Privacy

Policy

Welcome to the website (the “Site”) of BioDirection, Inc. (“BioDirection,” “we,” “us,” or “our”). We are a medical device company developing novel and rapid point-of care diagnostics products (the “Products”).

We respect your privacy and are committed to protecting it as described in this privacy policy (the “Privacy Policy”). This Privacy Policy explains what Personal Data (defined below) we collect through this Site or other interaction with you, how we use and share that data, and your choices concerning our data practices.

Please read this Privacy Policy before using this Site or submitting any Personal Data to BioDirection and contact us at privacy@biodirection.com if you have any questions.

1. INFORMATION WE COLLECT

When you contact us or interact with our Site we collect information that alone or in combination with other information could be used to identify you (“Personal Data”) as follows:

Personal Data That You Provide:

Contacting Us; Requesting Content: We collect certain Personal Data about you if you voluntarily provide us with such information when you engage in certain activities, such as contacting us or filling in a form on our Site, asking to download content (such as brochures, studies or guides), registering for a webcast or other event. The Personal Data collected during these interactions may vary based on what you choose to share with us, but it will generally include your name, email address and phone number.

Social Media Pages: We may also collect Personal Data that you elect to provide to us when you interact with our pages on social media sites like LinkedIn and Twitter (“Social Media Pages”), or send us a social media message, such as your contact details. In addition, the companies that host our Social Media Pages may provide us with aggregate information and analytics regarding the use of our Social Media Pages.

Subscribing to Emailing Lists/Call or Meeting Requests: We collect email lists and information related to meeting or call requests. When you use the Site, you may be given the option to subscribe to or to be added to our subscription or email list, or to schedule a call/meeting.

Events. When you attend one of our live events (for example, trade shows) and interact with us, we will collect the Personal Data that you elect to provide.

Accessing to Secure Areas of Our Site: We collect information provided when you set up an account to access a secure area on our Site, which may include a partner or distributor account with us. We will collect your name, company information, phone number, email address and password of your choice, as needed to ensure that you can access that area of our Site.

Personal Data We Receive Automatically From Your Use of the Site:

When you visit, use and interact with the Site, we may receive certain information about your visit, use or interactions. For example, we may monitor the number of people that visit our Site, peak hours of visits, which page(s) are visited on our Site, the domains our visitors come from (e.g., google.com, yahoo.com, etc.), and which browsers people use to access and visit our Site (e.g., Firefox, Microsoft Internet Explorer, etc.), broad geographical information, and Site-navigation pattern. In particular, the following information is created and automatically logged in our systems:

  • Log Data: Information (“log data”) that your browser automatically sends whenever you visit the Site. Log data includes your Internet Protocol (“IP”) address (so we understand which country you are connecting from when you visit the Site), browser type and settings, the date and time of your request, and how you interacted with the Site.
  • Cookies: Please see the “Cookies” section below to learn more about how we use cookies.
  • Device Information: Includes name of the device, operating system, and browser you are using. Information collected may depend on the type of device you use and its settings.
  • Usage Information: We collect information about how you use our Site, such as the types of content that you view or engage with, the features you use, the actions you take, and the time, frequency and duration of your activities.

In addition, the Site uses Lead Forensics, a B2B sales and marketing enablement tool. The Lead Forensics tool uses a tracking code for identifying businesses visiting our Site based on their business IP addresses and matches such IP addresses to further business details that Lead Forensics holds in its databases. The Lead Forensics tracking code provides us with business related information that is readily available in the public domain. The Lead Forensics tool does not provide us with the visitors’ IP addresses. It provides us certain information regarding visits to our Site, such as what companies have visited our Site, the date and duration of their visit, and the web pages that they visit. This information allow us to analyze the use of our Site and eventually contact those companies about their experience or for sales purposes. Please visit https://www.leadforensics.com/privacy-policy/ for more information regarding Lead Forensics and its data practices.

2. HOW WE USE PERSONAL DATA

We use your Personal Data for the following purposes:

  • We use Personal Data that you provide to us (described above) to (i) respond to your inquiries, comments, feedback or questions, or process your request, and (ii) manage our relationship with you, which includes sending administrative information to you relating to our Site and changes to our terms, conditions, and policies, and asking you to leave a review or take a survey;
  • We use Personal Data that we collect automatically (described above) to (i) analyze how you interact with our Site and provide, maintain and improve the content and functionality of the Site and your user experience, develop our business and inform our marketing strategy (please also read the “Cookies” section below to learn how we use cookies); and (ii) administer and protect our business and the Site, prevent fraud, criminal activity, or misuses of our Site, and to ensure the security of our IT systems, architecture and networks (including troubleshooting, testing, system maintenance, support and hosting of data);
  • We may contact you by email, text and/or telephone to tell you about information we believe will be of interest to you, such as information about products and services, features, surveys, newsletters and upcoming events. If we do, where required by law, we will only send you marketing information if you consent to us doing so at the time you provide us with your Personal Data. You may opt out of receiving emails, texts or telephone calls by following the instructions contained in each communication we send you or by contacting us as explained at the bottom of this Privacy Policy. If you opt-out from our marketing lists, you will no longer receive marketing communications but we will continue to contact you regarding our Site and products and to respond to your requests.
  • When you browse the Site, we use cookies that can track some information about you, provided that you consent to our use of such cookies if required by the applicable law. We use this information to make the Site more intuitive and to suggest products or services that may be of interest to you. You can find more information about our use of cookies used on the Site by reading the “Cookies” section below.
  • We may use your Personal Data to comply with legal obligations and legal process and to protect our rights, privacy, safety or property, and/or that of our affiliates, you or other third parties.

For information about the lawful bases for processing we rely on, and the rights of individuals in the European Union (“EU”) and the United Kingdom, please see the “EU Users” section below.

3. HOW WE SHARE AND DISCLOSE PERSONAL DATA

In certain circumstances we may share your Personal Data with third parties without further notice to you, unless required by the law, as set forth below:

  • Vendors and Service Providers: To assist us in meeting business operations needs and to perform certain services and functions, we may share Personal Data with providers of hosting/cloud services and other information technology services providers; event management, email communication software providers and email newsletter providers; data base and sales/customer relationship management services; digital advertising and web analytics services (for more details on the third parties that place cookies through the Site, please see the “Cookies” section below). Pursuant to our instructions, these parties will access, process or store Personal Data in the course of performing their duties to us.
  • Business Transfers: If we are involved in a merger, acquisition, financing due diligence, reorganization, bankruptcy, receivership, sale of all or a portion of our assets, or transition of service to another provider, your Personal Data and other information may be shared in the diligence process with counterparties and others assisting with the transaction and transferred to a successor or affiliate as part of that transaction along with other assets.
  • Legal Requirements: If required to do so by law or in the good faith belief that such action is necessary to (i) comply with legal or regulatory obligations, including to respond to lawful requests from public authorities and to meet national security or law enforcement requirements, (ii) protect and defend our rights or property, (iii) prevent fraud, (iv) act in urgent circumstances to protect the personal safety of users of the Site, or the public, or (v) protect against legal liability.

4. DATA RETENTION

We keep Personal Data for as long as reasonably necessary for the purposes described in this Privacy Policy, while we have a legitimate business need to do so, or as required by law (e.g. for tax, legal, accounting or other purposes), whichever is the longer.

If you have elected to receive marketing communications from us, we retain information about your marketing preferences until you opt out of receiving these communications and in accordance with our policies.

To determine the appropriate retention period for your Personal Data, we will consider the amount, nature, and sensitivity of the Personal Data, the potential risk of harm from unauthorized use or disclosure of your Personal Data, the purposes for which we use your Personal Data and whether we can achieve those purposes through other means, and the applicable legal requirements.

5. UPDATE YOUR INFORMATION

If you need to change or correct your Personal Data, or wish to have it deleted from our systems, you may contact us at privacy@biodirection.com We will address your request as required by applicable law.

6. CALIFORNIA PRIVACY RIGHTS DISCLOSURES

Online Tracking and Do Not Track Signals: We may, and we may allow third party service providers to, use cookies to collect information about your browsing activities over time and across different websites following your use of the Site (please see the “Cookies” section below to learn more about how we use cookies). Our Site currently does not respond to “Do Not Track” (“DNT”) signals and operates as described in this Privacy Policy whether or not a DNT signal is received. If we do respond to DNT signals in the future, we will describe how we do so in this Privacy Policy.

Third Party Marketing: If you are a California resident and wish to opt out of sharing your Personal Data with third parties for their direct marketing purposes, please email BioDirection at privacy@biodirection.com and clearly state your request, including your name, mailing address, email address and phone number. Please see the “Your Choices” section of this Privacy Policy for additional information.

7. CHILDREN

Our Site is not directed to children who are under the age of 18. BioDirection does not knowingly collect Personal Data from children under the age of 18. If you have reason to believe that a child under the age of 18 has provided Personal Data to BioDirection through the Site please contact us as explained at the bottom of this Privacy Policy and we will endeavor to delete that information from our databases.

8. EU USERS

Scope. This section applies to individuals in the EU and the United Kingdom (for these purposes, reference to the EU also includes the European Economic Area countries of Iceland, Liechtenstein and Norway and, to the extent applicable, Switzerland).

