更新日期:2021年11月1日
生效日期:2021年11月1日
瑞影云++(以下简称云++)是深圳迈瑞生物医疗电子股份有限公司开发的一款面向医生群体的专用社交产品,为说明云++会如何收集、使用和存储您的个人信息,以及您享有何种权利,我们将通过本政策向您阐述相关事宜,概述如下:
a)、我们深知个人信息对您的重要性,并会尽全力保护您的个人信息安全可靠。我们致力于维持您对我们的信任,恪守以下原则,保护您的个人信息:权责一致原则、目的明确原则、选择同意原则、最少够用原则、确保安全原则、主体参与原则、公开透明原则等。同时,我们将按业界成熟的安全标准,采取相应的安全保护措施来保护您的个人信息。请在使用我们的产品(或服务)前,仔细阅读并了解本《个人信息保护政策》
b)、我们将逐一说明我们收集的您的个人信息类型及其对应的用途,以便您了解我们针对某一特定功能所收集的具体个人信息的类别、使用理由及收集方式。
c)、当您使用一些功能时,我们会在获得您的同意后,收集您或者您的病人的一些敏感信息,例如您在使用推荐通讯录朋友功能时我们会收集您的手机联系人信息,您在使用病例咨询功能时我们会收集您上传的病例中病人的病例信息。除非按照相关法律法规要求必须收集,拒绝提供这些信息仅会使您无法使用相关特定功能,但不影响您正常使用云++的其他功能。
d)、目前,云++不会主动共享或转让您的个人信息至深圳迈瑞生物医疗电子股份有限公司外的第三方,如存在其他共享或转让您的个人信息或您需要我们将您的个人信息共享或转让至深圳迈瑞生物医疗电子股份有限公司外的第三方情形时,我们会直接征得或确认第三方征得您对上述行为的明示同意,但因保护用户权益或保护云++生态安全需要除外。此外,我们会对对外提供信息的行为进行风险评估。
e)、目前,云++不会主动从深圳迈瑞生物医疗电子股份有限公司外的第三方获取您的个人信息。如未来为业务发展需要从第三方间接获取您的个人信息,我们会在获取前向您明示您个人信息的来源、类型及使用范围,如云++开展业务需进行的个人信息处理活动超出您原本向第三方提供个人信息时的授权同意范围,我们将在处理您的该等个人信息前,征得您的明示同意;此外,我们也将会严格遵守相关法律法规的规定,并要求第三方保障其提供的信息的合法性。
f)、您可以通过本指引所列途径访问、更正、删除您的个人信息,也可以撤回同意、注销账号,以及投诉和举报。
g)、为了在本指引下收集您的信息,或者向您提供服务、优化我们的服务以及保障您的帐号安全,我们将需要向您索取相关的权限;其中的敏感权限例如通讯录、精确地理位置、摄像头、麦克风、相册等均不会默认开启,只有在您明确同意后才会向我们授权。
需要特别说明的是,获得敏感权限是我们收集特定信息的必要而非充分条件。我们获得具体某一项敏感权限并不代表我们必然会收集您的相关信息;即使我们已经获得敏感权限,也仅在必要时、根据本指引来收集您的相关信息。如您想要了解更加详尽的信息,请根据如下索引阅读相关章节:
一、个人信息收集规则
二、信息的存储
三、信息安全
四、个人信息的使用规则
五、您的权利
六、我们如何处理儿童的个人信息
七、您的个人信息如何在全球范围转移
八、本政策如何更新
九、其他
十、联系我们
在您使用云++时,我们会按照如下方式收集您在使用服务时主动提供或因使用服务而产生的信息,用于向您提供服务、优化我们的服务,以及保障您的账号安全。
1.1、当您注册云++时,我们会收集您的昵称、头像、手机号码,收集这些新是为了完成用户注册,保护您的账号安全。手机号码属于敏感信息,收集此类信息是为了满足相关法律法规关于网络实名制的要求。如您拒绝提供此类信息,您将无法完成注册,我们亦无法向您提供服务。您还可以自行决定是否填写性别,工作医院等信息。
1.2、在使用云++时,为了保障您能正常的使用我们的服务,维护服务的正常运行及优化服务体验,保障您的账号安全等,我们会收集您设备的型号,操作系统,设备识别码等信息,这些信息是保障云++服务质量的基础信息。
1.3、当您使用聊天功能时,您发送的文字、照片、视频、文件、语音等信息会存储在我们的服务器中,因为存储过程是我们实现这一功能所必须的。我们会保证所存储信息的安全性,若我们使用第三方服务来存储您的信息,我们亦会要求第三方出具能保证数据安全的相关认证及资质,且第三方存储服务商不可接触或读取您的信息。
1.4、当您使用病例咨询功能时,您发送的病例信息会存储在我们的服务器中,因为存储过程是我们实现这一功能所必须的。我们会保证所存储信息的安全性,若我们使用第三方服务来存储您的信息,我们亦会要求第三方出具能保证数据安全的相关认证及资质,且第三方存储服务商不可接触或读取您的信息。
