Welcome to Medical Electronic System’s (“MES”)’s Privacy and Data Protection Policy (“Privacy Policy”). At MES (“we”, “us”, or “our”) we are committed to protecting your privacy and personal data in compliance with the law and guidelines of the EU General Data Protection Regulation (“GDPR”).

Our contact details:

Medical Electronic Systems Limited
6345 Balboa Blvd #185, Los Angeles, CA 91316, United States
Email: service@mes-llc.com

Definitions:

The Information That We Collect and Store:

Personal Data means any information about an individual from which that person can be identified. If you download the TC-Code APP or enter the Test Credit Code website, only the following data is collected:

● Device Data: The calibration settings and serial number of the device receiving test credits.
● Personal Data: No personal data is downloaded, stored, captured, or required to us the TC-Code Loader.

What do we do with Device Data information?

The device data that we collect from the website or APP is received for the following reason:
● We use the device calibration settings to compare them to the initial factory settings to confirm that there was no impact to the device resulting from uploading test credit codes.

Under the General Data Protection Regulation (GDPR), the lawful basis we rely on for processing this information are:

● Legal Compliance: We’re required by law to collect and process certain types of data, such as fraudulent activity or other illegal actions.

For the collection of special category data (health information), we rely on explicit consent.

We may share this information with:

We do not collect health information.
Our Site may include links to third-party websites, plug-ins, and applications. We do not control these third-party websites and are not responsible for their privacy statements. When you leave our Site, please review the privacy policy of every website you visit.

How we store device data:

The device data is securely stored in Firebase. We store the data on secure Google cloud services located in the United States. Firebase is a part of Google. Google is an organization committed to privacy and has stated that the model clauses relating to transfer of data between the EU and United States are fully compliant with the GDPR. We urge you to read their statements and policies in full.

We have implemented a concept of security by design and constantly apply rigid data protection measures to secure data.

We take at least the following measures:

  1. The data base is not accessible through the app or website, only through secure API/security services
  2. The app can access the API services only using an encrypted token (key).
  3. The API is limited to only functions that are related to the TEST CREDIT CODE.
  4. We encrypt our databases.
  5. We encrypt our passwords.
  6. We implemented an Audit trail (log files), so that we can investigate any issues.
  7. We conduct regular vulnerability testing as part of our software validation.
  8. We maintain a risk management policy, regularly assess, and address risks related to privacy and security
  9. We use an encrypted HTTPS protocol to access the API services.

Even though we follow industry best practices and make great efforts to protect data, no transmission of data over the internet is guaranteed to be completely secure. It may be possible for third parties not under our control to intercept or access transmissions unlawfully. If you believe that your interaction with us is no longer secure or have any reason to believe that a data breach has occurred, please contact us urgently.
You are not required to pay any charge if you make a request. Please contact our DPO with any data-related issues including any of the requests detailed above.

Additional matters