Israeli Privacy Notice

Starlims Corporation, based in the United States, is the parent organization of several subsidiaries worldwide, including Starlims Systems LTD. This privacy policy will use the name Starlims to refer to the parent company and all subsidiaries, and will explain how we use the personal data we collect from you.

This Israeli Privacy Policy relates to the personal data of persons in Israel, based on the Basic Law: Human Dignity and Liberty, 5752-1992, the Protection of Privacy Law, 5741-1981 (“the Privacy Law”) and the regulations promulgated under it, including the Protection of Privacy (Data Security) Regulations, 5777-2017 (“the Data Security Regulations”), the Data Security Regulations, the Protection of Privacy Regulations (Conditions for Possessing and Protecting Data and Procedures for Transferring Data Between Public Bodies) 1986, Protection of Privacy Regulations (Conditions for Inspection of Data and Procedures for Appeal on a Denial of a Request to Inspect) 1981, and the guidelines of the Israeli regulator, the Privacy Protection Authority (‘PPA’), all as amended or superseded from time to time.

Specifically, this Notice provides our policies regarding:

  • What data do we collect?
  • How do we collect your data?
  • How will we use your data?
  • How do we store, protect, and delete your data?
  • Nature and purpose of our sharing any personal information
  • Marketing
  • Transfers of your data abroad
  • What are your data protection rights?
  • What are cookies?
  • How do we use cookies?
  • What types of cookies do we use?
  • How to manage your cookies
  • Privacy policies of other websites
  • Changes to our privacy policy
  • In case of a breach
  • How to contact us

What data do we collect?

Starlims collects the following data:

  • Laboratory-testing information related to specific individuals that our customers have collected with the consent of those individuals.
  • Personal identification information related to employees of our customers or potential customers (which may include name, job title, work email address, work phone number, information related to the devices you use on behalf of your employer, etc.).

How do we collect your data?

If we host or otherwise process your laboratory-related data, we receive it from, and host it on behalf of, the entity that created the data.

If you are an employee of our customer, we obtain the data we collect about you either from your employer or directly from you. We collect and process such data when:

  • Your employer provides us with your work-related information so that we may provide your employer with our services.
  • You contact our Help Desk for support.
  • You interact with us for product research and development.
  • You use or view our website via your browser’s cookies.
  • You respond to any survey or other questionnaire we ask you to complete.

If you are an employee of a potential customer, we may collect your information through typical business outreach initiatives, such as social networking, attending industry events, surveys, speaker programs, etc.

When you use our websites, the following categories of personal data are collected, stored and processed by us:

  • “Log data” – When you visit our websites, a so-called log data record (so-called server log files) is stored temporarily and anonymously on our web server. This consists of:
  • the page from which the page was requested (so-called referrer URL).
  • the name and URL of the requested page
  • the date and time of the call
  • the description of the type, language and version of the web browser used.
  • the IP address of the requesting computer, which is shortened in such a way that a personal reference can no longer be established.
  • the amount of data transferred
  • the operating system
  • the message whether the call was successful (access status/http status code).
  • the GMT time zone difference

The processing of the log data serves statistical purposes and the improvement of the quality of our website, in particular the stability and security of the connection; the legal basis is Art. 6, para. 1 (f) GDPR.

  • “Contact form data” – When contact forms are used, the data transmitted through them are processed (e.g. gender, surname and first name, address, company, e-mail address and the time of transmission).

Contact form data is processed for the purpose of handling customer inquiries; the legal basis is Art. 6 para. 1 p. 1 lit. b or lit. f GDPR.

  • “Newsletter subscription” – If you subscribe to our newsletter, we will inform you about current developments in our company. If you subscribe to our newsletter, the following “newsletter data” will be collected, stored and processed by us:
  • the page from which the page was requested (so-called referrer URL).
  • the date and time of the call
  • the description of the type of the used web browser
  • the IP address of the requesting computer, which is shortened in such a way that a personal reference can no longer be established.
  • the e-mail address
  • the date and time of registration and confirmation

The newsletter data is processed for the purpose of sending the newsletter. When registering for our newsletter, you consent to the processing of your personal data; the legal basis is Art. 6 (1) of GDPR. For the registration to our newsletter, we use the so-called double opt-in procedure. This means that after your registration, we will send you an e-mail to the e-mail address you provided, in which we ask you to confirm that you wish to receive the newsletter. The purpose of this procedure is to be able to prove your registration and, if necessary, to clarify a possible misuse of your personal data. You can revoke your consent to the sending of the newsletter at any time and unsubscribe from the newsletter. You can declare the revocation by clicking on the link provided in every newsletter e-mail, by e-mail to [email protected] or by sending a message to the contact details given in the imprint.

