Privacy Shield Policy for Generations Homecare System

Privacy Shield Privacy Policy

TRUSTe Privacy Certification
This Privacy Shield Privacy Policy Statement (the "Statement") sets forth the data privacy principles followed by Integrated Database Systems, Inc. ("IDS") which are Privacy Shield certified in connection with the transfer and protection of "Personal Data" and "Personal Information" received from the European Union ("E.U."). IDS complies with the U.S.-EU Privacy Shield Framework as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of Personal Information from European Union member countries. IDS has certified that it adheres to the Privacy Shield Principles of notice, choice, onward transfer, security, data integrity, access, and enforcement. To learn more about the Privacy Shield program, and to view IDS's certification, please visit https://www.privacyshield.gov/list.
IDS may update this Policy from time to time. We will post any updates to this website, or to a website that replaces this website.
Definitions
The follow definitions apply to this Privacy Shield Privacy Policy:
  • E.U. Directive: The E.U. comprehensive privacy legislation, Directive 95/46/EC on Data Protection, that became effective on October 25, 1998. The Directive requires that transfers of Personal Information/Personal Data take place only to non-E.U. countries that provide an "adequate" level of privacy protection.
  • Personal Data and Personal Information: Data and information about an identified or an identifiable individual that are within the scope of the E.U. Directive. Neither includes anonymized data or data that is reported in aggregate.
  • Sensitive Information:Personal Information that reveals race, ethnic origin, sexual orientation, political opinions, religious or philosophical beliefs, or trade union membership, or that concerns an individual's health.
  • Data Controller:The entity that alone or jointly with others determines the purposes and the means of the processing of Personal Information.
  • Data Processor:The entity that processes Personal Information on behalf of a Data Controller in accordance with the instructions from or contractual obligations with the Data Controller.
Notice
IDS is a Data Processor, and as such does not collect Personal Information directly from individuals nor interact directly with individuals. IDS hosts Personal Information provided by its clients, who as Data Controllers are responsible for providing notice to individuals as required under the EU Directive. IDS uses Personal Information only for the delivery of services as requested by clients.
Choice
IDS is a Data Processor, and as such is not responsible under the EU Directive for providing individuals choice respecting the use of their Personal Information. IDS's clients, who are Data Controllers, are responsible for compliance with the "opt-out" and "opt-in" requirements under the EU Directive.
Transfer to Third Parties
IDS does not transfer Personal Information received from its clients to third parties. As Data Controllers, IDS's clients are responsible for meeting the EU Directive's requirements surrounding the onward transfer of Personal Information and Personal Data.

IDS may disclose personal information in response to lawful requests by public authorities, including to meet national security or law enforcement requirements. IDS agrees to abide by all Privacy Shield principles, including accountability for onward transfers.
Security
IDS implements reasonable security measures and precautions to protect Personal Information from loss, misuse and unauthorized access, disclosure, alteration and destruction. Security measures include logical and physical access controls for user access to Personal Information, as well as technical security measures at the network, operating system and database layers.
Data Integrity
IDS does not process Personal Information in a way that is incompatible with the instructions provided by IDS's client, the Data Controller. IDS takes reasonable steps for its clients to ensure that Personal Information is reliable for its intended use, accurate, complete, and current.
Access
As a Data Processor, IDS does not collect Personal Information directly from individuals nor interact directly with individuals, but instead hosts Personal Information provided by its clients. IDS will provide reasonable assistance to its clients to provide reasonable access to Personal Information that it holds on behalf of its clients, and will take reasonable steps to assist its clients to permit the individuals the ability to correct, amend, or delete any Personal Information which is inaccurate or incomplete.
Enforcement
In compliance with the Privacy Shield Principles, IDS commits to resolve complaints about our collection or use of your personal information. EU individuals with inquiries or complaints regarding our Privacy Shield policy should first contact IDS at :privacyofficer@idb-sys.com. IDS has further committed to refer unresolved Privacy Shield complaints to TRUTe, an alternative dispute resolution provider located in the United States. If you do not receive timely acknowledgement of your complaint from us, or if we have not addressed your complaint to your satisfaction, please contact TRUSTe. The services of TRUSTe are provided at no cost to you. 

In case your request can still not be resolved there is a possibility, under certain conditions, for the individual to invoke binding arbitration. Ultimately with respect to the Privacy Shield program, IDS is subject to the investigatory and enforcement powers of the Federal Trade Commission (FTC).

Any questions or concerns regarding the use or disclosure of Personal Information should be directed to IDS Legal Department through the contact information listed below:

Integrated Database Systems, Inc.
Attn: Privacy Officer
2625 S. Denison, Suite A
Mt. Pleasant, MI 48858

privacyofficer@idb-sys.com