Effective Date: June 17, 2021
At Lilium Diagnostics Inc., we value the privacy of our clients. This policy explains how and for what purpose we collect, use, and share your personal information when you use the services offered by Lilium Diagnostics Inc. (collectively “Lilium”, “we”, “us” or “our”).
This policy applies to personal information collected by Lilium, regardless of the means by which it is collected, for example, in person at our points of service and clinics, by telephone, or via the website or mobile application on which this policy is posted.
In this policy, we describe what personal information we collect, how we use, share, and manage it, how you can access, update, or correct your personal information, and the choices you have regarding your privacy.
In some cases, at the time of collection of your personal information, we may provide you with additional information regarding the processing of your personal information. We may also, in certain circumstances, obtain your specific consent to use or share your personal information.
This policy describes how we handle your personal information, specifically, what information we collect and how we collect, use, share, protect and store it. In addition, we explain what your privacy choices are and how you can exercise those choices.
This policy applies to you in all situations where you interact with Lilium and where we collect information about you. For example, this may occur when you use our services, including when you take a sample at a point of service, when you visit our Website, or when you communicate with us by any means.
Please note that specific notices or additional terms and conditions may apply to the processing of your personal information. These additional notices or terms and conditions apply in addition to this policy. For example, in certain cases, Lilium will ask you to fill out a consent form for your personal information to be transferred to a third party, for example when you want us to transmit your test results to your employer.
We collect only the personal information reasonably required to provide and manage our services and business operations. We collect your personal information in a variety of ways. We collect it, for example, directly from you, from third parties, when you visit our Website, or through medical equipment you use in the course of the care we provide to you.
“Personal Information” means any information that identifies you or could reasonably be associated with you. The personal information we collect may include, but is not limited to, the following:
Information that is aggregated and/or anonymized, and cannot be associated with an identifiable individual, is not considered personal information.
We generally collect personal information as follows:
Directly From You
You may provide us with personal information directly, for example, in person at our points of service and clinics, during a teleconsultation, by mail, email, telephone, fax, or through our Website or app.
Occasionally, we may receive personal information from other sources. In these cases, we only receive it with your consent or as required or permitted by law (for example, to meet our regulatory obligations).
From the Medical Equipment You Use
In some cases, we may receive personal information through your medical equipment, with your consent.
Through Our Website
We may collect certain types of information electronically through your contact with our Website using technologies (either our own or third party technologies) such as cookies and web beacons.
We use the information collected to adapt our Website to the preferences of the user concerned, to compile statistics about the consultation and use of our Website and our electronic communications (such as our newsletters) in order to improve them, and to present you with Lilium advertisements with the help of our partners.
The technologies we employ include, but are not limited to, the following:
You can remove or disable some of these technologies at any time through your browser. However, if you do so, you may not be able to use certain features of our Website. To learn more about the privacy choices available to you, please visit How Do I Change My Privacy Choices?
We use your personal information to provide you with our services, to manage our business operations, to communicate offers and information that we believe will be of interest to you, to enhance your overall client experience, and for other purposes permitted or required by law.
In particular, we use your personal information for the following purposes:
a. To Offer You Our Services
We use your personal information to provide you with our services and, more specifically, for the following purposes:
b. Managing Our Business Operations
We use your personal information for several reasons in connection with our business operations, which include:
c. Our Communications With You
We use your personal information to communicate with you in the following ways:
If you no longer wish to receive our commercial electronic messages, please follow the unsubscribe procedure included in each of these messages. For more information on this topic, see How Do I Change My Privacy Choices?
d. Data Analysis and Research
We may use your personal information to conduct data analysis and research to improve or develop health-related products and services, programs, promotions, contests, or events, and to better understand our clients. In such cases, we will generally aggregate and/or anonymize your personal information so that it no longer includes information from which you can be identified.
For example, we may conduct data analysis and research for the following purposes at any time, in accordance with applicable laws:
We may share your personal information between Lilium entities or to our service providers (companies that carry out activities on our behalf) and other third parties (with your consent or when otherwise permitted by law) for the purposes described in this policy and in accordance with applicable law (for example, under the Act Respecting the Sharing of Certain Health Information). We do not sell your personal information, other than in the event of a sale or transfer of part of our business.
Lilium entities may share personal information among themselves and use it for the purposes described in this policy. This allows each Lilium entity to comply with applicable laws, regulations, and requirements, and it ensures that your information is consistent, accurate, and up to date. In addition, it increases the quality and relevance of the services you receive and improves your interactions with Lilium through easier access to your information within the group. In addition, we may share aggregated and/or anonymized information to third parties (including government, pharmaceutical companies, physicians, nutritionists, pharmacists, drug manufacturers, and others involved in health care or the medical field).
We do not share your personal information with any person or company outside our group of companies except as set out below:
a. Service Providers
We may share personal information with our service providers. These service providers assist us in providing our services, conducting our business operations, operating our technology systems, applications, and infrastructure, and implementing our internal procedures and our advertising and marketing strategy. For example, they provide us with services such as data hosting, email deployment, marketing, sales, and personal information processing or analysis. We may also outsource certain services we provide to our clients to third parties, including laboratories and healthcare professionals.
By using Lilium’s services, you consent to having your personal information transit through the systems of suppliers that allow us to interact with various electronic medical records (EMRs).
b. Sale or Transfer of Our Business or Other Transaction
We may decide to sell or transfer all or part of our business to a third party, merge with another entity, secure our assets or proceed with any other financing or other strategic capital transaction (including insolvency or bankruptcy proceedings), restructuring, share sale, or other change in corporate control. You consent to the sharing of your personal information when required for the purposes of such a transaction.
c. Other Permitted Reasons
The law permits or requires the collection, use, or sharing of personal information without consent in specified circumstances (for example, to investigate or prevent suspected or actual illegal activities, including fraud, or to assist government and law enforcement agencies). These circumstances include where it is permitted or required by law and where it is necessary to do so to protect ourselves or to protect our employees, customers, or others. In such circumstances, we will not share more personal information than is reasonably required to fulfill that particular purpose.
