Last updated: May, 2018

Version 2.0

Arterys, Inc. (“Arterys”) has created this Privacy Policy (this “Policy”) to describe our data practices with regards to the personal information we collect from users of the Arterys website available at https://www.arterys.com/ (this “Site”). This Policy applies to all personal information collected by Arterys through this Site and the use of its services.

Our Policy strictly applies the regulations in force concerning the protection of personal data established by the Health Insurance Portability and Accountability Act (HIPAA) of August 21st, 1996 and the General Regulation on the Protection of Personal Data (GDPR) N° 2016-679 of April 27th, 2016. This POLICY also undertakes to comply with any law or regulation that may come into force adopted and applied in European Union or in any territory in which ARTERYS may have to transfer the collection, use and processing of such data.

The purpose of this Policy is to inform you fully about the guarantee of security and confidentiality implemented by ARTERYS in the protection of your personal data.

INFORMATION RELATING TO THE DATA CONTROLLER - ARTERYS

The personal data are processed by the company ARTERYS Inc, whose head office is located at Arterys, 51 Federal St, Number 305, San Francisco, CA 94107-1478, and registered in the commercial register of Paris companies under the number SIREN 823 394 424.

INTERNATIONAL USERS

If you are a non U.S. user of the Site, by visiting the Site and providing us with personal information, you acknowledge and agree that your personal information may be processed for the purposes described in this Privacy Policy. In addition, personal information may be processed in the country in which it was collected and in other countries, including the United States, where laws regarding processing of personal information may be less stringent than the laws in your country. By providing your personal information, you consent to such transfer.
Arterys undertakes to prove that personal data transferred outside the EU of EU resident will be compliant to GDPR. Such transfers must be done : (a) on the basis of an adequacy decision, (b) appropriate safeguards or (c) binding corporate rules (BCR).

You may not use our Services in any jurisdiction where offering, accessing or using our Services would be illegal or unlawful.

INFORMATION WE PROCESS

We may collect and store both anonymous and personally identifiable information about you when you use our Site.

Information you provide

We collect the personal information you voluntarily provide to us. For example, we may collect :

  • Your name, email address, phone number, fax number, and mailing address when you register for an account (an “Account”).
  • Your specialty, role and title.
  • Your comments or questions that you post on a blog or user forum available on our Site.
  • Any emails you send to us, including your email address and the content of your email, in order to send you a reply.

Information collected by technologies

Log files

As is true of most websites, we gather certain information automatically and store it log files. These logs may contain the Internet domain from which you access the site (e.g. search engine); the IP address which is automatically assigned to your computer when you get on the Internet; the type of operating system and browser you use; the time and date you visited; the pages you viewed; and the address of the website you linked from, if any. If you sign on to the Site to use secured features, our logs will also contain an individual identifier and show the services you have accessed. Arterys uses log information to help us identify popular features, to resolve user problems, to design our site and to make the Site more useful to visitors.

Cookies

Like many online services, we use cookies to collect information.
“Cookies” are small pieces of information that a website sends to your computer’s hard drive while you are viewing the website. Cookies serve a functional purpose and improve user website experience. Arterys uses cookies to tell, for example, whether you’ve visited the Site, and to help us identify Site features in which you may have the greatest interest. If you decide at any time that you no longer wish to accept Cookies from our Site for any of the purposes described herein, then you can instruct your browser, by changing its settings, to stop accepting Cookies or to prompt you before accepting a Cookie from the websites you visit. Consult your browser’s technical information.
If you do not accept Cookies, however, you may not be able to use all portions of the Website.

Web Beacons

We may also occasionally use “web beacons” (also known as “clear gifs,” “web bugs,” “1-pixel gifs,” etc.) that allow us to collect non-personal information about your response to our email communications, and for other purposes. Web beacons are tiny images, placed on a web page or e-mail that can tell us if you have visited a particular area of the Site. For example, if you have given us your consent to send you emails, we may send you an email urging you to use a certain feature of the Site. If you do respond to that email and use that feature, the web beacon will tell us that our email communication with you has been successful.

