Predictix Platform Privacy Policy - PREDICTIX®️ By Taliaz

Predictix Privacy Policy for

Health Professionals

May 2021 Rev No. 2

When you use our Predictix system or services as a health professional, we will need to process personal data about you. We have written this policy to tell you:

What personal data we collect about you
How we collect your personal data
Our legal basis for processing information about you
What we use your personal data for
What your rights are

We are Taliaz Ltd. and our head office is at 2 Prof. Yehezkel Kaufmann Street, Tel Aviv, Textile Center, 15th floor, 6801294, Israel which is a country considered by the European Commission (Decision No. 2011/61 of 31 January 2011) as ensuring an equivalent level of data protection to that of the European Union.

Being based outside Europe, we have appointed a data protection representative for Europe: MyData-TRUST S.A., Boulevard Initialis 7/3, 7000 Mons, Belgium ([email protected]).

Our contact information can be found in the “How to contact us” section below.

Data we collect about you

Ho we collect your personal data

We collect personal data that is provided to us directly by you, as part of our business relationship and/or via the Predictix service.

Personal Data categories

We process the following categories of personal data:

Identification and professional contact data such as your name, first name, address, email address and phone number, information on your profile;

Professional data (quality, information about the organization in which you practice);

Data on your use of our services (website, application or other technology) including IP addresses or other data on your device (please see our Cookies Statement for more information: https://www.predictix.ai/cookie-statement

Legal basis for treatment

The European General Data Protection Regulation (“GDPR”) requires that we have a legal reason to process your personal data.

We can legally process personal data about you because:

We act as a processor for our legitimate interest in offering our services to you;
We provide you with our services as part of the performance of the contract with you;
We have to comply with a legal obligation.

Using your personal data

Purposes

We use your personal data to offer our services and to enable the use of the Predictix system. The chart below will help you understand why we need your personal data:

What personal data?	For what purpose?	On what legal basis?
Identification data, business data, technical data	Account management(create, update and authenticate your account) Customer service management (for monitoring service and account, responding to your requests for information, managing your complaint) Managing the business relationship, billing and payments	Executing the contract with the health care professional
Identification data, business data	Prospecting (to contact you with communications related to your business and Predictix services)	Legitimate interest in developing our business and retaining our customers
Identification data, business data, technical data	Improved services and the Predictix system (to evaluate and improve services, ensure maintenance and ensure safety)	Legitimate interest in improving service,as well as your user experience
Identification data, business data, technical data	Management of a pre-litigation or litigation (to sanction any breach of the terms of use of the service, or any other breach identified, to manage any dispute or dispute)	Legitimate interest in defending our rights and interests
Identification data, business data, technical data	Compliance with applicable legal and regulatoryobligations, in response to your requests for the exercise of rights	Our legal and regulatory obligations.

Access to your personal data

Your personal data is available to the following people only for the purposes outlined above:

Taliaz Ltd. and its authorized personnel, for the purposes and subject to the guarantees described;

The third-party health care provider to whom we provide the patient’s DNA sample on your behalf for analysis;

Any administrative or judicial authority, in the event of an express and reasoned request on their part in the event of a proven violation of legal or regulatory provisions;

Our external advice, only in the context of the management of any other legal subject if necessary;

Other third parties, as a result of or in the event of restructuring, replenishment, acquisition, debt financing, merger, sale of Taliaz Ltd. assets or a similar transaction, as well as in the event of insolvency, bankruptcy or receivership in which personal data is transferred to one or more third parties as assets of Taliaz Ltd.

Communications and prospecting

We may contact you by email, mail or phone, to provide you with information about our products, services, offers and other news when we think they may be of interest to you.

Third-party websites

Our Predictix system may contain links to other websites that other organizations own. If you follow a link to another website, these websites will have their own privacy policy as an independent processor. We suggest checking the policy of any other website before sharing your personal data as we cannot take responsibility for any other website.

Where do we store your personal data and how do we protect your security

The personal data we collect will be transferred, processed and stored only in Israel, which is outside the European Union. The European Commission has recognised that Israel provides adequate protection for personal data.

We have appropriate security measures in place to prevent the accidental loss of your personal data, its unauthorized use or access, tampering or disclosure. In addition, we limit access to your personal data to employees, agents, subcontractors and other third parties with a professional need to know them. These people will only process your personal data on our instructions and are subject to a confidentiality obligation.

We have procedures in place to deal with any suspected breach of personal data and we will notify you and any applicable regulator of a violation where we are legally required to do so.

We are committed to ensuring that our suppliers also have appropriate technical, organizational and physical measures in place to ensure that your data is protected from loss and misuse.

All personal data you provide to us is stored on our secure servers or on secure servers operated by a third party.

Data retention

As far as the treatments for which we are responsible are concerned, we generally keep your personal data for a period of 7 years from our last contact.

In certain circumstances we will make your personal data anonymous (so that it can no longer be associated with you) for research and statistics purposes, in which case we can use this information indefinitely.

E-mails

If you choose to send us data via email we cannot guarantee the security of that data before it is delivered to us.

