Privacy Policy

Effective as of July 21st, 2011

Medrio, Inc. has created this privacy policy in order to demonstrate our commitment to protecting the privacy of your information. Because we gather important information from you, we have established this policy as a means to communicate our information gathering and dissemination practices. In addition, Medrio complies with the U.S.-EU Safe Harbor Framework and the U.S.-Swiss Safe Harbor Framework as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal information from European Union member countries and Switzerland. Medrio has certified that it adheres to the Safe Harbor Privacy Principles of notice, choice, onward transfer, security, data integrity, access, and enforcement. To learn more about the Safe Harbor program, and to view Medrio's certification, please visit http://export.gov/safeharbor/.


Information we collect and how we use it:
Medrio collects information from individuals who visit our website ("Visitors") and individuals who use the Medrio software service ("Customers").

When you request additional information about Medrio, contact us via our website or register to use our service, Medrio may require you to provide us with contact information such as your name, company name, title, address, phone number and email address. When purchasing our services we may also request financial qualification and billing information, such as billing name and address, credit card number, and the number of users within the organization that will be using the Medrio software service.

Medrio uses the information that we collect to perform the services requested. For example, if you complete a web contact form, Medrio will use the information provided to contact you about your interest in our service.

We may also use the information that we collect for marketing or other legitimate business purposes. For example we may use the collected information to contact you to further discuss your interest in our company, the services that we provide, and to send information regarding our company or partners, such as promotions and events.

All financial and billing information that we collect is used solely to check the qualifications of prospective customers and to bill for services. This billing information is not used by us for marketing or promotional purposes.

Medrio may also collect information about your interaction with our website and software service. For example, we may use technologies, such as cookies (described below), to collect information about the pages you view, the links you click and other actions you take on our sites and services. Additionally, we also collect certain standard information that your browser sends to every website you visit, such as your IP address, access times and referring Web site addresses. This information is primarily used to help diagnose technical problems, for administrative purposes, to compile non-identifying aggregate statistics about site usage and to improve the quality of our website and services.

Cookies:
When you interact with the Medrio website or software service, we may use cookies to help make your experiences easy and meaningful. "Cookies" are a technology employed by many other websites and are small data files stored on your computer. Cookies cannot be used to run programs or deliver viruses to your computer.

Standing alone, cookies do not identify you personally. They merely recognize your browser. Unless you choose to identify yourself to Medrio, either by responding to a promotional offer, completing a contact or interest form or registering for an account, you remain anonymous to Medrio.

There are two types of cookies, session cookies and persistent cookies. Session cookies exist only during an online session. They disappear from your computer when you close your web browser or turn off your computer. Persistent cookies remain on your computer after you've closed your browser or turned off your computer. They include information such as a unique identifier for your browser.

Medrio uses session cookies containing encrypted information to allow the system to uniquely identify you while you are logged into the Medrio software service. This information allows us to process your online transactions and requests. Session cookies help us make sure you are who you say you are after you've logged in and are required in order to use the Medrio software service.

Medrio may also use persistent cookies to identify the fact that you are a Medrio customer or prior Medrio website visitor (whatever the case may be). We are especially careful about the security and confidentiality of the information stored in persistent cookies. For example, we do not store account numbers or passwords in persistent cookies. Users can disable their web browsers' ability to accept cookies and will be able to browse our website but will not be able to successfully use our software service.

Third Party Cookies:
Medrio may engage third parties to track and analyze non-personally identifiable usage and volume statistical information from visitors to our website or service for marketing and administrative purposes. Such third parties may use cookies to help track visitor behavior. Such cookies will not be used to associate individual website visitors to any personally identifiable information. All data collected by such third parties on behalf of Medrio, Inc. is used only to provide us with information on site usage and is not shared with any other third parties.

Third Party Sites:
Pages within Medrio's website and software service may contain links to other web sites. We are not responsible for the privacy practices or the content of these other web sites. When visiting these sites you will need to check the policy of these others web sites to understand their policies. When accessing a linked site you may be disclosing your private information. It is your responsibility to keep such information private and confidential.

