We, at Midot – Ethics Computerized Diagnostic Systems LTD. (“Midot”, “we”, “us” or “our”) respect your privacy and put great efforts in securing Personal Data and in processing it lawfully.
Midot provides companies and organizations (“Clients”) with scientifically validated, field-proven assessment solutions, delivered through an advanced, secure technology platform (the “Service”). This Privacy Policy (“policy”) explains our privacy practices for processing Personal Data related to you (“Personal Data“) when you take any of our computerized assessments or tests (“Tests”), as part of our Service.
The term “Personal Data” refers to information that identifies an individual or relates to an identifiable individual. For example, Personal Data includes personal details such as your name, email address and telephone number, and further includes our analysis of your answers and response to a Test, and information that we collect or receive in relation to you from others.
Providing Personal Data to us is voluntary. You are not required by law to provide us with Personal Data, and any Personal Data that you do provide is subject to your choice and consent. If you chose not to provide us with the Personal Data that is necessary for us to administer and process your Test, you will not be able take the Test.
Before taking the Test, you are requested to fill-in an online registration form with details about you. These details will include either your full name or your government-issued identification card number, and our Client may request you to add the email address and phone number. In addition, our Client can request you to fill-in an application form with additional information, such as address, gender, date of birth, photo, CV, education credentials and history of tests taken.
When you take the Test, you provide us with your response and answers to questions, including answers in free text, that we analyse and generate a report to the relevant organization that ordered the Test from us.
If you contact us, you will provide us with information as part of your communication with us, that may include Personal Data.
In the event that our Client has requested that we provide identity authentication services, we will collect and use photographs of you during the course of your examination in order to verify your authenticity. A notice (“Notice”) will be provided to you before the examination.
When you approve the Notice, your device’s camera will be used during the examination to take pictures of your face at various intervals. We will share your photographs with the Client providing the exam in order to authenticate your identity and confirm that the requirements have been met.
Alternatively, If our clients request it, we will use Amazon Rekognition as a third-party service provider to verify your identity. In that case, a Notice will be provided to you prior to the examination. Upon approval of the Notice, your device’s camera will be used to verify your identity during the examination. To find out more about the Amazon Rekognition service please see at: https://docs.aws.amazon.com/rekognition/latest/dg/what-is.html.
We will receive your personal details and other relevant Personal Data from our Client.
When you take that test, we use “cookies” (for further information about cookies, please see below) and we obtain information when your browser accesses our Service.
When you use the Service, we also receive information about your interaction with our Service from third-party analytics services. For more information, please see the “Aggregated and Analytical Information” section of this policy. Examples of such information we collect and analyze include the Internet Protocol (IP) address used to connect your access device to the Internet; browser type and version, time zone setting, browser plug-in types and versions and operating system, and platform.
We use Personal Data for the following purposes:
We will use Personal Data for additional purposes, if we reasonably consider that the additional purpose is compatible with the original purpose. If we need to use Personal Data for an incompatible purpose, we will request your consent beforehand.
We will process Personal Data when it is legally permitted. In some countries we rely on your consent only. In others, where there are additional legal grounds to process Personal Data, we will rely on those additional grounds, and more than one legal basis will apply to the processing of the same Personal Data, depending on the processing activity.
the following legal grounds apply to the processing of Personal Data:
We will process sensitive information, for example any psychological analysis, or information about your criminal convictions, only if we are allowed to by law, and for the specific purposes that we indicate in this policy, and subject to your explicit consent, if required by law.
We do not sell, rent, lease Personal Data, or share Personal Data for targeted advertising purposes.
When you take the Test at the order of our customer who contracts us to provide our Service, you authorize us to deliver the Test results, our analysis, report and any other information received about you to our relevant customer in any format, as deemed appropriate by us. The customer may also instruct us to deliver this information to a third party acting on the customer’s behalf.
For the purposes described in this policy, we will share Personal Data with service providers, advisors and consultants, who support our Service and business activities, for example, for cloud hosting, analytics, data analysis and development, accounting and training.
We will also share Personal Data with our affiliated companies, as necessary to support the purposes of processing under this policy.
A merger, acquisition or any other corporate structural change will require us to share Personal Data to another entity, as part of the structural change.
We will need to disclose Personal Data in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.
You must provide us with accurate and up-to-date personal details. You should not provide us with any personal details of other individuals, and you must not make any use or any attempt to use any information associated with others, while taking the Test or otherwise when using the Service.
When you take the test and provide your answers, you must not provide or disclose any personal information, and especially any sensitive data, related to others, including on friends, colleagues and members of your family.
You are eligible to the following rights associated with Personal Data, subject to the privacy and data protection laws that apply to our processing of the Personal Data.
We note that in separate, you have rights associated with Personal Data that you can exercise directly with our customer who ordered your Test.
