PRIVACY POLICY

Icahn School of Medicine at Mount Sinai (the “School,” “we,” or “us”) wants you to be familiar with how we collect, use and disclose information. This Privacy Policy describes our practices in connection with information that we collect through:

• Websites operated by us from which you are accessing this Privacy Policy (the “Websites”);
• STEMIcathAID Software applications made available by us for use on or through computers and mobile devices (the “Apps”);
• Our social media pages related to STEMIcathAID (collectively, our “Social Media Pages”);
• HTML-formatted email messages that we send to you that link to this Privacy Policy or other communications with you;
• Offline interactions you have with us.

Collectively, we refer to the Websites, Apps, Social Media Pages, emails, and offline business interactions as the “Services.”

NOTICE REGARDING PATIENT INFORMATION

This Privacy Policy only applies to the information we collect about users of the Services. If you disclose any Personal Information relating to other people, including your patients, to us or to our service providers in connection with the Services, you represent that you have the authority to do so and
that your disclosure of such Personal Information is in compliance with applicable law. We will use patient information as permitted or required under the Health Insurance Portability and Accountability Act of 1996.

In connection with providing Services to health care providers, we may receive or create documents or other communications containing protected health information (PHI) related to individuals served by these health care providers. We will use and disclose this PHI as necessary to perform our services for those healthcare providers, or as otherwise permitted or required by law.

PERSONAL INFORMATION

“Personal Information” is information that identifies you as an individual or relates to an identifiable individual. The Services collect Personal Information, including:

• Name;
• Email address;
• Educational institution or business with which you are affiliated.

Collection of Personal Information

We and our service providers collect Personal Information in a variety of ways, including:

• Through the Services : We collect Personal Information through the Services, for example, when you register an account to access the Services or request to receive more information about the Services.
• From Other Sources. : We receive your Personal Information from other sources, for example publicly available databases.

We need to collect Personal Information in order to provide the requested Services to you. If you do not provide the information requested, we may not be able to provide the Services.

Use of Personal Information

We and our service providers use Personal Information for the following purposes:

• Providing the functionality of the Services and fulfilling your requests.
• To provide the Services’ functionality to you, such as arranging access to your registered account, and providing you with related customer service.
• To respond to your inquiries and fulfill your requests, when you contact us via one of our online contact forms or otherwise, for example, when you send us questions, suggestions, compliments or complaints.
• To verify your information.
• To send administrative information to you, such as changes to our terms, conditions, and policies.
• To facilitate communications between you and other healthcare providers. For example, when using the Services, other health care providers associated with your organization may be able to view some of your Personal Information. We will engage in these activities to manage our contractual relationship with you and/or to comply with a legal obligation.
• Providing you with information about our Services and/or other marketing materials and facilitating social sharing.
• To send you marketing related emails, with information about our services, new products and other news about our company.
• To facilitate social sharing functionality that you choose to use.
• We will engage in this activity with your consent or where we have a legitimate interest.
• Analyzing Personal Information for business reporting and providing personalized services.
• To analyze or predict our users’ preferences in order to prepare aggregated trend reports on how our digital content is used, so we can improve our Services.
• To better understand your interests and preferences, so that we can personalize our interactions with you and provide you with information and/or offers tailored to your interests.
• To better understand your preferences so that we can deliver content via our Services that we believe will be relevant and interesting to you.
• We will provide personalized services based on our legitimate interests.
• Aggregating and/or anonymizing Personal Information.
• We may aggregate and/or anonymize Personal Information so that it will no longer be considered Personal Information. We do so to generate other data for our use, which we may use and disclose for any purpose, as it no longer identifies you or any other
  individual.
• Accomplishing our business purposes.
• For data analysis, for example, to improve the efficiency of our Services;
• For audits, to verify that our internal processes function as intended and to address legal, regulatory, or contractual requirements;
• For fraud and security monitoring purposes, for example, to detect and prevent cyberattacks or attempts to commit identity theft;
• For developing new products and services;
• For enhancing, improving, repairing, maintaining, or modifying our current products and services, as well as undertaking quality and safety assurance measures;
• For identifying usage trends, for example, understanding which parts of our Services are of most interest to users;
• For determining the effectiveness of our promotional campaigns, so that we can adapt our campaigns to the needs and interests of our users;
• For operating and expanding our business activities, for example, understanding which parts of our Services are of most interest to our users so we can focus our energies on meeting our users’ interests.

We engage in these activities to manage our contractual relationship with you, to comply with a legal obligation, and/or based on our legitimate interest.

