Medical Electronic Systems Privacy Policy: TC-Code App/Website

Welcome to Medical Electronic System’s (“MES”)’s Privacy and Data Protection Policy (“Privacy Policy”). At MES (“we”, “us”, or “our”) we are committed to protecting your privacy and personal data in compliance with the law and guidelines of the EU General Data Protection Regulation (“GDPR”).

Our contact details:

Medical Electronic Systems Limited
6345 Balboa Blvd #185, Los Angeles, CA 91316, United States
Email: service@mes-llc.com

Definitions:

• GDPR: The General Data Protection Regulation (EU) 2016/679 (GDPR)
• Personal Data: Information relating to an individual who can be directly identified. Personal Data includes factual information as well as expressions of opinion or intentions.
• Data Controller / Controller: The organization that determines the manner and purposes for which Personal Data is to be processed. In this case, MES.
• Device Data: Calibration settings and serial # of the medical device receiving test credit codes.
• DPO: The Data Protection Officer, a person appointed to deal with all data-related matters. Our DPO at the time of creating this policy is Taly Vider Cohen. You can address any data-related issues or questions to this person at the following email: service@mes-llc.com
• Processors: Staff members of MES authorized to discharge the responsibilities of the Data Controller.
• “Staff members” – employees, contractors, consultants, and anyone acting on behalf of our organization.
• Privacy Policy: This document.
• “Our website” or “The site” – www.TESTcreditCODE.com
• “Our APP” – a downloadable mobile application – TC-CODE loader (“TC-Code”) will be available on the Google Play site and, in the future, could be available on additional sites.
• “Third parties” – Suppliers, business contacts, staff members of our users and any other people that we may need to contact.

The Information That We Collect and Store:

Personal Data means any information about an individual from which that person can be identified. If you download the TC-Code APP or enter the Test Credit Code website, only the following data is collected:

● Device Data: The calibration settings and serial number of the device receiving test credits.
● Personal Data: No personal data is downloaded, stored, captured, or required to us the TC-Code Loader.

What do we do with Device Data information?

The device data that we collect from the website or APP is received for the following reason:
● We use the device calibration settings to compare them to the initial factory settings to confirm that there was no impact to the device resulting from uploading test credit codes.

Under the General Data Protection Regulation (GDPR), the lawful basis we rely on for processing this information are:

● Legal Compliance: We’re required by law to collect and process certain types of data, such as fraudulent activity or other illegal actions.

For the collection of special category data (health information), we rely on explicit consent.

We may share this information with:

We do not collect health information.
Our Site may include links to third-party websites, plug-ins, and applications. We do not control these third-party websites and are not responsible for their privacy statements. When you leave our Site, please review the privacy policy of every website you visit.

How we store device data:

The device data is securely stored in Firebase. We store the data on secure Google cloud services located in the United States. Firebase is a part of Google. Google is an organization committed to privacy and has stated that the model clauses relating to transfer of data between the EU and United States are fully compliant with the GDPR. We urge you to read their statements and policies in full.

We have implemented a concept of security by design and constantly apply rigid data protection measures to secure data.

We take at least the following measures:

1. The data base is not accessible through the app or website, only through secure API/security services
2. The app can access the API services only using an encrypted token (key).
3. The API is limited to only functions that are related to the TEST CREDIT CODE.
4. We encrypt our databases.
5. We encrypt our passwords.
6. We implemented an Audit trail (log files), so that we can investigate any issues.
7. We conduct regular vulnerability testing as part of our software validation.
8. We maintain a risk management policy, regularly assess, and address risks related to privacy and security
9. We use an encrypted HTTPS protocol to access the API services.

Even though we follow industry best practices and make great efforts to protect data, no transmission of data over the internet is guaranteed to be completely secure. It may be possible for third parties not under our control to intercept or access transmissions unlawfully. If you believe that your interaction with us is no longer secure or have any reason to believe that a data breach has occurred, please contact us urgently.
You are not required to pay any charge if you make a request. Please contact our DPO with any data-related issues including any of the requests detailed above.

Additional matters

• International transfer of Device Data – The device calibration and serial number are the only information stored and processed in the United States or other countries or jurisdictions outside the US where we have facilities. Insofar as we store data in the US, we will always use providers that have implemented the model contract clauses that enable transfer of data between the EU and the US. By using the TC-Code APP, you are permitting and consenting to the transfer of device calibration settings and device serial number outside of the US.
• Notification of changes and acceptance of policy – We keep our Privacy Policy under review and will place any updates on this webpage. This version is dated April 6, 2022. By using our website and our APP, you consent to the collection and use of data by us as set out in this Privacy Policy. Continued access or use of our website and our APP shall constitute your express acceptance of any modifications to this Privacy Policy.