Sharing of collected information:
Except in the cases where we explicitly state otherwise at the time we request information, or as provided for in the Medrio, Master Subscription Agreement, Medrio does not disclose to third parties your personally identifiable information with others except as follows: We may share your information with Agents who process data only on our behalf and for our purposes (as used here, "Agents" are persons or companies who act on behalf of or under the direction of Medrio). We may share your information as required by law or in the interest of protecting or exercising our or others' legal rights, e.g., without limitation, in connection with requests from law enforcement officials and in connection with court proceedings. We may share or transfer your information in connection with a prospective or actual sale, merger, transfer or other reorganization of all or parts of our business. We may also share information with third parties involved in the normal operations of our business, for example with contract research organizations (CROs), study sponsors, or others that are involved in study management as commonly done in our industry. We also reserve the right to fully use and disclose any information that is not in personally identifiable form (such as site usage statistics that do not identify you individually by name).

Medrio may also use a third-party intermediary to manage the credit card processing. This intermediary is solely a link in the distribution chain, and is not permitted to store, retain, or use the information provided, except for the sole purpose of credit card processing.

Medrio will not disclose personally identifiable information to any Agent unless it first either ascertains that the Agent adheres to the Safe Harbor Principles or is subject to the EU Directive on Data Protection or another adequacy finding or enters into a written agreement with such Agent requiring that the Agent provide at least the same level of privacy protection as is required by the relevant Safe Harbor Principles.

Opt-Out Policy:
Medrio, Inc. offers its visitors and customers a means to choose how we may use information provided. If, at any time after providing us with information, you change your mind about receiving commercial information from us or about sharing your information with third parties, send a request specifying your new choice to support@medrio.com.

Customers can not opt-out of receiving emails from Medrio that are directly related to their use of the Medrio software service such as email notifications, or service notifications.

Correcting & Updating Your Information:
If customers need to update or change registration information they may do so by logging into the Medrio software service and editing the user profile. To update billing information or to have your information deleted please email support@medrio.com or call 877-763-3746. Medrio, Inc. will respond to your correction or update request within at most 30 days from the date of your request.

Customer Data:
Customers of the Service will be using the Medrio software service to host data and information ("Data"). Medrio will not review, share, distribute, print, or reference any such Data except as provided in the Medrio Master Subscription Agreement, or as may be required by law. Individual records may at times be viewed or accessed only for the purpose of resolving a problem, support issue, or suspected violation of the Master Subscription Agreement, or as may be required by law. Of course, customers are responsible for maintaining the confidentiality and security of their user registration and password.

Security:
Medrio has placed commercially reasonable security measures in place to protect the integrity, availability, and confidentiality of customer data. These measures include policies, procedures, employee training, physical access and logical security controls. In addition when accessing the Medrio software service, data transmitted to Medrio's servers are secured using standard security protocols and mechanisms such as SSL encryption to ensure data confidentiality and integrity.

In the event that individual personal data is acquired, or is reasonably believed to have been acquired, by an unauthorized person and applicable law requires notification, Medrio will notify the affected individual of the breach by email or fax or, if Medrio is unable to contact the individual by email or fax, then by U.S. mail. Notice will be given promptly, consistent with the legitimate needs of law enforcement and any measures necessary for Medrio or law enforcement to determine the scope of the breach and to assure or restore the integrity of the data system. Medrio may delay notification if Medrio or a law enforcement agency determines that the notification will impede a criminal investigation, unless and until Medrio or the agency determines that notification will not compromise the investigation.

Enforcement:
Medrio has established internal mechanisms to verify its ongoing adherence to its privacy policy, including the Safe Harbor Principles. Medrio also encourages individuals covered by this privacy policy to raise any concerns about our processing of personal information by contacting Medrio at the address below. Medrio will seek to resolve any concerns. Medrio has also agreed to participate in the dispute resolution program provided by the European Data Protection Authorities

Policy Updates:
Medrio reserves the right to change this Privacy Policy and will provide notification of the change by posting a prominent notice on the privacy section of our web site notifying users of the change.

Additional Information:
Questions regarding this Privacy Policy or Medrio's practices should be directed to:

Medrio, Inc.
595 Market St, Suite 1300
San Francisco, CA 94105
Phone: 877-763-3746
Email: info@medrio.com