1.5、当您使用实时会诊功能时,我们可能会使用您的摄像头来完成实时会诊功能。当您在使用实时会诊功能的过程中打开了存储功能,那您的整个会诊过程包括语音和视频会保存在我们的服务器中,我们会保证所存储信息的安全性,若我们使用第三方服务来存储您的信息,我们亦会要求第三方出具能保证数据安全的相关认证及资质,且第三方存储服务商不可接触或读取您的信息。
1.6、当您对病例图像发布批注或评论时,您的批注或评论会存储在我们的服务器中,因为存储过程是我们实现这一功能所必须的。我们会保证所存储信息的安全性,若我们使用第三方服务来存储您的信息,我们亦会要求第三方出具能保证数据安全的相关认证及资质,且第三方存储服务商不可接触或读取您的信息。
1、存储地点:根据法规要求,我们将境内收集到的用户个人信息存储于中国境内。
2、存储期限:我们仅在保证实现服务功能所需的前提下保留您的个人信息。例如手机号码,如果您注销了云++账号,我们将删除您的个人信息,包括手机号码。
1、我们努力为用户的信息安全提供保障,以防止信息的丢失、不当使用、未经授权访问或披露。
2、我们将在合理的安全水平内使用各种安全保护措施以保障信息的安全。例如,我们会使用加密技术(例如,SSL)、匿名化处理等手段来保护您的个人信息。
3、我们通过不断提升的技术手段加强安装在您设备端的软件的安全能力,以防止您的个人信息泄露。例如,我们为了安全传输会在您设备本地完成部分信息加密的工作;为了预防病毒、木马程序或其他恶意程序、网站,我们可能会了解您设备安装的应用信息、正在运行的进程信息或设备内存中寄存的数据;为了预防诈骗、盗号、仿冒他人等不法行为和进行安全检查可能会分析利用唯一设备标识符、登录IP地址、操作日志、地理位置信息等数据,以便于采取安全措施或进行安全提醒等。
4、我们建立专门的管理制度、流程和组织以保障信息的安全。例如,我们严格限制访问信息的人员范围,要求他们遵守保密义务,并进行审计。
5、若发生个人信息泄露等安全事件,我们会启动应急预案,阻止安全事件扩大,并以推送通知、公告等形式告知您。
6、目前,云++已完成国家网络安全等级保护(三级)备案,预计2021年底可以通过测评,拿到等保认证。此外,迈瑞公司在信息安全方面已通过了ISO/IEC 27001、ISO/IEC 27701 等权威认证。
7、我们会尽力保护您的个人信息。我们也请您理解,任何安全措施都无法做到无懈可击。
我们不会将您的个人信息用于保障产品服务正常进行之外的任何用途。为了确保服务安全,帮助我们更好的提升云++应用程序的稳定,我们可能记录您应用程序的使用频率、崩溃数据、性能数据等信息。我们不会将这些信息与您的个人信息做任何关联。如果我们使用了您的个人信息,超出了前文信息收集章节里所声称的目的时,我们将在使用之前,再次告知您并征得您的明示同意。另外,根据相关法律法规及国家标准,以下情形中,我们可能会共享、转让、公开披露个人信息无需事先征得个人信息主体的授权同意:
a)、与我们履行法律法规规定的义务相关的 ;
b)、与国家安全、国防安全直接相关的;
c)、与公共安全、公共卫生、重大公共利益直接相关的;
d)、与刑事侦查、起诉、审判和判决执行等直接相关的;
e)、出于维护个人信息主体或其他个人的生命、财产等重大合法权益但又很难得到本人授权同意的;
f)、个人信息主体自行向社会公众公开的个人信息;
g)、从合法公开披露的信息中收集个人信息的,如合法的新闻报道、政府信息公开等渠道。
5.1、访问个人信息
5.2、编辑个人信息
5.3、删除个人信息
5.4、撤回授权
5.5、注销账号
5.6、投诉举报
我们非常重视对未成年人个人信息的保护。由于我们是针对医生群体的专用社交平台,因此只对18周岁以上成年人开放注册和使用。对于被提交到平台里的病例信息,如涉及了14周岁以下的儿童病例,我们将采取更严格的个人隐私保护政策。例如默认隐去儿童病例的姓名、年龄、身高、性别等信息,如用户(医生)需要查阅,需额外申请,且系统会记录下这次查看动作。
随着我们业务的持续发展,我们有可能进行合并、收购、资产转让等交易,我们将对您进行告知,并按照法律法规及本政策所要求的标准继续保护或要求新的数据控制者继续保护您的个人信息。
我们可能会适时对本指引进行修订。当指引的条款发生变更时,我们会在您登录及版本更新时以推送通知、弹窗或其他适当形式向您展示变更后的指引。
本政策是专门针对瑞影云++系统的隐私条款,如与迈瑞公司统一的一般性用户权利及信息安全保障措施存在不一致或矛盾之处,请以本政策为准。
当您有其他的投诉、建议、未成年人个人信息相关问题时,请通过https://consult.mindray.com/kf/与我们联系。您也可以将您的问题发送至Dataprivacy@mindray.com或寄到如下地址:
中国广东省深圳市南山区高新技术园区迈瑞大厦 法务部 数据及隐私保护中心(收)