How will we use your data?

We provide a Software-as-a-Service laboratory information management solution that our customers use to manage their laboratory-related data. If you are an individual whose laboratory-testing data has been collected by a Starlims customer, we may host that data in a cloud-based, online environment. Alternatively, the customer may host the data on their own server, and use our SaaS solution to process that data. Except for very infrequent access at customer request by our Development or Support personnel, we rarely ever access the laboratory-related data we host. 

If you are an employee of our customer, Starlims may collect your data so that we can:

  • Provide our services to your employer.
  • Respond to your requests for support.
  • Analyze your responses to surveys or questionnaires.
  • Create anonymized data for analytics purposes.

Because your employer has contracted with us to provide our services, we therefore have a legitimate basis for processing your data.

Because your employer has agreed, one Starlims affiliate may share your data with another Starlims affiliate or with a third party service provider so that they may best provide services and support.

If you agree to participate in a survey, you would be giving us permission to share your information with our third-party service providers for that purpose.

The third-party service providers with whom we may share your data include:

  • Amazon Web Services (cloud-based data hosting)
  • SalesForce (for marketing and surveys)
  • Satmetrics by Nice Software (for surveys)
  • Others we may contract with in the future

If you are an employee of a potential customer, we may use your data in furtherance of our business outreach efforts.

We do not undertake or otherwise subject your personal information to any automatic decision-making process (including profiling).

How do we store, protect, and delete your data?

Starlims securely stores the data about you in a cloud-based environment hosted within the European Union, using industry-leading privacy and security protocols. Starlims always maintains cloud-based customer databases in an individual cloud, and never co-hosts data from multiple employers in a shared cloud.

We maintain organizational, technical, and physical safeguards designed to protect against unauthorized access, use, modification, or disclosure of personal information. Such safeguards include encryption at rest and in transit; access management, control, and authentication; data minimization and deletion; vulnerability testing and remediation; data backup; and business continuity planning.

To maximize the security of your data, a Starlims employee’s access to that data must be approved by: (1) our client; (2) our data protection officer; and (3) the employee’s manager. Moreover, approved Starlims employees only have read-only access, and Development or Support personnel typically only receive screen shots or VPN and generally have no access to the actual database.

If you contact our Help Desk or interact with us for product research and development, we may securely store information related to you in a cloud-based environment hosted within the European Union or the United States. The security protocols for such data are the same as stated above for other employer-based data.

By contacting our Help Desk or interacting with us for product research and development, you are consenting to our processing of your personal information within the European Union or the United States.

If you respond to a survey or questionnaire, our service providers will store information about you in a cloud-based environment in the United States. For access to data from non-employer surveys, the security protocols are similar to those described above, except your employer does not have an approval role.

By responding to a survey or questionnaire, you are consenting to our processing of your personal information within the United States.

Starlims will keep the data we receive about you from our client, or from you in regard to contacting our Help Desk or interacting for product development or responding to surveys, according to the terms we establish with our client. Once this time period has expired, we will delete your data by electronic deletion from all servers, and if requested by our client, we will provide that client with an archive of that data.

Nature and purpose of our sharing any personal information

Because our client has agreed, when there is a legitimate business need, one Starlims affiliate may share your data with another Starlims affiliate or with a third party service provider so that they may best provide services and support.

If you agree to participate in a survey, or if you give us your business contact information as part of our marketing efforts, you would be giving us permission to share your information with our third-party service providers for that purpose. 

The third-party service providers with whom we may share your data include:

  • Amazon Web Services (cloud-based data hosting)
  • SalesForce (for marketing and surveys)
  • Satmetrics by Nice Software (for surveys)
  • Others we may contract with in the future

Marketing and Surveys

Starlims may contact you in your role as an employee of a client or a potential client to market our services. You may opt-out of receiving such marketing outreach. 

Starlims may also contact you to invite you to partake in surveys. If these surveys are not on behalf of your employer, you do not have to participate. If you have agreed to participate in non-employer surveys, you may always opt out at a later date.

You have the right at any time to stop Starlims from contacting you in regard to marketing non-employer surveys, or from giving the information we receive from you in regard to such surveys to any other entity.

If you no longer wish to be contacted in regard to marketing or non-employer surveys, please contact us at the contact information below.

Transfers of personal information outside of Israel

If you contact our Help Desk or interact with us for product research and development, we may securely store information related to you in a cloud-based environment hosted by AWS that resides within the United States.

