Legal Notice

TERMS OF USE

Welcome to the Mapi Group Website at www.mapigroup.com (the “Website”). This Website is owned, financed and maintained by the MAPI DEVELOPPEMENT, SAS company with a declared capital of 10,412,188 €, registered with the Lyon RCS (Register of Companies) under the number B 302 395 074; its Head office is located at 27 rue de la Villette, Lyon 69003 - France. The publication director is Bernard Jambon.

Mapi Group consists of MAPI DEVELOPPEMENT SAS, its affiliates and subsidiaries (hereinafter “Mapi”). The www.mapigroup.com Website is hosted by Mapi USA, Inc. in the United States of America. All inquiries may be directed to:

Mapi USA, Inc.
2343 Alexandria Drive, Suite 100
Lexington, KY 40504-3276
USA

privacy@mapigroup.com

The terms and conditions found on this page apply to every internet-user visiting this Website. Your use of this Website is based on these terms and conditions – please take a few minutes to review them. Your use of the mapigroup.com website represents your agreement to follow these rules and to be bound by them. If you do not agree with any of these terms and conditions, do not use our Website. If you are a user in France, click HERE for additional information.

TERMS AND CONDITIONS MAY CHANGE
Mapi has the right to update or modify these terms and conditions at any time without prior notice. Your use of the Website following any such change constitutes your agreement to follow and be bound by the terms and conditions as changed. For this reason, we encourage you to review these terms and conditions whenever you use this Website.

We try to ensure that the information posted on our Website is correct and up-to-date. Although we take every measure to ensure the Website is up-to-date, we do not guarantee the correctness, thoroughness or completeness of any of the information available on the Website and will not be held liable for any inaccuracy or omission concerning any of the information.

SERVICES AND CONTENT
Mapi conducts clinical research, providing strategic study design and management, implementation, clinical data management, programming, statistical support services, expert research services in the field of epidemiology, strategic consulting in areas such as patient reported outcomes, pharmaco-epidemiology, regulatory and pharmaceutical affairs, and linguistic validation of Patient Reported Outcomes Questionnaires services in support of clinical studies to providers, manufacturers, and medical societies within the healthcare industry Mapi is providing information via the Internet as a complimentary service to you, and makes no representations about the suitability or content of information or services provided on the Website or linked to from the Website. Any opinion expressed on a Website linked to from the Website is the opinion of the author and not necessarily of Mapi.

The Website may contain from time to time information related to various health, medical and fitness conditions and their treatment. Such information is not meant to be a substitute for the advice provided by a professional health care provider. You should not use the information contained herein for diagnosing a health or fitness problem or disease. You should always consult a professional health care provider.

ADDITIONAL OR THIRD PARTY TERMS AND CONDITIONS
In addition, when using particular services or accessing particular information on this Website, you may be subject to additional guidelines or rules applicable to such services or information as may be posted from time to time. If you do not agree to be legally bound by these terms and conditions of use, do not access or use the Website.

Mapi may provide or third parties may provide, links to other worldwide websites or resources. Mapi is not responsible for the availability of such external websites or resources, and does not endorse (and is not responsible or liable for) any content, advertising, products, services or other materials on or available from such other websites or resources or for any healthcare provider or other third party whose name, address, or telephone number is listed on a website linked to from the Website. With respect to information obtained from Mapi 's third party partners, you are solely responsible for compliance with any copyright, trademark, and other proprietary rights and restrictions, including any license agreements that may accompany third party software or tools accessible by this Website. For any software not accompanied by a license agreement, Mapi hereby grants to you, the user, a revocable personal, non-transferable license to use the software for viewing and otherwise using the Website in accordance with these terms of use, and for no other purpose provided that you keep intact all copyright and other proprietary notices.