Third party

Personal data collected is not subject to assignment, free or onerous, or sharing or communication to third parties except as provided in this Policy.

The main recipients of the personal data processed are the relevant services of ARTERYS.

ARTERYS uses several providers as subcontractors such as :

How we use your personal information

The personal data collected is used as part of the services provided by ARTERYS through its solution, it's website and its platforms. Regarding the GDPR data minimization principle, ARTERYS commits to collect only the personal data strictly necessary for the purposes of the processings.

These data are used for the following main purposes:

  • processing a request for information,
  • software updates,
  • educational support,
  • creating your user account,
  • managing your user account,
  • creating your user area,
  • managing your subscription to publications and newsletter of ARTERYS,
  • management of your registrations for events organized by ARTERYS

This information has been brought to the attention of the Data Protection Officer (DPO) of ARTERYS who has included it in the register of processing activities.

In compliance with the regulation applicable to the use of your personal data, ARTERYS reserves the right to use your data for information purposes on its products and services or for any other purpose evident and necessary to the information of the user.

In general, Arterys uses your personal information to respond to your requests or to aid us in serving you better. We use personal information to perform data analysis and audits, safeguard and protect our Site and related services, enhance, improve and modify the Site, create Accounts, identify usage trends, provide improved administration of our Site and related Services, identify you as a user in our system, send you administrative email notifications, respond to your inquiries, and to provide you the services you request.

Arterys may also create anonymous data records by excluding information that makes the data personally identifiable to you. We may use such anonymous data records for any purpose, except where required to do otherwise under applicable law.

How we share your information

Arterys may elect to share or transfer your personal information as described below and as described elsewhere in this Policy:

  • Arterys may disclose your personal information (a) to comply with a legal requirement, judicial proceeding, court order, or legal process served on Arterys, (b) in connection with any legal investigation, (c) to protect or defend the rights or property of Arterys or users of the Site, and/or (d) to investigate or assist in preventing any violation or potential violation of law, this Policy or our Terms of Service;
  • We may share some or all of your personal information in connection with or during negotiation of any merger, financing, acquisition or dissolution transaction or proceeding involving sale, transfer, divestiture, or disclosure of all or a portion of our business or assets. In the event of an insolvency, bankruptcy, or receivership, personal information may also be transferred as a business asset. If another company acquires our company, business or assets, that company will possess personal information collected by us and will assume the rights and obligations regarding your personal information as described in this Policy;
  • We may share some or all of your personal information with our parent company, subsidiaries, joint ventures or other companies under a common control (“Affiliates”), in which case we will require our Affiliates to honor this Policy; and
  • We may share your personal information with third party service providers to: provide you with the services that we offer through our Site; to conduct quality assurance testing; to facilitate creation of Accounts; to provide technical support; and/or to provide other services to Arterys. In this case, all third parties are committed to approve and strictly apply this Policy. This obligation is provided in the contracts that bind these third parties to Arterys according to data protection rules.

How we protect your information

Arterys’ goal is to protect personal information submitted through its sites. Arterys maintains technical, administrative and physical safeguards designed to protect against unauthorized disclosure, alteration, use or destruction of the personal information you provide on this Site and in the use of its solution. Arterys implements all the measures at its disposal to create an environment for preserving the quality, security, and integrity of your personal data.

Arterys also employs reasonable technologies to help keep the personal information you provide on this site secure including: Secure Socket Layer (SSL) encryption, firewalls, system alerts and other information system security technologies; housing health data in secure facilities that restrict physical and network access; and regular evaluation and enhancement of our information technology systems, facilities, and information collection, storage and processing practices.

However, we cannot ensure or warrant against all risks with regards to the security of that information, so information you choose to transmit to Arterys and which we store is provided to us at your own risk. Arterys does not guarantee that such information may not be accessed, disclosed, altered, or destroyed by breach of any of our safeguards. In addition, other services or Internet sites that may be accessible through Arterys have separate data and privacy practices independent of us, and we disclaim any responsibility or liability for their policies or actions.

