Contact us

Products and services

Clinical Odyssey for Individuals  Clinical Odyssey for Organizations Overview Features Pricing Quality Assurance Catalog Frequently Asked Questions Demo MJ Advertisement Network Overview Stand-Alone Mobile Apps Loyalty Program MJ TurnKey Content Solutions

Customer Stories

Student testimonials In academia and research

Company

Welcome! About us International Medical Board Jobs Public Service Contact us

Global Data Protection Regulation

A brief message by Medical Joyworks, LLC

The EU General Data Protection Regulation, or GDPR (Regulation (EU) 2016 / 679) is the latest update to data protection laws covering the 28 nations of the European Union.

Until 25 May 2018, EU data privacy legislation had a limited impact on Medical Joyworks. However, Article 3 of the new regulation expands its territorial scope to include us, a United States LLC with establishment in Delaware, and with no offices in the European Union.

Consequently, with this legislation having come into effect on said date, we take this opportunity to share with you some of its key aspects, how we are ensuring our compliance with it, and how it all relates to you.

The information presented below is lengthy, but important. Therefore, we kindly ask that you find a comfy chair, get a large cup of freshly brewed coffee, and take a few minutes to carefully read what we are about to share here.

Sincerely,

The Medical Joyworks team


What is the GDPR?

The GDPR was enacted by the European Union and is intended to enhance the protection of natural persons with regards to the processing of their personal data. The GDPR does this by replacing the Union’s existing Data Protection Directive 95/46/EC and harmonizing the different data privacy laws in effect across the EU’s Member States.

The term processing is worth noting here. Under the GDPR, processing means:

“[A]ny operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.”

Personal data is another important term, defined by the GDPR as:

“[A]ny information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.”

You will want to keep these two terms in mind as you continue to read further!


Who does the GDPR protect?

The GDPR protects you, if you are:

  • a natural person, and
  • a national or resident of the European Economic Area (EU Member States, plus Norway and Switzerland), and
  • are accessing any European or non-european business.

How does the GDPR protect you?

Under Article 13 of this legislation, we (the data “controller” or “processor”) are obliged to provide you (the “data subject”) with concise, transparent, intelligible and easily accessible information on:

  • the legal basis by which we can process your personal data;
  • who exactly is collecting your personal data;
  • which personal data are being collected and further processed;
  • why your personal data are being collected and further processed;
  • how your personal data are being collected and further processed;
  • your personal data privacy rights under this legislation; and
  • how you can exercise your personal data privacy rights.

What is the legal basis by which we can process your personal data?

The GDPR’s Article 6 grants Medical Joyworks the legal right to process personal data, so long as one or more of the following 6 conditions are met:

  • “[T]he data subject has given consent to the processing of his or her personal data for one or more specific purposes
  • processing is necessary for the performance of a contract to which the data subject is party or in order to take steps at the request of the data subject prior to entering into a contract;
  • processing is necessary for compliance with a legal obligation to which the controller is subject;
  • processing is necessary in order to protect the vital interests of the data subject or of another natural person;
  • processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller;
  • processing is necessary for the purposes of the legitimate interests pursued by the controller or by a third party, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject which require protection of personal data, in particular where the data subject is a child.”

Explained in our own words:

  • you have given consent to the processing of your personal data for one or more specific purposes;
  • processing is necessary for performing a contract to which you are a party or, in order to take steps at your request prior to entering into a contract;
  • processing is necessary for complying with a legal obligation which we might have;
  • processing is necessary in order to protect your vital interests, or those of another natural person;
  • processing is necessary for performing a task carried out in the public interest, or in the exercise of any official authority vested in us;
  • processing is necessary for the purposes of the legitimate interests pursued by us or by a third party, except where these interests are in conflict with your interests or fundamental rights and freedoms which require protection of personal data, in particular where you are a child.

This means that the legal basis by which Medical Joyworks can process your personal data comes down to these specific reasons:

  • we have asked, and will continue to always to ask, for your consent to process your personal data for one or more specific reasons, at the moment when you enter into any relationship with us and at the moment when the data is collected, or within a reasonable period of time;
  • at times, we believe that the processing of your personal data is necessary for complying with several legal obligations to which we are subject; and
  • we believe that the processing of your personal data is necessary because we have a legitimate interest in:
    • personalizing your experience whenever you use our products and services;
    • authenticating you for the purposes of you using certain social media/user community features within our products and services;
    • improving our existing products and services to better match your needs;
    • developing new products and services that match your needs; and
    • marketing new and existing products and services to you;
  • to the best of our knowledge, the above-stated legitimate interests are not overridden by your own fundamental rights and freedoms.

