Privacy policy

Privacy policy NeuroPath Navigator (the “Privacy Policy”) Document version v1.1

Last updated: 22 June 2020

This privacy policy refers to NeuroPath Navigator v0.x.x

1. Introduction

NeuroPath BV (with registered office at Rue Jean Burgers 2, 7850 Enghien, Belgium and company number 0664.788.807) will process your Personal Data gathered through the NeuroPath platform (the Platform”).

 

NeuroPath finds the protection of your privacy very important. NeuroPath processes your Personal Data in accordance with the GDPR. NeuroPath wishes to inform you on how your Personal Data will be processed by NeuroPath and how you can control the processing of your Personal Data. You can find more information about your Personal Data and your privacy here.

In this policy the term ‘Personal Data’ will be used often. Personal Data is any information that can identify you. Examples of such information are your name, your email address, etc.

2. How are your Personal Data used and how can you contact us?

NeuroPath processes the Personal Data it collected or that you provided through the Platform. Processing of your Personal Data means any sort of operation performed with respect to your Personal Data. Examples of processing activities are: using, accessing, storing, deleting, viewing, etc. Personal Data.

 

In some cases NeuroPath will have the role of a data controller, which means that NeuroPath decides on how and why your Personal Data are collected and used. In other cases, NeuroPath will have the role of a data processor, which means that NeuroPath processes your Personal Data on behalf of another party, i.e. in which case that party decides on how and why your Personal Data are collected and used. In such case, Personal Data will be transferred to third parties in accordance with section 6 of this Privacy Policy.

 

If you have any questions about how your Personal Data are processed, you can contact the data protection officer of NeuroPath at dpo@NeuroPath.life.

3. Which of your Personal Data are collected by NeuroPath?

NeuroPath processes different types of Personal Data; this depends on how you use the Platform. NeuroPath might process these Personal Data when you use the Platform:

Contact information: Personal Data such as name, email address, login and password, etc.

Health and Medical information: Personal Data concerning your health and medical condition such as treating doctor and medical center, information in respect of the diagnosis, self-reported results, symptoms, use of medication, scans, etc.

History and logs: Personal Data such as browser type, OS information, etc.

Technical information: Personal Data such as data from computers, telephones or other devices on which you use the Platform, your IP address, browser type, etc.

Cookies: For more information, reference is made to our Cookie Policy.

 

If you provide Personal Data relating to another person through the Platform or with a view to use the Platform, you guarantee that you have informed that other person and that you have received its explicit consent to communicate that person’s Personal Data.

4. Why does NeuroPath process your Personal Data?

NeuroPath processes your Personal Data for a certain purpose; this purpose justifies the processing of your Personal Data by NeuroPath. Different purposes may apply depending on the type of Personal Data NeuroPath processes. Below you will find an overview of the purposes for which your Personal Data are processed by NeuroPath:

 

Contact information:  

Purpose – Your contact information is used for authentication and authorization purposes (i.e. your identification and access as a user), communication purposes, to give a (potentially anonymous) testimony or to answer support questions, for the operation of the Platform, etc.

Lawfulness of Processing – This processing is justified by your consent, the legitimate interest of NeuroPath or the performance of the agreement between NeuroPath and you.

 

Health and Medical information: 

Purpose – Your health and medical information is used for academic, clinical, educational, informational, medical, or other research (including any product development for such purposes) and is also used to improve the operation of the Platform and the provision of other products and services.

Lawfulness of Processing – This processing is justified by your consent.

 

History and logs: 

Purpose – History and logs are used to provide service support and to improve the operation of the Platform and other NeuroPath products and services, etc.

Lawfulness of Processing – This processing is justified by the legitimate interest of NeuroPath.

 

Technical information:

Purpose – Technical information relating to you is used to provide service support, and to improve the operation of the Platform and other NeuroPath products and services, etc.

Lawfulness of Processing – This processing is justified by the legitimate interest of NeuroPath.

 

Legitimate interest means that the interest of NeuroPath prevails over your interest, because the processing of your Personal Data shall not create a risk to your fundamental rights and freedoms. The processing of your Personal Data might be necessary for the performance of the agreement between you and NeuroPath. NeuroPath will not be able to comply with certain of its obligations if you refuse to provide or the processing of your Personal Data. For example, the processing of your Personal Data might be necessary to provide you access to the Platform or respond to your questions.

 

When you provide consent, this consent is always free, and you have the right to withdraw this consent at any time. When you withdraw your consent, NeuroPath will no longer process your Personal Data, unless that processing is based on legitimate interest or the performance of the agreement.

The purposes that are listed here may not be complete and NeuroPath may process your Personal Data for another legitimate reason. When this is the case NeuroPath will notify you as soon as possible of this new purpose.

 

5. When do you communicate your Personal Data?

You communicate Personal Data to NeuroPath when:

– you register your account on the Platform;

– you add information on the Platform;

– you visit the Platform;

– you load the Platform in your browser;

– when you navigate to a new page of the Platform;

– errors or bugs occur;

– . . .

6. Are your Personal Data processed by other parties?

When NeuroPath engages a third party that provide services for NeuroPath and this third party processes your Personal Data, this third party always acts under the responsibility of NeuroPath and NeuroPath will protect your Personal Data as well as possible in accordance with the GDPR.

If you are directed to another application, platform or website through the Platform, other terms and conditions and other privacy and cookie policies may apply. You should take into account and read these terms and conditions and privacy and cookie policies of the other applications, platforms and websites you visit.

