MOXO – Privacy Notice (GDPR)
Neuro-Technology Solutions Ltd. (“Neurotech”, “us,” “we,” or “our”) recognizes and respects the importance of maintaining your privacy and, as a result, we have established this Privacy Notice. This Privacy Notice describes the types of information we collect from you when you visit and/or use our Site and/or Services. This Privacy Notice also explains how we may use, process, transfer, store, and disclose the information collected, as well as your ability to control certain uses of the collected information. If not otherwise defined herein, capitalized terms have the meaning given to them in the MOXO Terms of Service, available at] https://app.moxo-adhdtest.com/users/reg2 (the “Terms”). “You” means any Customer and/or Permitted Users and/or any Participants and/or their parents and/or legal guardians.
Neurotech is the data controller in respect of the certain processing activities outlined in this Privacy Notice, such as processing activities relating to Permitted Users. Our registered office is Haplada 3, Or Yehuda, Israel and our registration number is 514105287. In addition, Neurotech serves as a processor of data relating to Participants.
“Personal Data” means any information that refers, is related to, or is associated with an identified or identifiable individual or as otherwise may be defined by applicable law.
Neurotech is not a health care provider and the Site does not provide health care services. You may have heard the term HIPAA, which is a United States law which governs the privacy of personal health information. Although Neurotech is not subject to HIPAA, we care about the privacy of your personal information.
Privacy Notice Key Points
The key points listed below are presented in further detail throughout this Privacy Notice. These key points do not substitute the full Privacy Notice.
- Personal Data We Collect. When you register, we collect Personal Data provided by you, such as your name, country, phone number, e-mail address, and job function, professional license number, degree. Additionally, we will collect Personal Data relating to the Participants, their parents and/or legal guardians, and Permitted Users. This data may include Special Categories of Data (as such term is used in Regulation 2016/679 of the European Parliament and of the Council of 27 April 2016 (General Data Protection Regulation), including health data. We also (automatically) collect information about your use of the Site and Services. If you contact us for questions or complaints, we will collect the information related to your inquiry.
- How We Use the Information We Collect. We use the information (including Personal Data) we collect mainly to administer and provide the Site and Services, contact you with administrative information, and improve the Site and Services.
- Basis for Processing Your Personal Data. Processing your Personal Data is necessary for the performance of the Terms and the provision of the Services to you. Processing for the purposes of developing and enhancing new features and our products and services, for analytics and usage analysis, for fraud prevention and security and for our recordkeeping and protection of our legal rights – are all necessary for the purposes of legitimate interests that we pursue.
- Disclosure of Personal Data. We may share the Personal Data we collect with our service providers and subcontractors who assist us in the operation of the Site and process the information on our behalf and under our instructions. We will also share Personal Data of Participants with the relevant Customer and/or Permitted Users.
- International Transfer. We may use service providers and/or subcontractors and/or cooperate with or have business partners and affiliates located in countries other than your own, and send them your Personal Data. We will ensure to have agreements in place with such parties ensuring the same level of privacy and data protection as set forth in this Privacy Notice. You hereby consent to such international transfer.
- Your Rights. Subject to applicable law and additional rights as set forth below, you may have a right to access, update and/or delete your Personal Data and obtain a copy of the Personal Data we have collected about you.
- Retention. We retain information for as long as necessary for the purposes set forth in this Privacy Notice.
- Security. We implement industry standard measures aimed at reducing the risks of damage and unauthorized access or use of Personal Data, but they do not provide absolute information security.
- Changes to the Privacy Notice. We may change this Privacy Notice from time and shall notify you of such changes.
Personal Data We Collect
We collect information from all users who utilize the Site and/or Services, whether Permitted Users or Participants. In order to utilize our Services, you will be required to register an account and provide us with certain Personal Data. We may also collect Personal Data when Participants and/or Permitted Users utilize the Site and/or Services, when you request information from us, sign up for newsletters or our email lists, complete online forms, or contact us for any other reason.
If you are a Permitted User, examples of the Personal Data that we collect from you may include your name, address, phone number, e-mail address, and job function. Additionally, we will collect Personal Data relating to the Participants, such as their name, ID numbers, and information related to their attentional skills, which may include Special Categories of Data as well as information relating to their parents and/or legal guardians. It is your voluntary decision whether to provide us with any such Personal Data, but if you refuse to provide such information we may not be able to register you to the Site, allow you to participate in an Assessment and/or provide you with the Services.
