Updated March 2023
Orbita, Inc. (“Orbita”) respects the privacy of its Customers, suppliers, business partners, and individuals that entrust us with their personal information. Orbita on behalf of our Customers, may collect personal information in accordance with the laws and regulations of the countries in which the information is collected, used, and managed.
“Customer” means any entity that purchases the Service.
“Personal Data” means data about a living individual who can be identified from those data (or from those and other information either in Orbita’s possession or likely to come into Orbita’s possession).
“Service” means any Orbita branded software, service, application, or device that is provided by Orbita to Customers.
USE OF DATA
Orbita may process your Personal Data because:
- The owner of the Personal Data has given us permission to do so
- Orbita is contractually obligated to provide a Service that processes Personal Data
- The processing is in Orbita’s legitimate interests and is not overridden by Personal Data protection rights
- For payment processing purposes
- To comply with laws and regulations
Orbita provides Services to its Customers to operate and manage an information system supporting their businesses. Orbita Services include digital information systems that collect, store, and manage data on behalf of our Customers.
While Orbita Customers ultimately decide what data will be used within Orbita Services, it may include information about their users, customer, and in some cases, their patients. Information may include medical, health, healthcare, medication, treatment, contact, or other information related to people, groups, conditions, or clinical research.
In addition, Orbita provides optional consulting services to assist Orbita Customers with their implementation and use of Orbita services at various stages within their project management process as well as varying levels of assistance. Information may be shared as required by the project and at the discretion and control of the Customers to limit and request any special handling requirements.
Orbita collects and uses information gathered on our website for marketing purposes to provide further information regarding our services and solutions. As addressed and detailed within our privacy statement, our processing activities are accurate to the stated purposes and all such information is secured with technical and organizational measures to ensure protection for confidentiality, integrity, and availability.
For Business Operation Use
Orbita collects Personal Data for billing and operations in support of its business. Contact information from Customers is used to perform business operations related to proposals, agreements, billing, invoicing, and for tax reporting purposes.
We store the information we collect for as long as is necessary for the purpose(s) for which we originally collected it. We may retain certain information for legitimate business purposes and as required by law.
Under certain circumstances, Orbita may be required to disclose Personal Data if required to do so by law or in response to valid requests by public authorities (e.g. a court or a government agency).
Orbita may disclose Personal Data in the good faith belief that such action is necessary to comply with legal obligations including:
- To protect and defend the rights or property of Orbita
- To prevent or investigate possible wrongdoing in connection with the Service
- To protect the personal safety of users of the Service or the public
- To protect against legal liability
ONWARD DATA TRANSFERS
Orbita has implemented and maintains safeguards to secure Personal Data from misuse, loss, or unauthorized alteration. Additionally, safeguards are also in place to ensure that Orbita suppliers, vendors, contractors, and partners are required to keep any shared information confidential and are not permitted to use it for any other purpose than the performance of services for Orbita.
When necessary, Orbita requires and enforces encryption to be used when storing and transmitting data. Access controls are in place to ensure that restrictive limits are established and maintained with controls for authentication, authorization, and accounting. Access to Personal Data is protected with these controls and Orbita regularly monitor its systems for possible vulnerabilities and attacks.
You acknowledge and agree that Orbita may retain our affiliates and other third parties to further process data on your behalf as Subprocessors in connection with the provision of the Orbita Platform. We maintain a current list of our Subprocessors here.
DATA INTEGRITY AND PURPOSE LIMITATION
Orbita limits the collection and use of Personal Data to only relevant information for the purposes of processing and will not process Personal Data in a way that is incompatible with the purposes for which the information has been collected or subsequently authorized by Orbita’s Customers. Orbita takes reasonable steps to ensure the information is accurate, complete, current, and available to the extent necessary.
DATA ACCESS AND CORRECTIONS
Orbita recognizes the Personal Data protection rights of citizens of European Economic Area (EEA) and offers the means for these individuals to correct, amend, delete or limit the use of their Personal Data within applications that are powered by Orbita Services. Orbita supports the following Personal Data protection rights for EEA citizens:
- Right of Access, Update, and Deletion: The right to access, update or delete owned Personal Data.
- Right of Rectification: The right to have owned Personal Data rectified if that information is inaccurate or incomplete.
- Right of Objection: The right to object to Orbita’s processing of owned Personal Data.
- Right of Restriction: The right to request that that Orbita restrict the processing of owned Personal Data.
- Right of Data Portability: The right to be provided with a copy of the owned Personal Data Orbita may have in a structured, machine-readable and commonly used format.
- Right of Consent Withdrawal: The right to withdraw consent at any time where Orbita relied on such consent to process owned Personal Data.
ENFORCEMENT AND DISPUTE RESOLUTION
Orbita’s participation in the EU-U.S. Privacy Shield Framework and the Swiss-U.S. Privacy Shield Framework is subject to investigation and enforcement by the United States Federal Trade Commission.
Orbita will investigate and attempt to resolve complaints and disputes regarding Orbita’s use and disclosure of Personal Data in accordance with the EU-U.S. and Swiss-U.S. Privacy Shield Principles. Please send all complaints to firstname.lastname@example.org.
Orbita has registered with the JAMS Foundation (JAMS), a commercial dispute resolution service, to provide an independent dispute resolution alternative for Customers. In the event that Orbita fails to respond or does not resolve a complaint within forty-five (45) days, Customers seeking a resolution may contact JAMS. To learn more about JAMS dispute resolution services, including instructions for submitting a complaint, visit: eu-us-privacy-shield. If neither Orbita nor JAMS provide an adequate resolution, complainant may seek to engage in binding arbitration through the Privacy Shield Panel.
Orbita Services do not address anyone under the age of 18 (“Children”). Orbita does not knowingly collect Personal Data from anyone under the age of 18. If Orbita becomes aware that Personal Data from children has been collected by an application using an Orbita Service, without parental consent, Orbita will remove that information from Orbita servers upon discovery or by way of parental request.
SALE OF YOUR PERSONAL DATA
Orbita does not rent, sell, or share your Personal Data with nonaffiliated companies for marketing purposes or otherwise, unless we have your permission.
VERIFYING, UPDATING, or DELETING YOUR PERSONAL DATA
If you wish to verify, update, or delete any of your Personal Data kept with Orbita, please send requests to: email@example.com
HOW TO CONTACT ORBITA
Please send all inquiries about this Privacy Shield Policy and any of our privacy practices: firstname.lastname@example.org or by mail addressed to:
77 Sleeper Street
Boston, MA 02210
or by phone at: 857-574-0432
CHANGES AND UPDATES
For more information, please visit the Orbita Trust Center page.