Privacy Policy

Hiteks Privacy Statement 

 

This Privacy Statement (“Statement”) describes the personal data that Hiteks collects, how we use it, and when we share it, as we interact with you, deliver our products and services, and conduct our business operations. This Statement applies to Hiteks Solutions, Inc., its affiliates and any wholly owned subsidiaries worldwide, referred to in this Statement as “Hiteks.” When we refer to Hiteks products, we mean all Hiteks products and services. For the purposes of applicable data privacy legislation, the Hiteks affiliate or subsidiary responsible for the collection and use of your personal data is either the affiliate or subsidiary with which you contract or engage, or the affiliate or subsidiary located in the country in which you reside. If you wish to confirm the identity of the responsible Hiteks affiliate, you may contact us.

 

What Personal Data Do We Collect? 

Hiteks collects personal data when we deliver our products, conduct marketing, and run our business operations. The personal data we collect varies based upon whether the data is collected (i) through our websites or applications (“Sites”), including www.hiteks.com or (ii) through our products and services, including but not limited to our software, support services, voice recognition technology, and medical information products (“Products”).

We may collect personal data directly in the following situations:

• When you purchase, download, or register Hiteks software, or use our software support services, we may collect contact information such as your name, email address, physical address, telephone number, and financial and payment details, together with information on the Hiteks Products you buy, download, or register.
• If you engage with Hiteks for marketing purposes, such as by expressing interest in Hiteks Products through a web form, participating in a promotion, or attending a Hiteks or other marketing event, we will collect the information you submit to us, such as your contact details (including name, email address, phone number, organization and job title) and the Hiteks Products that interest you.
• When you submit an employment application, we collect the personal data disclosed by your application, such as your name, email address, phone number, and employment and education history.
• We may also collect other electronic data from your use of our Sites automatically. This data may include your IP address, date/time stamp, data about your interaction with our Sites and data collected from our use of cookies and similar tracking tools.

Through our Products, we may collect personal data directly in the following situations:

• When you use Hiteks CAPD technology, whether by using Hiteks’s own Products or by using third party products that employ Hiteks CAPD technology, we may capture your clinical documentation that you transcribe into the product. 
• If you use a Hiteks medical analytics Product, such as Medex, we will collect the institutional  data, healthcare information, and provider data you submit.
• We may also collect other electronic data derived from your use of our Products. This data may include your IP address, usage data, and data showing your registration, installation and use of Hiteks software Products. Except for IP address and unique device identifiers, we generally collect this data on an aggregate and non-identifying basis.

Hiteks may collect personal data indirectly in certain situations, in particular:

• We provide clinical analytics and clinical documentation Products to hospitals and medical providers. To deliver these Products, we may collect patient data both directly from our healthcare customers as well as from vendors serving our healthcare customers such as individual doctors, imaging and laboratory services providers, and electronic health record service providers. This patient data may include name, address, birthdate, medical record number, diagnosis, image, and treatment information. Where consent is required for the collection and use of medical information, Hiteks will obtain consent if we interact directly with patients. However, if we are processing personal data on behalf of a third party that has direct patient access, it will be the third party’s responsibility to obtain the consent.
• We obtain marketing contact information, including name, email address, phone number, organization, and job title, from our resellers and distributors, from public sources, and from third-party mailing lists.
• We collect personal data, including employment and education history, from third parties to conduct background and reference checks for employment applications and for applications to establish reseller and distributor relationships with Hiteks, subject to your consent where consent is required by law.

 

Cookies 

Hiteks and its partners use cookies and similar tracking tools to distinguish you from other users. You can control the use of cookies at the individual browser level, but if you choose to disable cookies, it may limit your use of certain features or functions on our website or service. 

 

How We Use Personal Data 

General Business Operations 
We use contact information to market, sell, and service Hiteks Products, subject to your consent where required by law. We allow recipients of marketing messages and collateral to opt out of receiving further communications from Hiteks at any time without detriment. We use your financial or payment information, and your contact details, to support, establish, and conduct customer relationships if you were to purchase a Hiteks Product or service. For example, your data would be necessary for the performance of our terms of service with you (including, for example, completing purchase transactions, fulfillment of an order, order confirmations, responding to requests for information about products and services, and the provision of purchased products and services). If you fail to provide the personal data we need, we may be unable to complete your transaction. We use personal data from employment applications where necessary to support our legitimate interest in processing your application and to contact you if future opportunities arise. We use personal data of individuals associated with proposed resellers, co-development partners, and distributors to conduct reference and background checks before entering into a contract and as necessary for compliance with legal obligations to which we are subject. 

 

Data Processed Within Our Products 
We use the personal data that is processed within our Products, such as medical data within medical data products, personal data processed in communications products and any personal data contained within product usage data we collect, to deliver our Products sold to Hiteks customers and for our legitimate interests and business purposes in tuning, maintaining, enhancing, and developing Products. A small percentage of medical data received by Hiteks, which may include personal data, are reviewed by human reviewers and analyzed for Hiteks’s product maintenance and improvement efforts. We never use this data, referred to as “Product Personal Data,” for marketing purposes; and we never sell or transfer your data to third parties for the third party’s own purposes.We use aggregated, non-identifying, electronic data collected from use of our Sites and Products to operate, analyze, improve, and develop our Sites and Products. This information is not used to inform decisions about specific individuals; rather, it is processed to understand how different categories of users interact with our Sites and Products so that we can consistently provide our Products.