We may automatically collect some information when you visit our Site, such as your computer’s IP address, operating system, the site from which you linked to us, and the time and date of your visit, purchases and activities, and any data you upload in order to use the Services.
How We Use the Information We Collect
We and any of our trusted third-party subcontractors and service providers may use the Personal Data we collect from and about you for any of the following purposes: (1) to provide you with the Site and/or Services; (2) to respond to your inquiries or requests, contact and communicate with you; (3) to develop new products or services and conduct analyses to improve our current content, products, and Services; (4) to contact you with informational newsletters and promotional materials relating to our Site and Services; (5) to review the usage and operations of our Site and Services; (6) to use your data in an aggregated, non-specific format for analytical purposes (as detailed below); (7) to prevent fraud, protect the security of our Site and Services, and address any problems with the Site and/or Services and (8) to provide customer support.
In addition, by analyzing all information we receive, including all information concerning users, we may compile statistical information across a variety of platforms and users (“Statistical Information”). Statistical Information helps us understand trends and customer needs so that new products and services can be considered and so that existing products and services can be tailored to customer desires. Statistical Information is anonymous and aggregated and we will not link Statistical Information to any Personal Data. We may share such Statistical Information with our partners, without restriction, on commercial terms that we can determine in our sole discretion.
We, or our service providers or subcontractors, may use various tools to collect information about the use of the Site and/or Services (“Tools”). The Tools collect information such as how often Permitted Users utilize the Site and/or Services. The Tools collect only the IP address assigned to you on the date you use the Site and/or Services, rather than your name or other identifying information. We do not combine the information collected through the use of the Tools with personally identifiable information. We use the information we get from the Tools only to improve our Site and Services.
We may use your Personal Data as required or permitted by any applicable law.
Basis for Processing Your Personal Data
Processing your Personal Data is necessary for the performance of the Terms and the provision of the Services to you, including responding to your inquiries or requests, contacting and communicating with you and providing customer support. When you make a purchase, or engage in any other transaction with us, we may also process your Personal Data to perform that contract.
Processing for the purposes of developing and enhancing our products analytics and usage analysis, for fraud detection and prevention, for our recordkeeping and protection of our legal rights, compliance with legal and regulatory requirements, network and information security, and product development and enhancements – are all necessary for the purposes of legitimate interests that we pursue.
Please note that we may process your Personal Data for more than one legal basis depending on the specific purpose for which we are using your data. Please contact us if you would like details about the specific legal grounds on which we are relying to process your Personal Data.
Sharing of Personal Data
We may share your information, including Personal Data, as follows:
Business Partners, Service Providers, Affiliates, and Subcontractors
We may disclose information, including Personal Data we collect from and/or about you, to our trusted service providers, business partners, affiliates, subcontractors, who may use such information to: (1) help us provide you with the Site and/or Services; (2) aid in their understanding of how users are using our Site and Services. We also may use and disclose anonymized testing results and other anonymized medical information for the purposes of evaluating and improving our Services and for use in connection with academic and scientific research and education relating to ADHD.
We may use subcontractors and service providers and have business partners and affiliates who are located in countries other than your own and send them information we receive (including Personal Data). We will ensure that these third parties will be subject to written agreements ensuring the same level of privacy and data protection as set forth in this Privacy Notice. You hereby consent to such international transfer.
We may transfer our databases containing your Personal Data if we sell our business or part of it, including in cases of liquidation. Information about our users, including Personal Data, may be disclosed as part of, or during negotiations of, any merger, sale of company assets or acquisition and shall continue being subject to the provisions of this Privacy Notice.
