Privacy Policy

Política de Privacidade
Updated on February 9, 2020.

Med-Rio respects and recognizes the importance of your privacy. This Privacy Policy was created following the best international practices for the protection of personal data and aims to clarify how your data will be treated and for what purposes it will be used.

This Privacy Policy is applicable to all individuals who use or have contact with Med-Rio services, in person or by electronic means, including the website www.medrio.com.br and the Med-Rio applications for mobile devices.

1. DATA COLLECTED AND PURPOSE OF TREATMENT

Based on the Brazilian legislation in force, in particular Law No. 13,709 of August 14, 2018 (the “General Data Protection Law”), personal data is any and all information related to the identified or identifiable natural person. Your personal data may be collected as follows:

Navigation data collected through our website. During your visit to our website, we use cookies and other technological tools to collect navigation and access data, automatically. Such data includes, but is not limited to, your IP address, the identification of the device used for navigation (ID or IMEI Code), screens accessed, duration and time of access and behavior adopted when browsing our website.

You will be able to manage, in your browser, your settings and preferences in order to restrict the use of cookies when accessing our website. However, this may prevent proper functioning or access to certain parts of our website.

The collection and treatment of your browsing data will be used only for Med-Rio to improve its privacy and security systems, and improve the interface and content available on our website, making it more dynamic and efficient.

Data provided by you. We collect and store information that identifies you (such as name, e-mail address, company where you work, professional address, contact telephone number, financial data for billing, etc.) and health data (for example, blood type, medical history , medicines for regular use, information on allergies, etc.). This information is provided by you to Med-Rio by filling out forms, registration forms and / or by interacting directly with us on our electronic communication channels or physical establishments.

Such data will be collected and processed for, among others:

• • Conducting contracted or pre-contractual activities, including scheduling appointments and exams, conducting appointments and exams, collecting material or biological information and providing results and consultation and exam results;
  • The processing, issuing and forwarding of charges for the contracted services;
  • Other purposes strictly arising from our provision of services, including for the fulfillment of legal or regulatory obligations;
  • Send you institutional communications, publications, newsletters, memos, newsletters, promotional materials, congratulations on commemorative dates, invitations, reminders and thanks for participating or signing up for our activities;
  • Responding to requests for information and services, including the management of your personal data under the terms of current legislation and this Privacy Policy;
  • Improve and improve our security and privacy systems.

The health data collected in our activities will be used exclusively by our medical professionals and assistants in the exercise of their functions. In order for these data to be used for other purposes or shared with private doctors or employers, the client must complete and sign a specific Consent Form.

Med-Rio does not sell personal data under any circumstances and does not share your personal data with third parties for commercial or advertising purposes, except in specific situations with the express and informed consent of the user. All data sharing performed by Med-Rio in data storage, collection and processing operations is restricted to the performance of our activities and is limited to the purposes set out in this Privacy Policy.

If you have sent your personal data (directly to us or to recruitment agencies) to apply for a job vacancy and/or internship, your data will be collected, processed and used only to compose our database and so that, eventually, we can contact you and call you to participate in our selection processes.

Your personal data may also be shared in the cases expressly provided for by law and with public authorities upon request, provided that such request is duly based on the applicable legislation.

2. DATA STORAGE AND HOLDERS’ RIGHTS

The storage of your personal data by Med-Rio will be done only for the time necessary for the fulfillment of the collection purposes provided for in this Privacy Policy, without prejudice to any legal obligations for data retention stipulated in the legislation in force. In some cases, we may store certain information anonymously and in an aggregate form to improve our services.

You, as the data owner, will have the right to:

• Receive confirmation from us that your data is being processed, as well as access it;
• Correct incomplete, inaccurate or outdated data;
• Anonymization, blocking or elimination of unnecessary, excessive or treated data in disagreement with the legislation in force;
• Request the portability of your data to another service or product supplier, upon express request and with the exception of commercial and industrial secrets;
• Eliminate data treated with your consent, except in the case of custody for compliance with a legal obligation;
• Receive information to which entities your data has been shared;
• Receive information about the possibility of not giving consent and about the consequences of the refusal;
• Carry out the portability of your personal data, except for business secrets; and
• Revoke consent.

If you wish to exercise any of the rights provided for in this Privacy Policy or the legislation in force, or if you no longer wish/choose not to receive our periodic emails with institutional or promotional communications, please contact us by e- mail dpo@medrio.com.br.

3. THIRD PARTY SITES

Eventually, you may find on our website or in our mobile applications links to external or third-party pages. These pages have their own privacy policies and terms and conditions of use and have no relationship with Med-Rio.

Med-Rio does not agree, share, subscribe, integrate, complement, monitor, validate or accept, directly or indirectly, the way these third parties treat your personal data.

4. INTERNATIONAL DATA TRANSFER

Med-Rio does not store or use your data outside of Brazil, but eventually our partners may perform some type of data processing abroad to fulfill their contractual obligations with us. In these cases, Med-Rio will require the partner to meet all the requirements of Brazilian law for international data transfer, in addition to requiring that data processing be restricted to the purposes contracted and subject to the rules of this Privacy Policy.

5. INFORMATION SECURITY

Med-Rio is committed to the protection of your personal data, having systems verified for compliance with market standards and monitored, in order to guarantee their Availability, Integrity, Confidentiality and Authenticity.

To this end, we have a methodology based on processes, people and technologies that guide the layered protection of our systems, data and networks.

Med-Rio will not be responsible for any incidents with personal data resulting from actions of third parties that are beyond our reasonable control, and that cannot be prevented with the adoption of security, technical and administrative measures reasonably adopted and available on the market.

6. COMMUNICATIONS

If you have any questions, suggestions, complaints or if you want to exercise any of your rights set out in this Privacy Policy or in the legislation in force, you can contact us by the e-mail dpo@medrio.com.br.

If you wish not to receive our institutional emails, please send us an email to dpo@medrio.com.br.

7. UPDATES AND MODIFICATIONS TO THE PRIVACY POLICY

The terms and conditions of this Privacy Policy will be updated periodically by Med-Rio. If the changes result in a significant change in the rights and/or duties of Med-Rio or the obligations provided for in this Privacy Policy, we will post a notice on our page, indicating that there has been a new update. We may also occasionally ask for your consent as a condition for accessing and using our website and applications for mobile devices and for the provision of our services.