Regulations on Personal Data Protection (Policy on Personal Data)
1. General Provisions
1.1. Scanfert LLC, hereinafter referred to as the "Operator", acting in accordance with the legislation of the Russian Federation, being the administrator of the following website(s) in the Internet: scanfert.clinic (hereinafter referred to as the "Website", "Websites") in order to prevent unauthorized use of personal data received from each of the visitors (users) of the above Websites, hereby determines the procedure for processing personal data of the Websites users.
1.2. These Regulations are designed to streamline processing the personal data of the Website users and is aimed at ensuring compliance with the legitimate rights and interests of users, ensuring the protection of their rights and freedoms when processing personal data, including protection of privacy rights, personal and family secrets in connection with the need to obtain, collect, systematize, analyze, store and, if necessary, transfer (grant access) the information within the limits defined herein, constituting their personal data to achieve the legitimate aims for operation of the Websites.
1.3. The user’s personal data is any information related to a specific user (personal data owner) provided by it voluntarily and necessary to the Websites in connection with the purpose of their activities including:
- The user's surname, first name, and patronymic;
- The user's e-mail address (e-mail);
- The user's phone number;
- Other information reported by the user on the basis of which identification of the personal data owner is possible.
1.4. Information about the User's personal data is classified as confidential (constituting a secret of the Websites protected by the law). The confidential treatment for personal data is removed in cases provided for by the law.
1.5. The Operator has the right to carry out all legitimate necessary actions with the received users’ personal data connected solely with the achievement of the purpose for which the Websites are created and used.
2. Basic Concepts
Personal data are any information related directly or indirectly to a particular or defined individual (personal data owner).
User is a person who uses the telecommunication channels to access content and services of the Websites.
The Operator is a person who independently or collectively with other persons organizes and / or carries out personal data processing, as well as defines the purposes of personal data processing, the composition of personal data subject to processing, actions (operations) performed with personal data.
Personal data processing is any action (operation) or a set of actions (operations) performed using automation means or without using such means with personal data, including collection, recording, systematization, accumulation, storage, amendment(updating, modification), extraction, use, transfer (distribution, provision, access), depersonalization, blocking, deletion, destruction of personal data.
Personal data distribution is actions aimed at disclosing personal data to an undetermined number of persons.
Personal data provision is actions aimed at disclosing personal data to a specific person or a certain number of persons.
Personal data blocking is temporary termination of personal data processing (except for cases when processing is necessary for personal data updating).
Personal data destruction is an action that makes it impossible to restore the contents of personal data in the personal data information system and (or) as a result of which the tangiblepersonal data media are destroyed.
Personal data depersonalization is an action that makes it impossible to use the additional information to determine whether personal data belong to a particular personal data owner.
Information is details (messages, data) regardless of the form of their presentation.
Documented information is information recorded on a material medium by documenting information with details that allow determining of such information or its tangible medium.
3. Personal Data Processing
3.1. The source of information about the user’s personal data is directly the user of any of the Operator’s Websites. The Operator does not receive or process personal data from other sources. By registering on any of the Operator's Websites, or by completing the feedback form, the user thereby agrees to its personal data processing for the purpose of providing information services. The user confirms its rights in relation to the account thus created.
3.2. When processing personal data, the Operator must take the necessary legal, organizational and technical measures to protect personal data from unauthorized, improper or accidental access thereto, distributiondestruction, modification, blocking, copying, provision, distributionas well as other illegal actions in relation to personal data:
- limiting and regulating the composition of employees who have access to personal data;
- implementation of a permissive system for users' access to information resources, software and hardware for information processing and protection;
- implementation of antivirus control, prevention of malicious programs (virus programs) and program bookmarks introduction into the corporate network;
- intrusion detection into the Operator's corporate network that violates or creates prerequisites for violating established requirements for ensuring the personal datasecurity;
- information backup;
- access control to the Operator’s territory;
3.3. When determining the scope and content of personal dataprocessed, the Operator is guided by the Constitution of the Russian Federation, Federal Law No. 152-FZ dated July 27, 2006 (as amended on July 25, 2011) "On Personal Data".