Law Enforcement Related Disclosure
We will fully cooperate with any law enforcement authorities or court order requesting or directing us to disclose the identity, behavior or (digital) content and information of or related to an individual, including in the event of any user suspected to have engaged in illegal or infringing behavior. We may also share your Personal Data with third parties: (i) if we believe in good faith that disclosure is appropriate to protect our rights, property or safety (including the enforcement of the Terms and this Privacy Notice); (ii) to protect the rights, property or safety of third parties; (iii) when required by law, regulation subpoena, court order or other law enforcement related issues; or (iv) as is necessary to comply with any legal and/or regulatory obligation. You can request such Personal Data as specified herein by emailing us at [email protected]
Other Uses or Transfer of Your Information
We allow you to use our Site and Services in connection with third-party services, sites, and/or mobile applications. If you use our Site and/or Services with or through such third-parties, we may receive information (including Personal Data) about you from those third parties. Please note that when you use third-parties outside of our Site and/or Services, their own terms and privacy policies will govern your use of those services.
Protection of Personal Information
Neurotech has put into place generally-accepted, industry standard security measures in an effort to protect personal information from loss, misuse or alteration both during transmission and once we receive it. For example, we have implemented Web Application Firewall, database encryption and conducted penetration testing to protect your privacy. Further, when you enter personal information online, that information is encrypted using security software called SSL (Secure Socket Layer). SSL encrypts all information entered on our site before it is sent over the Internet. We also use SSL to allow you to securely view your online account and registration information. Account information is accessible online only through the use of a password. To protect the confidentiality of personal information, you must keep your password confidential and not disclose it to any other person. If other people have access to your email, they may be able to obtain access to your password and obtain personal information about you (such as your credit card information), or change information about your user profile.
However, no method of transmission over the Internet, or method of electronic storage is 100% secure. Therefore, while we strive to use commercially acceptable means to protect your Personal Data, we cannot guarantee its absolute security.
Your Rights – How to Access and Limit Our Use of Certain Information
You have certain rights in relation to the Personal Data that we or other controllers hold about you, as detailed below. For any requests to exercise such rights with respect to information held by our co-controllers, please contact the applicable controller directly. We reserve the right to ask for reasonable evidence to verify your identity before we provide you with any information and/or comply with any of your requests, as detailed below:
- Right of Access and Data Portability. You have a right to know what Personal Data we collect about you and, in some cases, to have the information communicated to you. Subject to the limitations in applicable law, you may be entitled to obtain from us a copy of the Personal Data you provided to us (excluding information that we obtained from other sources) in a structured, commonly-used, and machine-readable format, and you may have the right to (request that we) transmit such Personal Data to another party. If you wish to exercise this right please contact us letting us know what information in particular you would like to receive and/or transmit. Subject to applicable law, we may charge you with a fee. Please note that we may not be able to provide you with all the information you request, for instance, if the information includes Personal Data about another person. Where we are not able to provide you with information that you have asked for, we will endeavor to explain to you why. We will try to respond to any request for a right of access as soon as possible.
- Right to Correct Personal Data. Subject to the limitations in applicable law, you may request that we update, correct or delete inaccurate or outdated Personal Data and/or that we suspend the use of Personal Data, the accuracy of which you may contest, while we verify the status of that Personal Data. We will correct your Personal Data within a reasonable time from the receipt of your written request thereof.
- Deletion of Personal Data (“Right to be Forgotten”). In certain circumstances you have a right to have Personal Data that we hold about you deleted. Should you wish to have any Personal Data about you deleted, please contact us, using the contact information specified in this Privacy Notice. Subject to applicable law, we will delete Personal Data provided to us by a user within a reasonable time from the receipt of a written (including via email) request by such user to delete such collected Personal Data. We cannot restore information once it has been deleted. Please note that to ensure that we do not collect any further Personal Data, you should terminate your account with us and clear our cookies from any device where you have used our Services. We may retain certain Personal Data (including following your request to delete) for audit and record-keeping purposes, as well as other purposes, all as permissible and/or required under applicable law. We may also retain your information in an anonymized form.
- Account Deactivation. You can ask us to deactivate your account by contacting us using the information below. In order to deactivate your account, we may ask you for additional information.
- Direct Marketing Opt Out. You can change your mind at any time about your election to receive marketing communications from us and/or having your Personal Data processed for direct marketing purposes. If you do, please notify us by contacting us as detailed in this Privacy Notice. We will process your request as soon as reasonably possible, however it may take a few days for us to update our records before any opt out is effective.
- Right to Object. Subject to applicable law, you may have the right to object to processing of your Personal Data for certain purposes.
- Supervisory Authority. If you are a European Citizen, you may have the right to submit a complaint to the relevant supervisory data protection authority.
