Privacy Policy

Thank you for your interest in the Zero Bleeds platform made available as a piece of software (the “Software”). This Software is owned by Baxalta US Inc. with address at 1200 Lakeside Drive, Bannockburn, Illinois, 60015 USA, United States of America (“Shire”), and operated by Shire and/or ENSO Studios Pty Ltd with the address 4 Kyabra Street, Newstead, Queensland 4006, Australia or other service provider as listed on the Zero Bleeds website https://zerobleeds.com.sg) (hereinafter: “Service Provider”, “our” or “us”), and is provided to you on behalf of your hospital or other healthcare establishment ("Establishment"); your Establishment is responsible for any information entered into the Software.

The Software assists healthcare professionals (“Users” or "You") in monitoring patient bleed incidents, medication infusions and treatment regime. The Software provides a mobile app and web interface for patients to record their treatment information and share these with the Establishment. In order to use the Software, each User needs to set up a personal account. Users can log-in to his/her account by using an assigned User ID and password.

Shire, with the address referred to above, is the data controller of the User's personal data including Personal Information (defined below) collected through a User's registration for and use of the Software, and stored and processed in a data file notified, if applicable, with the competent Data Protection Agency.

Before using the Software, You should read this entire Privacy Policy which governs the collection, storage, security, access, use and disclosure of any User Personal Information and Patient Information. You will be required to indicate your free, express and informed acceptance of the Acceptance Statement, Terms of Use and Privacy Policy prior to accessing the Software. If the Terms of Use or the Privacy Policy are not acceptable to You, do not use and/or submit any User Personal Information or Patient Information (each, as defined herein) via this Software. However, in this case you may not be able to enjoy all or any of the functions and services provided on the Software.

Scope

Please be aware that this Privacy Policy applies to the Software. Within this Software, you may see links or references to other websites, which are not covered by this Privacy Policy and are likely to have different information practices. In order to understand the information practices of other websites, please read the privacy policy of each website You visit. These references and links are provided for your convenience; they should not be construed as an endorsement of such sites, their content, or their information practices. You are solely responsible for any interactions You may have with such websites.

Overview of Information we Collect and How we Use It

Use of the Software requires the User to enter the following information about himself/herself: (i) first, middle (optional) and last name; (ii) salutation; (iii) email; and (iv) phone number. This information is collectively referred to herein as “User Personal Information.”

Use of the Software also requires patients to share their personal and treatment information (“Patient Information”). Specifically, the patient may opt to share (i) first name; (ii) middle name (optional); (iii) last name; (iv) email; (v) phone number; (vi) bleed related information (time, date, site of bleed, image of bleed, severity of pain etc.); (vii) infusion/treatment related infusion (time, date, product used, dose administered, product information such as lot number, etc.); and (vii) schedule and treatment regime and goals (schedule for infusions, Annual Bleed Rate, etc.). The requirements for the above data may vary by country (depending on which country the User accessing the Software is established) but shall not exceed the above listed information. Shire obtains patient consents for Patient Information through the Software. Patients may also opt through the Software to share their Patient Information with the Establishment.

Information submitted by Users, including User Personal Information and Patient Information, is processed when using the Software. Additional information (e.g., website analytics which report aggregate statistics about what parts of our Software are most popular) may also be collected through the use of cookies.

How Information is Collected

We may collect information from Users in two ways: actively and passively. Active information collection refers to instances in which we gather information from You when You fill it in, such as by completing the registration form with User Personal Information to set up a User account. Passive information collection refers to instances in which information is collected from You that You have not actively provided (please see the next section of this Privacy Policy for a summary of our passive information collection practices).

Active Information Collection

At certain information collection points, You will be asked or have the possibility to provide User Personal Information or certain Patient Information as described herein. By providing such Patient Information, You are confirming that You will use such Patient Information in compliance with applicable law. By providing such User Personal Information, You are confirming that (a) You have consented to the Acceptance Statement in compliance with applicable law; and (b) such Acceptance Statement shall be consistent with the form and content of the sample authorization that SHIRE makes available to your Establishment upon Establishment registration.

