BnTx Privacy policy
Introduction
BnTx is designed by leading neurologists to enhance the process for injecting botulinum toxin with great precision and effectiveness. The Software includes surface anatomy, reporting and much more and is available to registered health care professionals for neurology, aesthetics, ophthalmology and dermatology. BnTx offers a state of the art, secure, injection and assessment software (the ‘Service’), and https://www.bntxinteract.com/.
As you use the Service and interact with the Website, BnTx collects and processes information from and about you in order to provide you with access to the Service, enhance your experience while using the Service, and interact with you. This Privacy Policy (the “Policy”) describes how BnTx collects, uses, and discloses information collected through the Service and Website, and what choices you have with respect to such information. The first section below explains which privacy terms are applicable to you depending on what type of user you are.
References to “BnTx” throughout the Policy mean the BnTx entity that acts as the data controller or data processor of your information, as explained in more detail below. If you do not agree with this Policy, do not access or use the Service, Website, or any other part of BnTx’ business.
If you have any questions about this Privacy Policy, please contact BnTx at: JustCo, Level 17, 175 Pitt St, NSW 2000, Australia or by emailing us at privacy@bntxinteract.com.
This Privacy Policy contains the following sections:
I. What Type of User am I and What Privacy Terms are Applicable to Me?
II. Privacy Terms for Subscribers
III. Privacy Terms for Site Visitors
IV. Third Party Links and Services
I. What Type of User am I and Which Privacy Terms Are Applicable to Me?
BnTx has two different types of users depending on the BnTx products used. Please see the bullets below to determine which type of user you are, and then click the internal link to visit the privacy terms applicable to you:
-
Subscribers. We call users who use the Service as part of any tier of a paid BnTx subscription plan “Subscribers.” The Service features and functionalities available to Subscribers are determined by the specific terms agreed to between BnTx and the health care clinic, or clinician (called the “Customer”) that entered into a separate agreement that governs delivery, access, and use of the Service (for purpose of this Policy, the “Customer Agreement”). The Customer controls its instance of the Service and is the data controller of the information collected through the Service about Subscribers, and BnTx is a data processor of such information. To go directly to the terms applicable to Subscribers, please click here.
-
Site Visitors. We call users of the Website “Site Visitors.” Site Visitors can be individuals who are simply browsing the Websites but who do not use the BnTx Service; or, Site Visitors can be Subscribers who visit the Website to seek additional information about BnTx. BnTx is the data controller of the information collected through the Website about Site Visitors. To go directly to the terms applicable to Site Visitors please click here.
II. Privacy Terms for Subscribers
Section II of this Policy applies only to Subscribers. If you are a Subscriber, the “Customer Agreement” governs the collection and processing of information collected from you through the Customer’s instance of the Service (e.g. a clinic, but for purposes of this Policy referred to as the “Workplace”), including all associated messages, attachments, files, tasks, conversations, and other content submitted through the Service (“Workplace Content”). In the event of a conflict between this Privacy Policy and the Customer Agreement, the Customer Agreement governs. Because the Customer controls the Workplace used by Subscribers.
If you have any questions about the Customer’s specific Workplace settings and privacy practices, please contact the Customer whose Workplace you use. If you are a Subscriber located in the European Union, please note that the Customer is the data controller with respect to the processing of your Workplace Content pursuant to the EU General Data Protection Regulation (“GDPR”). When processing Workplace Content of EU data subjects governed by the Customer Agreement, BnTx is the data processor, meaning that we collect and process such information solely on behalf of the Customer.
A. Overview
B. Collection and Use of Subscriber Information
This section explains the information we collect from Subscribers. We require Subscribers to provide us with information which is required to provide you with access to the Service, and other information may be collected automatically as you use the Service.