邮编:518057
我们将尽快审核所涉问题,并在验证您的用户身份后的十五天内予以回复。
深圳迈瑞生物医疗电子股份有限公司
2021-11-1
Update date: November 1, 2021
Effective date: November 1, 2021
MiCo+ is a social platform specified for doctors, which is developed by Shenzhen Mindray Bio-Medical Electronics Co., Ltd. This policy will illustrate relevant matters related to the collection, usage, and storage of your personal information by MiCo+ and your rights. The illustration is as follows:
a) We understand that personal information is important to you and we will do our best to protect the security and reliability of your personal information. We are committed to maintaining your trust in us. We adhere to the following principles to protect your personal information: balancing rights with responsibilities, clear purpose, consent, minimum necessary, security, participation of personal information subject, and transparency. In addition, we will take appropriate security protection measures to protect your personal information according to the mature security standards of the industry. Please read and understand this Personal Information Protection Policy thoroughly before using our products (or services).
b) We will illustrate the types of personal information collected by us and their corresponding uses, so that you can understand the types, reasons and collection methods for using specific personal information.
c) When you use some functions, we will collect some sensitive information about you or your patient after obtaining your consent. For example, when you use the recommended contacts function, we will collect information about your mobile phone contacts. When you use the case consultation function, we will collect the case information from your uploaded cases. Unless some information are not allowed to collect according to relevant laws and regulations, otherwise, refusing to provide the information will only make you unable to use relevant specific functions. But you can use other functions in MiCo+.