3.4. Protection of the user's personal data against their unauthorized use is provided by the Operator at its own expense in the manner prescribed by the federal law.
4. Access to Personal Data
The Operator undertakes to ensure that unauthorized and inappropriate access to the personal data of Websites’ users is prevented. In this case the authorized and appropriate access to the personal data of the Websites’ users will be the access of the persons authorized by the Operator within the framework of the Websites’ objectives and the scope.
The Operator undertakes not to transfer personal data to third parties without the user's consent, except for cases provided for by the legislation of the Russian Federation.
5. User's Rights
The Website’s user has the right to receive information regarding its personal data processing. The Website’s user has the right to appeal to the authorized body for the protection of the rights of personal data owners or in the judicial order the illegal actions or omissions of the Website when processing and protecting its personal data.
6. Information Messages
By completing the feedback form or registering on the Website, or by using other website services, the User agrees to receive information and advertising mailings via e-mail, SMS, as well as at the phone number specified by the User, weekly or periodically. To revoke its consent, the User can address to the Operator by sending a written application, by e-mail: firstname.lastname@example.org.
This notice describes how information about you may be used and disclosed and how you can get access to this information. Please review it carefully.
This Notice of Privacy Practices is being provided to you on behalf of Scanfert LLC (referred to herein as “we”). We understand that your personal information and medical information that may be provided to us by your fertility practice is private and confidential. While we are acting not only as a healthcare entity, but also as independent agency authorized by clinic Ava-Peter (AVA-PETER LLC) to promote its services to foreign patients, we are required by law to maintain the privacy of “protected health information.” Protected health information includes any individually identifiable information that we obtain from you or others that relates to your past, present or future physical or mental health, the health care you have received, or payment for your health care.
Although your health record is the physical property of your fertility practice, the minimal amount necessary of your medical information, related to your treatment has been shared with Scanfert LLC so that we may keep an accurate accounting of quality and outcomes that frozen eggs from the network have produced.
Portions of your health record have been shared with Scanfert LLC from your fertility practice. You have a right to:
- request a restriction on certain uses and disclosures of your information as provided by applicable law;
- obtain a paper copy of this Notice of Privacy Practices upon request
- inspect and copy the information we received from your healthcare provider (clinic Ava-Peter) as provided for by applicable law.
- request an electronic copy of your electronic file with us.
- request to amend the information we have on file with you as provided by applicable law obtain an accounting of disclosures of the information we received as provided by applicable law.
- notify us if we may NOT disclose information to a spouse, family member or other person you have authorized
- request communications of the information we have received by alternative means revoke your authorization to use or disclose the information we have on file except to the extent that action has already been taken transmit copies of your information to third parties when request by you, in writing
We are required to:
- maintain the privacy of the health information we receive from your healthcare provider (clinic Ava-Peter).
- provide you with a notice as to our legal duties and privacy practices with respect to information we collect and maintain about you
- abide by the terms of this notice
- notify you if we are unable to agree to a requested restriction of your information
- accommodate reasonable requests you may have to communicate information by alternative means or at alternative locations
- where required by law, notify you in the event that there has been a breach of your unsecured health information
- protect the identity of each donor
We reserve the right to change our practices and to make the new provisions effective for all protected health information we maintain. Should our information practices change, we will post the revised Notice of Privacy Practices on our website at www.scanfert.clinic and provide you with a hard copy upon request.
We will not use or disclose your information without your authorization, except as described in this notice. We will not sell your information (unless permitted by law) or use or disclose such information for paid marketing (for which we receive payment from a third party) without your authorization. If we obtain your authorization, you may revoke it at any time, and this revocation will take effect except where we have already relied upon your authorization.
Permitted Uses and Disclosures
We will disclose your information in a de-identified way for quality control and regulatory reporting requirements. For example, among other items, the embryological development of embryos, uterine lining and pregnancy outcome are captured which allows us to identify quality trends.
