Privacy Policy
All terms in capital letters not otherwise defined herein, shall have the meaning ascribed to them in the terms of use as they appear https://parkinson.hitheal.org.il/termsofuse (the “Terms of Use”).
This privacy policy (the “Privacy Policy”) is intended to explain how we collect, use and otherwise process information collected from Users, whether these are Patients, or Health Care Providers.
1. Definitions
For the purposes of this Privacy Policy:
1.1. “Device” means any device that can access HEAL-Parkinson such as a computer, a cellphone, a smart watch or a digital tablet.
1.2.
“Personal Data” is any information
that relates to an identified or identifiable individual.
For the purposes of GDPR, Personal Data means any information relating to You
such as a name, an identification number, location data, online identifier
or to one or more factors specific to Your physical, physiological,
genetic, mental, economic, cultural, or social identity or any information as
specified in section 3.
2. Legal Age
The Application and the Services are intended for adults. Users under the age of eighteen (18) are not permitted to use the Application and Services without the consent of a parent or legal guardian. We have the right to implement age verifications measures, and to subject the right to download and use the Application to pass such verification.
3. Personal Data that we collect and Process
We might collect, receive, use and process Personal Data that:
3.1. You voluntarily provide; and/or
3.2. Your Health Care Provider provides;
3.3. We collect through your use of the Application and Services;
3.4. We receive in connection with any User issues that also relate to; our operation of the Application and Services (such as User support);
3.5. We receive from other third parties;
4. The Types of Information that we might collect, receive, use and process:
4.1. We may collect different categories of personal information depending on your activities on HEAL-Parkinson and depending also on whether you are a Patient or Health Care Provider.
4.1.1.Contact Information: Unique user code or number; first and last name; email address; telephone number.
4.1.2.Demographic Information: address, age, gender, education level, occupation.
4.2. Information based on answers provided by Patients on Applications questionnaire such answers may be yes/no, selection from a list, completion from a list of options, or in form of free text.
4.3. Information collected by device sensors:
Audio and visual data – information collected from devices camera and microphone, such as sounds and images.
Position and movement data: information collected from proximity sensors, GPS, accelerometer, gyroscope and magnetometers.
4.4.
Application Use Data: Unique access code,
Application Version, Mobile Device type, Operating System
version, Account creation date, User activity level, Notification usage,
Interaction with product features, , satisfaction survey.
4.5. Support interaction data.
4.6. At no time shall Personal Data collected from you in accordance with this Privacy Policy or any information or materials derived from such Personal Data be deemed to be an electronic health record or an electronic medical record for purposes of compliance with the Health Insurance Portability and Accountability Act of 1996.
4.7. You are not obligated to provide us with any of the above information under any applicable law. However, we will not be able to operate the Application and/or provide you with the Services or part of them, as applicable, if you do not agree, or if you withdraw your consent, or request to object (all as detailed under section 12 with respect to your rights) to our processing of these data items. Therefore, if you do not agree to us collecting the above Personal Data, please do not use the Application or any part of it.
5. The Purposes for which we use your Personal Data.
5.1. Provision of the Services and use and access thereto: your Personal Data as described above is used by Us for (i) allowing You access to the Application (ii) provision of the Service as intended. This is based on our contract with You as stipulated in the Terms.
5.2. Certain Purpose: If You provide Personal Data for a certain purpose, We may use the Personal Data in connection with that purpose for which it was provided. For instance, if You contact Us by e-mail, We will use the Personal Data you provide to answer Your question or resolve Your problem and will respond to the email address from which the contact came. This is based on Your consent and on Our obligations under the Terms.
5.3. We use Your information to send You emails with regards to Your operation of the Application (e.g., account verification, notify You of changes/updates to features, credentials change, technical and security notices).We may use Your personal information to respond to Your requests and messages, including with respect to Your rights as data subject, as well as to initiate contact with You on issues related to the Application or Services or support and maintenance issues.
5.4. Internal-Business Purpose: We may use Your Personal Data for internal business purposes, including without limitation, to help Us improve the content and functionality of the Application and our Services to better understand Our Users, to the Application and our Services, to protect against, identify or address wrongdoing or fraud, to enforce Our Terms of Use and this Privacy Policy, to manage Your Account and registration and provide You with customer service, and to generally manage the Application, , Our Services and Our business. This is based on Our legitimate interests, and Our contractual obligations set forth in the Terms of Use.
5.5. Marketing Purpose If, upon subscription to the Application and the Service, You’ve confirmed Your assent to receive promotional and other commercial information by Neurology Department of Rabin Medical Center then Company shall be entitled to use certain aspects of the Personal Data for promotional purposes, such as to offer You additional products or services. Under such authorization, Company shall not divulge such Personal Data to third parties, unless You consent to this. You have the right to withdraw Your consent to receive marketing materials at any time, by sending Us such request via Our e-mail address tomask@hit.ac.il
5.6. Security and Dispute Resolution: We may use Personal Data to protect the security of the Application and Services, to detect and prevent fraud, fishing, identity theft, data leakage, to confirm the validity of software licenses, to resolve disputes and enforce Our agreements. This is based on Our legitimate interest, and Our contractual obligations as set forth in the Terms of Use, as applicable.
5.7. Data Retention, Archives: In the interests of the User, We retain and archive Personal Data as long as it necessary to obtain Our Services, meet with contractual obligations, laws and regulations and subject to Our retention policies, User’s “right to be forgotten” and this Privacy Policy.