1. Workplace Content.
Workplace Content is collected, used, and shared by BnTx in accordance with the Customer’s instructions, including any applicable terms in the Customer Agreement, or as required by applicable law. The Customer, and not BnTx, determines its own, internal policies regarding storage, access, modification, deletion, sharing, and retention of Workplace Content which may apply to your use of the Service. For example, a Customer may provide or remove information from the BnTx platform, manage permissions, retention and export settings, transfer or assign teams, or share projects.
2. Account Information.
To set up your account, you or the Customer will provide us with basic information about you which may include your name, address, telephone number, email address, and password. You will then have the ability to provide optional profile information, such as a photograph or basic demographic data. If you submit payment information in connection with your use of the Service, we utilise a third party credit card payment processing company to collect payment information; including your credit card number, billing address, and phone number. In such circumstances, the third party service provider, and not BnTx, stores your payment information on our behalf.
3. Service Usage Information.
As you use the Service, we collect information about how you use and interact with the Service (“Service Usage Information”). Such information includes:
-
Device information – when you access the Service using a mobile device, we collect certain device information, including the type of device you are using, its operating system, and mobile network information, which may include your mobile phone number. We may also collect your MAC address and other unique device identifiers.
-
Log files – when you use the Service, our servers automatically record information in server log files. These log files may include information such as your web request, IP address, browser type and settings, referring/exit pages and URLs, number of clicks, date and time stamp information, language preferences, data from cookies and similar technologies, and other such information.
-
Location information – we collect and process general information about the location of the device from which you are accessing the Service (e.g. approximate geographic location inferred from an IP address).
-
Workplace Use Metadata – when you interact with the Service, metadata is generated that provides high-level (non-content) information about the way you work in your Workplace.
-
Other Information - You may provide us with information when you interact with us in other ways, such as when you submit requests or questions to us via forms or email (e.g. support forms, sales forms, user research participation forms); beta testing; and requests for customer support and technical assistance (collectively, “Other Information”).
C. How Does BnTx Use Subscriber Information?
This section explains how we use information collected from Subscribers.
1. Workplace Content.
We may view and use Workspace Content collected from and about Subscribers only as necessary:
-
To maintain, provide and improve the Service
-
To prevent or address technical or security issues and resolve support requests
-
To investigate when we have a good faith belief, or have received a complaint alleging, that such Workplace Content is in violation of the Customer Agreement or our Terms and Conditions
-
To comply with a valid legal subpoena, request, or other lawful process
-
As otherwise set forth in our Customer Agreement or as expressly permitted in writing by the Customer
2. Account Information, Service Usage Information, and Other Information.
We may use these categories of information collected from and about Subscribers to:
-
Maintain, provide, and improve the Service
-
Respond to your requests for information
-
Prevent or address technical or security issues and resolve support requests
-
Investigate in good faith alleged violations of our Terms and Conditions
-
Comply with a valid legal subpoena, request, or other lawful process
-
Help us better understand user interests and needs, and customize the Service for our users
-
Engage in analysis, research, and reports regarding use of the Service
-
Protect the Service and our users
-
Communicate with you via email and through the Service about important notices and updates regarding the Service, such as to inform you about changes in the Service, our service offerings, and important services-related notices, such as about security and fraud. Because these communications are an important part of the Service, you may not opt-out of them
-
In accordance with applicable legal obligations, communicate with you about promotions, offers, and news about BnTx. You can opt-out or unsubscribe from such communications.
-
Provide cross-device management of your account. For example, we may locate or try to locate the same unique users across multiple browsers or devices (such as smart phones or tablets), or work with service providers that do this, in order to save your preferences across devices and analyze usage of the Service. If you wish to opt-out of the ability of one of our service providers, Google Analytics, to locate you across devices in this way, you may install the Google Analytics Opt-out Browser Add-on by clicking here.
D. Sharing of Subscriber Information
In accordance with the applicable Customer Agreement, we may share the information we collect from Subscribers as follows:
-
Affiliates and Subsidiaries. We may share the information we collect within the BnTx family (such as INTERACT Technologies).