Mapi does not exert any editorial or other control over other websites. Under no circumstances will Mapi be held responsible or liable, directly or indirectly, for any loss or damage that is caused or alleged to have been caused to you in connection with your use of or reliance on, any content, advertisements, products, services or other resources available from any other website (regardless or whether we directly or indirectly link to such content, advertisements, products, services or other resources). You should direct any concerns with respect to any other websites to that website’s administrator or webmaster.

Children (under the age of 13) are not eligible to use the Website unsupervised, and we ask that children do not submit any personal information to us. If you are under the age of 13, you are forbidden from using this Website without direct written parental consent.

INTELLECTUAL PROPERTY AND COPYRIGHT NOTICE
Any advertisements on the Mapi site are presented in such a way as to distinguish them clearly from the editorial content. Mapi only publishes advertisements related to its activities which respect the ethical code of its profession. Such advertisements are not used to finance the site.

Unless we clearly state otherwise, all Content on this Website is owned, controlled or licensed by Mapi and is protected by copyright, trademark and various other intellectual property rights and laws. By “Content” we mean the overall structure, design, expression, and layout of the Website, all and any material contained on the Website, including all texts, images, animated or otherwise, trademarks, logos, artwork, computer code, and any music, audio, video, photos, messages, or other materials or items. Except where specifically noted, the Content of this website, and the site as a whole, is intended solely for personal, noncommercial use by the users of the website. You may download, print and store selected portions of the Content, provided you (1) only use these copies of the Content for your own personal, non–commercial use, (2) do not copy or post the Content on any network computer or broadcast the Content in any media, and (3) do not modify or alter the Content in any way, or delete or change any copyright or trademark notice.

No right, title or interest in any downloaded materials is transferred to you as a result of any such downloading. Mapi reserves the complete title and full intellectual property rights in any Content you download from this website.

Except as noted above, you may not copy, download, reproduce, modify, publish, distribute, transmit, transfer or create derivative works from the Content, by whatever means without the express prior authorization of the Mapi. Any violation of this provision is forbidden and constitutes an infringement punishable under applicable law.

The Mapi name and logo and all related product and service names, design marks, and slogans and those of its subsidiaries are the trademarks or service marks of Mapi. You are not authorized to use any Mapi name or mark in any advertising, publicity, or any other commercial manner without the prior written consent of Mapi. Any total or partial reproduction of these trademarks without the express authorization of their respective owner is forbidden. This authorization can be requested from privacy@mapigroup.com.

If you know of or suspect copyright or trademark infringement, please provide notice to privacy@mapigroup.com.

If applicable, Mapi will take appropriate action as required by the Digital Millennium Copyright Act (DMCA), 17 U.S.C. § 512(c)(3). If you believe that any portion of the material contained in this Website infringes your copyright, click HERE and follow the additional instructions found there.

DISCLAIMERS
MEDICAL CONTENT DISCLAIMER: THIS WEBSITE DOES NOT PROVIDE MEDICAL ADVICE.The Content is presented in summary form, is general in nature, and is not intended in any way to be a substitute for a medical exam or professional medical advice, diagnosis, or treatment. Always seek the advice of your physical or other qualified health provider with any questions you may have regarding a medical condition. Never disregard or delay seeking medical advice because of something you have read on the Website. Talk to your doctor or pharmacist before taking any prescription or over-the-counter drugs (including any herbal medicines or supplements) or following any treatment or regimen. Only your doctor or pharmacist can provide you with advice regarding what is safe and effective for you. DO NOT USE THIS WEBSITE FOR MEDICAL EMERGENCY SERVICES.

Mapi staff may include physicians and other medical practitioners including without limitation pharmacists, nutritionists, nurses, nurse practitioners, and other health care professionals. These professionals are available solely to assist you in general research. They will not engage in any conduct via the Website that involves the practice of medicine. Mapi does not recommend or endorse any specific tests, products, procedures, opinions, or other information that may be mentioned on the Website. Reliance on any information provided by Mapi, its employees, licensors and suppliers, or others appearing on the Website at the invitation of Mapi is solely at your own risk.

