Clinic Information Registration Form

§1. Introduction

1.1 Purpose

The purpose of this iWi Corporation Privacy Policy (this “Policy”) is to establish the uniform standards for the protection and handling of Personal Data in iWi Corporation. iWi Corporation recognizes the importance of having effective personal data protections in place and is committed to compliance with applicable data privacy laws, regulations, internal policies and procedures. These protections form the foundation of a trustworthy company and are necessary to maintain the confidence of patients, healthcare professionals, business partners and Executives and Employees and ensure the company’s own compliance with such applicable laws and regulations. This Policy is based on globally accepted, basic principles on personal data protection.

1.2 Scope

This Policy applies worldwide to all Executives and Employees and companies of iWi Corporation. Data that has been anonymized in accordance with standards under applicable laws or regulations does not constitute Personal Data under this Policy.

1.3 Compliance with Applicable Laws and Regulations

iWi Corporation is responsible for compliance with this Policy. Where this Policy conflicts with applicable laws, regulations, industry codes and/or regional/local policies and procedures (to the extent that these exist), the most restrictive requirements shall prevail.

§2. Definitions

Executives and Employees

Executives, directors, officers, employees, temporary workers (whether full-time or part-time), and any individual hired or contracted by iWi Corporation

Personal Data

Any information that can directly or indirectly identify a specific individual. Examples of Personal Data include, without limitation, both directly identifiable information such as a name, identification number or unique job title, and indirectly identifiable information such as date of birth, unique mobile or wearable device identifier, telephone number, key-coded data or online identifiers (e.g. IP addresses) linked to a specific individual.

Processing Processed

Any operation performed on Personal Data, with or without the use of automated systems, including, without limitation, collection, recording, organization, storage, adaptation, alteration, retrieval, consultation, use, evaluation, analysis, reporting, sharing, disclosure, dissemination, transmission, making available, alignment, combination, blocking, deleting, erasure or destruction.

Sensitive Personal Data

Under various laws, Sensitive Personal Data is a specific category of Personal Data that, if lost, misused or accessed without authorization, has the potential to cause harm or embarrassment to an individual. Processing of Sensitive Personal Data requires enhanced protection measures. Categories of Sensitive Personal Data depends on applicable laws or regulations. The following is a non-exhaustive list of categories that may be considered to be Sensitive Personal Data under applicable laws or regulations: government issued ID numbers; financial data; payment card and account numbers; passwords; salary information; medical/health information; race, ethnicity and national origin; sexual orientation or activity; disability status; and religious or political beliefs; genetic or biometric data.

§3. Data Protection Principles

Personal Data will be Processed in a proper and professional manner, and in accordance with the following principles of data protection, regardless of the manner in which it is collected, Processed and stored.

• Transparency

  iWi Corporation will notify individuals at the time of collection of, or publish, the purposes for collecting and using their Personal Data, the identity of the entity collecting the Personal Data, as well as any third parties to whom the Personal Data may be disclosed, and where required by law, the choices and means that may be offered for limiting the use and disclosure of the information.

• Choice and Consent

  Where required by law, iWi Corporation must obtain consent from the relevant individual or give the individual the opportunity to choose whether their Personal Data is Processed, disclosed to third parties, or used for purposes other than originally intended. The type of consent or notice required will depend on the context and circumstances for the collection of Personal Data, its sensitivity, the individual’s reasonable expectations and any applicable legal requirements.

• Limitations on Collection

  iWi Corporation will ensure that Personal Data is collected for legitimate purposes under a lawful basis, and that collection is limited to the information necessary to carry out the stated purposes at the time of collection, or as otherwise allowed by applicable laws or regulations.

• Specification and Limitations on Use

  iWi Corporation will process Personal Data only in ways compatible with the purposes that are:

  • (i) Purpose of the following
    • To authenticate the identity of the customer when registering for or using the service and to manage the customer
    • For delivery, provision and after-sales service of products, etc. (3) For billing for products and services
    • To bill customers for products and services
    • To prevent and respond to fraud
    • To maintain and manage services
    • To research and analyze marketing data, and to consider and implement marketing measures
    • To provide, solicit, publicly announce, and otherwise consider and implement marketing of the Company's or third parties' products and services in accordance with the interests of customers based on analysis of their attributes and behavioral history in the Company's or third parties' media
    • To conduct campaigns, sweepstakes plans, and questionnaires
    • To improve products and services, and to plan, research and develop new products and services
    • To respond to inquiries and contact customers
    • To provide information to third parties in the manner described in this policy
  • (ii) subsequently authorized by the individual
  • (iii) permitted by applicable laws or regulations.
• Individual Access and Participation

  Where required by law, iWi Corporation will provide individuals with an opportunity to access and, where appropriate, to correct, amend, or delete the Personal Data retained by iWi Corporation, or to exercise any other rights provided by applicable laws or regulations.

• Data Quality

  iWi Corporation will take reasonable steps to ensure that Personal Data should be accurate, and if necessary, kept up to date so as to be accurate, complete and as current as necessary for the stated purposes of its use.

• Retention and Disposal

  iWi Corporation will retain Personal Data only for as long as necessary to fulfill the purposes, unless retention is required by law or the individual has consented. Once the Personal Data is no longer needed, it should be deleted according to applicable retention schedules and legal/regulatory requirements.

• Security Safeguards

  iWi Corporation will take all reasonable technical, managerial, administrative and physical security measures to ensure that Personal Data is protected against the risk of loss or unauthorized access, destruction, use, modification or disclosure.

• Transfer or Processing by Third Parties

  iWi Corporation will transfer Personal Data to a third party only if the relevant individual consents to such transfer or otherwise permitted by applicable laws or regulations. Where required by law, appropriate contractual safeguards must be in place before the transfer of Personal Data to ensure an adequate level of protection. If iWi Corporation is required by law to disclose Personal Data for legal or regulatory purposes, it will take reasonable steps to make such disclosures in a secure manner as permissible by law and to whom it is needed.

§4. Expectations for Handling Personal Data

Executives and Employees are expected to process and safeguard Personal Data as confidential information and to safeguard it against loss, misuse, and unauthorized access. Executives and Employees will only be permitted to access Personal Data as necessary to meet legitimate business needs within the scope of their role and assigned tasks. Executives and Employees are prohibited from using or accessing Personal Data outside of the scope of their employment at iWi Corporation, from disclosing it to unauthorized persons inside or outside the company, and from otherwise processing Personal Data in a manner inconsistent with this Policy.

Executives and Employees that process Personal Data are expected to follow applicable regional/local procedures to report suspicious activity or potential unauthorized access (such as a cyberattack or accidental is closure) related to Personal Data to the appropriate department.

iWi Corporation prohibits any form of retaliation for good faith reporting of any suspected violation of this Policy.