Isomics Safe Harbor Policy

Introduction

Isomics provides specialized services to academic and business clients in the fields of software development, image analysis, and technical management with applications in medical research, product development, and manufacturing. At Isomics, we recognize the importance of information protection and data security. As such, we have adopted and adhere to the Safe Harbor Principles established by the U.S. Department of Commerce for protection of the transfer of information with Switzerland. More information about the Department of Commerce's Safe Harbor program can be found at www.export.gov/safeharbor.

Scope

This Policy governs personal information transferred from countries in Switzerland to the United States on behalf of Isomics, Inc.

Definitions

"Personal Data" is any information that can be used to identify an individual, is received from Switzerland, and is recorded in any form. Personal Data includes Sensitive Data as defined below.

"Sensitive Data" is Personal Data that specifies medical or health conditions, personal sexuality or information specifying sex life, racial or ethnic origin, political opinions, religious, philosophical, ideological or trade union related views or activities, or information on social security measures or administrative or criminal proceedings and sanctions, which are treated outside pending proceedings.

"Agent" is any third party that processes, collects, or uses Personal Data under the instructions of, and for, Isomics or a third party to which Isomics discloses Personal Data for use on Isomics' behalf.

Notice

Where Isomics collects Personal Data directly from individuals, we inform those individuals in clear and conspicuous language about the purposes for which we collect and use the information, how to contact Isomics with any inquiries or complaints, the types of third parties to which we disclose the information, and the choices and means Isomics offers individuals for limiting the use and disclosure. We provide this notice when individuals are first asked to provide Personal Data to Isomics or as soon thereafter as is practicable, but in any event before Isomics uses such information for a purpose other than that for which it was originally collected or discloses it for the first time to a third party.

Choice

Isomics is not a direct marketing firm and we do not use, sell, or transfer any Personal Data for direct marketing purposes. If Isomics discloses the information to a non-Agent third party or discloses the information for a purpose that is incompatible with the purpose for which it was originally collected, Isomics offers individuals the opportunity to opt out. Such opt-out provision is provided to individuals by clear and conspicuous, readily available, and affordable mechanisms.

For Sensitive Data , Isomics gives affirmative or explicit opt in choice if the information is to be disclosed to a third party or used for a purpose other than those for which it was originally collected or subsequently authorized by the individual through the exercise of opt in choice. Further, Isomics treats as sensitive any information received from a third party where the third party identifies and treats it as sensitive.

Onward Transfers

Isomics will only transfer Personal Data onward to a third party we have applied the Notice and Choice Principles as outlined above. Further, where Isomics transfers information to a third party that is acting as an agent, we ascertain that the third party (1) subscribes to the Safe Harbor Principles, (2) is subject to FADP or another adequacy finding, or (3) Isomics has entered into a written agreement with such third party requiring that the third party provide at least the same level of privacy protection as is required by the relevant Safe Harbor Principles.

Security

Isomics takes reasonable precautions to protect Personal Data from loss, misuse, and unauthorized access, disclosure, alteration, and destruction.

Data Integrity

Consistent with the Safe Harbor Principles, Isomics uses Personal Data only for the purpose consistent with which it was collected or subsequently authorized by the individual. To the extent necessary for those purposes, Isomics takes reasonable steps to ensure that Personal Data is reliable for its intended use and is accurate, complete, and current.

Access

Upon request and in accordance with Safe Harbor Principles, Isomics provides individuals with access to Personal Data and Sensitive Data about them held by Isomics as well as the ability to correct, amend, or delete that information where it is inaccurate. Consistent with Safe Harbor Principles, Isomics will limit the right to an individual's access where the burden or expense of providing access would be disproportionate to the risks to the individual's privacy in the case in question, or where the rights of persons other than the individual would be violated.

Enforcement

Isomics has established internal mechanisms to verify ongoing adherence to its Policy. Employees found to be in violation of this Policy will be subject to disciplinary action. For complaints or disputes regarding this Policy, please contact us at the information provided below. If Isomics is unable to resolve your complaint or dispute, and your Personal Data was received from Switzerland, we will cooperate with, and comply with advice given by, the commissioner in the investigation and resolution of complaints brought under the U.S.-Swiss Safe Harbor.

Contact Information

Privacy Officer
Isomics, Inc.
55 Kirkland Street
Cambridge, MA 02138
privacy@isomics.com