Safe Harbor Policy for Generations Homecare System

Privacy Shield Privacy Policy

TRUSTe Privacy Certification
This Privacy Shield Privacy Policy Statement (the "Statement") sets forth the data privacy principles followed by Integrated Database Systems, Inc. ("IDS") which are Privacy Shield certified in connection with the transfer and protection of "Personal Data" and "Personal Information" received from the European Union ("E.U."). IDS complies with the U.S.-EU Privacy Shield Framework as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of Personal Information from European Union member countries. IDS has certified that it adheres to the Privacy Shield Principles of notice, choice, onward transfer, security, data integrity, access, and enforcement. To learn more about the Privacy Shield program, and to view IDS's certification, please visit https://www.privacyshield.gov/list.
IDS may update this Policy from time to time. We will post any updates to this website, or to a website that replaces this website.
Definitions
The follow definitions apply to this Safe Harbor Privacy Policy:
  • E.U. Directive: The E.U. comprehensive privacy legislation, Directive 95/46/EC on Data Protection, that became effective on October 25, 1998. The Directive requires that transfers of Personal Information/Personal Data take place only to non-E.U. countries that provide an "adequate" level of privacy protection.
  • Personal Data and Personal Information: Data and information about an identified or an identifiable individual that are within the scope of the E.U. Directive. Neither includes anonymized data or data that is reported in aggregate.
  • Sensitive Information:Personal Information that reveals race, ethnic origin, sexual orientation, political opinions, religious or philosophical beliefs, or trade union membership, or that concerns an individual's health.
  • Data Controller:The entity that alone or jointly with others determines the purposes and the means of the processing of Personal Information.
  • Data Processor:The entity that processes Personal Information on behalf of a Data Controller in accordance with the instructions from or contractual obligations with the Data Controller.
Notice
IDS is a Data Processor, and as such does not collect Personal Information directly from individuals nor interact directly with individuals. IDS hosts Personal Information provided by its clients, who as Data Controllers are responsible for providing notice to individuals as required under the EU Directive. IDS uses Personal Information only for the delivery of services as requested by clients.
Choice
IDS is a Data Processor, and as such is not responsible under the EU Directive for providing individuals choice respecting the use of their Personal Information. IDS's clients, who are Data Controllers, are responsible for compliance with the "opt-out" and "opt-in" requirements under the EU Directive.
Transfer to Third Parties
IDS does not transfer Personal Information received from its clients to third parties. As Data Controllers, IDS's clients are responsible for meeting the EU Directive's requirements surrounding the onward transfer of Personal Information and Personal Data.
Security
IDS implements reasonable security measures and precautions to protect Personal Information from loss, misuse and unauthorized access, disclosure, alteration and destruction. Security measures include logical and physical access controls for user access to Personal Information, as well as technical security measures at the network, operating system and database layers.
Data Integrity
IDS does not process Personal Information in a way that is incompatible with the instructions provided by IDS's client, the Data Controller. IDS takes reasonable steps for its clients to ensure that Personal Information is reliable for its intended use, accurate, complete, and current.
Access
As a Data Processor, IDS does not collect Personal Information directly from individuals nor interact directly with individuals, but instead hosts Personal Information provided by its clients. IDS will provide reasonable assistance to its clients to provide reasonable access to Personal Information that it holds on behalf of its clients, and will take reasonable steps to assist its clients to permit the individuals the ability to correct, amend, or delete any Personal Information which is inaccurate or incomplete.
Enforcement
IDS has put into place mechanisms to verify ongoing compliance with these privacy principles. Any employee that violates these privacy principles will be subject to disciplinary procedures in accordance with IDS's disciplinary policy. IDS encourages individuals covered by this Policy to raise any complaints about our processing of their Personal Information by contacting IDS at the address below. IDS will seek to resolve any complaints. For complaints that IDS is unable to resolve, we agree to mediate the issue with TRUSTe. Please contact TRUSTe here.
Any questions or concerns regarding the use or disclosure of Personal Information should be directed to IDS Legal Department through the contact information listed below:

Integrated Database Systems, Inc.
Attn: Privacy Officer
2625 S. Denison, Suite A
Mt. Pleasant, MI 48858

privacyofficer@idb-sys.com