Disclosure of Personal Information

We disclose Personal Information:

• To our affiliates for the purposes described in this Privacy Policy.
  Icahn School of Medicine at Mount Sinai is the party responsible for the management of the jointly-used Personal Information.
• To our third party service providers, to facilitate services they provide to us.
  These can include providers of services such as website hosting, data analysis, payment processing, order fulfillment, information technology and related infrastructure provision, customer service, email delivery, auditing, and other services.
• To the American Heart Association in connection with reporting STEMI Metrics for AHA Mission: Lifeline STEMI.
• By using the Services, you may elect to disclose Personal Information.
  On message boards, chat, profile pages, blogs, and other services to which you are able to post information and content (including, without limitation, our Social Media Pages).
  Please note that any information you post or disclose through these services will become public and may be available to other users and the general public.

Other Uses and Disclosures

We also use and disclose your Personal Information as necessary or appropriate, in particular when we have a legal obligation or legitimate interest to do so:

• To comply with applicable law and regulations.
• This may include laws outside your country of residence.
• To cooperate with public and government authorities.
• To respond to a request or to provide information we believe is necessary or appropriate.
• These can include authorities outside your country of residence.
• To cooperate with law enforcement.
• For example, when we respond to law enforcement requests and orders or provide information we believe is important.
• For other legal reasons.
• To enforce our terms and conditions; To protect our rights, privacy, safety or property, and/or that of our affiliates, you or
  others.
• In connection with a sale or business transaction.
• We have a legitimate interest in disclosing or transferring your Personal Information to a third party in the event of any reorganization, merger, sale, joint venture, assignment, transfer, or other disposition of all or any portion of our business, assets, or stock
  (including in connection with any bankruptcy or similar proceedings).

OTHER INFORMATION

“Other Information” is any information that does not reveal your specific identity or does not directly relate to an identifiable individual. The Services collect Other Information such as:

• Browser and device information
• App usage data
• Information collected through cookies, pixel tags and other technologies
• Demographic information and other information provided by you that does not reveal your specific identity
• Information that has been aggregated in a manner such that it no longer reveals your specific identity

Collection of Other Information

We and our service providers may collect Other Information in a variety of ways, including:

• Your browser or device.
  Certain information is collected by most browsers or automatically through your device, such as your Media Access Control (MAC) address, computer type (Windows or Mac), screen resolution, operating system name and version, device manufacturer and model, language, Internet browser type and version and the name and version of the Services (such as the App) you are using. We use this information to ensure that the Services function properly.
• Your use of the App.
  When you download and use the App, we and our service providers may track and collect App usage data, such as the date and time the App on your device accesses our servers and what information and files have been downloaded to the App based on your device number.
• Cookies.
  Cookies are pieces of information stored directly on the computer that you are using. Cookies allow us to collect information such as browser type, time spent on the Services, pages visited, language preferences, and other traffic data. We and our service providers use the information
  for security purposes, to facilitate navigation, to display information more effectively, and to personalize your experience. We also gather statistical information about use of the Services in order to continually improve their design and functionality, understand how they are used, and
  assist us with resolving questions regarding them. If you do not want information collected through the use of cookies, most browsers allow you to automatically decline cookies or be given the choice of declining or accepting a particular cookie (or cookies) from a particular website.
  You may also wish to refer to http://www.allaboutcookies.org/manage-cookies/index.html .
• Pixel tags and other similar technologies.
  Pixel tags. Pixel tags (also known as web beacons and clear GIFs) may be used to, among other things, track the actions of users of the Services (including email recipients), measure the success of our marketing campaigns, and compile statistics about usage of the Services and response
  rates.
• Analytics.
  We use Google Analytics, which uses cookies and similar technologies to collect and analyze information about use of the Services and report on activities and trends.  This service may also collect information regarding the use of other websites, apps and online resources.  You
  can learn about Google’s practices by going to www.google.com/policies/privacy/‌partners/ , and exercise the opt-out provided by Google by downloading the Google Analytics opt-out browser add-on, available at https://tools.google.com/dlpage/gaoptout .
• Adobe Flash technology (including Flash Local Shared Objects (“Flash LSOs”)) and other similar technologies.
  We may use Flash LSOs and other technologies to, among other things, collect and store information about your use of the Services. If you do not want Flash LSOs stored on your computer, you can adjust the settings of your Flash player to block Flash LSO storage using the
  tools contained in the Website Storage Settings Panel . You can also go to the Global Storage Settings Panel and follow the instructions (which may explain, for example, how to delete existing Flash LSOs (referred to as “information”), how to prevent Flash LSOs from being placed
  on your computer without your being asked, and how to block Flash LSOs that are not being delivered by the operator of the page you are on at the time). Please note that setting the Flash Player to restrict or limit acceptance of Flash LSOs may reduce or impede the functionality of
  some Flash applications.
• Physical Location.
  We may collect the physical location of your device by, for example, using satellite, cell phone tower or WiFi signals. In some instances, you may be permitted to allow or deny such uses and/or sharing of your device’s location, but if you do we may not be able to provide you with the
  applicable personalized services and content.