If you respond to a survey or questionnaire, our service providers will store information about you in a cloud-based environment in the United States. In such circumstances, the security protocols are similar to those described above, except your employer does not have an approval role.

What are your data protection rights?

Starlims would like to make sure you are fully aware of all of your data protection rights. You may be entitled to any of the following:

The right to access and inspect – You have the right to access and any information about you that we maintain in a database. However, you may exercise that right only against the database “owner.” If we process your laboratory-related data, or we process your employment-related data in furtherance of our services to your employer, the owner of that data is our client. Once we are so instructed by our client, we will provide you with a copy of your data.

If you have responded to a survey, or you are an employee of a potential client, we would be the owner of the database in which your information is stored, such that we are permitted to directly accept and respond to your inspection request.

The right to rectification – You have the right to request that inaccurate information about you be corrected or deleted. If we hold your laboratory-related data, or if we hold your employment-related data, you must make that request to the database owner, who will direct us to make the correction or deletion. If you have responded to a survey or you are the employee of a potential client, you may make that request to us directly.

The right to erasure – You have the right to request that information about you be erased if it is inaccurate, incomplete, unclear, or not up to date. If we hold your laboratory-related data, or if we hold your employment-related data, you must make that request to the database owner, who will direct us to make the correction or deletion. If you have responded to a survey or you are the employee of a potential client, you may make that request to us directly.

The right to rectification – You have the right to request that inaccurate information about you be corrected or deleted. If we hold your laboratory-related data, or if we hold your employment-related data, you must make that request to the database owner, who will direct us to make the correction or deletion. If you have responded to a survey or you are the employee of a potential client, you may make that request to us directly.

If you wish to invoke any of these rights, please contact us at the contact information below.

Cookies

Cookies are text files placed on your computer to collect standard Internet log information and visitor behavior information. When you visit our websites, we may collect information from you automatically through cookies or similar technology.

For further information, visit www.allaboutcookies.org.

How do we use cookies?

Starlims uses cookies in a range of ways to improve your experience on our website, including:

  • Getting information about the traffic on our website
  • Providing you with essential functionalities of our website
  • Tracking your browsing behavior
  • Tracking your engagement with social services
  • Collecting information about how users use our website
  • Remembering your preferences for our website

What types of cookies do we use?

We use the following types of cookies:

  • Essential
  • Preferences
  • Analytics

Essential cookies

We always use the essential cookies. They allow us to provide you with the essential features of our website, such as website navigation or logging in the secured areas. Using them is in your best interest, hence all the applicable personal data protection laws allow us to use them freely.

We use other types of cookies only with your prior explicit consent. If you give us consent to store them on your computer, we do so. If you don’t consent to their use, we don’t use them. It’s that simple.

We don’t discriminate against users based on consent. Your consent applies to the following domains: https://www.starlims.com.

Preferences cookies

These cookies allow our website to remember your preferences for using it, such as your login details, preferred language, and other customizable details.

Analytics cookies

Analytics cookies provide us with information about the traffic and users’ behavior on our website. This includes the number of visitors, number of clicks to pages, and others. Most often, the data these cookies collect is anonymous.

However, in some cases, the data may be related to a pseudonymous identifier that may be related to your device. That may possibly make you identifiable and that’s why we ask you for consent before using analytics cookies.

How to manage cookies

You can set your browser not to accept cookies, and the website tells you how to remove cookies from your browser. However, in a few cases, some of our website features may not function as a result.

Privacy policies of other websites

The Starlims website may contain links to other websites. Our privacy policy applies only to our website, so if you click on a link to another website, you should read their privacy policy.

Changes to our privacy policy

Starlims keeps its privacy policy under regular review and places any updates on this web page. This privacy policy was last updated on 20 January 2022.

In the event of a Severe Security Incident

A Severe Security Incident would be a breach of the security of your data that either has or has the potential to result in an infringement of your right to privacy. If we should become aware of Severe Security Incident, we will take swift and decisive action to mitigate the effects of the breach, and will notify the appropriate supervisory authority and you as required by law.

How to contact us

If you have any questions about Starlims’s privacy policy or the data we process on you, or you would like to exercise one of your data protection rights, please do not hesitate to contact us.

Privacy Office

Starlims Systems LTD

Regus Ramat Hahayal

Hanehoshet 3, CU Complex, Building B, Floor 7,

6971068

Tel Aviv, Israel

Telephone: +972 3 375 1195

E-Mail: [email protected]