Data Controller. BioDirection is the data controller for the processing of your Personal Data. You can find our contact information in the “Contact Us” section below.

Legal Bases for Processing. This Privacy Policy (the paragraph “How We Use Personal Data”) describes the purposes for which we use your Personal Data. Processing of such data is necessary for our legitimate interest in (i) responding to your requests, and conducting and protecting our business and operations, (ii) analyzing the use of our Site in order to develop and enhance the Site, (iii) sending you information on our own products and services that may be of interest to you and informing our marketing strategy, (iv) keeping our Site, network and information systems secure, and (v) enforcing or defending legal rights, or preventing damage. Please contact us as explained at the bottom of this Privacy Policy if you have any questions about the specific legal basis we are relying on to process your Personal Data. When we contact you by electronic means (such as email) for marketing purposes, our legal basis for the processing of your contact details is your consent which was given at the time you provided us with the Personal Data. When we use cookies other than strictly necessary cookies (described below), our lawful basis is your consent, which was given by accepting the cookies on our Site when browsing the Site.

As used above, “legitimate interests” means our interests in conducting our business and developing a business relationship with you. This Privacy Policy describes when we process your Personal Data for our legitimate interests, what these interests are and your rights. We will not use your Personal Data for activities where the impact on you overrides our interests, unless we have your consent or those activities are otherwise required or permitted by law.

Your Rights. Pursuant to the European Union General Data Protection Regulation (or GDPR), you have the following rights in relation to your Personal Data, under certain circumstances:

  • Right of access: If you ask us, we will confirm whether we are processing your Personal Data and, if so, provide you with a copy of that Personal Data along with certain other details. If you require additional copies, we may need to charge a reasonable fee.
  • Right to rectification: If your Personal Data is inaccurate or incomplete, you are entitled to ask that we correct or complete it. If we shared your Personal Data with others, we will tell them about the correction where possible. If you ask us, and where possible and lawful to do so, we will also tell you with whom we shared your Personal Data so you can contact them directly.
  • Right to erasure: You may ask us to delete or remove your Personal Data, such as where you withdraw your consent. If we shared your data with others, we will tell them about the erasure where possible. If you ask us, and where possible and lawful to do so, we will also tell you with whom we shared your Personal Data with so you can contact them directly.
  • Right to restrict processing: You may ask us to restrict or ‘block’ the processing of your Personal Data in certain circumstances, such as where you contest the accuracy of the data or object to us processing it (please read below for information on your right to object). We will tell you before we lift any restriction on processing. If we shared your Personal Data with others, we will tell them about the restriction where possible. If you ask us, and where possible and lawful to do so, we will also tell you with whom we shared your Personal Data so you can contact them directly.
  • Right to data portability: You have the right to obtain your Personal Data from us that you consented to give us or that was provided to us as necessary in connection with our contract with you, and that is processed by automated means. We will give you your Personal Data in a structured, commonly used and machine-readable format. You may reuse it elsewhere.
  • Right to object: You may ask us at any time to stop processing your Personal Data, and we will do so:
    • If we are relying on a legitimate interest to process your Personal Data — unless we demonstrate compelling legitimate grounds for the processing or we need to process your data in order to establish, exercise, or defend legal claims;
    • If we are processing your Personal Data for direct marketing. We may keep minimum information about you in a suppression list in order to ensure your choices are respected in the future and to comply with data protection laws (such processing is necessary for our and your legitimate interest in pursuing the purposes described above);
  • Right to withdraw consent: If we rely on your consent to process your Personal Data, you have the right to withdraw that consent at any time. Withdrawal of consent will not affect any processing of your data before we received notice that you wished to withdraw consent.
  • Right to lodge a complaint with the data protection authority: If you have a concern about our privacy practices, including the way we handled your Personal Data, you can report it to the data protection authority that is authorized to hear those concerns.

Please see the “Contact Us” section below for information on how to exercise your rights.

9. LINKS TO OTHER WEBSITES

The Site may contain links to other websites not operated or controlled by BioDirection, including social media services (“Third Party Sites”). The information that you share with Third Party Sites will be governed by the specific privacy policies and terms of service of the Third Party Sites and not by this Privacy Policy. By providing these links we do not imply that we endorse or have reviewed these sites. Please contact the Third Party Sites directly for information on their privacy practices and policies.

10. COOKIES

Overview. We use cookies that are necessary to operate and administer our Site. In addition, where you give permission, we may use cookies to make it easier for you to use the Site during future visits, and gather usage data on our Site. This is described in more detail below.

