We, Cymetryc Inc. (“Company”, “we”, “us”, “our”) are the owners of the website cymetryc.com (the “Website”), the website based application available at https://portal.cymetryc.com (the “Web Application”) and computer based software named Cymetryc Desktop (the “Application”). The Website showcases our product and service offerings related to testing, validation and acceptance proof of various clinical software/applications. The Application is a software that facilitates manual clinical software testing. The Web Application and Application are collectively referred to as the Cymetryc Solution (the “Solution”).
We respect data privacy rights and are committed to protecting personal information collected on the Website and Solution. This privacy notice (“Privacy Notice”) sets forth how we collect, use and protect the personal information collected on the Website and/or the Solution.

PLEASE READ THIS PRIVACY NOTICE CAREFULLY. BY CLICKING ON THE CONSENT CHECK BOX, AND BY PROVIDING US PERSONAL INFORMATION, YOU CONSENT TO OUR USE OF YOUR PERSONAL INFORMATION IN ACCORDANCE WITH THE TERMS OF THIS PRIVACY NOTICE. IF YOU DO NOT AGREE TO THIS PRIVACY NOTICE, YOU MAY WITHDRAW YOUR CONSENT OR ALTERNATIVELY CHOOSE NOT TO PROVIDE YOUR PERSONAL INFORMATION ON THE WEBSITE AND/OR THE SOLUTION. SUCH AN INTIMATION TO WITHDRAW YOUR CONSENT CAN BE PROVIDED BY EMAIL TO dpo@cymetryc.com

IF YOU ARE ACCESSING THE WEBSITE AND/OR THE SOLUTION ON BEHALF OF A THIRD PARTY, YOU REPRESENT THAT YOU HAVE THE AUTHORITY TO BIND SUCH THIRD-PARTY TO THE TERMS AND CONDITIONS OF THIS PRIVACY NOTICE AND, IN SUCH AN EVENT YOUR USE OF THE WEBSITE AND/OR THE SOLUTION SHALL REFER TO USE BY SUCH THIRD PARTY. IF YOU DO NOT HAVE SUCH AN AUTHORITY (TO PROVIDE ANY PERSONAL INFORMATION OF A THIRD PARTY) OR DO NOT AGREE TO THE TERMS OF THIS PRIVACY NOTICE, THEN YOU SHOULD REFRAIN FROM USING THE WEBSITE AND/OR THE SOLUTION.

This Privacy Notice is an electronic record in the form of an electronic contract being compliant and construed in accordance with data protection laws of the applicable jurisdictions.

Definitions

• “User/s”, “you”, “your” shall mean and include individuals who visit, access, and/ or use the Website.
• “Customer” shall mean and include persons, companies, and entities who have purchased/ subscribed to our Application and other services.
• “Controller” means the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of Personal Information.
• “Processor” means a natural or legal person, public authority, agency or other body which processes Personal Information on behalf of the Controller.
• “Solution User/s” shall mean and include permitted users of the Customer and the Company that access the Solution.

Personal Information Collected on the Website

For the purpose of this Privacy Notice, “Personal Information” means all information that can be used to personally identify a person, including but not limited to, first and last name, email address, company name, designation and contact number.
When the Company receives information from the Users of the Website, the Company acts as a Controller. If you have any questions related to the handling of your Personal Information by the Company or to exercise your rights, you can contact us at dpo@cymetryc.com.
For Personal Information provided by or collected on behalf of Customer, Company acts as a Processor, for more information please refer to Clause 3 of this Privacy Notice.
We may collect your Personal Information through the Website in the following instances:
Personal Information collected when you contact us:
When you contact us through our Website or write to us on our email address, we may collect your Personal Information, including name, contact number, email address and any other information that you provide us.
Personal Information collected for recruitment purposes:
We may collect Personal Information from Applicants when they apply for a job at our Company through the careers page on our Website. We recommend that all applicants refer to the Applicant Privacy Notice.

Social media platforms:
We may also collect, store and use your Personal Information when you access social media pages operated by us on Facebook, Twitter, and/or LinkedIn.

Processing of Personal Information and Protected Health Information

For the purpose of this Privacy Notice, Protected Health Information shall mean individually identifiable health information that is:

• Transmitted by electronic media;
• Maintained in electronic media; or
• Transmitted or maintained in any other form or medium.

The Company may be contracted by the Customer for testing pre-production environments and/or the Customer’s Solution Users may use the Solution for pre-production environment testing activities. In these cases, the Company does not intend to collect, use, store, access Protected Health Information in any manner.
The Customer’s Solution Users may also use the Solution for testing environments where Protected Health Information is stored. In this case, the Customer is the Data Controller, and the Company acts as a Data Processor. Any processing of Protected Health Information will be governed by the contracted data processing or business associate agreement with the Company. The Customer may instruct their Solution Users to redact any Protected Health Information from data/screenshots/etc. so that they are not recorded in the Solution.
When the Customer supplies the necessary Personal Information to the Company to register their Solution Users, the Customer is the Data Controller, and the Company acts as a Data Processor.