The Website, or the websites linked to through the Website, may contain health or medical related materials that you find sexually explicit or otherwise offensive. Mapi and Licensors and Suppliers have no control and no responsibility for such materials. You are responsible for compliance with the laws of your local jurisdiction with respect to accessing, importing, exporting, or re-exporting the Contents of the Website whether inside or outside the USA.

The information contained on the Website has been devised without reference to cultural, dietary, societal, language, prescribing or dispensing conditions (including but not limited to those imposed by law), other than those of the USA, which might affect the Content.

GENERAL DISCLAIMER AND LIMITATION OF LIABILITY; Mapi assumes no liability or responsibility for damage or injury to persons or property arising from any use of any product, information, idea, or instruction contained in materials accessed by you. This Website is operated by Mapi on an "as is," "as available" basis, without representations or warranties of any kind. To the full extent permitted by law, Mapi disclaims any and all representations and warranties with respect to this Website and its contents, whether express, implied, or statutory, including, but not limited to, warranties of title, merchantability and fitness for a particular purpose or use.

Mapi does not make any warranty that the Content contained on the Website satisfies government regulations requiring disclosure of information on prescription drug or other products.

Without limiting the foregoing, Mapi does not represent or warranty that the information on this website is accurate, complete, reliable, useful, timely or current or that this website will operate without interruption or error.

Mapi makes no representation that content provided on this website is applicable or appropriate for use in locations outside of the United States.

In no event shall Mapi and/or licensors and suppliers be liable for any special, indirect, or consequential damages, or any damages whatsoever resulting from loss of use, data, or profits from the inability to use data, whether in an action in contract, negligence, or other tortuous action, arising out of or in connection with the use of the Website or failure or inability to use or access the Website. If Mapi's disclaimer of warranties or limitation of liability set forth herein is held unenforceable or inapplicable, you agree that your sole remedy is to stop using the Website. BECAUSE SOME JURISDICTIONS DO NOT ALLOW THE EXCLUSION OR LIMITATION OF CERTAIN CATEGORIES OF DAMAGES, THE ABOVE LIMITATION MAY NOT APPLY TO YOU. IN SUCH JURISDICTIONS, THIS LIMITATION OF LIABILITY IS LIMITED TO THE FULLEST EXTENT PERMITTED BY THE LAW OF SUCH JURISDICTION.

PRIVACY
Users of the Website must comply with the provisions on data protection, and any infringement is punishable by law. In particular, with respect to personal information to which they have access, they must refrain from any data collection, inappropriate use and any action liable to violate a person's privacy or reputation. For further information, refer to our Privacy Policy below

ENFORCEMENT OF TERMS AND CONDITIONS
By accessing and using this website, you agree that your access to and use of this website is subject to these terms and conditions, as well as all applicable laws, as governed and interpreted pursuant to the laws of the Commonwealth of Kentucky, United States of America.

The Website is operated from a Website in the Commonwealth of Kentucky, USA. Mapi makes no representation that materials found at the Website are appropriate or available for use in other locations. If you access the Website from other locations, you are responsible for compliance with local laws. This Website may be viewed internationally and may contain references to a product or service not available in all countries. References to products or services do not imply that Mapi intends to make such products or services available in such countries. Unless otherwise specified, the Website is available for visitors outside of the US only for purposes of information.

PRIVACY POLICY

WEBSITE AND PORTAL PRIVACY POLICY
This is how we handle information we learn about you from your visit to our company web site or other Mapi portal, including study-specific portals. “Mapi” means any or all Mapi Group subsidiaries and affiliates, unless specifically stated otherwise.