-
Service Providers. We may provide access to or share your information with select third parties that use the information only to perform services on our behalf. These third parties provide a variety of services to us, including without limitation sales, marketing, provision of content and features, analytics, data storage, security, fraud prevention, and other services.
-
Business Transactions. If the ownership of all or substantially all of our business changes, we may transfer your information to the new owner so that the Service can continue to operate. In such case, your information would remain subject to the promises and commitments contained in this Policy until such time as the acquiring party modifies it. If such transfer is subject to additional mandatory restrictions under applicable laws, BnTx will comply with such restrictions.
E. Aggregate De-Identified Data
We may aggregate and/or de-identify information collected through the Service so that such information can no longer be linked to you or your device (“Aggregate/De-Identified Information”). We may use Aggregate/De-Identified Information for any purpose, including without limitation for research and analytics, and may also share such data with any third parties, including partners, affiliates, services providers, and others.
F. Data Retention
We will retain your information for the period necessary to fulfil the purposes outlined in this Policy unless a longer retention period is required or permitted by law, or where the Customer Agreement requires or permits specific retention or deletion periods.
G. Data Subject Rights
Please contact your Workplace owner(s) or administrator(s) to exercise any data subject rights you have under applicable local laws, including your ability to access, delete, rectify, transfer, or object under the GDPR.
III. Privacy Terms for Site Visitors
A. Overview
This section applies only to Site Visitors. If you visit the Website, regardless of whether you are also a user of the Service, the following rules apply to you. To eliminate any confusion, please note that the terms in this section apply only to use of the Website, not to use of the Service. If you are a Site Visitor located in the European Union, BnTx is the data controller with respect to the processing of your personal data pursuant to the EU General Data Protection Regulation (“GDPR”).
1. Information Collected from Site Visitors
When you use the Websites, we collect the following information about you:
-
Contact Information – if you submit a request for information or a question through the Website, you may be asked to provide us with basic information including your name, email address, phone number, and postal address. We will also keep records of the communication, the question/request you raised, and how it was resolved.
-
Websites Usage Information – as you browse the Website, we and our service providers (which are third-party companies that work on our behalf to provide and enhance the Websites) use a variety of technologies, including cookies and similar tools, to assist in collecting information about how you use the Websites. For example, our servers automatically record certain information in server logs. These server logs may include information such as your web request, IP address, browser type and settings, referring/exit pages and URLs, number of clicks and how you interact with links on the Websites, domain names, landing pages, pages viewed, mobile carrier, mobile device identifiers and information about the device you are using to access the Website, date and time stamp information and other such information.
-
Location Information – We collect and process general information about the location of the device from which you are accessing the Service (e.g. approximate geographic location inferred from an IP address).
B. Collection and Use of Site Visitor Information
2. Cookies and Similar Technologies
To collect the Websites Usage Information discussed above, we and our service providers use Internet server logs, cookies, tags, SDKs, tracking pixels, and other similar tracking technologies. A web server log is a file where website activity is stored. An SDK is a section of code that we embed in our applications and software to allow third parties to collect information about how users interact with the Websites.
A cookie is a small text file that is placed on your computer or mobile device when you visit a site, that enables us to:
(i) recognize your computer and login session;
(ii) store your preferences and settings;
(iii) understand which pages of the Website you have visited;
(iv) enhance your user experience by delivering and measuring the effectiveness of content and advertising tailored to your interests;
(v) perform analytics; and
(vi) assist with security and administrative functions.
Tracking pixels (sometimes referred to as web beacons or clear GIFs) are tiny electronic tags with a unique identifier embedded in websites, online ads and/or email, and that are designed to provide usage information like ad impressions or clicks, email open rates, measure popularity of the Website and associated advertising, and to access user cookies.
As we adopt additional technologies, we may also gather information through other methods. Please note that you can change your settings to notify you when a cookie is being set or updated, or to block cookies altogether. Please consult the “Help” section of your browser for more information (e.g. Internet Explorer; Google Chrome; Mozilla Firefox; or Apple Safari).
