Superlanet's Privacy Statement

This General Privacy Statement was last updated on May 5th, 2021

Superlanet, Inc. is a United States-based consulting firm providing healthcare IT staffing and advisory solutions to the healthcare industry.

This General Privacy Statement describes how Superlanet, Inc. (hereinafter: "Superlanet", "we", "us" or "our") collect, process, and transfer personal data when you interact with Superlanet through our website and/or services. It also explains how your personal data is protected and what choices you have relating to your personal data. This General Privacy Statement applies to the website and services provided by Nordic.

If you have any questions about this General Privacy Statement, the processing of your personal data by Nordic, or if you wish to exercise your privacy rights please contact us at info@superlanet.com.

This General Privacy Statement applies to our processing of your personal data as our (potential) client, business partner, or visitor in relation to all your interactions with our website, services, marketing and other activities or topics included in this General Privacy Statement. The personal data we collect and process of you depends on your choices and interactions with us.

For certain activities we created supplementary Privacy Statements to better tailor the information to your specific choices or activity.

Superlanet, Inc. headquartered in the United States is the main data controller and your main point of contact for the processing of your personal data.

We may collect personal information that you provide to us, for example by using our online contact form on our website, our social media contact forms, or when you interact with our website and our services. We collect the following personal data:

• Full name, language, current job title/position and company name.
• Corporate contact details (e.g., telephone numbers, email, and company address).
• Correspondence with you including information about your questions, complaints, or disputes.
• Other information relevant for the provision of the requested services.
• Content that you have provided, including postings on our social media platforms.
• Other information that you voluntarily provide to us.
• Information obtained via cookies or similar technologies

We obtain your personal data from the following sources:

• Information that you provide to us.
• Business contacts.
• Third parties engaged by Superlanet.
• Internet or social media.

When you visit our website we, or our partners, may automatically collect information from your device or web browser which may include personal data by using cookies or similar technologies such as web beacons. 

We may use your personal data for the following purposes, based on the following legal grounds:

A. Purposes

1. To provide you with the requested services.

2. To manage our relationship with you and to respond to your questions or complaints and internal administration.

A. Legal grounds

Performance of a contract:

The processing is necessary for the performance of a contract to which you (or the company you represent) are a party or to take steps at your request prior to entering into a contract.

Legitimate interests:

The processing is necessary for legitimate interests pursued by us. We have taken your privacy interests into account in the processing; therefore, when balancing these interests, our legitimate business interests prevail to the extent that they would conflict.

B. Purposes

3. For marketing activities such as organizing events and creating and publishing content on topics that are of interest to our (potential) clients and keep interested parties informed of our services, events and publications.

4. Collection and analysis of information, which includes surveys in order to improve the quality of, develop, and enhance our services.

5. To optimize our website, diagnose and resolve technical issues.

6. To exercise or defend claims.

B. Legal Grounds

Legitimate interests:

The processing for these purposes is necessary for legitimate interests pursued by us. We have taken your privacy interests into account in the processing; therefore, when balancing these interests, our legitimate business interests prevail to the extent that they would conflict.

Consent:

If required, we request your consent for the processing of your personal data. You can withdraw your consent at any time, by clicking the opt-out link in our emails and notifications, or by contacting us via the contact details provided in this Privacy Statement. Withdrawing your consent will not affect the lawfulness of our use of your personal data before your withdrawal.

C. Purposes

7. To comply with legal or regulatory obligations and orders including court orders or legal proceedings.

C. Legal Grounds

Legal obligations:

Processing is necessary to comply with our legal and regulatory obligations for administrative, accounting and tax purposes or if we are compelled to provide information to a government authority or law enforcement agency.

Below, we specified per category of personal data that we may process about you (section 3 What personal data do we collect?) for which purpose(s) we may process this information. The numbers refer to the numbers of the purposes as stated above.

We process the personal data that we collect for the following purposes:

• Full name, gender, language, current job title/position and company name.

We may process this information for purposes: 1-4, 6, 7.

• Corporate contact details (e.g., telephone numbers, email, and company address).

We may process this information for purposes: 1-4, 6,7.

• Correspondence with you including information about your questions, complaints, or disputes.

We may process this information for purposes:1-7.

• Other information relevant for the provision of the requested services.

We may process this information for purposes: 1-7.

• Content that you have provided, including postings on our social media platforms.

We may process this information for purposes: 1-7.