User Personal Information is collected by at the following information collection points:

  • User Profiles: User Personal Information is collected through a User's registration form and use of the Software or through the Practice Administrator's request for a User to access the Software. For this purpose, the following information regarding each User needs to be provided: (i) first, middle (optional) and last name; (ii) salutation; (iii) email; and (iv) phone number.
  • Patient Information is collected at the following information collection points:
  • Patient Profiles: Patients who choose to participate in the use of the Software can create profiles containing personal information and share their treatment data with the Establishment. For this purpose, the following information needs to be provided by the patient: (i) first name; (ii) middle name (optional); (iii) last name; (iv) date of birth; (v) email; (vi) phone number; (vii) body weight; (viii) bleed and infusion related information, including but not limited to, site of bleed/infusion, date and time of bleed/treatment, images, product and dosage information).
    The requirements for the above data may vary by country (depending on which country the User accessing the Software is established) but shall not exceed the above listed information.

Passive Information Collection: Cookies

We may use special technologies or cookies to passively collect information while You are visiting and running our Software (that is, You do not actively provide this information). Cookies allow, among other, to collect, store and retrieve certain kinds of information on User's browsing habits or its computer or device and, depending on the information they contain as well as on the use of such computer or device, may be used in order to recognize the User (i.e. including your Internet domain name, the type of Web browser You use, the operating system You use, the date and time You access and use the Software, the specific pages You visit on the Software, and address of the website You visited prior to entering this Software). This Software uses cookies either temporarily in connection with your Internet Protocol (IP) address (known as a temporary or session cookie, and deleted once You clear your browser cache). For more information on the Shire Corporate Policy on usage of cookies please follow this link https://www.shire.com/legal-notice/cookies

For additional information on cookies, we recommend clicking on the following http://www.allaboutcookies.org/manage-cookies/index.html.

Internet Protocol (IP) Addresses

Your use of the Software indicates your consent to the viewing and collection of the Internet protocol (IP) addresses (including date and time) of the devices You use to utilize the Software. IP addresses are unique identifiers automatically assigned to each electronic device when logging onto the Internet. IP addresses allow us to identify your individual computer network and enable us to collect much of the same information we collect through cookies, including browser-type, what pages You visit, and how long You stay on the Software. In general, IP addresses allow us to provide basic functionality, identify problems with our servers, and improve the functions of this Software.

Users may allow, block or remove cookies installed on their computer or device by changing the configuration of the used browser. For information on how to manage your cookies please see https://www.shire.com/legal-notice/cookies

Purposes of collection, use and disclosure:

The User Personal Information and Patient Information that is collected by and from You when using this Software will be used and disclosed only in accordance with this Privacy Policy, as specifically disclosed to You at the time You provide the information or as otherwise authorized by You or where required by applicable law.

If the Software malfunctions, Shire will likely need to access Users' personal data in order to assess and fix the fault. SHIRE's use of Users' personal data is always associated with use of the Software. It is necessary for SHIRE's legitimate interests to use Users' personal data in order for SHIRE to support the provision of the Software to your Establishment and this use shall not jeopardize the fundamental rights and freedoms of individuals.

The Patient Information collected is processed, used and disclosed as indicated in the patient consent form and at the request of the Establishment.

How we share data with third parties

Except as specified and only when permitted by applicable law, neither User Personal Information nor Patient Information will be sold, leased, transferred, transmitted, shared, or otherwise accessed by or to any third parties other than to third parties who process User Personal Information and Patient Information to provide technical support services or, at the request of the Establishments, to processors on which SHIRE relies to perform certain aspects of these processing activities and to affiliates of the SHIRE Group. In addition, SHIRE may disclose such information where necessary to successors in title, to facilitate a merger, consolidation, transfer of control or other corporate reorganization in which SHIRE participates; to respond to appropriate requests of legitimate government authorities, or where required by applicable laws, court orders, or government regulations; or where needed for corporate audits or to investigate or respond to a complaint or security threat.

International Data Transfers

Information may be disclosed, stored and processed in any country where SHIRE has established operations including where SHIRE may engage service providers. This may involve overseas transfers, disclosures or transmissions of your User Personal Information to countries which do not have data protection or privacy laws considered to be equivalent to those under your applicable local law. Further information about the countries and service providers where data is transferred or transmitted to can be found on the website associated with Zero Bleeds [Include URL]. Your data may therefore also be accessed by service providers who assist SHIRE in the resolution of purely technical issues. Where service providers are based outside of the country in which You reside in countries which do not have data protection or privacy laws considered to be equivalent to those under your applicable local law, such service providers are required by SHIRE to implement appropriate safeguards to ensure that your data is adequately protected. You may contact SHIRE should You wish to obtain a copy of the appropriate safeguards that are in place. SHIRE shall retain Users' personal data only for as long as the User is approved by the Establishment's Practice Administrator. Otherwise upon notification that they are not so approved, SHIRE shall securely delete or effectively de-identify Users' personal data.