7. Are your Personal Data used for profiling?

NeuroPath may use your Personal Data for profiling. Profiling means that your Personal Data might be processed automatically by NeuroPath, without human interference. You must know that this profiling does not produce legal effects concerning you and does not significantly affect you.

 

NeuroPath might use your contact information for profiling to improve the knowledge in respect of Parkinson’s Disease for the general interest. If you would like to know more about the underlying logic of this profiling, you can request more information on the mathematical or statistical procedures of this logic by addressing a written request to NeuroPath at dpo@NeuroPath.life.

8. Are your Personal Data used for direct marketing?

NeuroPath will not use your Personal Data for direct marketing purposes.

9. Are your Personal Data transferred outside the European Economic Area?

NeuroPath may transfer your Personal Data to countries outside the European Economic Area. In this case, NeuroPath shall use appropriate safeguards to ensure the protection of your Personal Data and your fundamental rights and freedoms.

10. How long will your Personal Data be stored?

NeuroPath stores your Personal Data during the time periods set out below:

Contact information: Your contact information is stored (i) as long as the consent you provided is valid, or longer, (ii) if and as long as NeuroPath has a legitimate interest or (iii) as long as needed for the performance of the agreement.

Health and Medical information: Your health and medical information is stored as long as the consent you provided is valid or longer.

History and logs: The history and logs are stored as long as NeuroPath has a legitimate interest.

Technical information: The technical information relating to you is stored for 26 months or longer if and as long as NeuroPath has a legitimate interest. 

 

NeuroPath keeps on storing your Personal Data even if you temporarily stop using the Platform until you permanently delete your account by contacting NeuroPath via support@neuropath.life. Even when your account is deleted, NeuroPath might still process and disclose your Personal Data to third parties after your Personal Data has been anonymized or encrypted. Your Personal Data might however still be used by NeuroPath when the terms and conditions determine this. You can consult the terms and conditions of the Platform here.

11. How are your Personal Data protected and kept safe by NeuroPath?

NeuroPath has developed appropriate measures to protect your Personal Data against loss, misuse, or unauthorized alteration in accordance with applicable Belgian and European regulations. A team of technicians works at NeuroPath to ensure the safety of your Personal Data by using automated systems, and advanced technologies. If you would like to know more about the appropriate security measures and safeguards, you can request more information by addressing a written request to dpo@NeuroPath.life.

 

Even when NeuroPath uses its best efforts to keep your Personal Data safe, you should know that there are always risks associated with sending Personal Data over the internet and that the security and protection of your Personal Data can never be fully guaranteed.

12. What rights do you have?

You have the following rights under the applicable laws and regulations:

– to receive confirmation that NeuroPath processes your Personal Data and access to these Personal Data;

– to demand correction of any inaccurate or incomplete Personal Data;

– to have your Personal Data deleted by NeuroPath;

– that NeuroPath provides you with your Personal Data processed by NeuroPath so that you can transfer them to another party;

– to obtain a limitation of the processing of your Personal Data from NeuroPath;

– to receive your Personal Data in a structured, common and machine-readable format; and

– to prevent the processing of your Personal Data and the use of your Personal Data for direct marketing purposes.

 

You can exercise your rights yourself on your account on the Platform or you may exercise these rights by contacting the data protection officer.

You can file a complaint with the competent supervisory authority if the processing of your Personal Data violates the applicable regulations. In Belgium the competent authority is the Data Protection Authority (“Gegevensbeschermingsautoriteit”) https://www.dataprotectionauthority.be.

13. Amendments to this Policy

NeuroPath may amend this policy, when the processing by NeuroPath of your Personal Data changes. The date of the most recent version is shown at the top of the policy.

14. Consent for disclosure

NeuroPath may disclose your Personal Data if this is required by law, or if NeuroPath determines in good faith that such disclosure is required in order:

– to comply with any pending judicial inquiry, judicial order or litigation;

– to respond to claims against NeuroPath regarding Personal Data that violate any rights of third parties;

– to safeguard the rights, property and safety of NeuroPath, its employees, users, and the general public.

 

NeuroPath may disclose your Personal Data to competent police or judicial authorities or other official government authorities if NeuroPath deems this useful or necessary, in its sole discretion, for the investigation of fraud, intellectual property infringement or any other harmful activity, or if NeuroPath reasonably suspects that such activity may expose NeuroPath or you to any liability.

15. Liability

If NeuroPath has legitimately transmitted your Personal Data to a third party (not being a processor or subprocessor), NeuroPath shall not be liable for any unlawful processing or unlawful use by that third party.

Under no circumstances does NeuroPath accept responsibility for any direct or indirect damage resulting from faulty or unlawful use of the Personal Data by a third party (not being a processor or subprocessor).

 

NeuroPath is also not liable when third parties process or use your Personal Data illegitimately and NeuroPath has taken appropriate technical and organizational measures to go against such illegitimate processing or use.

NeuroPath is in any case only liable for the damage caused by processing of Personal Data if it did not comply with its specific obligations under the GDPR. NeuroPath shall in no event be liable for any special, incidental, indirect or consequential losses or damages.

16. Applicable law

This policy shall be governed, interpreted, and implemented in accordance with Belgian law, which applies exclusively in the event of any dispute.

European Headquarters

Belgium:
NeuroPath
La Lanterne, Rue Jean Burgers 2, 7850 Enghien
Technologielaan 9, 3001 Heverlee
Email: contact@neuropath.life

North American Operations

United States:
NeuroPath US, Inc.
222 W. Merchandise Mart Plaza, suite 1230
Chicago, IL 60654
Email: contact@neuropath.life