Your rights:

You have the following rights (some exceptions apply):

Right of access: the right to request details of your personal data and a copy of such personal data.

Right to rectify: the right to have inaccurate personal data corrected or completed.

Right to delete (‘right to be forgotten’): the right to request the removal of your personal data.

The right to restrict processing: the right to request that your personal data be used only for limited purposes.

Right to data portability: the right to request that the personal data you have made available to us be transferred to you or a third party in machine-readable formats.

Right to withdraw consent: the right to withdraw any previous consent given to us to process your personal data. If you withdraw your consent, it will not affect the legitimacy of our use of your personal data prior to the withdrawal of your consent and we will let you know if we will no longer be able to provide you with the chosen product or service, following the withdrawal of your consent.

Right in relation to automated decisions: You have the right not to be subject to a decision based solely on automated processing that produces legal effects about you or affects you in a similar way in a significant way unless it is necessary to enter into a contract with you, that is authorized by law or that you have given your express consent.

Please note that these rights are not absolute: they do not apply systematically. We will let you know in our correspondence if we will be able to comply with your request.

If you would like to exercise your rights, please contact Taliaz’s Data Protection Officer at [email protected]. We will ask you to confirm your identity if necessary and provide us with information that will help us better understand your request. If we are unable to meet your request, we’ll explain why.

How to contact us

If you have any questions about this policy or would like to talk to us about how we handle your personal data, please email our data security manager at [email protected]. If you live in Europe, please email our Data Protection Officer at [email protected].

You are also entitled to file a complaint with your country’s data protection authority at any time. The contact details of Member States’ data protection authorities can be found on the following website: https://ec.europa.eu/justice/article-29/structure/data-protection-authorities/index_en.htm

Cookie	Duration	Description
__hssrc	session	This cookie is set by Hubspot whenever it changes the session cookie. The __hssrc cookie set to 1 indicates that the user has restarted the browser, and if the cookie does not exist, it is assumed to be a new session.
cookielawinfo-checkbox-advertisement	1 year	Set by the GDPR Cookie Consent plugin, this cookie is used to record the user consent for the cookies in the "Advertisement" category .
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
qtrans_front_language	1 year	This cookie is set by qTranslate WordPress plugin. The cookie is used to manage the preferred language of the visitor.
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.

Cookie	Duration	Description
__cf_bm	30 minutes	This cookie, set by Cloudflare, is used to support Cloudflare Bot Management.
__hssc	30 minutes	HubSpot sets this cookie to keep track of sessions and to determine if HubSpot should increment the session number and timestamps in the __hstc cookie.

Cookie	Duration	Description
__hstc	1 year 24 days	This is the main cookie set by Hubspot, for tracking visitors. It contains the domain, initial timestamp (first visit), last timestamp (last visit), current timestamp (this visit), and session number (increments for each subsequent session).
_ga	2 years	The _ga cookie, installed by Google Analytics, calculates visitor, session and campaign data and also keeps track of site usage for the site's analytics report. The cookie stores information anonymously and assigns a randomly generated number to recognize unique visitors.
_ga_F24LPSK9B0	2 years	This cookie is installed by Google Analytics.
_gat_UA-206487599-1	1 minute	A variation of the _gat cookie set by Google Analytics and Google Tag Manager to allow website owners to track visitor behaviour and measure site performance. The pattern element in the name contains the unique identity number of the account or website it relates to.
_gcl_au	3 months	Provided by Google Tag Manager to experiment advertisement efficiency of websites using their services.
_gid	1 day	Installed by Google Analytics, _gid cookie stores information on how visitors use a website, while also creating an analytics report of the website's performance. Some of the data that are collected include the number of visitors, their source, and the pages they visit anonymously.
CONSENT	16 years 3 months 1 day 13 hours	YouTube sets this cookie via embedded youtube-videos and registers anonymous statistical data.
hubspotutk	1 year 24 days	This cookie is used by HubSpot to keep track of the visitors to the website. This cookie is passed to Hubspot on form submission and used when deduplicating contacts.

Cookie	Duration	Description
IDE	1 year 24 days	Google DoubleClick IDE cookies are used to store information about how the user uses the website to present them with relevant ads and according to the user profile.
test_cookie	15 minutes	The test_cookie is set by doubleclick.net and is used to determine if the user's browser supports cookies.
VISITOR_INFO1_LIVE	5 months 27 days	A cookie set by YouTube to measure bandwidth that determines whether the user gets the new or old player interface.
YSC	session	YSC cookie is set by Youtube and is used to track the views of embedded videos on Youtube pages.
yt-remote-connected-devices	never	YouTube sets this cookie to store the video preferences of the user using embedded YouTube video.
yt-remote-device-id	never	YouTube sets this cookie to store the video preferences of the user using embedded YouTube video.
yt.innertube::nextId	never	This cookie, set by YouTube, registers a unique ID to store data on what videos from YouTube the user has seen.
yt.innertube::requests	never	This cookie, set by YouTube, registers a unique ID to store data on what videos from YouTube the user has seen.

Cookie	Duration	Description
_ce.gtld	session	No description
_ce.s	1 year	No description