Last modified: February 25, 2020
You are in control of your information
- You control who can access your personal health information. By default, you are the only user who can view and edit your information. If you choose to, you can share your information with others.
- You can completely delete your information at any time. Deletion will be initiated immediately, and your information will be purged from your account shortly thereafter. Additional backup copies of deleted information may persist for a short time. Cimar will not retain your information once deleted. Therefore, you may want to print your information before deleting it.
- Cimar acknowledges that EU and Swiss individuals have the right to access the personal information/data that we maintain about them. An individual who seeks access, or who seeks to correct, amend, or delete inaccurate data, should direct a query to firstname.lastname@example.org. If requested to remove data, we will respond within a reasonable timeframe.
How Cimar® uses your information
- To store your information in Cimar, you will need a Cimar Account. When you create a Cimar Account, Cimar asks for your email address and a password, which is used to protect your account from unauthorized access. You can use an existing Cimar Account or create a new Cimar Account specifically for this purpose.
- Cimar’s servers automatically record log information about your use of Cimar (such as the number of sign-ins and number of times a link was clicked). This information is temporarily stored in association with your Cimar Account for two weeks, at which point it is aggregated with other data and is no longer associated with your account. The log information will be used to operate and improve the service and will not be correlated with your use of other Cimar services.
- Cimar periodically publishes trend statistics and associations (e.g. as published in Cimar Trends). Cimar may use data from your Cimar Account as part of an aggregated data set when publishing these trends, statistics and associations (e.g., Cimar has found that one gender uses some modalities more than the other gender). These aggregated data sets do not contain any personally identifiable information and cannot be linked to you.
- Certain features of Cimar can be used in conjunction with other Cimar products, and those features may share information to provide a better user experience and to improve the quality of our services.
Sharing your information with people and services you trust
This section is specific to Cimar® products:
- If you share your information with others, you can view a list of who has access to your information, and you can revoke sharing privileges at any time. When you revoke someone’s ability to read your health information, that party will no longer be able to read your information but may have already seen or may retain a copy of the information.
- Most, if not all of these third-party service providers will be covered by National health privacy laws (such as the Insurance Portability and Accountability Act, or “HIPAA”) or GDPR, and those laws will govern how they may use and share your information. HIPAA requires (as does Cimar) that you must authorize these providers to send information to your Cimar account. With that authorization, you also give them permission to send certain especially sensitive types of health information (such as mental health or substance abuse records) that are protected by law and require special authorization. When you ask Cimar to send your health information to others, you will also be giving Cimar permission to send those sensitive types of health information.
- All entities or business associates covered by HIPAA are contractually required to comply with HIPAA’s rules related to collection, use, and sharing of your information. All other third-party service providers are contractually required to abide by the Cimar Developer Policies, which require that they comply with strict privacy standards for how they collect, use, or share your information.
EU General Data Protection Regulation (GDPR)
- Cimar may use information provided from you as a user to send marketing and product information. This information is not sold to a third party and is based upon a previous legitimate interest in our products and services. You may revoke this right and have your data removed from these communication lists at any time by clicking the unsubscribe link in the communications or contacting the Cimar Customer Service Group at email@example.com
- Your healthcare data will be stored in the Cimar system indefinitely, or until such time you request your data be removed or transferred to another system, or until your care provider terminates their account with Cimar.
- Incorrect information in your records can be rectified through your care provider or contacting Cimar Customer Service.
- Should you have additional questions, or would like more information on how your data is collected, stored, or processed, please contact our Data Protection Officer at the following address:
Cimar UK Ltd
152 – 160 City Rd
London EC1V 2PD
+44 (0) 20 3904 0330
If you have additional questions, please contact us any time. Or write to us at the above address or email firstname.lastname@example.org