Is PointCross Life Sciences compliant with GDPR (General Data Protection Regulation) standards?
PointCross is committed to adhere to EU GDPR. Our Operations & Development Center is certified ISO/IEC 27001:2013 (Information Security Management System) organization driven by data security practices enabling Confidentiality, Integrity and Availability of data. We have a standardized logical and physical controls in place as a part of our governance structure. The other procedural practices as a part of our governance mechanism ensures that our employees are provided with ongoing trainings on data security and privacy, Incident management procedure that handles any security or privacy incident, access to data only through authorized user accounts and our GxP products/solutions complying with regulatory requirements.
What personal information do we collect from the people that visit our blog, website or app?
When you register to use a PointCross app or website, as appropriate, you may be asked to enter your name, email address, mailing address, and phone number to help you with your experience. We may collect information on how you use our apps and website.
When do we collect information?
We collect information from you when you register and/or enter your information on our website to fill out forms, download and use PointCross MySEND, or Validator, subscribe to our newsletter or respond to a survey provide us with feedback on our products or services.
How do we use your information?
- We may use the information collected to:
- Send periodic emails regarding your order or other products and services including newsletters on company and product updates and/or announcements.
- Improve our website in order to better serve you
- Allow us to better service you in responding to your customer service requests.
- Administer a survey that is best catered to your interest or focus area.
- Conduct follow up correspondence (live chat, email or phone inquiries)
How do we protect your information?
Our website is scanned on a regular basis for security holes and known vulnerabilities in order to make your visit to our site as safe as possible.
We only provide articles and information. We never ask for credit card numbers.
We use regular Malware Scanning.
Your personal information is contained behind secured networks and is only accessible by a limited number of persons who have special access rights to such systems, and are required to keep the information confidential. In addition, all sensitive/credit information you supply is encrypted via Secure Socket Layer (SSL) technology.
We implement a variety of security measures when a user enters, submits, or accesses their information to maintain the safety of your personal information.
Do we use ‘cookies’?
- Understand and save user’s preferences for future visits.
Compile aggregate data about site traffic and site interactions in order to offer better site experiences and tools in the future. We may also use trusted third-party services that track this information on our behalf.
- You can choose to have your computer warn you each time a cookie is being sent, or you can choose to turn off all cookies. You do this through your browser settings. Since browser is a little different, look at your browser’s Help Menu to learn the correct way to modify your cookies.
- If you turn cookies off, some features will be disabled. It won’t affect the user’s experience that make your site experience more efficient and may not function properly.
We do not sell, trade, or otherwise transfer to outside parties your Personally Identifiable Information unless we provide users with advance notice. This does not include website hosting partners and other parties who assist us in operating our website, conducting our business, or serving our users, so long as those parties agree to keep this information confidential. We may also release information when it’s release is appropriate to comply with the law, enforce our site policies, or protect ours or others’ rights, property or safety.
However, non-personally identifiable visitor information may be provided to other parties for marketing, advertising, or other uses.
Occasionally, at our discretion, we may include or offer third-party products or services on our website. These third-party sites have separate and independent privacy policies. We therefore have no responsibility or liability for the content and activities of these linked sites. Nonetheless, we seek to protect the integrity of our site and welcome any feedback about these sites.
Google’s advertising requirements can be summed up by Google’s Advertising Principles. They are put in place to provide a positive experience for users.
We have not enabled Google AdSense on our site but we may do so in the future.
We partner with Microsoft Clarity to gain valuable insights into how you interact with and use our website. By utilizing first and third-party cookies, as well as other tracking technologies, we examine patterns in website usage. This analysis enables us to measure the popularity of our offerings and the level of online engagement. Furthermore, the data we gather is instrumental in optimizing the performance of our website.
We have implemented the following:
Demographics and Interests Reporting
We, along with third-party vendors such as Google use first-party cookies (such as the Google Analytics cookies) and third-party cookies (such as the DoubleClick cookie) or other third-party identifiers together to compile data regarding user interactions with ad impressions and other ad service functions as they relate to our website.
Users can set preferences for how Google advertises to you using the Google Ad Settings page. Alternatively, you can opt out by visiting the Network Advertising Initiative Opt Out page or by using the Google Analytics Opt Out Browser add on.
California Online Privacy Protection Act
According to CalOPPA, we agree to the following:
Users can visit our site anonymously.
You may change your personal information:
By logging in to your account
How does our site handle Do Not Track signals?
We honor Do Not Track signals and Do Not Track, plant cookies, or use advertising when a Do Not Track (DNT) browser mechanism is in place.
Does our site allow third-party behavioral tracking?
It’s also important to note that we allow third-party behavioral tracking
COPPA (Children Online Privacy Protection Act)
When it comes to the collection of personal information from children under the age of 13 years old, the Children’s Online Privacy Protection Act (COPPA) puts parents in control. The Federal Trade Commission, United States’ consumer protection agency, enforces the COPPA Rule, which spells out what operators of websites and online services must do to protect children’s privacy and safety online.
We do not specifically market to children under the age of 13 years old.
Fair Information Practices
The Fair Information Practices Principles form the backbone of privacy law in the United States and the concepts they include have played a significant role in the development of data protection laws around the globe. Understanding the Fair Information Practice Principles and how they should be implemented is critical to comply with the various privacy laws that protect personal information.
In order to be in line with Fair Information Practices we will take the following responsive action, should a data breach occur:
- We will notify you via email within 7 business days.
- We will notify the users via in-site notification
within 7 business days
- We will notify the data breach to the supervisory authority and the concerned individual within 72 hours in case of any risk to the rights and freedoms of natural persons.
We also agree to the Individual Redress Principle which requires that individuals have the right to legally pursue enforceable rights against data collectors and processors who fail to adhere to the law. This principle requires not only that individuals have enforceable rights against data users, but also that individuals have recourse to courts or government agencies to investigate and/or prosecute non-compliance by data processors.
CAN SPAM Act
The CAN-SPAM Act is a law that sets the rules for commercial email, establishes requirements for commercial messages, gives recipients the right to have emails stopped from being sent to them, and spells out tough penalties for violations.
We collect your email address in order to:
- Send information, respond to inquiries, and/or other requests or question
- Market to our mailing list or continue to send emails to our clients after the original transaction has occurred
We use your IP address in order to:
Help diagnose problems with our server, administer our web site and identify mostly used features of the website, our tools being used and thus enrich user experience. Your IP address is also used to gather broad demographic information. We do not link IP addresses to anything personally identifiable and user will be anonymous
Correcting / Updating / Deleting / Deactivating Personal Information
If a user’s personally identifiable information changes (such as zip code, phone, email or postal address), or if a user no longer desires our service, we provide a way to correct, update or delete/deactivate users’ personally identifiable information. This can be done by sending an email to email@example.com
We use Google Analytics on your visit to our website upon which your cookie ID is added to our list. Google does not provide us information that personally identifies you, such as your name, email, or billing information.
To be in accordance with CANSPAM, we agree to the following:
- Not use false or misleading subjects or email addresses.
- Identify the message as an advertisement in some reasonable way.
- Include the physical address of our business or site headquarters.
- Monitor third-party email marketing services for compliance, if one is used.
- Honor opt-out/unsubscribe requests quickly.
- Allow users to unsubscribe by using the link at the bottom of each email.
If at any time you would like to unsubscribe from receiving future emails, you can:
Follow the instructions at the bottom of each email and we will promptly remove you from all future correspondence.
- “To Unsubscribe”, this means only the communication to the user will stop and the email-id with other details will not be permanently deleted from our records properly secured.