d) Currently, MiCo+ does not share or transfer your personal information to a third party beyond Shenzhen Mindray Bio-Medical Electronics Co., Ltd. If there is a situation in which we need to share or transfer your personal information or you ask us to share or transfer your personal information to a third party beyond Shenzhen Mindray Bio-Medical Electronics Co., Ltd., we will directly ask for your explicit consent or we will confirm that the third party obtains your explicit consent for the above behaviors, except for protecting user rights or protecting the ecological security of MiCo+. Moreover, we will perform risk assessments when we provide information to a third party.
e) Currently, MiCo+ does not obtain your personal information from any third party beyond Shenzhen Mindray Bio-Medical Electronics Co., Ltd. In the future, if we need to obtain your personal information indirectly from a third party for business development, we will indicate to you the source, type, and application scope of your personal information before obtaining the information. If the personal information processing activities required by MiCo+ for conducting business are beyond the scope of authorization provided to a third party, we will ask for your explicit consent before processing such personal information. Furthermore, we will strictly comply with relevant laws and regulations and ask third parties to guarantee the legality of information provided by them.
f) You can access, correct and delete your personal information according to the ways listed in this guide. Also, you can withdraw your consent, close your account, and make complaints and report.
g) We need to ask for your permissions in relevant activities in order to collect your information under this guide, or to provide you with services, optimize our services and ensure the security of your account. Sensitive permissions such as storage, camera, microphone, and photo album will not be enabled by default. We are authorized with permissions only if you explicitly agree to enable these permissions.
In particular, obtaining sensitive permission is a necessary rather than sufficient condition for collecting specific information. If we have obtained a sensitive permission for a specific item, it does not mean that we will collect relevant information about you. Even if we have obtained sensitive permissions, we collect your relevant information according to this guideline when necessary.For more detailed information, please read relevant chapters according to the following index:
1.Personal Information Collection Rules
2.Information Storage
3.Information Security
4.Personal Information Usage Rules
5.User’s Rights
6.Handling of Children's Personal Information
7.Global Transfer of User’s Personal Information
8.Policy Update
9.Others
10.Contact Us
When you use MiCo+, we will collect the information which is provided by you or which is generated by using services in following ways so as to provide services to you, optimize our services, and safeguard your account security.
1.1 When you register an account in MiCo+, we will collect your nickname, photo profile, and mobile phone number to complete user registration and protect your account security. The mobile phone number belongs to sensitive information, which is collected to meet the requirements of relevant laws and regulations for the real name system on the Internet. If you refuse to provide such information, you will fail to register an account. As a result, we cannot provide services to you. You can decide whether to fill in information such as gender and hospital.
1.2 When you use MiCo+, we will collect information such as device model, operating system, and device identification code to ensure normal use of service, maintain normal running of services, optimize service experience, and ensure account security. These are basic information for ensuring the service quality of MiCo+.
1.3 When you use the chat function, the text, photos, videos, files, voice and other information that you have sent will be stored in our server, since this is indispensable to this function. We will ensure the security of the stored information. If we use a third-party service to store your information, we will also require the third party to issue relevant certifications and qualifications to ensure data security. The third-party storage service provider cannot access or read your information.
1.4 When you use the case consultation function, the case information that you have sent will be stored in our server, since this is indispensable to this function. We will ensure the security of the stored information. If we use a third-party service to store your information, we will also require the third party to issue relevant certifications and qualifications to ensure data security. The third-party storage service provider cannot access or read your information.
1.5 When you use the real-time consultation function, we may use your camera to complete this function. If you enable the storage function when using real-time consultation, the voice and videos of the entire consultation process will be stored in our server. We will ensure the security of the stored information. If we use a third-party service to store your information, we will also require the third party to issue relevant certifications and qualifications to ensure data security. The third-party storage service provider cannot access or read your information.
1.6 When you write comments on case images, your comments will be stored in our server, since this is indispensable to this function. We will ensure the security of the stored information. If we use a third-party service to store your information, we will also require the third party to issue relevant certifications and qualifications to ensure data security. The third-party storage service provider cannot access or read your information.
2.1 Storage PlaceAccording to the laws and regulations, user’s personal information collected domestically will be stored in China.