3. Use of Information Collected from Site Visitors
We use the information collected from Site Visitors for a variety of purposes including to:
-
Maintain, provide, and improve the Websites and the Service
-
Respond to your requests for information
-
In accordance with applicable legal obligations, communicate with you about promotions, offers, and news about BnTx. You have the ability to unsubscribe from such promotional communications
-
Prevent or address technical or security issues
-
Investigate in good faith alleged violations of our Terms and Conditions
-
Help us better understand Site Visitor interests and needs
-
Engage in analysis and research regarding use of the Website and the Service.
C. Legal Bases
If you are located in the EU, please note that the legal bases under the GDPR for using the information we collect through your use of the Website as a Site Visitor are as follows:
-
Where use of your information is necessary to perform our obligations under a contract with you (for example, to comply with the Terms and Conditions, which you accept by browsing the Websites)
-
Where use of your information is necessary for our legitimate interests or the legitimate interests of others (for example, to provide security for our Website; operate our Website; prevent fraud, analyse use of and improve our Website, and for similar purposes)
-
Where use of your information is necessary to comply with a legal obligation
-
Where we have your consent to process data in a certain way
D. Aggregate/De-Identified Data
We may aggregate and/or de-identify information collected through the Website so that such information can no longer be linked to you or your device (“Aggregate/De-Identified Information”). We may use Aggregate/De-Identified Information for any purpose, including without limitation for research and marketing purposes, and may also share such data with any third parties, including advertisers, promotional partners, sponsors, event promoters, and/or others.
E. Website Analytics and Advertising
1. Website Analytics.
We may use third-party web analytics services on our Websites to collect and analyze usage information through cookies and similar tools; engage in auditing, research, or reporting; and provide certain features to you. To prevent Google Analytics from using your information for analytics, you may install the Google Analytics Opt-out Browser Add-on by clicking here.
2. Online Advertising.
The Website may integrate third-party advertising technologies that allow for the delivery of relevant content and advertising on the Websites, as well as on other websites you visit. The ads may be based on various factors such as the content of the page you are visiting, information you enter such as your age and gender, your searches, demographic data, and other information we collect from you. These ads may be based on your current activity or your activity over time and across other websites and online services and may be tailored to your interests.
Third parties, whose products or services are accessible or advertised via the Website, may also place cookies or other tracking technologies on your computer, mobile phone, or other device to collect information about you as discussed above. We also allow other third parties (e.g. ad networks and ad servers such as Google Analytics, DoubleClick and others) to serve tailored ads to you on our Websites and other websites and to access their own cookies or other tracking technologies on your computer, mobile phone, or other device you use to access the Websites. We sometimes provide Site Visitor information (such as email addresses) to service providers, who may “match” this information in de-identified form to cookies (or mobile ad identifiers) and other proprietary IDs, in order to provide you with more relevant ads when you visit other websites.
We neither have access to, nor does this Policy govern, the use of cookies or other tracking technologies that may be placed on your device you use to access the Websites by such non-affiliated third parties.
3. Notice Concerning Do Not Track.
Do Not Track (“DNT”) is a privacy preference that users can set in certain web browsers. We are committed to providing you with meaningful choices about the information collected on our Websites for third party purposes, and that is why we provide the variety of opt-out mechanisms listed above. However, we do not currently recognize or respond to browser-initiated DNT signals. To learn more about Do Not Track, you can do so here.
F. Sharing of Site Visitor Information
We share the information we collect through the Websites with the following:
-
Affiliates and Subsidiaries. We may share the information we collect within the BnTx family of companies.
-
Service Providers. We may provide access to or share your information with select third parties that use the information only to perform services on our behalf. These third parties provide a variety of services to us, including without limitation sales, marketing, provision of content and features, advertising, analytics, research, data storage, security, fraud prevention, and other services.