The Company as a Data Processor: The Customer has complete control over the Personal Information and/or Protected Health Information and sets the purpose and means of processing. We process such Personal Information and/or Protected Health Information only on behalf of and on the instructions of the Customer and for the purposes of rendering our Services to the Customer.
Customer Privacy Policy: If you are the Customer’s Solution User and your Personal Information and/or Protected Health Information was shared with us by the Customer, the privacy policy of the Customer, on whose behalf we collect and process the Personal Information and/or Protected Health Information, will apply. This means that any enquiry, request, objection or complaint that you as a Solution User may have in connection with the collection and/or processing of Personal Information and/or Protected Health Information that forms part of your usage of the Solution should be addressed to and resolved by the Customer solely.
Customer Responsibility: The Customer represents that it has acquired all necessary consents and/or relies on other appropriate legal basis for the processing of Personal Information and/or Protected Health Information. Customer confirms that end-users have been informed about that their Personal Information and/or Protected Health Information is transferred to the Company as a Processor and other third parties used by the Company for the provision of Services.
We will process the Personal Information and/or Protected Health Information for as long as we provide services to the Customer or until the Customer requests the Company remove it.

Cookies

We use cookies and/or similar in-house and third-party tracking tools to track user traffic patterns. Tracking tools also used are beacons, tags and scripts to collect and track information and to improve and analyse our Website and our services. You may choose to disable cookies through your browser settings. For more information, please refer to our cookie policy.

Accuracy of information

The User /Solution User undertakes that he shall be solely responsible for the accuracy, correctness, or truthfulness of the Personal Information shared with us whether of its own or any third party. In the event the User is sharing any Personal Information on behalf of a third person, the User/Solution User represents and warrants that he has the necessary authority to share such Personal Information with the Company, obtained a written consent from such third party and the Company shall not be responsible for verifying the same. The User/Solution User understands and acknowledges that such Personal Information shall be subject to the terms and conditions of this Privacy Notice.

Use of Your Personal Information

We use your Personal Information for the following purposes:

1. to inform you about our services and to respond to your requests;
2. for the creation or development of business intelligence or data analytics in relation to the services provided by us;
3. to process transactions with you;
4. to provide you with a better experience when you access our Website or Solution and to improve the services;
5. to process job applications (if you apply for a position with our organization);
6. to maintain and manage our Website and Solution;
7. to manage our relationship with you;
8. to communicate with you and to send you e-mail newsletters;
9. for internal record keeping;
10. and to comply with our legal or statutory obligations.

Disclosures

We do not sell, rent, share, distribute, lease or otherwise provide your Personal Information to third parties, without your prior consent. Keeping this in mind, we may disclose your Personal Information in the following cases:

• Affiliates: We may provide your Personal Information to our affiliates to enable them to improve the offerings, provide feedback and respond to their queries.
  Service Providers: We may share your Personal Information with the service providers who work with us in connection with operating the Website or Solution and/ or providing the offerings. All such service providers are subject to stringent confidentiality restrictions consistent with this Privacy Notice.
• Merger or Acquisition: We may transfer your Personal Information if we are acquired by another entity, or if we merge with another company or transfer a part of our business, including the Website and/or Solution, to a third party. Any such third party or resultant entity that receives your Personal Information shall have the right to continue to use your Personal Information in line with the purposes set out herein. In the event of such a sale or transfer, we may notify you.
• Legal and Regulatory Authorities: We may disclose your Personal Information in order to comply with our legal obligations/ court orders/ requests by Govt. authorities.

Data Retention

We will retain User’s Personal Information as long as it is required to be retained for the purpose of provision of the services. We may also retain and use User’s Personal Information as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements.

Security

Your Personal Information is stored on third party cloud infrastructure. We have implemented safeguards such as encryption methods to protect information in transit and at rest. Although we provide appropriate firewalls and protections, we cannot warrant the security of Personal Information transmitted as these systems are not hack proof. Data pilferage due to unauthorized hacking, virus attacks, technical issues is possible, and we will take necessary measures to mitigate such events.

Your Rights

Rights of Website Users and Company’s Solution Users: You have the right to access Personal Information in our possession, the right to have us rectify or modify any such Personal Information, the right to have us erase/delete your Personal Information, the right to restrict us from processing such Personal Information, the right to object to our use of Personal Information and to withdraw consent at any time where we are relying on consent to process Personal Information. Depending on the nature of the request, we may ask you to complete a Personal Information request form or seek certain details to verify the request. All requests for Personal Information will be handled within a reasonable period of time. If you would like to exercise ANY of these rights, please contact dpo@cymetryc.com.

