Welcome to GrayMatters Health, a website available at www.graymatters-health.com (the "Website").
We do not knowingly collect the personal data of minors under the age of 18. If you have reason to believe that a minor under the age of 18 has provided their personal data to us through the Website, please contact us and we will endeavor to delete that data from our databases.
If you have any questions, comments or concerns regarding this Policy or our processing of your personal information, please contact us at email@example.com.
You do not have a legal obligation to provide us with the abovementioned information; however, if you choose to not share this information with us, we may not be able respond to your inquiry, or allow you to use our Website's functionalities.
Methods and sources for collecting your personal information
We collect the personal information from several sources:
When you interact with our publications;
When you contact us through our online contact form;
Through the device you use to access our Website and through third party cookies and analytics tools;
Sharing your personal information
We will not share your information with third parties, except in the events listed below or when you provide us your explicit and informed consent.
Data retention and security
We retain your information for as long as needed to operate the Website, and thereafter as needed for record-keeping matters.
We will retain your information for as long as needed to operate the Website. Thereafter, we will still retain your personal information as necessary to comply with our legal obligations, resolve disputes, establish, and defend legal claims and enforce our agreements. The overall period of retention is approximately 7 years.
We implement measures to secure your information.
We implement measures to reduce the risks of damage, loss of information and unauthorized access or use of information, such as HTTPS. However, these measures do not provide absolute information security. Therefore, although efforts are made to secure your personal information, there is no guarantee that it will be immune from information security risks.
Additional information for individuals in the EU
GrayMatters Health Ltd. is the data controller of the personal information collected via the Website.
International data transfers
To facilitate processing your information through the Website and by our service providers, we will transfer your information to countries such as Israel. We do so under an adequacy decision or under the terms of a data transfer agreement which contains standard data protection contract clauses with adequate safeguards determined by the EU Commission.
Legal basis for processing your personal data
Data subject rights
If you are in the EU, you have the following rights under the GDPR:
Right to Access and receive a copy of your personal information that we process.
Right to Rectify inaccurate personal information we have concerning you and to have incomplete personal information completed.
Right to Data Portability, that is, to receive the personal information that you provided to us, in a structured, commonly used, and machine-readable format. You have the right to transmit this data to another person or entity. Where technically feasible, you have the right to have your personal information transmitted directly from us to the person or entity you designate.
Right to Object to our processing of your personal information based on our legitimate interest. However, we may override the objection if we demonstrate compelling legitimate grounds, or if we need to process such personal information for the establishment, exercise, or defense of legal claims.
Right to withdraw your consent to us processing your personal data, where such processing is based on your consent. The withdrawal of consent will not affect the lawfulness of processing based on consent before its withdrawal.
Right to Restrict us from processing your personal information (except for storing it): (a) if you contest the accuracy of the personal information (in which case the restriction applies only for a period enabling us to determine the accuracy of the personal information); (b) if the processing is unlawful and you prefer to restrict the processing of the personal information rather than requiring the deletion of such data by us; (c) if we no longer need the personal information for the purposes outlined in this Policy, but you require the personal information to establish, exercise or defend legal claims; or (d) if you object to our processing based on our legitimate interest (in which case the restriction applies only for the period enabling us to determine whether our legitimate grounds for processing override yours).
Right to be Forgotten. Under certain circumstances, such as when you object to our processing of your personal information based on our legitimate interest and there are no overriding legitimate grounds for the processing, you have the right to ask us to erase your personal information. However, notwithstanding such request, we may still process your personal information if it is necessary to comply with our legal obligations, or for the establishment, exercise, or defense of legal claims. If you wish to exercise any of these rights, please contact us through the channels listed in this Policy.
If you wish to exercise any of your rights, please contact us at: firstname.lastname@example.org.
When you contact us, we reserve the right to ask for reasonable evidence to verify your identity before we provide you with information. Where we are not able to provide you with information that you have asked for, we will explain the reason.
Subject to applicable law, you have the right to lodge a complaint with your local data protection authority. If you are in the EU, then according to Article 77 of the GDPR, you can lodge a complaint to the supervisory authority, in the Member State of your residence, place of work or place of alleged infringement of the GDPR. For a list of supervisory authorities in the EU, click here.