EPIOMED

Epiomed Oy Privacy Notice

Updated October 17th 2023.

Introduction

EpioMed Oy respects your personal privacy and therefore, stores personal data only necessary for our primary functionalities. This Privacy Notice describes the data that we collect about you on our "Opas"-Platform and how we use, disclose and protect that data. Furthermore, we list your rights and choices you may make with respect to it.

Opas Platform

Opas Platform is developed by Epiomed Oy. In this Privacy Notice, by "Platform" we refer to the application published under name "Opas" for IOS and Android devices as well as to service available at https://epiomed.fi/opas/web/. Material published on the Platform is intended for pharmaceutical information delivery purposes. Such information is provided by third party pharmaceutical companies. Further information is available in Terms and Conditions at https://epiomed.fi.

Personal data we collect

By "Personal Data" we refer to data that identifies you as an individual or relates to an identifiable individual. For our Plarform, the necessary Personal Data is fimnet user account which is utilised to identify user permission to access the pharmaceutical material. Fimnet user account is collected during the authentication process. A detailed Fimnet service description can be found at fimnet.fi.

In addition to the fimnet user account, user defined favorite brochure information is stored at Epiomed data storages. User can at any time refuse to hand over prescribed personal data. However, in such occasion, access to the Platform will be denied.

How we may use your personal data

We may use your personal data as follows:

  • To identify that the user is a licenced medical doctor in Finland or a healthcare professional permitted to prescribe or to deliver pharmaceutical products.
  • To provide Platform functionality and fulfill your requests when we have a contractual relationship or a legitimate interest.
  • To develop the Platform.
  • Manage and maintain the network and information system security and improve, test or develop new IT systems and applications.
  • Ensure the safety of the Platform by investigating incidents and taking action against any illegal or harmful behavior on the Platform and by assisting law enforcement and regulatory bodies.
  • Report the adverse events you notify us about.
  • Handling of data received via any feedback channel on the Platform.
  • Meet regulatory and industry requirements.
  • Comply with applicable laws and regulations.
  • Defend Us against potential or actual legal claims.
  • Part of business arrangements.

We may also process your data based on the legitimate interests of Epiomed Oy. Such legitimate interests are e.g. ensuring network and information systems security, data analytics, ennhancing and improving our services, identifying usage trends, and fraud prevention.

Data security

Epiomed utilises reasonable organizational, technical and administrative measures to protect your Personal Data. Whenever using services from a third party, the provider is chosen carefully and it is expected to utilise appropriate measures to protect Personal Data. Service is expected to comply with this Privacy Policy.

Epiomed Oy utilises various cybersecurity technologies to protect your Personal Data from unauthorized access, use or distribution. However, a 100% secure data transmission or storage system is not considered technologically possible.

Retention period

We will retain your Personal Data for as long as you are actively using the Platform. The retention period is defined as one year since previous sign-in instance. In case there is a legal obligation to which we are subject, we may retain your Personal Data for longer periods. After the retention period, your Personal Data is deleted permanently.

Third-party services

Any Personal Data collectedby the Platform is not distributed to any third-party. Anonymized statistics on Platform usage may be distributed to third-party collaborators for development purposes.

The Platform may include website links to third-party services. This Privacy Notice does not address, and we are not responsible for, the data collection, use, disclosure or security practices, or other practices on such websites. Explicit website links on the Platform does not imply our endorsement of the linked web service.

International data transfer

Personal data we collect through the Platform may be stored and processed in any country, including the U.S, in which we engage third-party service providers. Primarily, these service providers locate within the European Economy Area. Independent of country, we ensure that the third-party complies with adequate level of data protection according to EEA standards (including the U.S data privacy framework) and conforms to this Privacy Notice.

Your rights and how to exercice them

Your rights will depend on the Finnish law and in principle your rights are as follows:

  • Request information on how we process your personal data.
  • Request access to the personal data we hold about you.
  • Ask that we correct any mistakes to the personal data we have about you which you think is inaccurate or incomplete.
  • Request us to delete your personal data.
  • Request portability of your personal data.
  • Object to our processing of your personal data, where the law permits this right to you.
  • Withdraw consent for any processes that required consent.
  • Complain to your local data protection authority.

You may exercice your rights by contacting us according to contact information listed at the end of this Privacy Notice.

If any of the above requests places Epiomed Oy in breach of its obligations under Finnish laws or regulations, we may not be able to comply with your request, but you may still be able to request that we block or restrict the use of your personal information for further processing.

Contact information

Epiomed Oy

Metsänpojankuja 5 C 60,

02130 Espoo,

Finland

In case of any inquiry on this Privacy Notice, please contact: john@ggltd.com