Diagenix Privacy Statement
This Privacy Statement (“Statement”) describes the personal data that Diagenix collects, how we use it, and when we share it, as we interact with you, deliver our products and services, and conduct our business operations.
This Statement applies to Diagenix Corporation and its affiliates, Partners and Resellers. When we refer to products, we mean all products and services offered by Diagenix.
What Personal Data Do We Collect?
Diagenix collects personal data when we deliver our products, conduct marketing, and run our business operations. The personal data we collect varies based upon whether the data is collected (i) through our website, solutions or applications, or (ii) through our products and services, including but not limited to our software, support services, and voice recognition technology we sell and support collectively hereinafter (“Products”).
We may collect personal data directly in the following situations:
- When you purchase, download, or register software, or use software support services from Diagenix, we may collect contact information such as your name, email address, physical address, telephone number, and financial and payment details, together with information on the Products you buy, download, or register.
- If you engage with Diagenix for marketing purposes, such as by expressing interest in Products through a web form, participating in a promotion, or attending a Diagenix or other marketing event, we will collect the information you submit to us, such as your contact details (including name, email address, phone number, organization and job title) and the Products that interest you.
- When you submit an employment application, we collect the personal data disclosed by your application, such as your name, email address, phone number, and employment and education history.
- We may also collect other electronic data from your use of our Sites automatically. This data may include your IP address, date/time stamp, data about your interaction with our Sites and data collected from our use of cookies and similar tracking tools.
Through our Products, we may collect personal data directly in the following situations:
- When you use voice recognition technology, whether supplied by Diagenix’s or by using third party products that employ voice recognition technology supplied by Diagenix, we may capture your voice and the words that you speak into the product.
- When you use biometric technology supplied by Diagenix, we may capture, store, and/or use a voiceprint of your voice, information regarding your fingerprint(s), or behavioral information, such as your choice of words, your patterns of speech or writing, or how you use your keyboard, computer mouse, or other devices, for the purpose of confirming your identity or detecting potentially fraudulent or malicious activity.
- We may also collect other electronic data derived from your use of our Products. This data may include your IP address, usage data, and data showing your registration, installation and use of the software Products. Except for IP address and unique device identifiers, we generally collect this data on an aggregate and non-identifying basis.
Through our Products, we may collect personal data directly in the following situations:
- We provide voice recognition, text input, and communications products to corporate customers, and we may collect personal data processed in those products, including voice recordings, text, names, phone numbers, or sensitive data such as credit card numbers, or unique identifier numbers issued on a government document commonly used to identify a person’s identity.
- We provide biometric authentication products to corporate customers, and we may collect, store, and/or use personal data processed in those products, including voiceprints, information regarding fingerprints, and information regarding behavior, for the purpose of confirming your identity or detecting potentially fraudulent or malicious activity.
- We obtain contact information, including name, email address, phone number, organization, and job title, from our resellers and distributors, from public sources, and from third-party mailing lists.
- We collect personal data, including employment and education history, from third parties to conduct background and reference checks for employment applications and for applications to establish reseller and distributor relationships with Diagenix, subject to your consent where consent is required by law.
Cookies
Diagenix and its partners use cookies and similar tracking tools to distinguish you from other users as described in our Cookie statement. You can control the use of cookies at the individual browser level, but if you choose to disable cookies, it may limit your use of certain features or functions on our website or service.
How We Use Personal Data
General Business Operations
We use contact information to market, sell, and service the Products we sell, subject to your consent where required by law. We allow recipients of marketing messages and collateral to opt out of receiving further communications from Diagenix at any time without detriment. This choice does not apply to transactional service communications that are part of our business solutions or informational communications that have their own unsubscribe option included in the message.
We use your financial or payment information, and your contact details, to support, establish, and conduct customer relationships if you were to purchase a Product or service from Diagenix. For example, your data would be necessary for the performance of our terms of service with you (including, for example, completing purchase transactions, fulfillment of an order, order confirmations, responding to requests for information about products and services, and the provision of purchased products and services). If you fail to provide the personal data we need, we may be unable to complete your transaction.
We use your financial or payment information, and your contact details, to support, establish, and conduct customer relationships if you were to purchase a Product or service from Diagenix. For example, your data would be necessary for the performance of our terms of service with you (including, for example, completing purchase transactions, fulfillment of an order, order confirmations, responding to requests for information about products and services, and the provision of purchased products and services). If you fail to provide the personal data we need, we may be unable to complete your transaction.
We use personal data from employment applications where necessary to support our legitimate interest in processing your application and to contact you if future opportunities arise.
