Your Rights to Your Information
When your information is processed by InterSystems, you have the right to know about it and to know what information we hold. You may exercise these rights over your information regardless of where you reside. Every individual is entitled to the following:
- The right to access – You have the right to request InterSystems for copies of your personal information.
- The right to rectification – You have the right to request InterSystems correct any information you believe is inaccurate. You also have the right to request InterSystems supplement your information that has been omitted.
- The right to erasure – You have the right to request InterSystems erase your personal information, under certain conditions.
- The right to restrict processing – You have the right to request InterSystems restrict the processing of your personal information, under certain conditions.
- The right to object to processing – You have the right to object to InterSystems’ processing of your personal information, under certain conditions.
- The right to withdraw consent – You have the right to withdraw consent, where we have asked for your consent to process your information.
- The right to data portability – You have the right to request InterSystems transfer your information which we have collected to another organisation, or directly to you, under certain conditions.
We will not discriminate against you for exercising your rights to your information.
How to Exercise Rights to Your Information
If we process your information on behalf of a business customer, we may direct your inquiry to that business; however, if we process your information directly, you may exercise these rights by using either of the options below:
- If you have an online account or profile accessible through our website, you are welcome to make changes there.
- If account self-service is unavailable or does not provide the details you seek, please send us a written request.
To make a written request, you may either:
- Email us at
- Use the
Contact Us Form, or
- Mail us at our Headquarters (Attn: Data Protection Officer) at One Memorial Drive, Cambridge, MA 02142 USA.
In principle, we cannot accept verbal requests (telephone or face-to-face) as we may not be able to deal with your request immediately without first analysing it and reliably identifying you.
If you make a request, please note that we have one (1) month within receipt of the request to respond.
Our response may ask you for additional information in order to confirm your identity.
In the event your request is rejected, InterSystems will inform you of the reasons for doing so and of your right to file a complaint with the appropriate Data Protection Authority and to seek a judicial remedy.
Requests from individuals will be carried out generally free of charge; however, under certain conditions, we may charge a reasonable fee.
What to Include in Your Request to Access Your Information
Your Request Should Include:
- Clear label such as “Subject Access Request” in your email subject line or a heading for your mailed letter;
- Date of your request;
- Your name including any aliases, if relevant;
- Any other information used to distinguish you such as a customer account number;
- Up-to-date contact details;
- Detailed description of what personal data you would like to access and where to search for the personal data you would like to access;
- How you would like to receive the information such as by email or mail; and
- Identification document (see below).
- You must provide a copy of your identification so that we may confirm your identity, such as an ID card or a passport.
- The document should contain: your name, date of birth, address, identification number, country of issue, and period of validity.
- Any other information contained in the copy of the identification document such as a photo or any personal characteristics, may be blacked out.
- Our use of the information on your identification document is strictly limited: the information will only be used to verify your identity and will not be stored for longer than needed for this purpose.
- In principle, we will not accept other means of assuring your identity. Should you wish to propose alternatives, we will assess their adequacy on a case-by-case basis.
Lodging a Complaint on the Processing of Your Information
You may lodge a complaint about our processing of your personal information, either:
- With our Data Protection Officer at
- Through our
Anonymous Complaint/Data Protection Inquiry Form, or
- With your regional
Data Protection Authority listed in the table below.
Contacting Your Regional Data Protection Authority
To find out how to exercise your rights and contact your regional Data Protection Authority, please see the list of countries / regions and corresponding links in the table below.
|Country / Region||Website|
|European Union & Economic Area||https://edpb.europa.eu/about-edpb/about-edpb/members_en|
|Hong Kong, China||
|Kingdom of Saudi Arabia (KSA)||
|Thailand||The PDPC is responsible for the PDPA.|
|United Arab Emirates (UAE)||The Data Office is responsible for the PDPL in tandem with the TDRA.|
|United Kingdom (UK)||