1. General Data Protection Regulations (GDPR)
This GDPR policy ensures MedFly LLC/www.medfly.us:
1.1 Complies with data protection law and follows good practice;
1.2 Protects the rights of users;
1.3 Are open about how we store and process individuals’ data;
1.4 Protect ourselves from data protection risks such as breaches of confidentiality, failure to offer choice and reputational damage.
2. Principles of GDPR
Under the GDPR, the data protection principles set out the main responsibilities for us. Article 5 of the GDPR requires that personal data shall be:
(a) Processed lawfully, fairly and in a transparent manner in relation to individuals;
(b) Collected for specified, explicit and legitimate purposes and not further processed in a manner that is incompatible with those purposes;
(c) Adequate, relevant and limited to what is necessary in relation to the purposes for which they are processed;
(d) Accurate and, where necessary, kept up to date; every reasonable step must be taken to ensure that personal data that are inaccurate, having regard to the purposes for which they are processed, are erased or rectified without delay;
(e) Kept in a form which permits identification of data subjects for no longer than is necessary for the purposes for which the personal data are processed;
f) Processed in a manner that ensures appropriate security of the personal data, including protection against unauthorized or unlawful processing and against accidental loss, destruction or damage.
3. Lawfulness of Processing Conditions
Under the GDPR, there is requirement to have a valid lawful basis in order to process personal data. There are six available lawful bases for processing set out in Article 6 of the GDPR:
(a) Consent: the data subject has given clear unambiguous consent for their personal data to be processed for a specific purpose;
(b) Contract: processing is necessary for the performance of a contract with the data subject or to take steps to enter into a contract;
(c) Legal obligation: processing is necessary for compliance with a legal obligation;
(d) Vital interests: processing is necessary to protect the vital interests of a data subject or another individual;
(e) Public task: processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller;
(f) Legitimate interests: processing is necessary for the purposes of legitimate interests pursued by the controller or a third party, except where such interests are overridden by the interests, rights or freedoms of the data subject.
4. Your Rights Under the GDPR
The GDPR provides the following rights for users:
1. The right to be informed;
2. The right of access;
3. The right to rectification;
4. The right to erasure;
5. The right to restrict processing;
6. The right to data portability;
7. The right to object;
8. Rights in relation to automated decision making and profiling.
5. Changes to Our GDRP Policy
MedFly LLC/www.medfly.us reserves the right to change this GDPR policy at any time. If MedFly LLC/www.medfly.us decides to change this GDPR Policy, we will post those changes on our website so our users are always aware of what information we collect, use and disclose. In all cases, your continued use of our website after any change to this GDPR Policy will constitute your acceptance of such change.
By accessing our site (www.medfly.us) you have willingly accepted the terms of this GDPR Policy.