Who exactly is collecting your personal data?

The GDPR makes clear in Article 4 what a personal data controller and a processor are:

“‘[C]ontroller’ means the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data.”

“‘[P]rocessor’ means a natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller.”

There may be times when the controller and the processor are the same entity.

For our purposes here, your personal data is collected by Medical Joyworks and, where necessary, by essential third parties. These include:

  • Apple Inc.
  • Facebook Inc.
  • Google LLC
  • MoPub Inc.

Which personal data from you are we collecting and further processing?

The privacy policies across all our products and services have been clear and consistent on this matter since the Company’s founding in 2011; and, if anything, the GDPR only strengthens our commitment toward this level of clarity.

The personal data we are collecting and further processing is limited to what is outlined in our privacy policies:

  • your name,
  • your email,
  • your profession,
  • your specialty,
  • your place of work,
  • your favorite cases or scenarios, and
  • your game play scores.

We also store Facebook and Google Plus public profiles when you choose to authenticate yourself for the purposes of posting comments in our Properties (whenever the feature exists and is available), or for saving your personal data. In this instance, your previous gaming results (when applicable) are stored as well.

Any comments you post on our websites and apps are also collected. These identify your name, your profession, and your specialty, but no other personal details.

We also store a record of your visits in our server logs. These server logs typically include:

  • your web request,
  • IP address,
  • browser type,
  • browser language, and
  • the date and time of your request.

Which anonymized data from you are we collecting and further processing?

As stated in our privacy policies, we collect and further process anonymized information, data with no personally identifiable information which can be used to trace its source so that the people whom it describes can remain anonymous.

Under the GDPR’s Article 11, such data is not subject to the same treatment as is personal data, particularly with regards to any desire you might have for accessing it, rectifying it or erasing it.

That said, the anonymized data we collect and further process is limited to the following:

  • data on how you perform on our downloaded gaming app products; and
  • your mobile device’s metadata, including:
    • device type,
    • device operating system,
    • device’s total RAM (where applicable),
    • Medical Joyworks product version installed on the device,
    • Stack trace (in case of crash),
    • MoPub-specific identifier or device IP address (where applicable),
    • iOS identifier for Advertising (where applicable), and
    • Android Advertising ID (where applicable).

We also generate an anonymous mobile device token to send to your mobile device push notifications when any new content is released via a downloaded gaming app product. This mobile token is created and managed by your mobile device’s operating system; and processed by a specialist third party provider.


Why are we collecting and further processing your personal data?

Email

Medical Joyworks collects your email for the sole purpose of informing you:
  • when there are important updates to the Properties;
  • when Medical Joyworks releases other Properties, products or services which might be relevant to you; and
  • any other important information related to Medical Joyworks or its Properties.

Specialty, Profession and Place of Work

Medical Joyworks’s Properties are free services supported by advertising.

Therefore, with your consent, Medical Joyworks anonymizes your specialty, profession, and place of work, and discloses and/or transmits these anonymized data to our advertising platform partners.

Furthermore,

Medical Joyworks also uses your specialty, profession, and place of work for analysis, to better determine what products, services and features we can offer you now and in the future.

Favorite cases or scenarios, and game play scores

Medical Joyworks uses your favorite cases or scenarios, and game play scores so that you do not lose your progress when using our Properties over time.

Social Media Login

Medical Joyworks may require you to log in to the Properties via Social Media Logins such as but not limited to Facebook or Google Plus for purposes of posting comments and/or authenticating your identity.

Comments

You may choose to post comments on our Properties, wherever the feature allowing for posting of comments exists. When this is the case, you will have to consent that the comments you post on the Properties will be transmitted to Medical Joyworks’s servers and distributed to other users on the Properties.

With your consent, your comments will identify your name, your profession, and your specialty, but no other personal details.

Records of visits

With your consent, we store this data to improve our services, identify and diagnose configuration or other issues with our server setup, and to maintain the security of our systems against malign attacks.

Performance data

Anonymized performance data is collected and further processed by essential third parties and, though we do not collect and store most of it, we will access this anonymized data to perform tasks essential to the running of our Properties, such as:
  • to improve our mobile and web products’s technology and overall performance;
  • see the number of visitors, measure usage and popularity across our web sites;
  • serve ads and calculate the number of ad impressions we display across our mobile products;
  • identify means by which we can improve the overall user experience; and
  • send push notifications to our mobile products informing you of new in-app content releases.