The information we receive depends on what you do when visiting our site. If you visit our site to read or download information, we collect and store, without limitation, the following types of information about you: the Internet Protocol (IP) address through which you accessed our site; the date and time you access our site; the type of browser you are using to access our site; and the referrer to our site (for example, if you find us through Google™ or Yahoo!®, that information is passed to our servers). If you visit our site to apply for a career opportunity, you may enter personal information in that application. We use this and other internal server specific information to measure the number of visitors to different sections of our site, so that we can make our site more useful to our visitors.

Information you may provide to us
This notice applies to all information collected or submitted on the web site or portal. We may collect information in several ways, which are described below:

On some pages, you may opt to provide us information about yourself if you are interested in: (a) an employment opportunity at Mapi; (b) having Mapi participate at your event; (c) downloading information; or (d) participating in Mapi webinars or events. The information requested from you will be based on your area of interest.

  • On occasion, Mapi may request that you voluntarily participate in a survey or poll such as feedback on web site or portal content or services. Your responses will be anonymous unless you opt in to being contacted by email to provide further information regarding the survey.
  • On some pages, you can register to receive customized information. This information is generally collected on “Contact Us,” “Download” or “RFP Request” forms where you can ask a Mapi representative to contact you in order to answer questions or provide specific information. The personal information you provide on these forms may include your name, title, company name, address, contact numbers, and email.
  • On some pages, you can choose to register to receive access to webcasts, periodic newsletters, or information on a specific Mapi product or service and marketing communications. Generally, the personal information collected when you register to receive this type of information is your name, company, affiliation, phone number and email address. This information is collected for qualification and aggregate measurement purposes only.

How we will use your information
The information you provide to us will be available to Mapi and third parties including vendors, contractors, subcontractors, partners, independent consultants and clients and other associates working with or on behalf of Mapi or, as described herein below, who may be involved in the sale, assignment or other transfer of Mapi or Mapi-related business (“Mapi Associates”). Access to your information and the equipment used for processing your information is at all times restricted to appropriate staff. Except as set forth in this Privacy Policy, Mapi will not trade, sell, release, share or transfer your personal information for use by any business outside the Mapi organization without your consent, or in a form other than what was disclosed to you at the time the information was collected, unless permitted or required by law.

Mapi reserves the right to disclose all information collected to the extent required by law, to respond to judicial process, or to respond to any lawful request by public authorities, including to meet national security or law enforcement requirements. Mapi may also provide any or all collected information to a Mapi Associate in connection with the sale, assignment, or other transfer of the Mapi or Mapi-related business to which the information relates if such Mapi Associate agrees to treat all such information substantially in accordance with this Privacy Policy.

Mapi takes reasonable measures to maintain the confidentiality of your personal information regardless of the country where such information is stored, transferred to or transferred from.

Except as required or permitted by law, we do not share any individually identifiable information about you outside of Mapi.

If you are accessing a study-specific portal or specific portions of our website, user login information is accessible to Mapi's Information Technology Department personnel and to those other persons requiring that information to provide support to visitors (such as Mapi's Monitoring & Site Management Department).

Generic access information is not given the same level of security as the information that is provided to access through a study-specific portal. This is because there is no data collected on a simple visit that should require safeguarding. Excepting perhaps IP address and cookies (see below), access logs do not store unique user information but only unique system information such as: date of visit; host or proxy address; requested resource; whether the request succeeded or failed; the size of the resource; browser version; referring web site (if any); etc.

"Cookies" are small text files or pieces of information that may be stored in your computer's hard drive when you visit a web site. We use cookies to better tailor our site and our services to your interests and needs. Cookies may also be used to help speed up your future activities or to improve your user experience by remembering the information that you have already provided to us. The use of cookies is a standard in industry and you will find they are used at most web sites. We use cookies for login verification, session management, load balancing, and personalization to enable or enhance your user experience. We never use cookies to retrieve information from your computer that was not already voluntarily provided to us by you. You are always free to decline our cookies if your browser permits, although in that case you may not be able to use certain features on our site.

You may choose to send personally-identifying information to other sites you have linked to through our site. We do not control the collection or use of this information, and make no representations about the privacy policies of other sites.