What Are Cookies: A “cookie” is a piece of information sent to your browser by a website you visit. Cookies can be stored on your computer for different periods of time. Some cookies expire after a certain amount of time, or upon logging out (session cookies), others survive after your browser is closed until a defined expiration date set in the cookie (as determined by the third party placing it), and help recognize your computer when you open your browser and browse the Internet again (persistent cookies). Our Site uses cookies from the third parties described below. For more details on cookies please visit All About Cookies.

Type of Cookies Used: We use the following tools on our Site:

  • Strictly necessary cookies: Used to provide users with services available through the Site and to use some of its features, such as the ability to log-in and access secure areas. These cookies are essential for using and navigating the Site. Because these cookies are strictly necessary to deliver the Site, users cannot refuse them.
  • Analytics:
  • We use Google Analytics, a web analytics service provided by Google, Inc. (“Google”). Google Analytics uses cookies to help us analyze how users use the Site and enhance your experience when you use it, for example by making sure you can easily find what you need. Google Analytics collects information such as number of page views, number of visitors, and time spent on each page. For more information on how Google uses this data, go to https://google.com/policies/privacy/partners/. For information on their expiration, read here. You can prevent your data from being collected by Google Analytics on our Site by downloading and installing the Google Analytics Opt-out Browser Add-on for your current web browser at the following link: Google Analytics Opt-out Browser Add-on.
  • The Lead Forensics cookie, is a small text file that is stored on the browser or hard drive of a computer or mobile device when someone visits your website. Cookies are widely used to make websites more efficient for users and to provide insight to the website operator. The Lead Forensics cookie structure and operation is standard, and has the purpose of:
    1. Providing you, the website operator with more granular insight with regard to how your website visitors use and navigate around your website
    2. Providing you, the website operator with richer data from your purchase of the Lead Forensics software

Your Choices. On most web browsers, you will find a “help” section on the toolbar. Please refer to this section for information on how to receive a notification when you are receiving a new cookie and how to turn cookies off. Please see the links below for guidance on how to modify your web browser’s settings on the most popular browsers:

Please note that if you limit the ability of websites to set cookies, you may be unable to access certain parts of the Site and you may not be able to benefit from the full functionality of the Site.

Most advertising networks offer you a way to opt out of targeted advertising. If you would like to find out more information, please visit the Network Advertising Initiative’s online resources at http://www.networkadvertising.org and follow the opt-out instructions there or if you are located in the European Union or the United Kingdom, visit the European Interactive Digital Advertising Alliance’s Your Online Choices opt-out tool here.

If you access the Site on your mobile device, you may not be able to control tracking technologies through the settings.

11. SECURITY

You use the Site at your own risk. We comply with industry standards to protect Personal Data both online and offline from loss, misuse, and unauthorized access, disclosure, alteration or destruction. However, no Internet or e-mail transmission is ever fully secure or error free. In particular, e-mail sent to or from us may not be secure. Therefore, you should take special care in deciding what information you send to us via the Site or e-mail. Please keep this in mind when disclosing any Personal Data to BioDirection via the Internet. In addition, we are not responsible for circumvention of any privacy settings or security measures contained on the Site, or third party websites.

12. YOUR CHOICES

Whether or not you provide Personal Data to us is completely up to you, but if you choose not to provide information that is needed to use some features of our Site, you may be unable to use those features. You can also contact us at privacy@biodirection.com to request access to your data or to ask us to update, correct, or delete your Personal Data.

13. CHANGES TO THE PRIVACY POLICY

The Site, and our business may change from time to time. As a result we may change this Privacy Policy at any time. When we do we will post an updated version on this page, unless another type of notice is required by the applicable law. By continuing to use our Site or providing us with Personal Data after we have posted an updated Privacy Policy, or notified you if applicable, you consent to the revised Privacy Policy and practices described in it.

14. INTERNATIONAL TRANSFER

BioDirection is based in the United States. If you are accessing our Site from the EU or other regions with laws governing data collection and use, please note that your Personal Data will be transferred to and stored in the United States as necessary for the purposes described in this Privacy Policy, and the data may be transmitted to our service providers supporting our business operations (described above). The United States may have data protection laws less stringent than or otherwise different from the laws in effect in the country in which you are located.

Where we transfer your Personal Data as described above we will take steps to ensure that your Personal Data receives an adequate level of security protection where it is processed and your rights continue to be protected. For more information, please contact us as described below.

15. CONTACT US

If you have any questions about our Privacy Policy or the information practices of the Site, please feel free to contact us at +1 508.599.2400 or privacy@biodirection.com.  If you are an individual in the EU, you can also contact DataRep, who has been appointed as the Company’s representative in the EU pursuant to Article 27 of the GDPR on matters related to the processing of personal data activities that take place in the EU. To make such an inquiry, please contact DataRep at biodirection@datarep.com.