Other uses

  • to process your registration to our services;
  • to fulfil any orders you make for our products and/or services;
  • to provide you with customised questionnaires and applications;
  • to process questionnaires and create reports;
  • to carry out our obligations arising from any contracts entered into between you and us;
  • to research and improve our services;
  • to support our:
    • security,
    • administration,
    • testing of our systems,
    • billing processes,
    • accounting,
    • credit card checks,
    • maintaining our systems,
    • providing customer service,
    • enforcing and/or defending our legal rights and developing our products;
  • to deal with your requests and enquiries whether directed at us or our service-delivery contractors;
  • to track activity on our Properties;
  • to comply with legal, statutory and/or regulatory obligations; and
  • to administer our Properties which may involve sharing information with our network providers.

We are also very candid in stating that we do not release this user data to any third parties, for any reason, unless we are required to by law.


How do we collect and further process your personal data?

Whenever you install any of our downloaded mobile products and services, or visit any of our web products and services, you are first asked to review and accept the terms of service we spell out for their use. The terms of service list detailed explanations regarding the personal and anonymized data we may collect and process, when this is done, and how.

Personal data is collected any time you decide to complete a registration survey we make available through our products and services. Anonymized data is collected any time you use our products and services.

Access to all data is done solely via the automated processes and systems we have created and procured from third parties; and control over these processes and systems is restricted to Medical Joyworks team members and third parties tasked with designing, maintaining and upgrading them. Said team members, and their supervisors, are accountable for any work performed on the automated processes, as well as the purposes for which said data may be used.

Below is an outline detailing all of the parties involved in the collection and processing of personal and anonymous data as part of the processing activities essential to the running of our Properties:

  • Party: Apple iOS
  • Data collected:
    • Device type
    • Device operating system
    • Medical Joyworks’s Product Version
    • Stack trace (in case of crash)
  • Purpose: Improve our mobile products’ technology and overall performance.
  • Stored by: Apple Inc.
  • Party’s privacy policy: https://www.apple.com/legal/privacy/en-ww/
  • Party: Facebook SDK
  • Data collected:
    • Explicit events configured by Medical Joyworks.
    • Implicit events as offered by Facebook SDK, such as integration with Facebook Login or the "Like" button.
    • Automatically logged events (such as app installs, app launches and system events (e.g. SDK loading, SDK performance).
    • Facebook app ID.
    • Mobile advertiser ID.
    • Metadata from the request, including: the mobile OS type and version, the SDK version, app name, app version, the device opt-out setting, the user agent string and the client IP address.
    • Device metrics including: time zone, device OS, device model, carrier, screen size, processor cores, total disk space, remaining disk space.
  • Purpose: Track when a user installs a mobile app after having seen and clicked on a related Facebook ad.
  • Stored by: Stored by: Facebook Inc.
  • Party’s privacy policy: https://www.facebook.com/privacy/explanation
  • Party: Google Analytics
  • Data collected:
    • First-party cookies
    • Device/Browser data
    • IP address
    • On-site/app activities
  • Purpose: Protect the service and provide security to customers; see the number of visitors, measure usage and popularity across our web sites; and identify means by which we can improve the overall user experience.
  • Stored by: Google LLC
  • Party’s privacy policy: https://policies.google.com/technologies/partner-sites
  • Party: Google DoubleClick
  • Data collected:
    • Multiple tracking cookies
  • Purpose: Serve ads and calculate the number of ad impressions we display across our mobile products.
  • Stored by: Google LLC
  • Party’s privacy policy: https://policies.google.com/technologies/partner-sites
  • Party: Google Firebase Analytics
  • Data collected:
    • User session duration
    • Device operating system
    • Device model
    • Geography
    • Product’s first launch
    • Number of app opens
  • Purpose: Calculate the number of advertisement impressions we display across our mobile products.
  • Stored by: Google LLC
  • Party’s privacy policy: https://policies.google.com/technologies/partner-sites
  • Party: Google Firebase Authentication
  • Data collected:
    • Social Media Profile Data:
      • First name
      • Last name
      • Photo
      • Social Media ID
  • Purpose: Authenticate your user experience on our mobile products.
  • Stored by: Medical Joyworks, LLC
  • Party’s privacy policy: https://policies.google.com/technologies/partner-sites
  • Party: Google Firebase Cloud Messaging
  • Data collected:
    • Anonymous Push notification tokens
  • Purpose: Send push notifications to our mobile products informing you of new in-app content releases.
  • Stored by: Your mobile device
  • Party’s privacy policy: https://policies.google.com/technologies/partner-sites
  • Party: Google Firebase Crash Analytics
  • Data collected:
    • Device type
    • Device operating system
    • Medical Joyworks’s Product Version
    • Stack trace (in case of crash)
  • Purpose: Improve our mobile products’ technology and overall performance.
  • Stored by: Google LLC
  • Party’s privacy policy: https://policies.google.com/technologies/partner-sites
  • Party: Google Play
  • Data collected:
    • Device type
    • Device operating system
    • Device RAM
    • Medical Joyworks’s Product Version
    • Stack trace (in case of crash)
  • Purpose: Improve our mobile products’ technology and overall performance.
  • Stored by: Google LLC
  • Party’s privacy policy: https://policies.google.com/technologies/partner-sites
  • Party: Medical Joyworks
  • Data collected:
    • Favorite cases or scenarios
    • Scores
    • Email
    • Profession
    • Specialty
    • Place of work
  • Purpose: Keep track of your progress throughout your use of our mobile products and communicate important information related to Medical Joyworks’s products and services.
  • Stored by: Medical Joyworks, LLC
  • Party: MoPub Inc.
  • Data collected:
    • Device operating system
    • Carrier name
    • Mobile browser
    • Screen size
    • MoPub-specific identifier or device IP address, iOS identifier for Advertising, Android Advertising ID
    • Geo-location (when enabled by you)
    • Apps on the device that use the MoPub services and their versions
    • Apps on the device that request an ad
    • Start/stop time of your app use session
  • Purpose: Serve ads and calculate the number of ad impressions we display across our mobile products.
  • Stored by: MoPub Inc.
  • Party’s privacy policy: https://www.mopub.com/legal/privacy/

Whenever a third party is supplying a system essential for processing personal data and anonymous data, we receive contractual assurances from them stating that they comply with any necessary operational and legal requirements as stipulated EU, US and other pertinent local and international laws.


Do we share any of your personal data with third parties, including advertisers?

We do not release any of your personally identifiable data to any third parties, for any reason unless we believe that we are required to by law.


What data do we share with third parties, including advertisers?

While our websites and apps are free of charge, our services are supported by advertising; and for this, we only disclose anonymized information.

This is something we clearly state this in the privacy policies of all our products and services:

“Medical Joyworks’s Properties are free services supported by advertising.

Therefore, with your consent, Medical Joyworks anonymizes your specialty, profession, location and place of work, and discloses and/or transmits these anonymized data to our advertising partners.

By anonymization of data, we mean an internal process by which user data is collected in a way that no personally identifiable information can be used to trace its source so that the people whom it describes can remain anonymous.

With your consent, Medical Joyworks also uses your specialty, profession, location and place of work for analysis, to better determine what products, services and features we can offer you now and in the future.

Medical Joyworks agrees to always anonymize and not to disclose and/or transmit personally identifiable information, such as your name or email, to third parties without your consent.”

What are your personal data privacy rights?

Chapter III of the GDPR (spanning Articles 12 through 23) provides a detailed listing of all your personal data privacy rights.

We present you a detailed outline below:

Your right to transparent information, communication and the modalities by which you can exercise your rights (Art. 12)

  • You have the right to receive transparent information from us, in order to exercise your rights.
  • We are obliged to act without delay (and within one month) upon receiving a request for information from you. Please note, this one month period can be extended by a further two months where necessary, depending on the complexity and number of requests we receive from users like you. When this happens, though, we are obliged to inform you of the extension and the reasons for it.
  • We are obliged to inform you without delay (and also within one month) of the reasons for not taking any action, if we do not take action on your request for information.
  • You have the right to lodge a complaint with the supervisory authority in your country if you are not satisfied with our response in relation to your request for information.
  • We are obliged to provide you with information regarding your request, free of charge. However, if your request is unfounded or excessive, or repetitive, we are within our right to charge you a reasonable fee for administrative costs; or simply refuse to act on your request.
  • We are obliged to prove that your request for information is unfounded or excessive, or repetitive, should we believe it to be the case.

