal Information may also be made available to third parties providing relevant services under contract, such as auditors and compliance managers, background verification, legal and IT hosting and maintenance providers, among others). AGM will maintain appropriate security and privacy measures with such third parties including how they hold and maintain any Personal Information that is provided to them.

6.   Protection of Personal Information

AGM is committed to ensuring that Personal Information is secure. In order to prevent unauthorized loss, alternation, destruction, access, use or disclosure of Personal Information, AGM maintains adequate physical, administrative and technical safeguards, including the following:

  • Accounts are only granted based on required job roles and removed upon termination.
  • Systems require user-identification and password protection.
  • Firewall protection and security software. Patches and updates are performed regulatory, including (but not limited to) operating system updates, malware, and anti-virus.
  • Secure disposable of storage media.
  • Encryption (where applicable).
  • Contractual agreements with third parties are implemented for the responsibility and physical protection of Personal Information.
  • Data is retained per AGM’s data retention policies.
  • Training is provided to all AGM personnel.

7.   Options for Personal Information

Individuals whose Personal Information has been collected by AGM shall have the right to access that data for review, modification or deletion.

Access to review, modify and or delete your Personal Information or otherwise manage the use and disclosure of your Personal Information (“opt-out”) may be initiated by contacting AGM in writing as follows:

AG Mednet, Inc.
The Pilot House, Lewis Wharf
Boston, MA 02110

Email: dataprotection@agmednet.com

Even after it has processed your request for a change or deletion, AGM may retain certain residual information in the backup and/or archival copies of AGM’s database for audit purposes, for its customers’ protection, and to comply with laws or regulations. For example, AGM will retain certain audit trail information for at least as long as is required for the subject electronic records, and it will be available for agency review and copying.

Within AGM’s Clinical Trial System (CTS), AGM does not monitor the content of images on the network for Personal Information. If notified by the customer that data retained by AGM contains Personal information, AGM will work with the customer to remove such data from its database and to alter the de-identification workflow as required by the customer to eliminate future occurrences.

8.   Notice

In instances in which AGM collects Personal Information directly from individuals, it will provide information about the type, use and purpose of the of Personal Information it collects, the identity of third parties to which AGM will disclose the Personal Information, and the choices and means that it offers individuals for limiting use and disclosure of such Personal Information, upon request.

In instances in which AGM receives Personal Information as a service provider for its clients, such clients are responsible for providing appropriate notice to (and obtaining any necessary consent from) the individuals whose Personal Information is transferred to the US.

9.   Changes

This Privacy Policy became effective on 30 Jan 2019 and is posted on AGM’s website (https://agmednet.com/privacy-statement/). However, the Privacy Policy, may be amended from time to time to meet changing business needs or to comply with legal requirements. If there are materials changes to the policy that AGM wants to highlight, it will also inform you in another appropriate way (e.g. via a notice on the AGM website).

10.        Dispute Resolution or Filing a Complaint

AGM commits to resolve complaints about your privacy and its collection or use of your Personal Information. Individuals with inquiries or complaints regarding this privacy policy should contact AGM via mail or email:

Corporate Headquarters:

AG Mednet, Inc.
The Pilot House, Lewis Wharf
Boston, MA 02110

Email: dataprotection@agmednet.com

AGM has further committed to refer unresolved privacy complaints under the EU-US and Swiss-US Privacy Shield Principles to BBB EU PRIVACY SHIELD, a non-profit alternative dispute resolution provider located in the US and operated by the Council of Better Business Bureaus. If you do not receive timely acknowledgment of your complaint, or if your complaint is not satisfactorily addressed, please visit www.bbb.org/EU-privacy-shield/for-eu-consumers/ for more information and to file a complaint. Under certain limited conditions it is possible to seek recourse through last resort binding arbitration.

Please note the name of the website or other online resource to which you provided the information, as well as the nature of the information that you provided. AGM will use reasonable efforts to respond promptly to requests, questions or concerns you may have regarding AGM’s use of Personal Information about you. Except where required by law, AGM cannot ensure a response to questions or comments regarding topics unrelated to this Privacy Policy or its privacy practices.