Terms and Conditions

COMUNICARE

Privacy policy

Quai Banning 6

4000 Liège (Belgium)

COMUNICARE SOLUTIONS SA develops and operates the Comunicare application and platform (www.comunicare.be)

Comunicare enables a better communication between patients and caregivers in the context of chronic diseases or complex care episods. It provides personalized information on the patient care plan, appointments, recommendations and tools for a better quality of life. The patient can share information with his/her relatives and the medical staff. The processing of the resulting analytical data is useful for quality of life and medical research.

Privacy Policy

(version of 15/9/2023)

Introduction

The protection of your privacy and of your personal data is very important for COMUNICARE SOLUTIONS (hereinafter ‘ COMUNICARE ‘), the publisher of the mobile application that your health care provider (hereinafter ‘HEALTH CARE PROVIDER’) recommended you. The objective of the present policy document is to inform you about the conditions under which your personal data is collected and processed when you use this software and its related services, hereinafter jointly called “application”.

COMUNICARE complies with the General Data Protection Regulation (GDPR) established by the European Parliament and the Council of the European Union, as well as all regulations related to the protection of privacy and personal data.

Your data is processed under the joint responsibility of your HEALTH CARE PROVIDER and COMUNICARE (hereinafter collectivelywe”), which together determine the processing of health data.  

Under the meaning of this regulation, the HEALTH CARE PROVIDER is the “controller” and COMUNICARE the “processor”.    

When enrolling in the application, the HEALTH CARE PROVIDER has asked or will ask you for your explicit consent for us to process your personal data as listed further below, as part of your health care pathway. By using the application, you confirm this authorization.      

The GDPR requests that the information concerning your rights related to your personal data be communicated to you in a concise, transparent, understandable manner, and in simple terms. This policy document pursues this ambition.

If you are a child, you have the right to request that this is explained to you in a simple and understandable manner. Do not hesitate to ask us for this explanation.

 

The following topics will be explained further below:

  • What do we mean by personal data processing? 
  • What data is collected and how is it processed? 
  • For what purpose do we process your data? 
  • Who do we share your data with? 
  • Do we transfer your data abroad? 
  • What are your rights? 
  • How long do we keep your data? 
  • How do we secure your data? 
  • Links to other sites
  • Modification of this policy document
  • How to contact us ? 

What do we mean by the processing of your personal data ?

The term “personal data” is used here to refer to any information concerning an identified or identifiable individual (natural person).   

The term “processing” designates any operation or set of operations, carried out by an automated or a manual process, and applied to personal data or sets of data, such as the collection, the recording, the organization, the structuring, the storage, the adaptation or modification, the extraction, the consultation, the use, the transmission, the dissemination or any other form of provision, the reconciliation or interconnection, the limitation , the deletion or the destruction of data. 

What data is collected and how is it processed?

The COMUNICARE application may collect and process the following personal data :

  • Identification data such as your name, first name, date of birth, place of birth, sex;
  • Contact data: your mailing address, email address, telephone number ;
  • Data related to your care pathway: your medical agenda, your feelings and your experience on your care pathway, your drugs and confirmation of their intake, your physiological parameters necessary for medical monitoring (entered manually or via Bluetooth), your physical activity (entered manually or captured via the health application, e.g Google Fit or Apple Health Kit), the images you upload to the application;
  • Limited identification data about the persons with whom you have decided to share some of your information contained in the application: first name, last name, email address, mobile phone number;
  • Data about your online behaviour when using our application: the links you click within the application, the internal pages you visit in the application, the external pages you visit from the application;
  • Data about the issues, the complaints and the remarks that you communicate to us about the usage of the application;
  • Cookies: we use only essential cookies (i.e. files with a small amount of data, which may include a unique and anonymous identifier, that are stored on your smartphone or computer) necessary for the proper functioning of the application (e.g. for the management of connection time and language preferences); we do not use other cookies (e.g. for commercial or marketing purposes).

We have set up the adequate measures to ensure that your personal data is processed in compliance with the security obligations that are imposed by applicable law.

For what purpose do we process your data?