If at any time you wish to contact us to exercise any of your rights listed above, you can do so by calling our membership service representatives at +972-8-6466107; 08-6466107 or by e-mailing us at [email protected].
Subject to applicable law and our (regulatory) obligations, we retain information as necessary for the purposes set forth above. With respect to Personal Data for which we are a controller, such data is retained for such period as you request and then will be deleted from our systems, without notice to you. With respect to Personal Data for which we are a processor, we will comply with the applicable controller’s instructions with regard to retention of Personal Data and our regulatory requirements. For more information, please contact the applicable controller directly.
Cookies and Similar Technologies
What are Cookies?
A cookie is a small piece of text that is sent to a user’s browser or device. The browser provides this piece of text to the device of the originating user when this visitor returns.
– A “session cookie” is temporary and will remain on your device until you leave the Site.
– A “persistent” cookie may be used to help save your settings and customizations across visits. It will remain on your device for much longer or until you delete it.
– First-party cookies are placed by us, while third-party cookies may be placed by a third party. We use both first- and third-party cookies.
– Information may also be collected through web beacons, which are small graphic images (“pixel tags”), which usually work together with cookies in order to identify users and user behavior. These may be shared with third parties.
We may use the terms “cookies” to refer to all technologies that we may use to store data in your browser or device or that collect information or help us identify you in the manner described above.
The specific names and types of the cookies, web beacons, and other similar technologies we use may change from time to time. However, the cookies we use generally fall into one of the following categories:
|Type of Cookie||Why We Use These Cookies|
|Necessary||These cookies are necessary in order to allow the Site to work correctly. They enable you to access the Site, move around, and access different services, features, and tools. Examples include remembering previous actions (e.g. entered text) when navigating back to a page in the same session. These cookies cannot be disabled.|
|Functionality||These cookies remember your settings and preferences and the choices you make (such as language or regional preferences) in order to help us personalize your experience and offer you enhanced functionality and content.|
|Security||These cookies can help us identify and prevent security risks. They may be used to store your session information to prevent others from changing your password without your login information.|
|Performance||These cookies can help us collect information to help us understand how you use our Site, such as whether you have viewed messages or specific pages and how long you spent on each page. This helps us improve the performance of our Site.|
|Analytics||These cookies help us learn more about which features are popular with our users and how our Site can be improved.|
How to Adjust Your Preferences
Most Web browsers are initially configured to accept cookies, but you can change this setting so your browser either refuses all cookies or informs you when a cookie is being sent. In addition, you are free to delete any existing cookies at any time. Please note that some features of the Services may function improperly when cookies are disabled or removed.
Third Party Cookies
The following third party(ies) place analytics cookies:
- Google Analytics
Subject to your consent and applicable law, we may send you in-app notifications, e-mails or other messages about us or our products and services. By accepting the terms of this Privacy Notice or using the Site and/or Services, you affirmatively consent to receive such commercial messages. You may remove your Personal Data from our mailing list and stop receiving future communications from us by following the UNSUBSCRIBE link located at the bottom of each communication or by emailing us at [email protected] Please note that we reserve the right to send you service-related communications, including service announcements and administrative messages, relating either to your account or to your activities on the Site and/or Services, without offering you the opportunity to opt out of receiving them. Should you not wish to receive such communications you may cancel your account.
Participants under the age of eighteen (18) who are using the Services may do so only upon the Customer or Permitted User’s receipt of the relevant and required parental consent. In the event that you become aware that an individual under the age of eighteen (18) has enrolled as a Participant without the necessary parental consent, please advise us immediately.
Permitted Users and Customers must all be above the age of eighteen (18).
Changes and Deletion of Information
By using our Site and/or Services, you shall be asked to accept the terms of this Privacy Notice. If you do not agree with the terms, please do not use this Site and/or the Services associated with them. We may update this Privacy Notice from time to time, in which case we shall notify you of such changes and will post the updated Privacy Notice on this page. Please come back to this page every now and then to make sure you area familiar with the latest version. Any new Privacy Notice will be effective from the date it has been accepted by you.
