Global MED-NET

Global MED-NET's Commitment to Privacy
Global MED-NET, Inc. Privacy Policy
Global MED-NET International, Inc. Privacy Policy
Chief Privacy Officer - Duties and Responsibilities
HIPAA - In Relation To Global MED-NET
Dispute Resolution

Global MED-NET's Commitment to Privacy

Global MED-NET respects the privacy, security and confidentiality of all personal information supplied by its members. Global MED-NET only collects and uses the information that is needed to serve its members in the most effective manner possible. Global MED-NET carefully controls the dissemination of member information, and in no way sells or shares member information with unauthorized third parties. Global MED-NET only makes member information available to the member or emergency personnel, consistent with the use intended by the member.

Global MED-NET member information is stored in a completely secured, stand-alone, mirror-processed, closed computer system that is not accessible via the Internet, except in special circumstances where it is expressly agreed and consented to by the member.

Each Global MED-NET employee working with member information has been made fully aware of Global MED-NET's privacy policies and has executed a Confidentiality Agreement. Only these authorized personnel have access to Global MED-NET member information. The Global MED-NET "Operations Center", where member information is stored, is a fully secured, swipe card access facility, where unauthorized entry is prohibited.

Global MED-NET has created and publicly posted on its Web site, Privacy Policies for both its domestic and international business. Global MED-NET's Chief Privacy Officer ("CPO") oversees these policies and adherence to federal and state privacy laws, as well as all issues regarding the collection, storage and transfer of personal information anywhere in the world, by any medium, as they may apply to the Company. The CPO also oversees the protection of all information collected or processed from Global MED-NET's members, potential members, employees, vendors, business partners and others, while assuring that the Company's affiliates and business partners have established and maintained business procedures that are consistent with the policies of Global MED-NET, as they apply to data security and confidentiality.

Global MED-NET recognizes its members and their trust as being the core of its business. Therefore, the privacy and security of member information is a top priority for Global MED-NET and its employees. Global MED-NET's commitment to maintaining the privacy, security and confidentiality of member information mirrors this trust, and is ongoing in nature.

Global MED-NET, Inc. Privacy Policy

Global MED-NET, Inc. ("Global MED-NET") respects individual privacy and values the confidence of its customers. Global MED-NET strives to collect, use and disclose Personal information in a manner consistent with state and federal privacy laws, as they apply, and has a tradition of upholding the highest ethical standards in its business practices. This Privacy Policy (the "Policy") sets forth the privacy principles that Global MED-NET follows with respect to transfers of personal information anywhere in the United States.

I. ENFORCEMENT

Global MED-NET has a Chief Privacy Officer who is responsible for Global MED-NET's compliance with and enforcement of this Policy and data security issues. Global MED-NET educates its employees concerning compliance with this Policy and has self-assessment procedures in place to assure compliance. Global MED-NET's Chief Privacy Officer is available to any of its valued customers who may have questions concerning this Policy or data security practices. Relevant contact information is provided herein.

II. SCOPE

This Policy applies to all Personal information received by Global MED-NET in any format including electronic, paper or verbal.
Global MED-NET collects and processes Personal information concerning its potential customers manually and through its Internet site. As an integral part of its business, Global MED-NET collects and processes Personal information and Sensitive Personal information from its customers in a variety of ways, including manually, via telephonic means (including facsimiles), electronic mail, the Internet or its Intranet site.

Global MED-NET is the sole owner of Personal information it collects from its customers. Global MED-NET will not sell or share this information with third parties in ways different than what are disclosed in this Privacy Policy. On a national basis, Global MED-NET will, and will cause its affiliates and business partners to, establish and maintain business procedures that are consistent with this Policy.

Personal information and Sensitive Personal information collected by Global MED-NET from prospective customers and customers may be maintained at its Operations Center in Naperville, Illinois, or at its other sites. Global MED-NET collects Personal information and Sensitive Personal information for, among other things, legitimate business reasons such as customer service, meeting governmental reporting and records requirements, maintenance of accurate accounts payable and receivable records, internal marketing research, safety and performance management, financial and sales data, and contact information. All Personal information and Sensitive Personal information collected by Global MED-NET will be used for legitimate business purposes consistent with this Policy.