Data Processed Within Our Products
We use the personal data that is processed within our Products, such as voice data within voice recognition products, medical data within medical data applications, personal data processed in communications products, biometric data processed in the biometric products, and any personal data contained within product usage data we collect, to deliver our Products we to our customers. Our processing of personal data for these purposes includes both automated and manual (human) methods of processing. Our automated methods often are related to and supported by our manual methods. For example, our automated methods include artificial intelligence (AI), which we think of as a set of technologies that enable computers to perceive, learn, reason, and assist in decisionmaking to solve problems in ways that are similar to what people do. To build, train, and improve the accuracy of our automated methods of processing (including AI), we manually review some of the predictions and inferences produced by the automated methods against the underlying data from which the predictions and inferences were made. Snippets of your voice data, may be manually reviewed and transcribed into text for Diagenix’s and its Resellers and Partner product operation, tuning, maintenance, and enhancement. Prior to an employee, reseller or partner reviewing voice data, where possible, we protect user’s privacy by taking steps such as deidentifying the data, requiring nondisclosure agreements with relevant resellers, partners and their employees, and requiring them to meet high privacy standards.
We use aggregated, nonidentifying, electronic data collected from use of our Sites and Products to operate, analyze, improve, and develop our Sites and Products. This information is not used to inform decisions about specific individuals; rather, it is processed to understand how different categories of users interact with our Sites and Products so that we can consistently provide our Products.
Why We Use Personal Data
We collect, process, use and store your personal information for the following business and commercial purposes in accordance with our legitimate business interests and legal requirements or with your consent where required:
- to provide you with information in response to your requests;
- to maintain the accuracy of the information we collect;
- to help us develop new Products or features that meet your needs;
- to manage language preferences and connect you with your nearest account manager;
- to maintain contact data about you or a third party (such as, your employer);
- where necessary to protect or conduct our business and pursue our, or our affiliates’, legitimate business interests, which include the security of our systems and our operations and the exercise or defense of legal claims;
- to comply with privacy laws and other regulations such as to manage consent requirements;
- to give you a customized interactive experience;
- to measure interest in our various Products;
- to inform you about new Products or features and functionalities;
- to keep you up to date with latest product and solution offerings and other business related items from Diagenix and our Resellers and Partners which may be of interest to you;
- to occasionally send you push notifications, which you may optout of by turning them off at the device level through your settings.
When We Share Personal Data
We do not sell your personal data.
- Diagenix does not sell your personal data. However, we may share certain personal data for a business purpose. If we share your personal data (including Product Personal Data) with affiliates, Resellers and Partners, or with vendors acting on our behalf, we do so under binding agreements that require the third party to use and protect the personal data in accordance with the principles described in this Privacy Statement. These third parties are authorized to use your personal data only as necessary to provide services to us.
We may share Personal Data in the following situations:
- With our affiliates and subsidiaries and with Resellers and Partners acting on our behalf to perform services for Diagenix for a specific business purpose, support the Sites or the delivery of Products;
- With the customer on whose behalf and at whose direction we are processing the data;
- When we have your consent to use your Personal Data for a specific purpose, including without limitation with our Resellers and Partners for them to provide information about our products or services to you. You may opt out of this sharing with Resellers and Partners by following the instructions described in the “Control Of Your Personal Data” section below.
We may share personal data with our affiliates, co-development partners, subsidiaries, resellers, suppliers, sub-contractors, and distributors, and with vendors acting on our and their behalf, to service our customers and perform any contract we enter with you (including, for example, with resellers who support our management of potential clients and vendors who conduct transcription in connection with our products and services).
We may also share aggregated, anonymous, or non-identifiable electronic data with our affiliates, co-development partners and with vendors acting on our behalf.
We share personal data derived from Site usage (excluding Product Personal Data), with analytics and search engine providers that assist us in the improvement of our Sites, subject to the cookie section of this Privacy Statement. Our Site uses Google Analytics and we may enable the IP anonymization feature. The way Google collects and processes data when delivering Google Analytics is described here: www.google.com/policies/privacy/partners/.
We may share personal data from employment applications with vendors acting on our behalf who help us in recruitment, background check and human resources matters.
We may also share personal data to comply with law and legal process, to respond to governmental inquiries and lawful requests from by public authorities (including to meet national security or law enforcement requirements), and to protect life, property, or the security of Diagenix or its customers. If Diagenix enters any merger, acquisition, or asset sale of all or any part of its business, personal data held by Diagenix may be transferred to a buyer or successor entity.
We do not share personal data with third parties for cross context behavioral advertising.
Control Of Your Personal Data
You can change your preferences to opt out of marketing communications at any time by emailing us at sales@diagenix.com. Alternatively, please follow the opt-out instructions in the relevant communication. If you opt out, we will retain your email address to confirm that we do not send you further communications.