 

When We Share Personal Data 

We do not sell your personal information.

Hiteks does not sell your personal information. However, we may share certain personal information for a business purpose. If we share your personal data (including Product Personal Data) with affiliates, co-development partners, or with vendors acting on our behalf, we do so under binding agreements that require the third party to use and protect the personal data in accordance with the principles described in this Privacy Statement. These third parties are authorized to use your personal data only as necessary to provide services to us.

 

We may share Personal Data in the following situations:

• With our affiliates and subsidiaries and with vendors acting on our behalf to perform services for Hiteks for a specific business purpose, support the Sites or the delivery of Products;
• With the customer on whose behalf and at whose direction we are processing the data; and
• When we have your consent to use your Personal Data for a specific purpose.
 

We may share personal data with our affiliates, co-development partners, subsidiaries, resellers, suppliers, sub-contractors, and distributors, and with vendors acting on our and their behalf, to service our customers and perform any contract we enter with you (including, for example, with resellers who support our management of potential clients and vendors who conduct transcription in connection with our products and services). We may also share aggregated, anonymous, or non-identifiable electronic data with our affiliates, co-development partners and with vendors acting on our behalf. We may share personal data derived from Site usage (excluding Product Personal Data), with analytics and search engine providers that assist us in the improvement of our Sites, subject to the cookie section of this Privacy Statement. Our Sites may use Google Analytics. The way Google collects and processes data when delivering Google Analytics is described here: www.google.com/policies/privacy/partners/(Open a new window). We may share personal data from employment applications with vendors acting on our behalf who help us in recruitment, background check and human resources matters.We may also share personal data to comply with law and legal process, to respond to governmental inquiries and lawful requests from by public authorities (including to meet national security or law enforcement requirements), and to protect life, property, or the security of Hiteks or its customers. If Hiteks enters any merger, acquisition, or asset sale of all or any part of its business, personal data held by Hiteks may be transferred to a buyer or successor entity.

 

Control Of Your Personal Data 

You can change your preferences to opt out of marketing communications at any time by emailing us at privacy@hiteks.com. Alternatively, please follow the opt-out instructions in the relevant communication. If you opt out, we will retain your email address to confirm that we do not send you further communications. If you have submitted an employment application to Hiteks or if your personal data has been collected by Hiteks to review a proposed reseller or distributor relationship, you may contact us by emailing us at  privacy@hiteks.com to request deletion of your data. We will respond to your request within a reasonable timeframe. If you wish to access, correct, or request deletion your Product Personal Data, you may contact us at privacy@hiteks.com. Hiteks generally processes Product Personal Data on behalf of our healthcare, enterprise, and corporate customers. If you contact us, we may direct your inquiry to our customer on whose behalf the Product Personal Data is being processed. We will make reasonable efforts to delete your Product Personal Data upon your request within a reasonable timeframe. Hiteks may refuse your request to access, request or delete Product Personal Data where entitled to do so under applicable law. If you have submitted Product Personal Data to Hiteks using your own user account which allows you to control your own data, you may delete the data you submitted by logging into your account and following the guidelines in the help system.

 

Location Of Processing and CrossBorder Transfers 

While the majority of Hiteks business is in the United States, Hiteks operates in other countries. We may transfer personal data across international borders and may process personal data in jurisdictions other than the location of original collection.

We may transfer personal data that we collect to other Hiteks affiliates or other companies performing support functions on our behalf (each as described above) based in other countries including to the United States, Greece, Colombia, India or the Philippines or other countries outside the European Economic Area or your country of residence and this personal data lawfully may be stored and/or processed in such countries. Whether your personal data is processed within your country of residence or beyond, we will take steps to ensure that your data is subject to appropriate safeguards required of us under the Privacy Statement, applicable data protection laws, and appropriate legally recognized data transfer adequacy mechanisms. Personal data that is transferred outside your country of residence may be subject to lawful access by courts, law enforcement and other governmental authorities in accordance with the laws of the foreign jurisdiction.

 

General Data Protection Regulation (“GDPR”) 

General Data Protection Regulation (“GDPR”)

Hiteks has a range of privacy and security controls across its organizations to ensure compliance with the General Data Protection Regulation (GDPR), including, but not limited to:

• GDPR-compliant data protection agreements with all customers for whom Hiteks Processes Personal Data; 
• A PIA driven process to ensure that all products and services are built with Privacy By Design;
• An extensive, on-going training program for its employees, with data privacy and protection education upon hiring and then again at least on an annual basis;
• State-of-the-art technical and security measures, including data encryption at rest and in transit;
• Records of processing which include mapped storage and transfer of Personal Data throughout Hiteks’s product-lines;
• Appropriate access right limitations;
• Company-wide systems for protecting Data Subject rights, ensuring that individual access/portability/right-to-be-forgotten rights are respected; and
• Appointment of a Data Protection Officer. 

