Who we are and how to contact us?
What information do we collect?
The following types of personal information about you may be collected: name; address; phone number; e-mail address; credit card information; bank account information; and geographical location.
The main ways Isosceles collects your information are as follows: contacting us directly via our websites, by phone, or by e-mail; and buying a product or service directly from Isosceles, either on its website or via phone or e-mail. Isosceles may also obtain this type of information, in addition to health/medical-related information through its vendors and clients in order to provide services and complete contracts.
If you are under 16, please do not provide us with any of your information unless you have the permission of your parent or guardian.
How do we use personal information?
Isosceles uses your personal information mainly for internal account set-up, administration purposes, performing contracted services and providing products through contracts. We may also use your personal information for delivering marketing and event information.
What legal basis do we have for processing your personal data?
Isosceles’ legal basis for processing personal data is through consent and contract. Consent generally stems from agreeing to provide information in order for us to set up an account internally, make payments, complete contract service provisions, or send newsletters. Contracts generally result from the provision of services or products. Specifically, health/medical information is obtained as a result of the roles we play in contracts for services with clients and vendors.
When do we share personal data and where do we store and process it?
Because Isosceles does business globally, your personal data may be accessed by our staff, agents or contractors from various countries, including those outside the European Economic Area. Personal data will only be shared where necessary to perform services requested, to provide requested products, or to conduct business operations. Personal data is generally shared orally or via e-mail and is stored in our Boston, Massachusetts location. By submitting your personal data to Isosceles, you are agreeing to the transfer, storage, or processing of such information.
All information will be handled with appropriate safeguards, such as non-disclosure agreements and contractual clauses, and in accordance with our security policy, which can be accessed here.
How do we secure personal data?
Isosceles uses the technical and organization measures necessary, such as encryption and authentications tools, to protect personal data from loss, destruction, access to third parties, and unauthorized changes. While secure transmission via the internet, e-mail, or a website is not guaranteed, Isosceles and the companies it does business with work hard to maintain safeguards that protect your personal data. These measures include compliance with federal, state and international requirements, in addition to the following:
- Restricted access to your data on a “need to know” basis;
- Firewalled IT systems to prohibit unauthorized access;
- Permanently monitored access to IT systems to detect and stop misuse of personal data;
- Changing of passwords;
- Training of staff on data security;
- E-mail is filtered and blocked to identify spam and malicious e-mail;
- All computers are equipped with a file shredder for permanent deletion of confidential electronic documents; and
- Periodic threat assessments.
Additional information on our Security Policy can be accessed here.
How long do we keep your personal data for?
We retain your information only as long as is necessary and only for the purpose for which we obtained them. We restrict access to your information to only those persons who need to use it for the relevant purpose.
Our retention periods are based on business needs and your information that is no longer needed is destroyed securely.
In regard to your information used to perform any contractual obligation with you, Isosceles may retain that data while the contract remains in force plus seven years for legal purposes and to answer any questions that may arise after such contract has been completed.
Your rights in relation to personal data
You have the right to request access to, rectify, withdraw, erase, or restrict the processing of your personal data, to object to it being processed, and to data portability. You may contact Isosceles to exercise any of these rights. However, these rights may be limited depending on the circumstances, such as if we are required to keep certain information according to law.
We hope that we can resolve any question or concern you have about use of your personal data. You do however, have a right to lodge a complaint with the appropriate supervisory authority if Isosceles’ processing of your personal information infringes on data protection regulations.
Last updated May 24, 2018