STORAGE PERIOD OF YOUR PERSONAL DATA

Arterys retains your personal data only for the duration necessary for the operations for which they were collected and in compliance with the regulations in force. Your personal data is kept for the duration of the contract and may be kept for an additional three (3) years for purposes of prospection and commercial, without prejudice of the obligations of conservation or the limitation periods. Prospect data is retained for a period of three (3) years from the date of the data collection or from the last contact with ARTERYS.

Upon your request, we will delete or anonymize your personal data so that you can no longer be identified, unless the law authorizes or compels us to keep certain personal data, especially in the following situations:

  • If there is an unresolved issue with your account, such as unpaid or unresolved claim or litigation, we will retain the necessary personal data until the issue is resolved;
  • If we are required to retain personal data as a result of legal, tax, auditing and accounting obligations, we will retain the necessary personal data for the period required by applicable law.

DATA SUBJECT RIGHTS

Except as limited by applicable law, your data subject rights are :

  • Right of access: the right to be informed and to request access to the personal data we process;
  • Right to rectification: the right to ask us to modify or update your personal data when they are inaccurate or incomplete;
  • Right to erasure (right to be forgotten) : the right to ask us to permanently delete your personal data;
  • Right to restriction of processing: the right to ask us to stop temporarily or permanently the processing of all or part of your personal data;
  • Right to object: the right to refuse at any time the processing of your personal data for personal reasons; the right to refuse the processing of your personal data for direct marketing purposes;
  • Right to data portability: the right to request a copy of your personal data in electronic format and the right to transmit such personal data for use by a third party service;
  • Right to not be subject to automated decision-making: the right to not be subject to a decision based solely on automated decision making, including profiling, in the event that the decision would have legal effect on you or would produce a similar significant effect.

Opt-out of marketing emails

We will periodically send you free newsletters and emails that directly promote the use of the Site and our services. When you receive newsletters or promotional communications from us, you are always invited to indicate a preference to stop receiving further promotional communications from us and will have the opportunity to “opt-out” by following the unsubscribe instructions provided in the email you receive or by directly contacting us at the address listed on the Contact Us page of our Site and indicating that you no longer want to receive promotional materials relating to this Site. Despite your indicated email preferences, we may send you service related communications, including notices of any updates to our Terms of Service or this Policy.

Children under 16

We do not knowingly collect or maintain personally identifiable information from persons under 16 years of age, and no part of the Site is directed to persons under 16. If we learn that personally identifiable information of persons less than 16 years of age has been collected without verifiable parental consent, then we will take the appropriate steps to delete such information.

Changes to this policy

We may revise this Policy from time to time as we add new features or modify the way in which we manage information, or as laws change that may affect our services. If we do, we will post the changes on the Site and update the last updated date of this Policy. Any revised Policy will apply both to information we already have about you at the time of the change, and any personal information created or received after the change takes effect. We include a version number on this Policy consisting of the date (month, day and year) it was last revised. We encourage you to periodically review this Policy, to see if there have been any changes to our policies that may affect you.

Questions, contacting Arterys, reporting violations

If you have any questions, concerns or complaints about this Policy or our data collection or processing practices, or if you want to report any security violations to us, please contact us at Arterys, 34 avenue des champs Élysées 75008, Paris. Or by email at the following address privacy@arterys.com

Arterys will address any discrepancies and grievances of all Users with respect to processing of information expeditiously. For this purpose, Arterys has designated its Grievance Officer, who will address the grievances of the Users within one month from the date of receipt of grievance, and who can be reached by: sending a letter marked to the attention of Grievance Officer, Arterys to Suite #305, 51 Federal Street San Francisco, CA, 94107, USA or sending an email to privacy@arterys.com.

Regarding to GDPR, you have the right to lodge a complaint with a supervisory authority in your country.