We welcome your comments regarding this web site or portal. However, any comments, feedback, notes, messages, ideas, suggestions or other communications (collectively, "Comments") sent to mapigroup.com shall be and remain the exclusive property of Mapi. Your submission of any such Comments shall constitute an assignment to Mapi of all worldwide rights, titles and interests in all copyrights and other intellectual property rights in the Comments. Mapi will be entitled to use, reproduce, disclose, publish and distribute any material you submit for any purpose whatsoever, without restriction and without compensating you in any way. For this reason, we ask that you not send us any comments or information embedded, included or within the Comments that you do not wish to assign to us, including any confidential information or any original creative materials such as stories, product ideas, computer code or original artwork.

If you submit to us a testimonial, including, without limitation, testimonials about our products or services, such submission will not be confidential or secret, and may be used by us in any manner. By submitting or sending a testimonial to use, you: (i) represent and warrant that the testimonial is original to you, that no other party has any rights thereto, and that any "moral rights" in such testimonial have been waived, and (ii) you grant us a royalty-free, unrestricted, perpetual, irrevocable, non-exclusive and fully transferable, assignable and sub-licensable right and license to use, reproduce, publish, distribute, display, translate, summarize, modify and adapt such testimonial (in whole or part) and/or to incorporate it in other works in any form, media, or technology now known or later developed, in our sole discretion, with or without your name. All testimonials found on this website or portal are for the exclusive use of Mapi and are not to be reproduced or copied in any way.

Although we do not share aggregate information from data or information shared with us via our website, it is possible that in other areas, we may share aggregate information with others in accordance with applicable law.

Adherence to US HIPAA Requirements
Mapi abides by the requirements of the Health Insurance Portability and Accountability Act of 1996 ("HIPAA"), as applicable.

French Users’ Data Confidentiality: Loi informatique, fichiers et libertés (Data Protection Act)
Users accessing the web site or portal from France are hereby notified that user information obtained will be used by Mapi for the sole purpose of replying to him/her as efficiently as possible in accordance with the French Law “ Loi n°2004-801 du 6 août 2004 relative à la protection des personnes physiques à l’égard des traitements de données personnelles et modifiant la loi n°78-17 du 6 janvier 1978 relative à l'informatique, aux fichiers et aux libertés ” (Data Protection Law), and users have a right to access, to modify, to rectify and to suppress any personal data communicated to Mapi via electronic mail, simply by requesting it at: privacy@mapigroup.com

US-SWISS SAFE HARBOR
Mapi, notably Mapi USA, Inc. and Mapi Life Sciences USA Inc., complies with the US-Swiss Safe Harbor Framework as set forth by the United States Department of Commerce regarding the collection, use and retention of personal information from Switzerland. Mapi has certified that it adheres to the Safe Harbor Privacy Principles of notice, choice, onward transfer, security, date integrity, access, and enforcement. If there is any conflict between the policies in this privacy policy and the Safe Harbor Privacy Principles, the Safe Harbor Privacy Principles shall govern. In addition to discussing how Mapi adheres to the EU-US Privacy Shield, the next section of this policy also provides further details on how Mapi adheres to the US-Swiss Safe Harbor. To learn more about the US-Swiss Safe Harbor and to view our certification page, please visit http:/www.export.gov/safeharbor.

EU-US PRIVACY SHIELD
Mapi, notably Mapi USA, Inc. and Mapi Life Sciences USA Inc., complies with the EU-US Privacy Shield Framework as set forth by the US Department of Commerce regarding the collection, use, and retention of personal information from European Union member countries. Mapi has certified that it adheres to the Privacy Shield Principles of Notice, Choice, Accountability for Onward Transfer, Security, Data Integrity and Purpose Limitation, Access, and Recourse, Enforcement and Liability. If there is any conflict between the policies in this privacy policy and the Privacy Shield Principles, the Privacy Shield Principles shall govern. To learn more about the Privacy Shield program, and to view our certification page, please visit https://www.privacyshield.gov/.