If you use our services, please note that under the Act Respecting the Sharing of Certain Health Information, Lilium may be required to share your health information to authorized persons using the Massachusetts Health Record. By using our services, you consent to such communications.
d. With Your Consent
In addition to the purposes identified above, we may, with your express or implied consent and subject to applicable law, communicate or share your personal information to persons or entities outside our group of companies.
By using our services and visiting our Website, you consent to the collection, use, and sharing of your personal information as described in this policy. In some cases, your consent may be “implied”, meaning that your permission is deemed to be given based on your action or inaction at the time of collection, use, or sharing of your personal information.
Generally, we will seek your consent when we wish to use your personal information for a new purpose or for a purpose other than those identified in this policy or otherwise at the time of collection, for example, in a specific consent form or in the terms and conditions of a service to which you subscribe.
You may withdraw your consent at any time, except in limited circumstances, including where we are bound by legal or regulatory requirements or you have contractual obligations with us. More information on how to manage your privacy preferences can be found at How Do I Change My Privacy Choices?
If you choose not to provide us with certain personal information or if you withdraw your consent, where it is possible to withdraw consent, we may not be able to provide our services to you.
You have choices about the way Lilium handles your personal information. You can always withdraw your consent for your personal information to be used for purposes other than those that are absolutely necessary for the provision of our services, without this having any consequences on the services you receive from Lilium.
You have different options to make your choices:
a. Within Your MyLilium Account
If you have a MyLilium account, you can update your communication preferences.
b. When You Register or by Contacting Us Directly
You can always choose not to receive marketing messages from Lilium by email by clicking on “unsubscribe” in any email you receive.
Please note that even if you have indicated your choice not to receive commercial messages from us, we may still communicate with you in connection with a service, in accordance with applicable law (for example, to send you a customer service message, important product information, service notification or recall). In addition, it may take up to 10 business days to register a change of preference in all of our records.
c. Changing Your Browser Settings on Your Device
We use technology to enhance your client experience and present you with offers, including personalised advertising. Through technologies such as cookies, our Website recognizes you when you use or return to them and can provide you with a seamless experience. You can remove or disable some of these technologies at any time through your browser. However, if you do so, you may not be able to use some of the features of our Website.
Please refer to your browser instructions or help screen to learn how to block, delete, and manage cookies on your computer or mobile device. You can also use the quick links below, depending on the type of browser that you are using: Internet Explorer, Google Chrome, Firefox, and Safari.
d. Using Third Party Unsubscribe Functionality
We may use the services of third parties (for example, services such as Google Analytics or of social media platforms) that use certain technologies to analyze your browsing behaviour on our Website. You can manage your privacy preferences with respect to the services of certain third parties, such as Google or Facebook, by using their platform’s unsubscribe feature. Please note that disabling, blocking, or removing some of these technologies, such as cookies, may prevent your use of certain features of our Website.
The security of your information is important to us, and we are committed to protecting your privacy through a variety of organizational, physical, and technological safeguards. We retain your personal information for as long as necessary to provide you with our services, to manage our business operation, and to comply with our legal and regulatory obligations.
a. How We Protect Your Personal Information
To protect your personal information, we employ organizational, physical, and technological safeguards. Our goal is to prevent unauthorized access, loss, misuse, sharing, or alteration of personal information in our possession. We also use these safeguards when we dispose of or destroy your personal information.
b. Where We Keep Your Personal Information
We use all reasonable security measures, which may include imposing contractual obligations on our service providers, to protect your personal information wherever it is used or stored.
Unless we are legally required or contractually obliged to keep your personal information in USA, it may be transferred outside of USA. For example, some of our service providers may be able to access, process, or store your personal information outside of your State, or outside of USA, for the purposes of the services they provide to us. In this case, personal information is governed by the laws of the jurisdiction where it is used or stored, including any laws authorizing or requiring the sharing of the information to government authorities or agencies, courts, and law enforcement authorities in that jurisdiction.
c. How Long We Keep Your Personal Information
We store your personal information for as long as is necessary to provide our services to you, to manage our business operations, and to comply with our legal and regulatory obligations (for example, health care providers must comply with legal retention requirements for patient records). Once no longer required, your personal information will be securely destroyed or anonymized (so the information no longer identifies you).
You have a right of access to the personal information we hold about you, subject to any restrictions imposed by law. Upon request, we will provide you with access to your personal information within a reasonable time.
It is your responsibility to provide accurate, correct, and complete information. If you notice any errors in your personal information or need to update it, please notify us in the manner set out below.
You can access some of the personal information we hold about you through your MyLilium account.
To consult personal information that is not accessible through your MyLilium account, you can make a request by contacting us using the contact information set out in Whom Do I Contact If I Have Questions About the Protection of My Personal Information?
We may make changes to this policy from time to time. Any changes we make will be effective when we post the revised policy on this web page. If we make any significant changes to the policy, we will post a notice on our Websites or contact you to inform you when required by law. By continuing to use our services after the modified version of the policy has been posted, you are accepting the changes to the policy, subject to any additional requirements that may apply. If you do not accept the changes to our policy, you must stop using our services. It is your responsibility to ensure that you read, understand, and accept the latest version of the policy. The “Effective Date” at the top of this policy indicates when it was last updated.
If you have any questions about how we handle your personal information, we invite you to contact the Privacy Committee.
Address: Lilium Diagnostics Inc, 124 Watertown St, Suite 3b, Watertown, MA 02472