III. DEFINITIONS

For purposes of this Policy, the following definitions shall apply:
"Agent" means any third party that uses Personal information provided by Global MED-NET to perform tasks on behalf of or at the instruction of Global MED-NET.

"Global MED-NET" means Global MED-NET, Inc., its predecessors, successors, subsidiaries, parent company, divisions and groups.
"Personal information" means any information or set of information that identifies or could be used by or on behalf of Global MED-NET to identify an individual. Personal information does not include information that is encoded or anonymized, or publicly available information that has not been combined with non-public Personal information.

"Sensitive Personal information" means Personal information that reveals race, ethnic origin, religious or political beliefs, or that concerns health or sex life. In addition, Global MED-NET will treat as Sensitive Personal information any information received from a third party where that third party treats and identifies the information as sensitive.

IV. PRIVACY PRINCIPLES

DATA INTEGRITY: Global MED-NET will use Personal information only in ways that are compatible with the purposes for which it was collected or subsequently authorized by the individual. Global MED-NET will take reasonable steps to ensure that Personal information is relevant to its intended use, accurate, complete, and current.
TRANSFERS TO AGENTS: Global MED-NET will obtain assurances from its Agents that they will safeguard Personal information consistently with this Policy. Where Global MED-NET has knowledge that an Agent is using or disclosing Personal information in a manner contrary to this Policy, Global MED-NET will take reasonable steps to prevent or stop the use or disclosure. Global MED-NET holds its Agents accountable for maintaining the trust its employees and customers place in the Company.
ACCESS AND CORRECTION: Upon request, Global MED-NET will grant individuals reasonable access to Personal information and Sensitive Personal information that it holds about them. In addition, Global MED-NET will take reasonable steps to permit individuals to correct, amend, or delete information that is demonstrated to be inaccurate or incomplete. Any customer who desires to review, correct or delete their information can do so by contacting Global MED-NET, Inc., Membership Services, 1751 West Diehl Road, Suite 400, Naperville, Illinois 60563, verifying their identity and providing their membership number.
SECURITY: Global MED-NET will take reasonable precautions to protect Personal information and Sensitive Personal information in its possession from loss, misuse and unauthorized access, disclosure, alteration and destruction. Security is designed to prevent unauthorized access to database equipment and hard copies of Personal information and Sensitive Personal information and monitors access to its servers to provide protection from hacking or other unauthorized access. Global MED-NET limits access to Personal information, Sensitive Personal information and data to those persons in Global MED-NET's organization, or agents of Global MED-NET, that have a specific business purpose for maintaining and processing such information and data. Individuals who have been granted access to Personal information or Sensitive Personal information are aware of their responsibilities to protect the security, confidentiality and integrity of that information.
ENFORCEMENT: Global MED-NET will conduct compliance audits of its relevant privacy practices to verify adherence to this Policy. Any employee who Global MED-NET determines is in violation of this Policy will be subject to disciplinary action up to and including termination of employment.

VI. INTERNET PRIVACY

Global MED-NET sees the Internet, Intranets and the use of other technologies as valuable tools for communicating and interacting with consumers. Global MED-NET recognizes the importance of maintaining the privacy of Personal information collected through Web sites that it operates. Visitors on the Web may elect to voluntarily provide Personal information via Global MED-NET Web sites but are not required to do so. Global MED-NET collects information from visitors to the Web sites who voluntarily provide Personal information by filling out and submitting on-line questionnaires concerning feedback on the Web site or requesting information on products or services. In general, the Personal information voluntarily provided by Web site users is contact information limited to the user's name, home and/or business address, phone numbers and e-mail address. Global MED-NET collects this information so that it may answer questions and forward requested information. Global MED-NET does not sell this information nor share this information with non-agent third parties. In addition, Global MED-NET may offer customers the ability to subscribe as members over the Web and/or to provide additions or corrections to their information. In such event, customers will be required to provide Sensitive Personal information to Global MED-NET, and Global MED-NET may share this information with third parties in order to provide its emergency medical storage and forwarding information services to its customers in accordance with its membership program.