Whenever Hiteks transfers personal information beyond the country of origin, we will do so in accordance with applicable laws. In the context of its European operations, Hiteks may transfer Personal Data abroad to other states in the European Economic Area or to third countries. With the decision by the Court of Justice of the European Union in the Schrems II case, Hiteks has evaluated the data transfers necessary for its multinational operations. In light of Schrems II, Hiteks will ensure that importers of any Personal Data offer an adequate level of protection, whether through an adequacy decision or appropriate safeguard under Article 46.  To the extent Personal Data processed by Hiteks would be transferred to a country outside the EEA not deemed to ensure an adequate level of protection for the rights and freedoms of data subjects in relation to the processing of Personal Data, Hiteks has in place requirements relating to such international data transfers. For example, where data is transferred: (i) between Hiteks affiliates, this is done pursuant to an agreement based on the EU’s Data Export Contractual Clauses, and (ii) to third parties, Hiteks uses standard contractual clauses designed to ensure those third parties respect the confidentiality of personal data and use it only in connection with provision of specific services and in compliance with applicable data privacy laws. The EU Standard Contractual Clauses can be viewed on the European Commission’s website here.  https://ec.europa.eu/info/law/law-topic/data-protection/international-dimension-data-protection/standard-contractual-clauses-scc_en(Open a new window). As per the guidance of the European Data Protection Board, Hiteks has implemented programs to review such data transfers and to employ additional safeguards when appropriate for the data processing required by law and our customer contracts. 

With respect to personal data received or transferred, Hiteks and its U.S. Subsidiaries are subject to the regulatory enforcement powers of the U.S. Federal Trade Commission. In certain situations, we may be required to disclose personal data in response to lawful requests by public authorities, including to meet national security or law enforcement requirements. 

 

Storage and Security 

We follow generally accepted standards to protect the personal data submitted to us, both during transmission and once it is received. Information you provide to us is stored on our secure servers. Any payment transactions will be encrypted using current PCI-DSS standards. If Hiteks has issued you a password, you are responsible for keeping the password confidential. If you have any questions about the security of your personal data, you can contact us for more information by emailing us at  privacy@hiteks.com. We retain personal data to the extent necessary to provide Products to our customers, employees, and prospective employees. Generally, we retain personal data for as long as you remain an active customer or user of our Sites and Services and for 3 years afterwards, or otherwise as required for our business operations or by applicable laws. Different retention of personal data may be necessary under contractual terms with the data controller for whom we provide services, for fraud prevention, to identify technical problems, or to resolve legal proceedings. We may retain non-personally identifiable aggregate information beyond this time for research purposes and to help us improve and further develop our Products. You cannot be identified from aggregate information retained or used for these purposes. Any record of a stated objection by you to receiving marketing communications will be retained by us so that we respect your wishes by not contacting you further.

 

Children 

If a Hiteks customer puts Hiteks CAPD or Medical Data Product technology in a customer product or service that is likely to be accessed by children, Hiteks may receive personal data from product users to provide clinical analytics advice or queries to the user. This is a function of how Hiteks’s technology works. This means that if the user is under the age of 16, Hiteks may receive personal data from children under the age of 16. It is the responsibility of the Hiteks customer to obtain any consents required under applicable law, including under the Children’s Online Privacy Protection Act and relevant data protection laws, for the collection of such personal data.

Except as described in the preceding paragraph, Hiteks does not sell services to children and does not knowingly collect personal data directly from children under the age of 16. Hiteks has adopted a policy that Hiteks will not provide hosted services to primarily child-directed websites and online services. No child under 16 should directly submit personal data to Hiteks. If you become aware that a child under the age of 16 has submitted personal data to Hiteks except as described in the preceding paragraph, please inform us by completing a Privacy Request webform and we will promptly delete the data.

 

Your Rights 

You may have the right under applicable laws in certain circumstances to:

• ask for access to details of the personal data held by us about you, free of charge;
• to request the rectification, restriction or erasure of your personal data held by us;
• to object to the processing your data;
• to request that any personal data provided by you, be transferred to a third party.

Hiteks never sells or transfers your data to third parties for the third party’s marketing purposes. You can object to receiving further marketing from Hiteks at any time without detriment.

Hiteks partners with a third party to display advertising on our website or to manage our advertising on other sites. Our third-party partner may use cookies and similar tracking tools in order to provide you advertising based upon your browsing activities and interests. If you wish to opt out of interest-based advertising please send us a request at info@hiteks.com.

You can also exercise the rights listed above, or write to us with any complaints, at any time by contacting us, specifying the nature of your request, at: info@hiteks.com.  Alternatively, you may contact us at privacy@Hiteks.com or by mail (Worldwide) at:

Chief Privacy Officer
Hiteks Solutions, Inc.

447 Broadway, 2nd Floor

New York, NY  10013
USA

If your request or concern is not satisfactorily resolved by us, you may approach your local data protection authority.