Uses and Disclosures of Other Information

We may use and disclose Other Information for any purpose, except where we are required to do otherwise under applicable law. If we are required to treat Other Information as Personal Information under applicable law, we may use and disclose it for the purposes for which we use and disclose Personal Information as detailed in this Policy. In some instances, we may combine Other Information with Personal Information. If we do, we will treat the combined information as Personal Information as long as it is combined.

SECURITY

We seek to use reasonable organizational, technical and administrative measures to protect Personal Information within our organization. Unfortunately, no data transmission or storage system can be guaranteed to be 100% secure. If you have reason to believe that your interaction with us is no longer secure, please immediately notify us in accordance with the “Contacting Us” section below.

CHOICES AND ACCESS

Your choices regarding our use and disclosure of your Personal Information We give you choices regarding our use and disclosure of your Personal Information for marketing purposes. You may opt out from receiving marketing-related emails from us. If you no longer want to receive
marketing related emails from us on a going-forward basis, you may opt out by selecting We will try to comply with your request(s) as soon as reasonably practicable. Please note that if you opt out of receiving marketing related emails from us, we may still send you important administrative messages, from which you cannot opt out. How you can access, change, or delete your Personal Information If you would like to request to access, correct, update, suppress, restrict, or delete Personal Information, object to or opt out of the processing of Personal Information, or if you would like to request to receive a copy of your Personal Information for purposes of transmitting it to another company (to the extent these rights are provided to you by applicable law), you may contact us in accordance with the “Contacting Us” section below. We will respond to your request consistent with applicable law. In your request, please make clear what Personal Information you would like to have changed or whether you would like to have your Personal Information suppressed from our database. For your protection, we may only implement requests with respect to the Personal Information associated with the particular email address that you use to send us your request, and we may need to verify your identity before implementing your request. We will try to comply with your request as soon as reasonably practicable. Please note that we may need to retain certain information for record keeping purposes and/or to complete any treatment cases that you began prior to requesting a change or deletion.

RETENTION PERIOD

We retain Personal Information for as long as needed or permitted in light of the purpose(s) for which it was obtained and consistent with applicable law. The criteria used to determine our retention periods include:

• The length of time we have an ongoing relationship with you and provide the Services to you (for example, for as long as you have an account with us or keep using the Services);
• Whether there is a legal obligation to which we are subject (for example, certain laws require us to keep records of your transactions for a certain period of time before we can delete them);
• Whether retention is advisable in light of our legal position (such as in regard to applicable statutes of limitations, litigation or regulatory investigations).

THIRD PARTY SERVICES

This Privacy Policy does not address, and we are not responsible for, the privacy, information, or other practices of any third parties, including any third party operating any website or service to which the Services link. The inclusion of a link on the Services does not imply endorsement of the linked site or service by us or by our affiliates. In addition, we are not responsible for the information collection, use, disclosure, or security policies or practices of other organizations, such as Facebook, Apple, Google, Microsoft, RIM, or any other app developer, app provider, social media platform provider, operating system provider, wireless service provider, or device manufacturer, including with respect to any Personal Information you disclose to other organizations through or in connection with the Apps or our Social Media Pages.

USE OF SERVICES BY MINORS

The Services are not directed to individuals under the age of thirteen (13), and we do not knowingly collect Personal Information from individuals under 13.

JURISDICTION AND CROSS-BORDER TRANSFER

Your Personal Information may be stored and processed in any country where we have facilities or in which we engage service providers, and by using the Services you understand that your information will be transferred to countries outside of your country of residence, including the United States, which may have data protection rules that are different from those of your country. In certain circumstances, courts, law enforcement agencies, regulatory agencies or security authorities in those other countries may be entitled to access your Personal Information.

SENSITIVE INFORMATION

Unless we request it or it is necessary for the Services, we ask that you not otherwise send us, and you not disclose, any sensitive Personal Information (e.g., social security numbers, information related to racial or ethnic origin, political opinions, religion or other beliefs, health, biometrics or genetic characteristics, criminal background) on or through the Services or otherwise to us.

UPDATES TO THIS PRIVACY POLICY

The “LAST UPDATED” legend at the top of this Privacy Policy indicates when this Privacy Policy was last revised. Any changes will become effective when we post the revised Privacy Policy on the Services.

CONTACTING US

Icahn School of Medicine at Mount Sinai, located at One Gustave Levy Pl., New York, NY 10029, is the company responsible for collection, use and disclosure of your Personal Information under this Privacy Policy.
If you have any questions about this Privacy Policy, please contact us at info@cardiologyapps.com or:

Icahn School of Medicine at Mount Sinai
Department of Interventional Cardiology
One Gustave Levy Pl.
New York, NY 10029
Because email communications are not always secure, please do not include sensitive information in your
emails to us.