Global MED-NET may also collect anonymous information concerning Web site users through the use of "cookies". "Cookies" are small files that Web sites place on users' computers to identify the user and enhance the Web site experience. Visitors may set their browsers to provide notice before they receive a cookie, giving them opportunity to decide whether to accept the cookie. A visitor can also set their browser to turn off cookies. If visitors do so, however, some areas of Global MED-NET Web sites may not function properly.

Global MED-NET Web site users have the option to request that Global MED-NET not use information previously provided, correct information previously provided, or remove information previously provided to Global MED-NET. Those who would like to correct or suppress information they have provided to Global MED-NET should forward such requests to Membership Services. The requests should include the individual's name, address, and other relevant contact information (phone number, e-mail address). Global MED-NET will use all reasonable efforts to honor such requests as quickly as possible.

Global MED-NET Web sites may contain links to other "non-Global MED-NET" Web sites. Global MED-NET assumes no responsibility for the content or the privacy policies and practices of those Web sites. Global MED-NET encourages all users to read the privacy statements of those sites; their privacy practices may differ from those of Global MED-NET.

VII. CONTACT INFORMATION

Persons who wish to obtain access to their Personal information or Sensitive Personal information for purposes of correction or deletion should contact the following:

Access, Correct or Delete Personal Information:

Contact:
Global MED-NET, Inc., Membership Services
1751 West Diehl Road, Suite 400, Naperville, IL 60563
E-mail: membership@globalmednet.net

Persons who wish to resolve a dispute with Global MED-NET over its Privacy Policy should contact the following:

Dispute Resolution

Contact: Global MED-NET, Inc., Privacy Inquiries
1751 West Diehl Road, Suite 400, Naperville, IL 60563
E-mail: privacyofficer@globalmednet.net
Attention: Chief Privacy Officer

VIII. CHANGES TO THIS PRIVACY POLICY

The practices described in this Policy are current as of January 1, 2007. Global MED-NET reserves the right to modify or amend this Policy at any time consistent with state and federal privacy laws, as they apply. Appropriate public notice will be given concerning such amendments.

Global MED-NET International, Inc. Privacy Policy

Global MED-NET International, Inc. ("Global MED-NET") respects individual privacy and values the confidence of its customers, employees, vendors, business partners and others. Global MED-NET strives to collect, use and disclose Personal information in a manner consistent with the laws of the countries in which it does business and has a tradition of upholding the highest ethical standards in its business practices. Global MED-NET abides by the Safe Harbor Principles developed by the U.S. Department of Commerce and the European Commission and the Frequently Asked Questions (FAQs) issued by the Department of Commerce on July 21, 2000. This Safe Harbor Privacy Policy (the "Policy") sets forth the privacy principles that Global MED-NET follows with respect to transfers of Personal information anywhere in the world, including transfers from the European Economic Area (EEA) (which includes the twenty-five member states of the European Union (EU) plus Iceland, Liechtenstein and Norway) to the United States.

I. SAFE HARBOR

The United States Department of Commerce and the European Commission have agreed on a set of data protection principles and frequently asked questions (the "Safe Harbor Principles") to enable US companies to satisfy the requirement under European Union law that adequate protection be given to Personal information transferred from the EU to the United States. The European Economic Area ("EEA") also has recognized the US Safe Harbor as providing adequate data protection (OJ L 45, 15.2.2001, p.47). Consistent with its commitment to protect Personal privacy, Global MED-NET adheres to the Safe Harbor Principles.

Global MED-NET has a Chief Privacy Officer who is responsible for Global MED-NET's compliance with and enforcement of this Policy and data security issues. Global MED-NET educates its employees concerning compliance with this Policy and has self-assessment procedures in place to assure compliance. Global MED-NET's Chief Privacy Officer, Nicholas N. Trutenko, and Corporate Legal Team are available to any of its valued customers, employees, vendors, business partners and others who may have questions concerning this Policy or data security practices. Relevant contact information is provided herein.

II. SCOPE

This Policy applies to all Personal information received by Global MED-NET in any format including electronic, paper or verbal.