Your right to information being provided when personal data are collected from you (Art. 13)

  • At the time when we collect your personal data, we are obliged to provide you the following information:
    • our identity and contact details and, where applicable, those of our representative;
    • the contact details of our data protection officer, where applicable;
    • the purposes of the processing for which your personal data are intended as well as the legal basis for the processing;
    • where the processing is based on legitimate interests, the legitimate interests pursued by us, or by any third party collecting your personal data on our behalf;
    • the recipients or categories of recipients of your personal data, if any;
    • where applicable, the fact that we intend to transfer your personal data to a third country or international organisation, and the existence or absence of an adequacy decision by the European Commission for this activity;
    • the period for which your personal data will be stored or, if that is not possible, tźhe criteria used to determine said period;
    • the existence of your right to request to us:
      • access to your personal data,
      • rectification or erasure of your personal data,
      • a restriction of processing concerning your personal data,
      • to object to processing your personal data,
      • portability of your personal data;
    • the existence of your right to withdraw consent for collecting and further processing your personal data at any time;
    • the existence of your right to lodge a complaint with a supervisory authority;
    • whether the provision of personal data is a statutory or contractual requirement, or is a requirement necessary to enter into a contract, as well as whether you are obliged to provide your personal data and of the possible consequences of failure to provide such data; and
    • the existence of automated decision-making mechanisms, including profiling; and, if so, meaningful information about the logic involved, and the significance and the envisaged consequences of said automated processing for you.
  • We are obliged to provide you with information on any intention to further process your personal data for a purpose other than that for which your personal data were obtained, as well as any relevant further information (as previously described), all prior to our our further processing of your personal data.

Your right to information being provided when your personal data are not collected from you. (Art. 14)

  • When your personal data are not collected from you, we are obliged to provide you with the information listed in Article 13, as well as the following information:
    • the categories of personal data not obtained from you;
    • the recipients or categories of recipients of your personal data not obtained from you, if any; and
    • from which source your personal data originate and, if applicable, whether it came from publicly accessible sources.
  • Additionally, we are obliged to provide you all of the above-listed information:
    • within a reasonable period after obtaining your personal data, but at the latest within one month, having regard to the specific circumstances in which your personal data are processed;
    • even if your personal data are to be used for communicating to you, at the latest at the time of our first communication to you; and
    • if we envisage the disclosure of your personal data to another recipient, at the latest when your personal data are first disclosed.

Your right to access your personal data (Art. 15)

  • You have the right to obtain from us confirmation as to whether or not your personal data are being processed; and, where that is the case, access to the following information:
    • our purposes of the processing;
    • the categories of personal data concerned;
    • the recipients or categories of recipient to whom we have or will be disclosing your personal data, in particular recipients in third countries or international organisations;
    • where possible, the envisaged period for which we will store your personal data, or, if not possible, our criteria used to determine that period;
    • the existence of your right to request from us:
      • rectification or erasure of your personal data,
      • a restriction of processing concerning your personal data,
      • to object to processing your personal data;
    • the existence of your right to lodge a complaint with a supervisory authority;
    • where the personal data are not collected from you, any available information as to their source; and
    • the existence of automated decision-making mechanisms, including profiling and, if so, meaningful information about the logic involved, and the significance and the envisaged consequences of said automated processing for you.
  • You have the right to be informed of the appropriate safeguards we take whenever we transfer your personal data to a third country or to an international organization.
  • We are obliged to provide you with a copy of your personal data that is undergoing processing, free of charge. However, if you require further copies we have the right charge a reasonable fee based on administrative costs.

Your right to rectify your personal data (Art. 16)

  • You have the right to obtain from us, without undue delay, the rectification of any inaccurate personal data by providing a supplementary statement.
  • You have the right to have incomplete personal data completed by providing a supplementary statement, provided that you take into account our purposes of the processing of your personal data.

Your right to erasure, or the “right to be forgotten” (Art. 17)

  • You have the right to obtain from us, without undue delay, the erasure of personal data when one of the following applies:
    • your personal data are no longer necessary in relation to the purposes for which we collected them or otherwise processed them;
    • you withdraw consent on which our processing is based, and where there is no other legal ground for our processing;
    • you object to our processing, and there are no overriding legitimate grounds for our processing, or you object to our processing pursuant to your right to object; or
    • your personal data have to be erased for compliance with a legal obligation in Union or Member State law to which we are subject.
  • If we have made your personal data public, and are obliged to erase your personal data upon your request, we are obliged to take reasonable steps, including technical measures, to inform other controllers which are processing your personal data that you have requested the erasure by such controllers of any links to, or copy or replication of, those personal data.