• Other information that you voluntarily provide to us.

We may process this information for purposes: 1-7.

Your personal data will be processed by persons working for or on behalf of Superlanet on a need-to-know basis for the purposes described in this General Privacy Statement.

We may further share your personal data with the following types of entities for the following purposes:

Service providers and their sub-contractors who process your personal data on our behalf, acting as a data processor or respectively as a sub processor, such as for providing hosting services. We conclude appropriate data processor agreements in line with the applicable data protection laws.

Other third parties to the extent necessary to: (i) comply with a request from a government authority or law enforcement agency, a court order or applicable law; (ii) to prevent violations of our agreements and our policies; (iii) to defend ourselves against claims or when you have provided your consent.

If we sell or transfer all or a portion of our business or assets (including in the event of a reorganization, dissolution, or liquidation) we may also transfer your personal data.

We will not retain your personal data longer than necessary in relation to the purposes for which the data are processed, unless otherwise required or permitted by law. This means that:

• Personal data obtained based on your consent will no longer be retained after you withdraw your consent. To the extent necessary, we do retain information to prove that the previous processing activities were based on valid consent.

We are committed to ensuring that your personal data is kept secure. We use a variety of physical, technical, and organizational measures to maintain the safety of your personal data. Some of the technical and organizational measures taken by us include:

Technical security measures:

• Logical and physical security equipment (e.g., safe, firewall, network segmentation).
• Technical control of the authorizations and keeping log files.
• Management of the technical vulnerabilities (patch management).
• Making back-ups to safeguard availability and accessibility of the personal data.
• Modern encryptions of connections and certain equipment is in place and monitored
• Using multi-factor authentication for certain systems

Organizational security measures:

• Assignment of responsibilities for information security.
• Promotion of security awareness among new and existing employees.
• Establishment of procedures to monitor, test, assess and evaluate security measures periodically.
• Checking and monitoring of log files done regularly.
• Implementation of a protocol for the handling of data breaches and security incidents.
• Implementation of least privilege practices to ensure only the people in the organization who need to see the data are allowed to access it.

If you are a data subject under GDPR or other applicable laws, you have certain rights concerning our processing of your personal data. You can:

• Request access to your personal data held by us: You can ask us whether we process your personal data and, if so, to provide you with a copy of that personal data.
• Request us to rectify or complete your personal data: If you believe the personal data we process about you is inaccurate or incomplete, you can ask us to rectify it.
• Request us to erase certain personal data: You can ask us to delete or remove your personal data in some circumstances.
• Request us to restrict the processing of your personal data: You can ask us to restrict the processing of your personal data in some circumstances, such as when you contest the accuracy of the personal data.
• Object to our processing of your personal data: You can object to our processing of your personal data and ask us to suspend such processing at any time if we rely on our own or someone else’s legitimate interests to process your personal data or where we process your personal data for direct marketing purposes. When we rely on legitimate interests, we may continue processing your personal data if we can demonstrate compelling legitimate grounds, which we will consider on an individual basis. Where you object to our processing for direct marketing purposes, we will no longer process your personal data for such purposes.
• Request not to be subject to automated decisions, including profiling: You have the right not to be subject to a decision based solely on automatic processing, including profiling, if it produces a legal effect or similarly significantly affects you.
• Request to port your personal data: You have the right, in certain circumstances, to obtain personal data you have provided to us (in a structured, commonly used, and machine-readable format) and to reuse it elsewhere or to ask us to transfer this to a third party of your choice.
• Request to withdraw your consent: If we rely on your consent for processing your personal data, you have the right to withdraw that consent at any time. Such withdrawal will not affect the lawfulness of the processing before you withdrew your consent.
• Lodge a complaint with a supervisory authority: If you have a concern about the way we have handled your personal data, you can lodge a complaint with your local supervisory authority.

You may send us a request using the information below. We will handle your request carefully and in line with the applicable data protection rules. We will respond to you without undue delay and at the latest within one month of receipt of your request in line with the applicable data protection rules. We may need to identify you and obtain proof of your identity in order to be able to respond to your request.

We welcome any questions, comments, or concerns regarding our processing of your personal data and or our privacy practices. If you have any questions, or wish to exercise your privacy rights, please contact us by using the following contact details:

Superlanet Inc.

Email: info@superlanet.com

Applicable law and our practices may change over time. This General Privacy Statement may be updated to reflect such changes. We recommend to regularly review this Privacy Statement.