Global MED-NET collects and processes Personal information concerning current and former employees and their respective family members, as well as applicants for employment manually, and may collect it through its Intranet and through electronic mail. Global MED-NET collects and processes Personal information concerning its potential customers manually and through its Internet site. As an integral part of its business, Global MED-NET collects and processes Personal information and Sensitive Personal information from its customers in a variety of ways, including manually, via telephonic means (including facsimiles), electronic mail, the Internet or its Intranet site. Global MED-NET is the sole owner of Personal information it collects from current and former employees, applicants for employment, customers, vendors and others. Global MED-NET will not sell or share this information with third parties in ways different than what are disclosed in this Privacy Policy. On a global basis, Global MED-NET will, and will cause its affiliates and business partners to, establish and maintain business procedures that are consistent with this Policy.

Personal information collected by Global MED-NET from employees and applicants for employment is maintained at its corporate offices in Naperville, Illinois, in the United States, as well as the local office of the employee or applicant. Global MED-NET collects Personal information for, among other things, legitimate human resource business reasons such as payroll administration, to fill employment positions, maintaining accurate benefits records, meeting governmental reporting requirements, security, health and safety management, performance management, company network access and authentication. Global MED-NET does not request or gather information regarding political opinions, religion, philosophy or sexual preference. To the extent Global MED-NET maintains information on an individual's medical health or ethnicity (as legally required) Global MED-NET will protect, secure and use that information consistent with this Policy.

Personal information and Sensitive Personal information collected by Global MED-NET from prospective customers, customers, vendors, business partners and others may be maintained at its Operations Center in Naperville, Illinois, in the United States or at a local Global MED-NET office. Global MED-NET collects Personal information and Sensitive Personal information for, among other things, legitimate business reasons such as customer service, meeting governmental reporting and records requirements, maintenance of accurate accounts payable and receivable records, internal marketing research, safety and performance management, financial and sales data, and contact information. All Personal information and Sensitive Personal information collected by Global MED-NET will be used for legitimate business purposes consistent with this Policy.

III. DEFINITIONS

For purposes of this Policy, the following definitions shall apply:

"Agent" means any third party that uses Personal information provided by Global MED-NET to perform tasks on behalf of or at the instruction of Global MED-NET.

"Global MED-NET" means Global MED-NET International, Inc., its predecessors, successors, subsidiaries, parent company, divisions and groups.

"Personal information" means any information or set of information that identifies or could be used by or on behalf of Global MED-NET to identify an individual. Personal information does not include information that is encoded or anonymized, or publicly available information that has not been combined with non-public Personal information.

"Sensitive Personal information" means Personal information that reveals race, ethnic origin, religious or political beliefs, trade union membership, or that concerns health or sex life. In addition, Global MED-NET will treat as Sensitive Personal information any information received from a third party where that third party treats and identifies the information as sensitive.

IV. PRIVACY PRINCIPLES

The privacy principles in this Policy are based on the seven Safe Harbor Principles.

NOTICE: Where Global MED-NET collects Personal information directly from individuals, it will inform them about the purposes for which it collects and uses Personal information about them, the types of non-agent third parties to which Global MED-NET discloses that information, and the choices and means, if any, Global MED-NET offers individuals for limiting the use and disclosure of their Personal information. Notice will be provided in clear and conspicuous language when individuals are first asked to provide Personal information to Global MED-NET, or as soon as practicable thereafter, and in any event before Global MED-NET uses the information for a purpose other than that for which it was originally collected. Global MED-NET may disclose Personal information if required to do so by law or to protect and defend the rights or property of Global MED-NET.
CHOICE: Global MED-NET will offer individuals the opportunity to choose (opt-out) whether their Personal information is (a) to be disclosed to a non-agent third party, or (b) to be used for a purpose other than the purpose for which it was originally collected or subsequently authorized by the individual.

For Sensitive Personal information, Global MED-NET will give individuals the opportunity to affirmatively and explicitly (opt-in) consent to the disclosure of the information to a non-agent third party or the use of the information for a purpose other than the purpose for which it was originally collected or subsequently authorized by the individual.