If you wish to access, correct, or request deletion your Product Personal Data, you may contact us by emailing us at sales@diagenix.com . Diagenix generally processes Product Personal Data on behalf of our healthcare, enterprise, and corporate customers. If you contact us, we may direct your inquiry to our customer on whose behalf the Product Personal Data is being processed. We will make reasonable efforts to delete your Product Personal Data upon your request within a reasonable timeframe. Diagenix may refuse your request to access, request or delete Product Personal Data where entitled to do so under applicable law.
If you have submitted Product Personal Data to Diagenix using your own user account which allows you to control your own data, you may delete the data you submitted by logging into your account and following the guidelines in the help system.
Security and Retention
We follow generally accepted standards to protect the personal data submitted to us, both during transmission and once it is received. Information you provide to us is stored on our secure servers. Any payment transactions will be encrypted using current PCI-DSS standards. If Diagenix has issued you a password, you are responsible for keeping the password confidential.
We store personal data to the extent necessary to provide Products to our customers, employees, and prospective employees. Generally, we retain personal data for as long as you remain an active customer or user of our Sites and Services and for 3 years afterwards, or otherwise as required for our business operations or by applicable laws. We will permanently destroy biometric data when the initial purpose for collecting or obtaining such data has been satisfied, or within 3 years of your last interaction with us, whichever occurs first. Different retention of personal data may be necessary under contractual terms with the data controller for whom we provide services, for fraud prevention, to identify technical problems, or to resolve legal proceedings.
We may retain non-personally identifiable aggregate information beyond this time for research purposes and to help us improve and further develop our Products. You cannot be identified from aggregate information retained or used for these purposes. Where we process personal information for marketing or business analytic purposes or with your consent, we process the data until you ask us to stop and for a short period after this (to allow us to implement your requests). We also keep a record of the fact that you have asked us not to send you direct marketing or to process your data so that we can respect your request in the future.
Children
If you purchase voice recognition Products from Diagenix that is likely to be accessed by children, Diagenix and its Resellers and Partners may receive speech data from product users to provide voice recognition to the user. This is a function of how voice technology works within the Products we sell. This means that if the user is under the age of 16, Diagenix and its Resellers and Partners may receive personal data from children under the age of 16. It is the buyer’s responsibility of the Product to obtain any consents required under applicable law, including under the Children’s Online Privacy Protection Act and relevant data protection laws, for the collection of such personal data.
Except as described in the preceding paragraph, Diagenix does not sell services to children and does not knowingly collect personal data directly from children under the age of 16. Diagenix has adopted a policy that Diagenix will not provide hosted services to primarily child-directed websites and online services. No child under 16 should directly submit personal data to Diagenix. If you become aware that a child under the age of 16 has submitted personal data to Diagenix except as described in the preceding paragraph, please notify us in writing immediately and we will promptly delete the data.
Contact us
You can exercise the rights listed above, or write to us with any complaints, at any time by contacting us, specifying the nature of your request, at:
Diagenix Corporation
125 Commerce Way
Marshfield, MA 02050
1-866-425-6600
sales@diagenix.com
California Residents Rights
If you are a California resident, as defined in the California Code of Regulations, you have rights under the California Consumer Privacy Act of 2018 (“the CCPA”) as amended by the California Privacy Rights Act of 2020 (“CPRA”). Below are the disclosures about your personal data and a description of your rights.
- Identifiers, such as your real name, alias, postal address, unique personal identifier, online identifier, Internet Protocol address, email address, account name, and other similar identifiers.
- Personal information categories listed in the California Customer Records provisions, including telephone number, and payment information, such as your credit card number.
- Healthcare Information
- Characteristics of protected classifications under California or federal law, such as your gender and age.
- Commercial information, such as the record of Diagenix products or services purchased, obtained or considered.
- Internet or other electronic network activity information, such as session logs.
- Geolocation data (such as usage data from your performance metrics related to your use of the website)
- Audio, electronic, visual, or similar information, such as voice recording, voice prints, keystrokes and photos.
- Professional or employment-related information.
- Inferences drawn from any of the above information to create a profile reflecting your preferences, characteristics, behavior, abilities, and aptitudes.
- In addition to the categories of sensitive data above, we may collect additional sensitive personal information as defined by the CPRA: social security number, driver’s license, state ID card, passport number, union membership, your account login, password, credentials allowing access to an account, financial account, debit and credit card numbers, and contents of your email and/or text messages, precise geolocation data, and your information collected and analyzed concerning your health information.
According to California law, personal information does not include:
- Publicly available information from government records.
- De-identified or aggregated consumer information.
Other disclosures about your personal information
- This Statement provides additional disclosures about your personal information as required by the CCPA and/or CPRA.
Your Rights and Choices
In addition to the above, the CCPA and CPRA provides you with specific rights regarding your personal information. This section describes your CCPA rights and explains how to exercise those rights.