Your fertility practice will share your health information in the attempt to authorize you to participate in the Assured Refund Plan. While we request a standard template amount of information, it is sometimes necessary for us to request operative reports among other items to confirm a decision to participate in the financial plan. In good faith we will ensure the security of this information.
We will use and disclose your health information for our business operations. For example: Members of the staff or members of the quality improvement team may use information in your health record to assess the care and outcomes in your case and others like it. This information will then be used in an effort to continually improve the quality and effectiveness of the services we provide.
Other Uses or Disclosures of Protected Health Information
Business Associates: There are some services provided at Scanfert LLC for whom we use business associates. When these services are contracted, we may disclose your health information to our business associate so that they can perform the job we have asked them to do. So that your health information is protected, however, we require the business associate to appropriately safeguard your information.
Notification: We may disclose information on the phone voice mail that you have provided us. We attempt to leave the minimal information necessary unless you have authorized the security of your voice mail. After coordinating with your fertility practice, we may also send you information to the address provided should in the future we need to notify you of an adverse outcome from either the donor or offspring of the donor.
Communication with Spouse/Family: Using our best judgment, we may disclose to your spouse, family member, or any other person you identify, information related to your services received from us. If you do not want these disclosures made, it is your responsibility to notify us.
Research: We may disclose information to researchers after we have reviewed the research proposal and established protocols to ensure the privacy of your information.
Marketing: Where permitted by law, we may contact you to tell you about or recommend possible services that may be of interest to you. We will also send to you our newsletter and other updates via our company. You may choose to opt out of this marketing and/or educational information.
Public Health: As required by law, your health information may be used or disclosed for public health activities such as assisting public health authorities or other legal authorities to prevent or control disease, injury, disability or for other health oversight activities.
Fundraising: We do not disclose health information for fundraising purposes.
Law Enforcement: We may disclose health information for law enforcement purposes as required by law, or in response to a valid subpoena. Federal law makes provision for your health information to be released to an appropriate health oversight agency, public health authority or attorney, provided that a workforce member or business associate believes in good faith that we have engaged in unlawful conduct or have otherwise violated professional or clinical standards and are potentially endangering one or more clients, workers or the public.
While it is unlikely that Scanfert LLC would have access to HIV-related information, genetic information, mental health records and other specially protected health information, it should be noted that this health information may be subject to certain special confidentiality protections under Federal law. Any disclosures of these types of records will be subject to these special protections.
For More Information or to Report a Problem/Complaint
If you believe your privacy rights have been violated, you should immediately contact: Natalya Stafeeve, Scanfert LLC, +7 812 456 03 06 or via mail at Nevsky pr. 22-24, 200-N, Saint-Petersburg, Russia, 191186, or by e-mail: email@example.com
Personal information, including contact and/or demographic information, is gathered from users who choose to register with the Scanfert LLC website and or enroll with the program. This can include information unique to an individual such as your name, mailing address, email address, phone number, marital status and/or date of birth. This information will solely be used to supply or facilitate the products and/or services requested by you, our user. Registration will require each user to create a login identifier and a password. Registered users are responsible for taking reasonable steps to ensure that no unauthorized person has access to their password or account login information. Registered users may contact us directly to update the personal information in their accounts or have their password modified. Registered users may also contact us to un-subscribe from the program.
Third-Party Vendors/Content Providers
Scanfert LLC will occasionally engage reputable third-party vendors to help us manage our website, provide content and information and enable us to interact better with you our user. These third-party vendors may have access to your personal information and/or your activities on our site.
Links to Third-Party Websites
This website may contain links to other web sites that Scanfert LLC does not own or control. We do not endorse the content on any third-party websites and are not responsible for the privacy concerns of any third-party websites.
Scanfert LLC takes reasonable steps to ensure the security of its website infrastructure and data, including hosting the website in a secure data facility and encrypting network and data transmissions to and from our data facility. Although we endeavor to protect personal information, Scanfert LLC makes no guarantees or warranties concerning the security of any information you disclose or transmit to us through online applications or browsers, and you do so at your own risk.
If you have any questions or would like further information about this notice, please contact Natalya Stafeeva at the above address.