Privacy Shield Privacy Policy

Participation in Privacy Shield
This document details the information regarding Sysmex Inostics Incorporated, Privacy Shield Notice Under the E.U.-U.S. Privacy Shield Framework.
This Notice is provided by Sysmex Inostics Inc. in relation to its certification to the E.U.-U.S. Privacy Shield framework.

Sysmex Inostics Inc., 1812 Ashland Ave, Suite 500, Baltimore MD, 21205, has certified adherence to, and compliance with, the E.U.- U.S. Privacy Shield Framework as set forth by the U.S. Department of Commerce, with respect to the collection, use, and retention of personal information transferred from the European Union to the United States.

For more information on the E.U.-U.S. Privacy Shield or to view our certifications, please visit https://www.privacyshield.gov/

Privacy Shield Principles
Sysmex Inostics Inc. has committed to uphold the Privacy Shield principles and surrounding requirements of the framework. The principles are: Notice; Choice (Consent); Accountability for Onward Transfer; Security; Data Integrity and Purpose Limitation; Access; and Recourse, Enforcement and Liability.

Scope of Individuals and Personal Data Collected/Purpose of Data Collection
Sysmex Inostics Inc. confirms adherence to the Privacy Shield principals for E.U. personal information transferred to the U.S., in relation to:  patient personal data (including that pertaining to clinical laboratory patients and patients for whom clinical or clinical research testing is performed); customer personal data (including that pertaining to healthcare professionals and their staff members, employers, insurance companies, and individuals who interact with us in connection with purchasing Sysmex Inostics’ services); suppliers (including individuals assisting us with our business activities, such as accountants and auditors); and clinical trial participants (including individuals enrolled in research trials whose specimens are submitted to Sysmex Inostics by controllers of clinical testing,  CROs or research sites, for purposes of performing laboratory testing). The data of these individuals is processed for the purposes for which it was collected, supporting the performance of clinical testing and clinical research testing, and may also be processed for related purposes such as quality assurance, auditing, and fulfilling legal and compliance responsibilities.

Contact for Information or Complaints
In compliance with the Privacy Shield principles, Sysmex Inostics Inc. is committed to resolve complaints about its collection or use of your personal information. E.U. individuals with inquiries or complaints regarding the Privacy Shield policies or practices should first contact our SII Privacy Officer at: privacyofficer@sysmex-inostics.com, or call us at 1-443-759-8650 or within the EU, call us at +49 40-325907-0.  In accordance with our Privacy Shield commitment, Sysmex Inostics Inc.  has adopted dispute resolution practices that are designed to evaluate and resolve any complaints or concerns about your privacy and its collection or use of your personal information within forty-five (45) days of receipt.

Third Party Transfers
Sysmex Inostics Inc. may entrust certain personal information pertaining to E.U. individuals to third-party partners who assist us with business activities, or who have regulatory or legal oversight responsibilities in relation to certain business activities. Where we do so, Sysmex Inostics Inc. will take steps to ensure that the third parties entrusted with E.U. personal data uphold an equivalent level of protection for the data.  Sysmex Inostics Inc. understands that we can be held responsible if its business partners entrusted with E.U. personal information violate those obligations.

Rights of Individuals to Access Their Data
E.U. individuals have the right to access personal information about them, and to limit use and disclosure of their personal information.  With its Privacy Shield certification, Sysmex Inostics Inc. has certified to the Privacy Shield its commitment to respect and uphold those rights. Should you wish to exercise those rights, the company requests that you contact us at: privacyofficer@sysmex-inostics.com, or call us at 1-443-759-8650 or within the EU, call us at +49 40- 325907-0.  You may also write to us at:  Sysmex Inostics Inc.,  Attention: Privacy Officer, 1812 Ashland Avenue, Suite 500, Baltimore, MD, 21205 USA.  Please note that there are certain limitations on these rights, as described in the Privacy Shield framework.

Disputes
In compliance with the Privacy Shield principles, Sysmex Inostics Inc has certified to the Privacy Shield to resolve complaints about its collection or use of your personal information. E.U. individuals with inquiries or complaints regarding their Privacy Shield policies or practices should first contact our Privacy Officer at: privacyofficer@sysmex-inostics.com, or call us at 1-443-759-8650 or within the EU, call us at +49 40- 325907-0. In accordance with our Privacy Shield commitment, Sysmex Inostics Inc. has adopted dispute resolution practices that are designed to evaluate and resolve any complaints or concerns about your privacy and its collection or use of your personal information within forty-five (45) days of receipt.

Third Party Dispute Resolution
Sysmex Inostics Inc. has certified to the Privacy Shield to cooperate with the E.U. supervisory authorities with regard to unresolved Privacy Shield complaints.  If you do not receive timely acknowledgment of your complaint from Sysmex Inostics Inc., or if the company has not addressed your complaint to your satisfaction, you have the right to contact the E.U. supervisory authorities for more information or to file a complaint. The services of E.U. supervisory authorities are provided at no cost to you.
The link for the E.U. Data Protection,  Third Party Dispute Resolution provider is shown here:  https://edpb.europa.eu/about-edpb/board/members_en

Regulatory Oversight and Enforcement
Sysmex Inostics Inc. has certified to the Privacy Shield and is also subject to investigatory and enforcement authority of the U.S. and E.U. agencies who oversee the Privacy Shield framework, namely the U.S. Federal Trade Commission and the relevant E.U. supervisory authorities. Individuals also have a right to file a complaint with these oversight agencies, particularly if you believe your complaint is not satisfactorily resolved by Sysmex Inostics Inc.

Right to Binding Arbitration
In accordance with the Privacy Shield framework, E.U. individuals may be able to invoke binding arbitration before a Privacy Shield Panel if they believe that their claim has not been handled by the company in a satisfactory manner.

Law Enforcement Requests
Sysmex Inostics Inc. has certified to the Privacy Shield and is required to disclose personal information in response to lawful requests by public authorities, including compliance with national security or law enforcement requirements.

Conflicts
If there is any conflict between the terms in this privacy policy and the Privacy Shield principles, the Privacy Shield principles will govern.

Information About the Privacy Shield
The Privacy Shield framework, which is jointly established by the European Commission and the U.S. Department of Commerce, allows companies such as Sysmex Inostics Inc. to self-certify to the seven privacy principles and surrounding requirements of the framework for purposes of protecting and safeguarding personal data relating to residents of the European Union (E.U.) and European Economic Area (E.E.A.).  In exchange for completing the requirements of the Privacy Shield framework, and committing to uphold those requirements, U.S.-based organizations such as Sysmex Inostics Inc. are declared by the European Commission to have adopted ‘adequate’ privacy and security standards for that personal data. This means that they can receive E.U. or E.E.A. personal data without first having to fulfill another cross-border data transfer method as provided under the E.U. General Data Protection Regulation (GDPR) 2016/679, but must still fulfill the surrounding data protection requirements that apply to the data, for as long as it is under their custody or control.

Effective Date of Notice: May 11, 2020
Document Number: QA002-F04_v03a