Rights of the Customers Solution Users: Users of the Customer can exercise their rights as mentioned in clause above, by contacting the Customer.

Choice and Opt-Out

We may send you communications including but not limited to (a) notices about your use of our Website and/or Solution and services, including those concerning violations of use, (b) updates, (c) promotional information regarding our services, and (d) newsletters. You may opt out of receiving promotional emails and newsletters from us by following the unsubscribe instructions provided in those emails. Alternatively, you can opt out, at any time, by emailing dpo@cymetryc.com with your specific request.

Information for EU and UK Visitors

Residents of the European Union (the “EU”) and United Kingdom (the “UK”) should note that this Privacy Notice has been updated in accordance with the requirements of the EU General Data Protection Regulation (the “GDPR”) and the UK GDPR, the United Kingdom Data Protection Act 2018, the Privacy and Electronic Communications Regulations, and any regulation superseding any of the foregoing (“UK Privacy Laws”). As per the provisions of the GDPR and UK Privacy Laws we shall be considered the Controllers of the Personal information collected as a result of your use / access of the Website and Processors of the Personal information collected as a result of your use / access of the services.

1. Legal Basis (for the EU residents and the UK residents): We will not process your Personal Information without a lawful basis to do so. We will process your Personal Information only on the legal bases of consent, contract, or on the basis of our legitimate interests, provided that such interests are not overridden by your privacy rights and interests.
2. Transfer of your personal information across borders (for the EU Residents): Personal Information might be processed outside the EU and the UK. We collect and transfer Personal Information outside the EU and UK in accordance with the provisions of the GDPR and UK Privacy Laws through EU/ UK approved data transfer mechanisms such as data processing agreements and/or the standard contractual clauses. If you have questions, please contact dpo@cymetryc.com.
3. Company’s Solution Users and Website User’s Rights (For EU and UK Residents):

You have the right to request us:

1. 1. • to let you know what Personal Information belongs to you, we hold in our possession,
      • withdraw consent at any time where we are relying on consent to process your Personal Information,
      • right to have us rectify or modify any such Personal Information,
      • right to have us erase/delete your Personal Information,
      • right to restrict us from processing such Personal Information,
      • right to object to our use of your Personal Information,
      • you have the right to lodge a complaint with a data protection authority.

UK residents have the right to make a complaint at any time to the Information Commissioner’s Office (“ICO”), the UK supervisory authority for data protection issues (www.ico.org.uk). We would, however, appreciate the chance to deal with your concerns before you approach the ICO so please contact us in the first instance. We may need to request specific information from you to help us confirm your identity or also contact you for further information in relation to your request. If you would like to exercise ANY of these rights, please contact dpo@cymetryc.com.

4. Rights of Customers Solution Users (For EU and UK Residents):

You may exercise the rights as mentioned above, by contacting the Customer.

5. Governing Laws: For any EU and UK residents, this Privacy Notice shall be governed respectively by the provisions of the GDPR and UK Privacy Laws.

Governing laws

This Privacy Notice shall in all respects be governed by and construed and enforced in accordance with the laws of the United States of America and the courts in Durango (Colorado) shall have exclusive jurisdiction to adjudicate any subject matter under this Privacy Notice.

Links to other Websites

Our Website and/or Solution may contain links to other websites/platforms/applications of your interest. Please note that we do not have any control over such other websites/platforms/applications, and you will be accessing these websites/ platforms/applications at your own risk. Therefore, we cannot be responsible for the protection and privacy of any information which you provide whilst visiting such websites/platforms/applications and those are not governed by this Privacy Notice. You should exercise caution and look at the privacy policy/ notice applicable to such websites/platforms/applications.

Children’s Privacy

We do not collect Personal Information from children under the age of 16 years without the prior, verifiable consent of his or her legal representative. If the legal representative of the child discovers that the child has provided us with Personal Information, we request the legal representative of the child to contact us dpo@cymetryc.com to have the Personal Information deleted.

Changes To This Privacy Notice.

Please revisit this page periodically to stay aware of any changes to this Privacy Notice, which we may update from time to time. If we modify this Privacy Notice, we will make it available through the Website and Solution and indicate the date of the latest revision. If such modifications materially alter your rights or obligations hereunder, we will make reasonable efforts to notify you of the change via email or through our Website and Solution.

This Privacy Notice was last updated on June 15, 2023.

Contact Us

If you have any questions or concerns or grievances regarding this Privacy Notice or wish to withdraw your consent in relation to the processing of your Personal Information you can reach out to our appointed grievance redressal officer (also known as compliance officer) via email at dpo@cymetryc.com.