The Federal Trade Commission has jurisdiction over Mapi’s compliance with the Privacy Shield.

Mapi respects the privacy of its clients and customers (and their clients and customers) and others who may use Mapi's services.

This privacy policy sets forth the privacy principles that Mapi follows with respect to the protection and transfer of personal information, including data transfers from European Union or European Economic Area countries or from Switzerland ("EU/EEA/Swiss") to the United States. This statement applies to all personal information Mapi processes (except as noted below), including online and offline data.

"Personal Information" means any information or set of information that is recorded in any form, pertains to or is about you, and can be linked to or used to identify you, and in the case of EU/EEA/Swiss residents is transferred from the EU/EEA/Swiss to the United States. Personal Information does not include information that is encoded, anonymized, or publicly available information that has not been combined with non-public personal information. Personal Information does not include information that pertains to or is about a specific person from which that person could not reasonably be identified.

The Privacy Principles
Mapi's operations and processing of Personal Information conform to the US-Swiss Safe Harbor and EU-US Privacy Shield Principles as stated below

Notice and Choice
To the extent permitted by the US-Swiss Safe Harbor Framework and the Privacy Shield programs, Mapi reserves the right to process Personal Information in the course of providing professional services to Mapi's clients and customers without the knowledge of the individual involved. Where appropriate, necessary, and practical, Mapi gives both notice of our intent to process Personal Information and a choice to opt-out of processing such information. If you have the right to opt-in or opt-out, you may contact Mapi at the addresses indicated under "Recourse, Enforcement and Liability" section below. Participation by you in activities that involve Personal Information is with your consent, after you have been informed how the information will be collected and used.

Accountability for Onward Transfers
Mapi will not disclose your Personal Information to any Mapi Associate or any third party that is not a Mapi Group company, except when one or more of the following conditions is true:

  • Mapi has your permission to make the disclosure.
  • The disclosure is required by law or professional standards.
  • The information in question is publicly available.
  • The disclosure is reasonably necessary for the establishment or defense of legal claims.
  • We have collected your information on behalf of one of our customers, to whom we reserve the right to disclose that information.

Access to Personal Information about individuals is given only to those who have a legitimate need to know the information to carry out their responsibilities. Prior to disclosing Personal Information to a third party, Mapi shall notify the individual of such disclosure and allow the individual the choice (opt out) of such disclosure. If you have the right to opt-in or opt-out, you may contact Mapi at the addresses indicated under "Recourse, Enforcement and Liability" section below. Mapi shall ensure that any third party for which Personal Information may be disclosed subscribes to the same Privacy Principles or are subject to law providing the same level of privacy protection as is required by the Privacy Principles. Mapi acknowledges potential liability in cases of onward transfer to third parties.

Security
To prevent unauthorized access or disclosure, to maintain data accuracy, and to ensure the appropriate use and confidentiality of information, either for its own purposes or on behalf of its clients, customers and business partners, Mapi has put in place and rigorously enforces appropriate physical, electronic, and managerial procedures to safeguard and secure the information that Mapi processes. You can find more detailed information in the "Data Security Processes and Policies" section below. Mapi cannot guarantee the security of information on or transmitted via the Internet. Mapi may be required to disclose Personal Information in response to a lawful request by public authorities, including to meet national security or law enforcement requirements.

If appropriate in the event of a breach of Personal Information security, those persons whose data has been compromised will be sent notice of that breach. That notice may include: a description of the information disclosed; how to contact the discloser; toll free numbers for credit reporting agencies; toll free numbers, web addresses and addresses for the state Attorney General and the Federal Trade Commission where you may be able to get information about data security breaches; a warning to watch for fraud or identity theft; and what has been done to prevent future breaches. That notice may be sent by First Class mail, electronic communication, telephone, or by being published in a general circulation newspaper. When notice occurs it will be made without unreasonable delay, but no more than ten (10) days after a breach. If appropriate, we will also notify the police, the Attorney General, and if more than 1,000 people's data was involved we may provide notice to consumer reporting agencies.