Global MED-NET will provide individuals with reasonable mechanisms to exercise their choices should requisite circumstances arise.
DATA INTEGRITY: Global MED-NET will use Personal information only in ways that are compatible with the purposes for which it was collected or subsequently authorized by the individual. Global MED-NET will take reasonable steps to ensure that Personal information is relevant to its intended use, accurate, complete, and current.
TRANSFERS TO AGENTS: Global MED-NET will obtain assurances from its Agents that they will safeguard Personal information consistently with this Policy. Examples of appropriate assurances that may be provided by Agents include: a contract obligating the agent to provide at least the same level of protection as is required by the relevant Safe Harbor Principles, being subject to EU Directive 95/46/EC (the EU Data Protection Directive), Safe Harbor certification by the agent, or being subject to another European Commission adequacy finding (e.g., companies located in Hungary and Switzerland). Where Global MED-NET has knowledge that an Agent is using or disclosing Personal information in a manner contrary to this Policy, Global MED-NET will take reasonable steps to prevent or stop the use or disclosure. Global MED-NET holds it Agents accountable for maintaining the trust its employees and customers place in the company.
ACCESS AND CORRECTION: Upon request, Global MED-NET will grant individuals reasonable access to Personal information and Sensitive Personal information that it holds about them. In addition, Global MED-NET will take reasonable steps to permit individuals to correct, amend, or delete information that is demonstrated to be inaccurate or incomplete. Any employee who desires to review or update their Personal information can do so by contacting their local Human Resources Representative. Any customer who desires to review, correct or delete their information can do so by contacting Global MED-NET International, Inc., Membership Services, 1751 W. Diehl Road, Suite 400 Naperville, Illinois 60563 USA, verifying their identity and providing their membership number.
SECURITY: Global MED-NET will take reasonable precautions to protect Personal information and Sensitive Personal information in its possession from loss, misuse and unauthorized access, disclosure, alteration and destruction. Security is designed to prevent unauthorized access to database equipment and hard copies of Sensitive Personal information and monitors access to its servers to provide protection from hacking or other unauthorized access. Global MED-NET limits access to Personal information, Sensitive Personal information and data to those persons in Global MED-NET's organization, or agents of Global MED-NET, that have a specific business purpose for maintaining and processing such information and data. Individuals who have been granted access to Personal information or Sensitive Personal information are aware of their responsibilities to protect the security, confidentiality and integrity of that information.
ENFORCEMENT: Global MED-NET will conduct compliance audits of its relevant privacy practices to verify adherence to this Policy and the US Department of Commerce Safe Harbor Principles. Any employee who Global MED-NET determines is in violation of this policy will be subject to disciplinary action up to and including termination of employment.

V. DISPUTE RESOLUTION

Any questions or concerns regarding the use or disclosure of Personal information or Sensitive Personal information should be directed to the Global MED-NET Privacy Inquiries Office at the address given below. Global MED-NET will investigate and attempt to resolve complaints and disputes regarding use and disclosure of Personal information and Sensitive Personal information in accordance with the principles contained in this Policy. For complaints that cannot be resolved between Global MED-NET and the complainant, Global MED-NET has agreed to participate in the dispute resolution procedures of the panel established by the European data protection authorities to resolve disputes pursuant to the Safe Harbor Principles.

VI. INTERNET PRIVACY

Global MED-NET sees the Internet, Intranets and the use of other technologies as valuable tools for communicating and interacting with consumers, employees, vendors, business partners, and others. Global MED-NET recognizes the importance of maintaining the privacy of Personal information collected through Web sites that it operates. Visitors on the Web may elect to voluntarily provide Personal information via Global MED-NET Web sites but are not required to do so. Global MED-NET collects information from visitors to the Web sites who voluntarily provide Personal information by filling out and submitting on-line questionnaires concerning feedback on the Web site, requesting information on products or services, or seeking employment. In general, the Personal information voluntarily provided by Web site users is contact information limited to the user's name, home and/or business address, phone numbers and e-mail address. Global MED-NET collects this information so that it may answer questions and forward requested information. Global MED-NET does not sell or share this information with non-agent third parties. In addition, Global MED-NET may offer customers the ability to subscribe as members over the Web and/or to provide additions or corrections to their records. In such event, customers will be required to provide Sensitive Personal information to Global MED-NET, and Global MED-NET may share this information with third parties in order to provide its emergency medical storage and forwarding information services to its customers in accordance with its membership program.