We collect and use your personal data for specific, explicit, legitimate purposes, and we do not use this data for any further purposes that are not compatible with the following:

  • To improve your care pathway and your comfort in this pathway;
  • To provide relevant information to the authorized persons who contribute to your care pathway (doctors, nurses, other health care providers, and, if applicable, the persons you have authorized, e.g. some of your relatives);With anonymised data, to help improve the medical knowledge related to your disease and its evolution for the benefit of yourself and other patients (“anonymised” means that this data does not contain any identification nor contact information; hence it is not ‘personal data’ anymore).
  • Through our processing no decision concerning you is taken in an exclusively automatic manner.

The usage of your data is based on the following legitimacy:

  • The willingness to facilitate your care pathway and to help improve its quality and efficiency;
  • For the HEALTH CARE PROVIDER, a better follow up of all relevant parameters about your care pathway and your outcomes during this care pathway;
  • Data processing is also necessary for the purposes of the legitimate interests pursued by COMUNICARE, that is to say, to develop, to improve and to maintain its software; anonymized statistics about the usage of the software may also appear in the application descriptions;
  • Consent: you have given your explicit consent to the HEALTH CARE PROVIDER so that we can use your personal data for the purposes set out above; we will ask for your explicit consent again should we have a need to go beyond these purposes. While we process your data on the basis of your consent, you have the right to withdraw this consent at any time. When we process your data on the basis of our legitimate interest, you may at any time inform us that your interest takes precedence over ours.

We process your personal data in the following circumstances:

  • The application collects your data during the registration process, namely your last name, your fist name, your address, your email address, your mobile telephone number or any other contact data. We process this data in order to authenticate and secure access to your data, and to manage the data transfer with the HEALTH CARE PROVIDER and the health professionals who have a therapeutic relationship with you.
  • The application processes your medical data that is necessary for its operation, more precisely the information transmitted by the HEALTH CARE PROVIDER, the information that you enter yourself, as well as data about your usage of the application.
  • We collect and process your data when you contact us for support or when you complete satisfaction surveys.

Who do we share your data with?

Your medical data and the information that you enter or transfer from other devices in the application are made available to the personnel of your HEALTH CARE PROVIDER for a better monitoring of your treatment.

In addition, the application allows you to identify persons with whom you desire to share certain data. This data may concern, on your own choice, all or part of your care pathway:  your medical diary, your outcomes and your experience with your care pathway, your medications, your physical activity. You can stop this data sharing at any time.

The application is currently being validated in various countries (e.g. in Belgium by the mHealthBelgium platform) for reimbursement by the health insurance company. This means that your identity and the fact that you use our application can be communicated to your health insurance fund or health insurers. This communication is justified because these organisations are likely to participate in the financing of the application which is put at your service and in statistical studies to evaluate the benefit of this application. Under no circumstances are your medical data transmitted to these third parties. These organisations are bound not only by their own obligations of confidentiality, but also by a complementary agreement between them and us in which they undertake to protect the information that we communicate to them.

Your medical data may be shared with third parties for whom you have given or will give us your consent (for example, as part of sharing with an e-health vault, a medical research or a clinical study).

The application and your data are hosted in a hosting data centre with the protections described below (How do we secure your data?). We guarantee that this provider only has access to your data to the extent necessary to perform server maintenance tasks. We also guarantee that he is bound by an obligation of confidentiality and that he can only process the data in accordance with the instructions we give him.

Mandatory transfers

We may be required to transmit your personal data. This would be the case when a law, regulation or legal process (such as a court order) would oblige us, or when demanded by public authorities in action under the law. We may also find that it is necessary or desirable to disclose your data to protect your vital interests when you are unable to provide your consent.

Other cases of transmission

We also reserve the right to transmit any data we hold about you in the event of the sale or disposal of all or part of our activities or assets. We are committed in this case to do everything in our power for the transferee to use your data in accordance with this policy document. If such a sale or transfer should occur, you can contact the transferee, ask questions concerning the processing of your data and continue to exercise all your rights relating to your data.

Data transfer abroad

Certain data on the use of the application, completely anonymized (that is to say, not allowing them to be linked to your person) and without any medical nature, are communicated to external partners to enable us to perform detailed usage statistics of the application.

Data retention period

Unless your right to erasure is applied (described in detail in the ” Your rights ” section below) , your complete data will be kept as long as you are considered as a user ; hence you can resume using our services without having to re-enter your data even after a period of inactivity. 