Data Integrity and Purpose Limitation
Mapi processes Personal Information only in ways compatible with the purpose for which it was collected or authorized by you. To the extent necessary for such purposes, Mapi takes reasonable steps to make sure that Personal Information is accurate, complete, current and otherwise reliable for its intended use.

Mapi limits data collected to what is actually needed. Where possible, we limit the need of person-specific identifiers. Although individual Mapi customers and clients dictate final data collection forms for certain Personal Information, Mapi will guide them to seek the lowest level of personal data possible for successful data collection.

Access
Mapi acknowledges that individuals have the right of access to their personal information. Further, if you become aware that information Mapi maintains about you is inaccurate and you wish to have it corrected, or if you would like to amend, update, delete or review your information, you may contact Mapi at the addresses indicated under "Recourse, Enforcement and Liability" section below. You will need to provide sufficient identifying information, such as name, address, birth date, etc. Mapi may request additional identifying information as a security precaution. In addition, Mapi may limit or deny your access to Personal Information where providing such access would be unreasonably burdensome or expensive in the circumstances, or as otherwise permitted by the US-Swiss Safe Harbor Framework and/or the Privacy Shield programs.

In every case, Mapi will take reasonable steps to provide you access to permit you to review your information or to correct, amend, update or delete your information that is demonstrated to be inaccurate.

Recourse, Enforcement and Liability
Mapi utilizes the self-assessment approach to assure its compliance with this privacy policy. Mapi periodically verifies that this privacy policy is accurate, comprehensive for the information intended to be covered, accessible, completely implemented, and in conformity with the US-Swiss Safe Harbor Framework and the Privacy Shield Principles.

If you have any questions regarding our Privacy Policy or how it is implemented, or if you wish to review, correct, amend, update or delete your Personal Information, or if you have concerns about how your Personal Information is handled, please contact Mapi at:

Mapi USA, Inc.
ATTN: Privacy
2343 Alexandria Drive, Suite 100
Lexington, KY 40504-3276
USA

or by email at: privacy@mapigroup.com

In compliance with the EU-US Privacy Shield Principles, Mapi commits to resolve complaints about your privacy and our collection or use of your personal information. European Union individuals with inquiries or complaints regarding this privacy policy should first contact Mapi at the address above.

Mapi has further committed to refer unresolved privacy complaints under the EU-US Privacy Shield Principles BBB EU PRIVACY SHIELD, a non-profit alternative dispute resolution provider located in the United States and operated by the Council of Better Business Bureaus. If you do not receive timely acknowledgment of your complaint, or if your complaint is not satisfactorily addressed, please visit www.bbb.org/EU-privacy-shield/for-eu-consumers/ for more information and to file a complaint.

Please note that if your complaint is not resolved through these channels, under limited circumstances, a binding arbitration option may be available before a Privacy Shield Panel.

In compliance with the Swiss Safe Harbor Framework, Mapi commits to resolve complaints about your privacy and our collection or use of your personal information. Swiss citizens with inquiries or complaints regarding this privacy policy should first contact Mapi at:

Mapi USA, Inc.
ATTN: Privacy
2343 Alexandria Drive, Suite 100
Lexington, KY 40504-3276
USA

or by email at: privacy@mapigroup.com

Mapi has further committed to refer unresolved privacy complaints under US-Swiss Safe Harbor Framework to an independent dispute resolution mechanism operated by the Council of Better Business Bureaus. If you do not receive timely acknowledgment of your complaint, or if your complaint is not satisfactorily addressed by Mapi, please visit www.bbb.org/us/safe-harbor-complaints for more information and to file a complaint.