Your right to restrict the processing of your data (Art. 18)

  • You have the right to obtain a restriction of processing of your personal data when one of the following applies:
    • you disagree and contest the accuracy of your personal data, during a period of time necessary for us to verify the accuracy of your personal data;
    • our processing is unlawful in some way, and you oppose the erasure of your personal data and request the restriction of their use instead;
    • we no longer need your personal data for the purposes of the processing, but they are required by you for the establishment, exercise or defense of a legal claim; or
    • you have objected to processing pursuant to your right to object, and are pending the verification whether our legitimate grounds override yours.
  • When processing of your personal data has been restricted, we are obliged to only process your personal data:
    • with your consent; or
    • for the establishment, exercise or defense of legal claims; or
    • for the protection of the rights of another natural or legal person.
  • When lifting a restriction of processing of your personal data, we are obliged to inform you before said restriction is lifted.

Your right to being notified about the rectification or erasure of your personal data, or a restriction of processing (Art. 19)

  • We are obliged to communicate any rectification or erasure of your personal data or restriction of processing carried out to each recipient to whom your personal data have been disclosed, unless this proves impossible or involves disproportionate effort.
  • We are obliged to inform you about those recipients, should you request it.

Your right to data portability (Art. 20)

  • You have the right to receive your personal data, which you have provided to us, in a structured, commonly used and machine-readable format.
  • You have the right to transmit your personal data to another controller without hindrance from us where:
    • the processing is based on your consent, as provided under the legal basis by which we can process your personal data; and
    • the processing is carried out by automated means.
  • You have the right to have your personal data transmitted directly from one controller to another, where technically feasible.
  • You have the right to exercise your right to data portability without it affecting your to right to erasure (or “right to be forgotten”).

Your right to object, and with regards to automated decision-making (Art. 21)

  • You have the right to object, on grounds relating to your particular situation, at any time, to processing of your personal data which is based on the legal bases by which we can process your personal data, including profiling based said legal basis. Here, we are obliged to no longer process your personal data unless we demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms or for the establishment, exercise or defence of legal claims.
  • You have the right to object at any time to the processing of your personal data for direct marketing purposes, which includes profiling to the extent that it is related to such direct marketing.
  • We are obliged to no longer process your personal data for marketing purposes when you object to it.
  • We are obliged to explicitly bring to your attention your right to object, including your right to object to the processing of your personal data for direct marketing purposes, in a clearly presented way, and separate from any other information, at latest by the time of our first communication with you.
  • You have the right to object, when your personal data are processed for scientific or historical purposes, or statistical purposes.

Your right with regards to automated individual decision-making, including profiling (Art. 22)

  • You have the right to not be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning you, or which significantly affects you. The above-mentioned right does not apply when:
    • the decision is necessary for entering into, or performance of, a contract between you and us, or
    • it is authorized by European Union or Member State law to which we may be subject; or
    • it is based on your explicit consent.
  • When the above-mentioned right does not apply, we are obliged to implement:
    • suitable measures to safeguard your rights and freedoms and legitimate interests;
    • your right to obtain human intervention on our part; and
    • your right to express your point of view and to contest the decision.

Some restrictions to your rights (Art. 23)

Please be advised, Article 23 of your rights states that European Union or Member State law to which we are subject may restrict the scope of your rights and our obligations provided for in Articles 12 through 22.

Should any such restriction occur, we will do our best to notify you accordingly.


How can you exercise your personal data privacy rights?

Your rights are our priority, and we strive to ensure them at all times.

There are many ways by which you can exercise your rights, depending on the personal data we may collecting and further processing.

For mobile Properties, you can manage your data options by:

  • Opting in/out through your mobile device’s own device/app settings
  • Choosing to not use our mobile Properties

For web Properties, you can manage your data options by:

  • Opt-in/out by declining any request to use cookies, manually configuring your browser’s cookie settings, or by installing browser appropriate add-ons (such as the Google Analytics opt-out browser add on, available at https://support.google.com/analytics/answer/181881?hl=en
  • Choosing to not use our web Properties

However, and as stated in the Privacy Policy of our products and services:

You may contact us directly to further exercise your personal data privacy rights, at any time. Simply write to us at: privacy@medicaljoyworks.com, or via mail to:

Medical Joyworks, LLC
4023 Kennett Pike, #55630
Wilmington, DE 19807
United States of America
Attn.: Miguel Angel Molina