Access to Specific Information and Data Portability Rights
You have the right to request, up to 2 times a year, that we disclose certain information to you about our collection and use of your personal information over the past 12 months. Once we receive and confirm your verifiable consumer request, we will disclose to you:
- The categories of personal information we collected about you.
- The categories of sources for the personal information we collected about you.
- Our business or commercial purpose for collecting that personal information.
- The categories of third parties with whom we share that personal information.
- The specific pieces of personal information we collected about you (also called a data portability request).
- If we sold or disclosed your personal information for a business purpose, two separate lists disclosing:
- sales, identifying the personal information categories that each category of recipient purchased; and
- disclosures for a business purpose, identifying the personal information categories that each category of recipient obtained.
Deletion or Correction Request Rights
You have the right to request that we delete or correct your personal information that we collected from you and retained, subject to certain exceptions. Once we receive and confirm your verifiable consumer request, we will delete (and direct our service providers to delete) or correct, as applicable, your personal information from our records, unless an exception applies. We will use commercially reasonable efforts to correct inaccurate information upon your request.
We may deny your deletion request if retaining the information is necessary for us or our service provider(s) to:
- Complete the transaction for which we collected the personal information, provide a good or service that you requested, take actions reasonably anticipated within the context of our ongoing business relationship with you, fulfill the terms of a written warranty or product recall conducted in accordance with federal law, or otherwise perform our contract with you.
- Detect security incidents, protect against malicious, deceptive, fraudulent, or illegal activity, or prosecute those responsible for such activities.
- Debug products to identify and repair errors that impair existing intended functionality.
- Exercise free speech, ensure the right of another consumer to exercise their free speech rights, or exercise another right provided for by law.
- Comply with the California Electronic Communications Privacy Act (Cal. Penal Code § 1546 et. seq.).
- Engage in public or peer-reviewed scientific, historical, or statistical research in the public interest that adheres to all other applicable ethics and privacy laws, when the information’s deletion may likely render impossible or seriously impair the research’s achievement, if you previously provided informed consent.
- Enable solely internal uses that are reasonably aligned with consumer expectations based on your relationship with us.
- Comply with a legal obligation.
- Make other internal and lawful uses of that information that are compatible with the context in which you provided it.
We do not provide these deletion rights for B2B personal information.
Non-discrimination
- Deny you goods or services.
- Charge you different prices or rates for goods or services, including through granting discounts or other benefits, or imposing penalties.
- Provide you a different level or quality of goods or services.
- Suggest that you may receive a different price or rate for goods or services or a different level or quality of goods or services.
However, we may offer you certain financial incentives permitted by the CCPA that can result in different prices, rates, or quality levels. Any CCPA-permitted financial incentive we offer will reasonably relate to your personal information’s value and contain written terms that describe the program’s material aspects. Participation in a financial incentive program requires your prior opt in consent, which you may revoke at any time.
Limit Use and Disclosure of Sensitive Personal Information
You shall have the right to limit use and disclosures of your sensitive personal information to that use which is necessary to perform the services or deliver the goods, unless you subsequently provide consent for our use or disclosure of your sensitive personal information for additional purposes. Our collection and processing of sensitive personal information without the purpose of inferring characteristics about you is not subject to this right.
Exercising Your Rights
You may only make a verifiable consumer request for access or data portability twice within a 12-month period. The verifiable consumer request must:
- Provide sufficient information that allows us to reasonably verify you are the person about whom we collected personal information or an authorized representative.
- Describe your request with sufficient detail that allows us to properly understand, evaluate, and respond to it.
We cannot respond to your request or provide you with personal information if we cannot verify your identity or authority to make the request and confirm the personal information relates to you. An authorized agent may make a request on your behalf if: (a) the agent is registered with the California Secretary of State to conduct business in California, has your written permission to submit the request, and verifies their identity in accordance with the verification process; or (b) you have provided the agent with power of attorney to act on your behalf. We will respond to your request within 45 calendar days, after proper verification, unless we need additional time, in which case we will let you know.
Making a verifiable consumer request does not require you to create an account with us.
We will only use personal information provided in a verifiable consumer request to verify the requestor’s identity or authority to make the request.
You can also exercise the rights listed above, or write to us with any complaints, at any time by contacting us, specifying the nature of your request, at:
Diagenix Corporation
125 Commerce Way
Marshfield, MA 02050
1-866-425-6600
sales@diagenix.com
Changes To This Privacy Statement
We may update this Privacy Statement from time to time by publishing an updated version on Diagenix Web Site. Each updated version will include the date the statement was last updated. Please review the latest version of this Privacy Statement periodically to keep current with Diagenix’s use of personal data. If we make material changes in the way Diagenix uses or shares personal data, we will publish the updates on our Site. Any such material changes will only apply to personal data collected after the revised Privacy Statement takes effect.
Updated: December 1, 2023.