5.8. Transfer/Share/Disclose Data: We will not Transfer/Share/Disclose any Personal Data unless it is necessary to perform our services to you and on “need to know basis”. Therefore, We may share Your Personal Data with Our affiliates, contractors and service providers who process Personal Data on Our behalf to perform certain business-related functions. While We do so We make sure that they will be bound to maintain that Personal Data in accordance with this Privacy Policy.
5.9. Other Purposes: If We intend to use any Personal Data in any manner that is not consistent with this Privacy Policy, You will be informed of such anticipated use prior to or at the time the Personal Data is collected, used or processed, unless such other purposes are related to the purposes above.
6. With Whom We Share your Personal Data
6.1. For data storage and cloud services, the Personal data collected by us is stored at Google Cloud]
6.2. For two- factor authentication we will share your phone number and e-mail address with Google firebase.
6.3. In order to deliver Our Services, data may be processed by Our third parties service providers of the following categories: email exchange servers services, SMS providers, data storage providers, analytics providers (“Suppliers”). We transfer only the minimum data that is necessary for conducting our services. The data is transferred only to suppliers approved by Us that allow for compliance with GDPR. Our Suupliers do not have any right to use, Your Personal Data collected from Our Apploication beyond what is necessary for the purpose of facilitating Our provision of the Application and Services.
6.4. We may disclose Your Personal Data if required to do so by law in order to (for example) respond to a subpoena or request from law enforcement, a court or a government agency (including in response to public authorities to meet national security or law enforcement requirements), or in the good faith belief that such action is necessary to (a) comply with a legal obligation, (b) protect or defend Our rights, interests or property or that of third parties, (c) prevent or investigate possible wrongdoing in connection with the Services, (d) act in urgent circumstances to protect the personal safety of Users of the Services or the public, or (e) protect against legal liability.
6.5. In the event of a corporate sale, merger, reorganization, dissolution or similar event, Personal Data may be part of the transferred assets. Your information may be transferred as part of that transaction to a successor in interest and to the applicable legal authorities as well as legal counsels and other professional counsels involved such as accountants, and other officers of the government or of the applicable judiciary instance. You acknowledge and agree that any successor to or acquirer of Company (or its assets) will continue to have the right to use Your Personal Data and other information in accordance with the terms of this Privacy Policy.
7. Transfer of personal data of EEA data subjects, outside the EEA
Personal Data may be transferred, stored and processed in countries outside the EU or European Economic Area (EEA). Such transfer to third countries may include countries that do not ensure adequate level of data protection laws as required by EU privacy laws. We will only transfer Your personal data outside the EEA (1) to countries recognized as adequate by the EU commission; (2) if no adequacy status is granted, then subject to the implementation of the applicable safeguards provided by applicable law (including the GDPR); (3) if no safeguards are available, then subject to acceptable derogations as set forth in the GDPR.
8. Your rights in relation to your Personal Data
8.1. The right to be informed about how Your Personal Data is being used.
8.2. Right of Access, Updating, Correcting and Deleting: You have the right to request access to Your Personal Data that we process. You also have the right to request to correct or rectify any inaccurate Personal Data that we process about You, or delete it, depending on the circumstances, all subject to applicable laws and regulations, and Our internal processes and procedures for complying with such requests.
8.3. You may request the deletion or correction of Your Personal Data by submitting a written request to Us through tomask@hit.ac.il. Please note however, that deleting information from the Application through submitting a request to Us, may have detrimental effect on Your ability to use the Application or on the performance of the Application, and any such effects and results are at Your own risk and liability.
8.4. Please note that uninstalling the Application does not delete Your Account and information.
8.5. Right to Restriction of Processing: You may have the right to restriction of processing subject to applicable laws. If You wish to object the processing, You are required to contact Us at: tomask@hit.ac.il
8.6. The right to object to processing activities, if the processing is based on Our legitimate interest;
8.7. The rights to withdraw consent at any time, if the processing is based on consent
8.8. The right to object to processing of Personal Data for direct marketing purposes
8.9. In some circumstances, the right to request that we transfer or port elements of Your data either to You or another service provider – if the processing is based on Your consent, and is made by automated means.
8.10. The right to lodge complaint with a supervisory authority. However, prior doing so, You are encouraged to contact Us directly by email to tomask@hit.ac.il in order to resolve the issue quickly and efficiently, if You wish to do so.
9. Security of Personal Data
9.1. We are committed to protecting the security of any Personal Data on our database and network. We use a variety of security technologies and procedures to help protect all Personal Data from loss, misuse, unauthorized use, access, inadvertent disclosure, alteration and destruction. However, no network, server, database or Internet or e-mail transmission is ever fully secure or error free. Therefore, You should take special care in deciding what information You disclose.
10. Links to Other Websites
This Privacy Policy applies only to the Application and the Services. The Application may contain links to other websites not operated or controlled by Company (the “Third Party Sites”). The policies and procedures We described here do not apply to the Third Party Sites. The links from the Licensed System and/or the Application do not imply that Company endorses or has reviewed the Third Party Sites. We suggest contacting those sites directly for information on their privacy policies.
11. Change to this Privacy Policy
We may change this privacy notice from time to time, to reflect how we are processing Your data, including following any regulatory changes or Our internal policies.
If We make significant changes, We will make that clear on the Application or by some other means of contact such as email, so that You are able to review the changes before You continue to use the Application.
12. How to Contact Us
Please don’t hesitate to contact Us at tomask@hit.ac.il, and We will be happy to answer any questions You may have concerning this Privacy Policy, deal with Your complaint, or help You exercise any of Your rights as set out above.