Access to Information

Your User account information is accessible by using a password that You select. Each Practice Administrator is responsible for the access and maintenance of its own Establishment information, including User Personal Information and Patient Information, which can be accessed via your User ID.

Opting Out

All active information collection points indicate whether requested information is required or optional to ensure that only the information You want to provide is collected. We also attempt to tell You at the point of collection and in this Privacy Policy what the consequences will be (e.g., inability to access important functions of the Software) if You do not provide the required or optional information. When You submit User Personal Information and/or Patient Information via this Software, whether such information is required or optional, and click the consent box, you consent to its disclosure and use in accordance with this Privacy Policy and represent that You have obtained the signed Patient Consent Form from your patient as described herein. Furthermore, You acknowledge that SHIRE only processes this User Personal Information and Patient Information in accordance with this Privacy Policy, at the request of your Establishment, to assist the Establishment in appropriately dosing the Medication for its patients.

Data Security

We maintain reasonable and appropriate physical, electronic and procedural safeguards designed to protect User Personal Information and Patient Information. According to applicable law, SHIRE ensures that required local "basic level" security measures are implemented via the Software. While we work very hard to protect your privacy, no method of security is 100% effective, and, as far as permitted under applicable law, we cannot be responsible for the actions of those who may gain unauthorized access to your information. As far as permitted under applicable law, SHIRE makes no warranties, express, implied or otherwise, as to the ultimate effectiveness of its reasonable and appropriate safeguards.

Agents, contractors or other processors or sub-processors of SHIRE who administer the Software and have access to User Personal Information and/or Patient Information in connection with providing services for SHIRE are required to keep the information confidential and are not permitted to use this information for any other purpose than to carry out the services they are performing for SHIRE.

One way we protect User Personal Information and Patient Information is through User ID and password. This safety measure is only effective if You protect the secrecy of both your User ID and password. You acknowledge that You are solely responsible for any unauthorized use of the Software conducted via your personal User ID or password. If at any time You have reason to believe your User ID or password may have been compromised or subject to unauthorized use, contact us immediately.

We take other steps to secure User Personal Information and Patient Information against loss, unauthorized access, use, modification or disclosure and other misuse. For example, any User Personal Information and Patient Information You provide is sent by a secure link using encryption. Encryption is the translation of data into a secret code. To read an encrypted file, You must have the key that allows You to read it, so that even if someone were able to obtain the data, they would not be able to make sense of it.

THIS SOFTWARE IS ONLY INTENDED FOR USE BY LICENSED HEALTHCARE PROFESSIONALS AND PATIENTS.

Your rights of access, rectification, erasure, restriction and objection: You have the right to object to processing of User Personal Information and to request SHIRE to delete Your User Personal Information. If You choose to do so, You will no longer be able to use the Software. You also have the right to obtain access to the personal data we hold about You and to obtain a copy. You also have the right to require the rectification or erasure of data that is incorrect, incomplete, or outdated or to restrict the processing of your personal data. You also have the right to request to see evidence of your consent.

Contact Us / Enforcement of Privacy Policy / Data Privacy Rights If you have any questions, comments, concerns or complaints about this Privacy Policy including about how to exercise your rights of access, rectification, erasure and objection, or any questions about the information practices of this Software, please contact your Practice Administrator, who grants You access rights to the Software. You may also contact SHIRE at PrivacyConnect@shire.com. If required by law, SHIRE has appointed a local representative. Please see the Contact Us information on the website associated with Zero Bleeds for further information about how to contact the local representative.

If You are concerned about the use of your personal data, You have a right to complain to your local data protection authority.

We reserve the rights to amend, modify and/or replace all or part of this Privacy Policy. You will be informed of such an amendment, modification or replacement by a notice on the Software. You will be asked to agree to the amendment before you access the Software.

Zero Bleeds Singapore (en-GB)
© Shire 2017 | Terms of Use | Privacy Policy