Changes to this Policy
Mapi may change this privacy policy from time to time, consistent with the requirements of the US-Swiss Safe Harbor principles, the Privacy Shield Principles, the Privacy Shield programs or the United States Department of Commerce. Mapi will publish any amended privacy policy on this website.

Data Security Processes and Policies
Administrative
Mapi's data security program is administered by its Information Technology (IT) department’s security team, and they may be contacted at:

Mapi
ATTN: Information Technology
4 Innovation Drive
Dundas, Ontario L9H 7P3
Canada

or by email at: itsecurity@mapigroup.com.

Appropriate Mapi IT staff and the Mapi Privacy Officer will review potential security risks at least yearly in a scheduled review.

Employees are trained in security procedures and policies.

Employees' actions are monitored by supervisory personnel to assure compliance with security procedures and policies.

Mapi monitors intrusion protection systems and monitoring systems to identify potential issues. Appropriate staff will be notified in the event of any breach of security to systems.

Prior to any data leaving the Mapi premises, the supervisor of the person causing it to leave the premises must agree with the copying or relocation of the data and authorize that the data may be taken off-site in human readable format.

Use of Mapi's computers and systems are explained in Mapi's Standard Operating Procedures, Work Instructions, policies and other written process documents (collectively, “Process Documentation”) and include the provision of working only from Mapi server network drives. Working from local drives or modified storage methods must be approved and proper security assessed on a case by case basis.

In the case of a violation of any security procedure, appropriate action will be taken up to and including termination of employment or potential legal action.

Mapi Process Documentation guide the elimination of access to data post-employment and such actions are executed immediately.

Mapi tracks which computers or other storage systems, including paper storage, contain Personal Information. We hold all systems to the highest level of security as dictated by Process Documentation. When appropriate, we store paper records in secure records rooms which have controlled access as dictated by physical security Process Documentation.

Mapi regularly monitors all systems, both physical and logical, in the Mapi facilities, files, networks and servers, and verifies security and integrity of each system.

Mapi reviews security policies and procedures at least annually and more often as necessary depending on individual business needs.

The Mapi IT department documents all security incidents with an incident report and assesses impact, if any, based on that report.

Physical Security
Mapi has physical security guidelines, including restrictions on physical access to Personal Information and physical access to computers and systems inside of Mapi facilities, files, networks and servers.

Mapi manages the personnel who have access to the physical secure records storage systems in Mapi, and this is verified at least monthly and tracked in real time.

The Mapi IT department controls the setup and use of computer systems internally, including items ranging from inventory to configuration management.

The Mapi IT department sets standards for secure authentication protocols and how these protocols may be used in Mapi.

Mapi has systems and procedures: that control user IDs and passwords; set standards for how passwords and unique user IDs are created and assigned; for how passwords must be secured; and for computer locks and intrusion controls are implemented so that accounts and files will be locked in the event of a breach attempt.

Mapi restricts access to information to those personnel who have a "need to know" based on each person's job function.

Project specific guidelines dictate the level of encryption used to protect data at Mapi that may be available on the Internet. Although Mapi typically uses 128 bit encryption, higher levels of encryption may be used based upon customer and client requirements.

Mapi manages all virus, intrusion protection, malware, spybot and other potential threats and updates patterns for each at least daily. As part of the update, Mapi monitors for potential misuse of systems or resources and logs potential threats as they are identified. To ensure data security in local networks, Mapi employs a series of firewalls and limits or blocks access to potentially threatening sites.

The effective date of these Terms of Use and Privacy Policy (including the Web Site and Portal Privacy Policy, the US-Swiss Safe Harbor information and Privacy Shield information) is September 16, 2016. It amends any and all of our previous policies. Should you have questions about what has changed or should you have any other questions or concerns regarding our Privacy Policy, please direct your inquiries to privacy@mapigroup.com.

We self-certify compliance with
Self-Certify_medium