2.2 Storage PeriodWe reserve your personal information only on the premise of realizing service functions. For example, if you cancel your account in MiCo+, we will delete your personal information, including the mobile phone number.
3.1 We strive to safeguard user’s information security so as to prevent information loss, improper use, unauthorized access or disclosure.
3.2 We will use various security protection measures to ensure the information security within a reasonable level. For example, we will use encryption technology (such as SSL) and anonymization to protect your personal information.
3.3 We will strengthen software security of your device by continuously improving technology so as to prevent personal information disclosure. For example, we will encrypt some information locally on your device for secure transmission.
3.4 We establish special management systems, management process, and management organizations to ensure information security. For example, we strictly control the personnel scope for information access., and we require these personnel to comply with confidentiality obligations, and audit them.
3.5 If security events such as personal information disclosure occur, we will initiate emergency plans to prevent further development of security events and notify you by sending notice or announcement.
3.6 Currently, MiCo+ has completed national network security level protection (Level 3) registration. It is expected that MiCo+ can pass the evaluation and obtain security level certification by the end of 2021. In addition, Mindray has passed authoritative certification of ISO/IEC 27001 and ISO/IEC 27701 in information security.
3.7 We will try our best to protect your personal information. We also ask for your understanding that no security measures are impeccable.
Your personal information will only be used for the normal operation of product service and it will not be used for other purpose.To ensure service security and help us better improve the stability of MiCo+, we may record the usage frequency, crash data, performance data, and other information. We will not associate these information with your personal information. If we want to use your personal information beyond the purpose stated in the previous section, we will inform you again and obtain your explicit consent before using it.In addition, according to relevant laws and regulations, as well as national standards, we may share, transfer, and publicly disclose personal information without obtaining prior authorization from personal data subject in the following situation:
a) Situations related to our performance of obligations stipulated by laws and regulations;
b) Situations directly related to national security and national defense security;
c) Situations directly related to public security, public health, and major public interests;
d) Situations directly related to criminal investigation, prosecution, trial, and execution of judgment;
e) Situations related to protect personal data subject or significant legal rights and interests such as other’s lives and property in which it is difficult to obtain user’s consent;
f) Personal data subject self-discloses personal information;
g) Situations related to collect personal information from legally disclosed information, such as legal news reports and government information.
5.1 Access Personal Information
5.2 Edit Personal Information
5.3 Delete Personal Information
5.4 Withdraw Authorization
5.5 Close Account
5.6 Complaints and Reports
We attach great importance to protect personal information of minors.Since MiCo+ is a social platform specified for doctors, it is only applicable to adults above 18 years old for registration and use.If the case information summited in the platform involves patients who are under 14 years old, we will adopt a more strict privacy policy. For example, the name, age, height, and gender of a child case are hidden by default. If the user (doctor) needs to check the case, an additional request is required and the system records this check operation.
With the continuous development of our business, we may carry out business combination, acquisition and asset transfer. We will inform you of such changes and continue to protect your personal information according to the standards required by laws and regulations or required the new data controller to protect your personal information.
We may revise this guidance as appropriate. If the guidance content is revised, we will present the revised guidance to you by sending notification, pop-up window or other appropriate forms when you log in MiCo+ or update the version.
This privacy policy is specified for MiCo+. If there is inconsistency or conflicts between this policy and the general user rights and information security protection measures of Mindray, please refer to this policy.
If you have other complaints, suggestions, or questions related to personal information of minors, please go to the websitehttps://consult.mindray.com/kf/to contact us. Also, you can send your questions to the e-mail Dataprivacy@mindray.com or mail it to the following address:
Data and Privacy Protection Center of Legal Department, Mindray Building, Hi-tech Industrial Park, Nanshan, Shenzhen, Guangdong Province, People’s Republic of China.
Postal code: 518057
We will review the questions as soon as possible and give you response within fifteen days after verifying your user identity.
Shenzhen Mindray Bio-Medical Electronics Co., Ltd.
November, 1, 2021