-
Business Transfers. If the ownership of all or substantially all of our business changes, we may transfer your information to the new owner so that the Website can continue to operate. In such case, your information would remain subject to the promises and commitments contained in this Policy until such time as this Policy is updated or amended by the acquiring party upon notice to you. If such transfer is subject to additional mandatory restrictions under applicable laws, BnTx will comply with such restrictions.
-
Consent. We may also disclose your information to third parties with your consent to do so.
G. Retention of Your Information
We will retain your information for the period necessary to fulfill the purposes outlined in this Policy unless a longer retention period is required or permitted by law.
H. Data Subject Rights
Local legal requirements (such as those in the EU) may afford you additional rights. If you would like further information in relation to your legal rights under applicable law or would like to exercise any of them, please contact us using the information in the BnTx Contact Info section below at any time. Your local laws (such as those in the EU) may permit you to request that we:
-
provide access to and/or a copy of certain information we hold about you
-
prevent the processing of your information for direct marketing purposes (including any direct marketing processing based on profiling)
-
update information which is out of date or incorrect
-
delete certain information which we are holding about you
-
restrict the way that we process and disclose certain of your information
-
transfer your information to a third party provider of services
-
revoke your consent for the processing of your information
We will consider all requests and provide our response within the time period stated by applicable law. Please note, however, that certain information may be exempt from such requests in some circumstances, which may include if we need to keep processing your information for our legitimate interests or to comply with a legal obligation. We may request you to provide us with information necessary to confirm your identity before responding to your request.
IV. Third Party Links And Services
The Websites may contain links to third-party websites and functionalities. If you choose to use these third party services, you may disclose your information not just to those third parties, but also to their users and the public more generally depending on how their services function. Because these third-party websites and services are not operated by us, We are not responsible for the content or practices of those websites or services. The collection, use, and disclosure of your information will be subject to the privacy policies of the third-party websites or services, and not this Policy. We urge you to read the privacy and security policies of these third parties.
V. Additional Privacy Terms For All Users
The following additional information about BnTx privacy practices apply to all users (Subscribers and Site Visitors).
A. Changes To Our Privacy Policy
We reserve the right to amend this Policy at any time to reflect changes in the law, our data collection and use practices, the features of our Service or Websites, or advances in technology. We will make the revised Policy accessible through the Service and Websites, so you should review the Policy periodically. If we make a material change to the Policy, we will comply with applicable legal requirements regarding providing you with notice and/or consent.
B. How We Protect Your Information
BnTx takes technical and organisational measures to protect your information against accidental or unlawful destruction or accidental loss, alteration, unauthorized disclosure or access. However, no method of transmission over the Internet, and no means of electronic or physical storage, is absolutely secure, and thus we cannot ensure or warrant the security of that information.
C. Marketing Practices and Choices
If you receive email from us, we may use certain analytics tools, such as clear GIFs, to capture data such as when you open our message or click on any links or banners our email contains. This data allows us to gauge the effectiveness of our communications and marketing campaigns. You may instruct us not to use your contact information to contact you by email, postal mail, or phone regarding products, services, promotions and special events that might appeal to your interests by contacting us at the BnTx Contact Info section below. In commercial email messages, you can also opt-out by following the instructions located at the bottom of such emails. Please note that, regardless of your request, we may still use and share certain information as permitted by this Policy or as required by applicable law. For example, you may not opt-out of certain operational or service-related emails, such as those reflecting our relationship or transactions with you.
California law gives residents of California the right under certain circumstances to request information from us regarding the manner in which we share certain categories of personal information (as defined by applicable California law) with third parties for their direct marketing purposes. However, we do not share your personal information with third parties for their own direct marketing purposes.
D. California Privacy Rights
VI. BnTx Contact Info
INTERACT Technologies offices, JustCo, Level 16, 175 Pitt Street,
SYDNEY, NSW, 2000
Contact us: privacy@bntxinteract.com
If you are an Australian Subscriber, you may contact the Office of the Australian Information Commissioner to make a complaint about this Policy or access information about your Privacy Rights.