Comments and Questions
If you have any comments or questions about our Privacy Notice, or if you wish to exercise any of your rights, please contact us at [email protected]
Last updated: September 2018
MOXO – Privacy Summary for Kids
We are Neuro-Technology Solutions Ltd. and we think your privacy is important. That’s why we wrote this summary so that you will know what we do with the information we have about you, who we share it with and how we protect it. We also want you to know how you can make decisions about how we treat your information.
It’s probably best if you read this together with a responsible grown-up, like a parent. If you have any questions, you should speak with a responsible grown-up or you can always talk to us.
We created the test that you will be taking (the MOXO test) but someone else will actually be giving it to you, helping you with it, and managing the results of the test. That person will decide what information they need from you and will be in charge of what will happen with that information. They will send it to us so that we can store it, analyze it, and do other activities that will help them understand the results. The person is charge is called the Controller and we are called the Processor.
What kind of information do we have about you?
When you take the MOXO test, we get information about you like how good your attention is and other mental skills and characteristics. Since this information concerns your health, the law says that it’s in its own special category and we will only use it if we get permission from your parent or guardian. We also will get and use information that your parent or guardian gives us about you like your name, your birthday, and your identification number. If you send us a message, we’ll save and use the information in such message too.
You can always decide that you don’t want us to have any information about you. If you decide that, then we won’t be able to give you the MOXO test or any other services.
Why do we need this information and how do we use it?
We need this information so that the person running the MOXO test can run it properly. We will also use it so that we can understand how well the test is working and make it even better and create other tests and services. It can help us make sure that all of the information we have is kept safe and that no one uses it in the wrong way.
It’s helpful for us to understand how all different kinds of people use the MOXO test and other services. To do this, we look at your information together with the information of a lot of other people and we take away your name and other personal information so that we don’t know what information is connected to you and what information is connected to the other people.
If a law says that we have to use your information in a certain way, we’ll do what the law says to do. If the law says that we have to share information with someone else, we’ll also do that.
How do we share your information with others?
We work with a bunch of other business and people who help us in giving you the MOXO test and help us make sure that it works and help us understand how it works. We have to share your information with them so that they can help us create the test and understand how to improve it.
These other businesses might not be in the country where you live. When we send them the information in the country where they are, we make sure that they are just as careful to protect your information as we are. We’ll also make sure that we got your parent’s permission before we send information to them.
If we sell our company, we’ll have to share your information with the new owner. If that happens, we’ll make sure that the new owner treats your information in the same way that we do.
Of course we’ll also share any information you give us with your parents or other legal guardians and the Controller, who is giving you the MOXO test.
How can you decide what we do with your information?
You can ask us to do any of the things on this list, but you will have to get permission from your parent or guardian first:
- You can find out what information we have and ask us to send you a copy. You can also ask us to send a copy to someone else. Sometimes we won’t be able to give you a copy, but if we can’t, we’ll try to explain to you why not.
- If you find that we have some wrong information, you can ask us to correct it.
- You can ask us to erase any information we have. If we do, then we won’t be able to bring it back.
- You can sometimes ask us to stop using your information.
- If you’re in the EEA you can tell a supervisory authority if you think we did something wrong. You will definitely need to ask a parent or guardian before you do this.
No, not that kind of cookies! Cookies are a kind of technology that helps our website work. It helps remember things that you do on the website and gives us information that can help us make it work better. We need some of the cookies to help the test and the website work properly and keep it safe, but some of the cookies aren’t absolutely necessary. Some might also be used by other companies on our website. If you don’t want your computer to remember information, you can change the settings on your computer so that it won’t.
How long do we keep information?
We only keep information as long as we need it in order to do the things we said we were going to do with it in this Privacy Summary. If we don’t need it, we’ll erase it.
How is it protected?
We looked around to see what security measures are currently available to protect you information and what other companies like us do to protect their information and made sure that we’re doing at least as good a job as they are. That doesn’t mean everything is 100% safe but we do our best!
What if we change our mind about how we use your information?
If we do, we’ll make sure to let you and your parent or guardian know (by email or by posting an updated Privacy Notice on the website).
How can you reach us?
If you have any questions or want to tell us something about how we use and collect you information, or if you want us to delete or fix your information, you can email us at [email protected] or call us at +972-8-6466107. Please remember to always speak with your parent or guardian before you do.
Last updated: September 2018