If you wish to know if your are entitled to any certain right and if you wish to exercise any of your rights in relation to Personal Data, including exercising your choices or opt-out rights, please send us a message through: https://midot.com/contact-us/. We will process your request and respond as required and permitted by law, by answering your request favorably or by rejecting it, in whole or in part.
These are the following the rights:
We will respond timely to your request.
Note that when you send us a request to exercise your rights, we will need to reasonably authenticate your identity and location. We will ask you to provide us credentials to make sure that you are who you claim to be and will further ask you questions to understand the nature and scope of your request.
If you submit your request to us through an agent, we will require additional confirmation of an agency relations or a duly signed power of attorney between you and the agent.
If we need to delete Personal Data following your request, it will take some time until we completely delete residual copies of Personal Data from our active servers and from our backup systems. We also note that we will not delete data that is needed, or is likely to be needed, in a legal, administrative or regulatory proceeding.
We do not charge a fee to process or respond to your request unless it is excessive, repetitive, or manifestly unfounded. If we determine that the request warrants a fee, we will inform you of the reasons for such decision and provide you with a cost estimate before completing your request.
We retain different types of Personal Data for different periods, depending on the purposes for processing the information, our legitimate business purposes, and pursuant to legal requirements under applicable law.
We will maintain your contact details, to help us stay in contact with you.
Records of Tests will be retained for 7 years and will be completely and permanently deleted thereafter. We will securely delete these records on a periodical basis, a few times a year. Furthermore, 3 years after Tests are taken, all identifying details of Test takers will be detached from the records of the tests and kept in a secure and segregated environment, until the records are deleted.
However, if retention is reasonably necessary to resolve disputes, for legal proceedings, to prevent fraud and abuse, to enforce our legal terms or if we are otherwise required by law, we will retain the Personal Data, as required.
Meta data associated with the use of our Service, such as analytics data, and data associated with our business activities and your requests to exercise your rights will be maintained for up to 7 years, or as required by law.
At any time, you can contact our privacy team through: https://midot.com/contact-us/ and request to delete your contact details. Note that we will keep your details without using them if necessary, and for the necessary period of time, for legal requirements and proceedings.
We will keep aggregated non-identifiable information without limitation, and to the extent reasonable we will delete or de-identify potentially identifiable information, when we no longer need to process the information.
The Service is web-based. We store and process information, including Personal Data, either directly or using third parties, such as cloud hosting service providers. We use data centers within the European Economic Area (EEA), will further store, host and keep business continuity sites in, and access the Personal Data from, additional territories. The laws of these countries may differ from the laws of the country in which you live.
If the laws that apply to our processing of Personal Data require that a transfer of Personal Data to another jurisdiction requires your consent, then you provide us your freely given, express, specific and unambiguous consent to such transfer.
If such laws require additional safeguards, then we will apply those safeguards, for example, by relying on a formal decision of adequacy of personal data processing under the laws of the transferred country, or by engaging the transferred entity under contracts designed to protect your privacy right and the security and confidentiality of the Personal Data.
You can obtain a copy of the suitable safeguards that we use when transferring Personal Data as described above or receive further information about data transfer by contacting us through: https://midot.com/contact-us/
We use standard analytics tools. The privacy practices of these tools are subject to their own privacy policies, and they use their own cookies to provide their service (for further information about cookies, please see our Cookies and Similar Tracking Technologies Policy).
We use the standard analytics tools of Google Analytics, and we will use additional or other analytics tools, from time to time, to learn about how you and other users use the Service, in support of our Service-related activities and operations. See Google Analytics Privacy Policy at: Privacy Policy – Privacy & Terms – Google.
We use anonymous, statistical, or aggregated information and will share it with our partners for legitimate business purposes. It has no effect on your privacy, because there is no reasonable way to extract data from that information that we or others can associate specifically with you.
Midot is committed to ensuring the security of Personal Data. We and our hosting services implement systems, applications, and procedures to secure Personal Data, to minimize the risks of theft, damage, loss of information, or unauthorized access or use of information. These measures are designed to provide a sound level of industry standard security.
However, no security system is impenetrable, and although we make efforts to protect your privacy, we cannot guarantee that the Service will be immune from any wrongdoings, malfunctions, unlawful interceptions or access, or other kinds of abuse and misuse.
We do periodical assessments of our data processing and privacy practices, to make sure that we comply with this policy, to update the policy when we believe that we need to, and to verify that we display the policy properly and in an accessible manner. If you have any concerns about the way we process Personal Data, you are welcome to contact our privacy team through:
We will look into your query and make good-faith efforts to resolve any existing or potential dispute with you.
From time to time, we will update this policy. If the updates have minor if any consequences, they will take effect 14 days after we post a notice on the Service. Substantial changes will be effective 30 days after we initially posted the notice. However, if we need to adapt the policy to legal requirements, the new policy will become effective immediately or as required by law. We will make reasonable efforts to notify you about the changes in the policy.
Please contact our privacy team for further information through: https://midot.com/contact-us/.
Last Updated on November 1, 2022