VII. CONTACT INFORMATION
Persons who wish to obtain access to their Personal information or Sensitive Personal information for purposes of correction or deletion or who wish to resolve a dispute with Global MED-NET over its Privacy Policy, should contact the following:

Access, Correct or Delete Personal Information

Contact: Global MED-NET International, Inc., Membership Services
1751 West Diehl Road, Suite 400 Naperville, IL 60563 USA
E-mail: membership@globalmednet.net

Dispute Resolution

Contact: Global MED-NET International, Inc., Privacy Inquiries
1751 West Diehl Road, Suite 400 Naperville, IL 60563 USA
E-mail: privacyofficer@globalmednet.net
Attention: Nicholas N. Trutenko, Chief Privacy Officer

Employees

Contact: Human Resources Representative
Employee's Local Office

VIII. CHANGES TO THIS SAFE HARBOR PRIVACY POLICY

The practices described in this Policy are current Personal data protection policies as of January 1, 2007. Global MED-NET reserves the right to modify or amend this Policy at any time consistent with the requirements of the Safe Harbor Principles. Appropriate public notice will be given concerning such amendments.

Chief Privacy Officer - Duties and Responsibilities

The Chief Privacy Officer ("CPO") shall have the ultimate responsibility to oversee and enforce all issues regarding the collection, storage and transfer of personal information anywhere in the world, by any medium, as they may apply to Goeken Group Corp. and all of its subsidiaries (Global MED-NET, Inc., Global MED-NET International, Inc., Polybrite International, Inc., Personal Guardian, Inc.).

The duties and responsibilities of the CPO shall include, but not be limited to, the creation of a domestic Privacy Policy consistent with state and federal law, assurance of compliance with state and federal privacy laws as they apply, and the creation of an international Privacy Policy consistent with the "Safe Harbor" provisions of the United States Department of Commerce as they apply to the European Economic Area, and the Company's adherence thereto.

The CPO shall create, oversee and enforce corporate policy as it relates to all issues regarding the collection, storage and transfer of personal information, whether electronic, paper or verbal, including, but not limited to, data security issues and practices, data systems security issues and practices and personnel security issues and practices.

Personal information to be protected shall include all information collected or processed from the Company's customers, potential customers, current and former employees, as well as applicants for employment, vendors, business partners and others.

The CPO shall take the necessary precautions to protect said information in the Company's possession from loss, misuse, and unauthorized access, disclosure, alteration and destruction.

The CPO shall ensure that the Company's affiliates and business partners have established and maintained business procedures that are consistent with the policies of the Company, as they apply to data security and confidentiality. The CPO shall take all reasonable steps to prevent or stop the misuse or unauthorized disclosure of personal information by any agent, affiliate or business partner of the Company.

The CPO shall investigate and adjudicate all questions, complaints or issues as they relate to the confidentiality and security of collected, stored or transferred personal information by the Company or its agents, and shall take action to ensure compliance with all applicable laws and policies, including, but not limited to, conducting self audits of compliance with said laws or policies, or disciplinary action, which may include termination of employees or agents violating said law or policy, or referral for possible legal action.

HIPAA - In Relation To Global MED-NET

The Health Insurance Portability and Accountability Act of 1996 ("HIPAA") does not apply directly to Global MED-NET ("GMN"). The entities HIPAA does apply to are: health plans, health care clearinghouses and those healthcare providers who conduct certain financial and administrative transactions electronically. The purpose of HIPAA is to regulate and protect electronically maintained or transmitted individual health information by these covered entities. GMN is not one of these entities.

GMN does, however, consider the privacy and security of personal health information to be of the utmost importance. Personal information of GMN members is never used for any purpose other than that for which it was consented to and intended by its members. Access to this information is strictly limited in a secured setting to GMN personnel who have signed Confidentiality Agreements, and only to those who have a need to access in order to provide the GMN service on behalf of its members.

Dispute Resolution

Persons who wish to resolve a dispute with Global MED-NET over its Privacy Policy should contact the following:

Dispute Resolution

Contact: Global MED-NET, Inc., Privacy Inquiries
1751 West Diehl Road, Suite 400, Naperville, IL 60563
E-mail: privacyofficer@globalmednet.net
Attention: Chief Privacy Officer