Data received from third-parties

If it would be needed that we receive from a third party and process data concerning you (for example, retrieval of information from another care monitoring system for the purpose of service continuity) we would:

  • inform you about their nature, origin and the purpose of this transfer
  • protect and process this data in the same way as the data we collect

Your rights

You have the following rights related to your personal data that we process:

  • Right to access your data,
  • Right to rectify,
  • Right to erase and to object,
  • Right to restrict processing
  • Right to data portability

These rights are described in more detail below.

If you wish to exercise these rights, please contact us in writing 

  • By regular mail to :  COMUNICARE SOLUTIONS SA, Quai Banning 6, 4000 Liège, Belgique
  • Or by e-mail to : privacy@comunicare.be

and by enclosing a copy of your identity document which will be destroyed by us as soon as your request was processed.

COMUNICARE will transfer your request to the HEALTH CARE PROVIDER if it concerns its responsibility.

You also have the right to lodge a complaint with a supervisory authority.

Right to access

After your personal data have been collected and saved by us, we will provide you access to these data and any other additional information: purpose of the processing, data categories, potential third-party recipients, period of retention, and your additional rights relating to this data.

Right to rectify

In the event that your personal data is incorrect or incomplete, you have the right to have this data corrected and / or completed as soon as possible.

Right to erase and to object

You can ask us to erase your personal data. Your request will be executed as soon as possible if one of the following conditions is met:

  • This data is no longer necessary with regard to the purpose (s) for which it was collected;
  • The data processing is based on your sole consent and you withdraw your consent;
  • You object to the processing of your data for a reason relating to your particular situation and we have no compelling legitimate reason to assert (for example a legal obligation) ;
  • If it has been established that your personal data has been unlawfully processed by us ;
  • Your data must be erased to comply with a legal obligation to which we are subject.

In this case, we will be obliged to inform the third parties to whom we have transmitted your personal data.

This right to erasure does not apply insofar as keeping the data is necessary for:

  • The exercise of the right to freedom of expression and information;
  • Complying with a legal obligation;
  • Exercising or defending any of our rights in court.

Right to restrict processing

You have the possibility to request the restriction of the processing of your personal data. Your request will be valid if one of the following criteria applies:

  • You dispute the accuracy of your data : the use of your data will then be limited to the time necessary to verify the accuracy of your data;
  • In the event of unlawful processing, you oppose the erasure of your data, but instead request the limitation of their use;
  • We no longer need your data but you need it for the establishment, exercise or defense of your legal rights;
  • When you have objected to the processing of your data for a reason relating to your particular situation, during the time necessary to check whether our legitimate grounds override yours.

Right to data portability

You have the right to ask us to provide you with your personal data that we hold in a structured machine-readable format. You may then forward them to another entity for processing or ask us to forward them directly to that entity.

How do we secure your data?

Your data is encrypted and is kept locally on the mobile device on which you installed the application and in the secured database of our server(s). All data exchanges between the application and the server(s) are encrypted according to standard protocols. We ensure that your personal data is protected by adequate safety measures (technical and organizational) against loss, destruction, alteration, use, disclosure or unauthorized access, be it accidental or illicit.

Technically, our staff manages the overall maintenance of the application and data that is hosted in a datacentre with the support of cybersecurity experts and in redundant infrastructures based in Belgium. High level protections are provided:

  • Access security: infrastructures are equipped with access control technologies.
  • Redundancy of the electric supply
  • Cooling of the computer equipment by suitable means.
  • Fire protection by specialized fire extinguishers and other physical precautions (for example, fire detectors)
  • Procedures: the operation of the centres is governed by strict procedures.

Further information

The present data protection policy summarizes the rights and obligations related to the processing of your personal data in the context of the use of the COMUNICARE application. We remain at your disposal should you require any clarification.

The General Data Protection Regulation (GDPR) established by the European Parliament and the Council of the European Union as referred to at the beginning of this document can be accessed by one of the following links: display as HTML or download as PDF.

Modification of this policy document

In the future, we may be led to amend this document. If these changes imply a lesser protection of your personal data, we will inform you personally and explain the changes and the reasons for them. You will of course continue to be able to exercise your rights under the GDPR Regulation and national laws.

How to contact us?

By regular mail: COMUNICARE SOLUTIONS SA, Quai Banning 6, 4000 Liège, Belgique

By email: