Index
- Privacy policy
- Privacy policy Apps for Care and Science Foundation and Hematology App
- Legal frameworks for handling data
- Starting points
- Privacy Statement Apps for Care and Science Foundation
- Who we are
- What is your personal information used for?
- How long is your personal information stored?
- What are your rights?
- How are your personal data protected?
- How can you contact the Foundation?
Privacy policy
1.1 Privacy policy Apps for Care and Science Foundation and Hematology App
The Apps for Care and Science Foundation handles personal data of employees and (chain) partners. Personal data is mainly collected for the proper execution of tasks related to the objective of the foundation. One must be able to trust that the foundation will handle the personal data with care and security. During this time, the foundation also follows new developments. New technological developments, innovative facilities, globalization and an increasingly digital environment place different demands on data protection and privacy. The Apps for Care and Science Foundation is aware of this and ensures that privacy remains guaranteed, for example through measures in the field of information security, data minimization, transparency and user control.
The board, management and employees play a crucial role in guaranteeing privacy.
Through this policy, the Apps for Care and Science Foundation gives a clear direction to privacy and shows that it guarantees, protects and maintains privacy. This policy applies to the entire foundation, all processes, parts, objects and data collections of the foundation. This privacy policy of the Apps for Care and Science Foundation is in line with national and European laws and regulations.
The Hematology App, a development of the Apps for Care and Science Foundation, handles only simple data (email addresses) of local principal investigators of studies in the Trial Tool, which is part of the Hematology App.
1.2 Legal frameworks for handling data
The Apps for Care and Science Foundation is responsible for drawing up, implementing and enforcing the policy. Among other things, the following legal frameworks apply:
- General Data Protection Regulation (GDPR)
- Implementation Act General Data Protection Regulation
1.3 Starting points
The Apps for Care and Science Foundation handles personal data in a secure manner and respects the privacy of those involved. The Apps for Care and Science Foundation adheres to the following principles:
Lawfulness, decentness, transparency
Personal data is processed in accordance with the law and in a proper and careful manner.
Basis and goal retention
The Apps for Care and Science Foundation ensures that personal data is only collected and processed for specific, explicitly described and justified purposes. Personal data is only processed with a fair basis.
Data minimization
The Apps for Care and Science Foundation only processes the personal data that are at least necessary for the predetermined purpose. The Apps for Care and Science Foundation strives for minimal data processing. Where possible, less or no personal data is processed.
Retention period
Personal data is not stored any longer than necessary. The retention of personal data may be necessary in order to be able to perform the duties properly or to comply with legal obligations.
Integrity and confidentiality
The Apps for Care and Science Foundation handles personal data with care and treats them confidentially. For example, personal data is only processed by persons with an obligation of confidentiality and for the purpose for which this data was collected. The Apps for Care and Science Foundation ensures appropriate protection of personal data.
Share with third parties
In the case of cooperation with external parties, where data processing of personal data is involved, the Apps for Care and Science Foundation makes agreements about the requirements that data exchange must meet. These agreements comply with the law. The Apps for Care and Science Foundation checks these agreements annually and as often as there is reason to do so.
Subsidiarity
To achieve the purpose for which the personal data are being processed, infringement of the privacy of the data subject is limited as much as possible.
Proportionality
The infringement of the data subject's interests may not be disproportionate in relation to the purpose to be served.
Rights of data subjects
The Apps for Care and Science Foundation honors all rights of those involved.
This privacy policy takes effect after adoption by the management. The policy is evaluated every year and revised if necessary.
Thus adopted by the Board of the Apps for Care and Science Foundation on 29-12-2022,
Dr. J.J.W.M. Janssen, President
2. Privacy Statement Apps for Care and Science Foundation
This privacy statement applies to the use of personal data by the Apps for Care and Science Foundation (hereinafter referred to as “the Foundation”) for referring patients for clinical studies via Trial Tool in the HematologyApp. Please note that patient data itself is not transmitted through the HematologyApp. Only email addresses of potential referring hematologists and of local principal investigators (Pis) is used to connect referring physicians with PIs.
The Foundation treats your personal data with care and wants to explain to you in this statement about the use of your personal data. The Foundation believes it is very important to guarantee the privacy of patients. Privacy is therefore high on the management agenda. We are obliged to handle personal data with care and in a safe, proportionate and confidential manner. One of the legal privacy rules is the obligation to be transparent about how patients' personal data are dealt with. The Foundation does this in the form of this privacy statement.
The following questions are answered in this privacy statement:
1. What does the Foundation do?
2. What is your personal information used for?
3. How long is your personal information stored?
4. What are your rights?
5. How are your personal data protected?
2.1 Who we are
The Foundation has developed an application - the so-called HematologyApp - with the aim of promoting clinical scientific research. This app contains a trial tool that supports hematologists to select a clinical study that meets the treatment needs of their patient who has a hematological disorder. Subsequently, users of the App can contact a local investigator at a hospital where these studies are ongoing. In this way, we expect that the chance of a patient being successfully enrolled in a study will increase. Thereby, studies will run more rapidly, ultimately resulting in quicker access to new treatments for patients, if these new treatments have proven to be more effective than the old ones.
2.2 What is your personal information used for?
The Foundation uses personal data with the aim of promoting clinical scientific research for patients. Health care providers (especially hematologists and those in training for hematologist) can directly contact local principal investigators through the Trial Tool, part of the HematologyApp. A contact request is sent to the local PI who is responsible for the study. Email data of referring doctors is not stored on servers, in the HematologyApp or anywhere else.
No patient data are transferred or stored on servers, in the HematologyApp or anywhere else.
Email addresses of referrers of local PIs will never be sold to third parties.
The Foundation has an incident register in which personal data is recorded. In this incident register events are recorded that have or could result in the interests, integrity or safety of the patients, or the (employees of) the Foundation being or could be at stake, such as phishing and deliberate deception.
Data about your health
The Foundation does not process medical records. Patients may be referred by their doctor for a clinical study OUTSIDE of the HematologyApp. Only contact requests form referring doctors to local PIs are transmitted via the HematologyApp.
The President of the Foundation is a hematologist registered in the Medical Licence Registry of the Netherlands. Employees who work under the doctor's responsibility have a confidentiality obligation derived from the doctor. They have all signed a confidentiality agreement.
2.3 How long is your personal information stored?
No data of referring hematologists are stored in the HematologyApp, on servers or anywhere else. Names ans email addresses of hematologists serving as a local PI are stored for as long as the study is active. Once the study is closed, these names and email addresses are deleted within 30 days.
2.4 What are your rights?
You have the right to inspect, rectify, change data, limit the use of personal data, transferability of your personal data, objection and withdraw your consent. Below is an explanation of what your rights entail.
Insight
You have the right to view the personal data (that is: names and email addresses) that the Foundation has about you and information for which the Foundation has used it. You may also want certain specific information. You can submit a request for this. State which data you want to view in your request.
Data transferability
You have the right to receive your personal data from the Foundation in a structured, current and readable form, if those personal data have been provided to you by the Foundation or on your behalf and have been used by the Foundation through automated procedures.
Rectification
You are entitled to the correction (rectification) of incorrect personal data that relate to you. You also have the right to make incomplete personal data complete, for example by providing an additional statement. State in your request which data must be corrected and why.
Data change
You can ask the Foundation to delete your personal data if you think one of the following applies:
- The Foundation no longer needs your information;
- Your data is used on the basis of your permission, but you withdraw that permission;
- You object as described below against the use of your personal data;
- The Foundation was already obliged by law to delete your data.
State in your request which data you want to have deleted and why you think the Foundation should do this.
Constraint
You have the right to limit the use of your personal data:
• in the period that the Foundation needs to determine whether your data must indeed be corrected;
• if the Foundation should not have used your personal data, but you do not want that data to be deleted;
• in the period that you have objected to the use of your personal data but have not yet received an answer from the Foundation.
If the use of your personal data is restricted, the Foundation needs your permission to still be allowed to use that data. There are a number of exceptions to this. Your personal data may still be used:
• for instituting, exercising or substantiating a legal claim;
• to protect the rights of another person or legal person; or
• for reasons of high public interest for the European Union or a member state of the European Union, such as public health.
State in your request why the Foundation was not allowed to use your personal data. Or add the request for limiting the use of your personal data to a request for rectification or an objection.
If, together with the claim for rectification or your objection, you have also made an appeal to limit the use of your personal data, your personal data will be used less during this period.
Objection
Please state in your objection which data it is and what the reason for your objection is.
Permission
If the Foundation has only used your personal data with your permission, you may revoke this permission at any time. The withdrawal of your permission has no retroactive effect. The withdrawal of your permission therefore has no consequences for actions that have already been carried out.
Please state with your request which permission you wish to withdraw.
If you wish to invoke one of the rights listed below, you can submit a request for this to the data protection officer of the Foundation. You can do this by letter or electronically. We will then inform you within one month what we have done with your request. If your request is very complicated, this period can be extended by a further two months. If the Foundation wants to extend the period, we will let you know within one month of receiving your request.
If you do not agree with the processing of your request, you can submit a complaint about this to the Personal Data Authority (or any other European supervisory authority). You can also submit a petition to the court.
2.5 How are your personal data protected?
The Foundation applies security measures to protect personal data. These measures concern: the organization, the staff, processes, technology, and physical security, and are laid down in the security policy of the Foundation.
The developments within the world of information security are going fast. The foundation uses state-of-the-art secure systems through a Dutch hosting provider that is NEN7510, ISO / IEC27001: 2013 and ISO 9001: 2015 certified. Information is only sent via the Trial Tool on secure connections and only concerns names and email addresses of referring doctors and local PIs.
2.6 How can you contact the Foundation?
If you have any questions, you can contact the Foundation.
Please send an email to: privacy@appsforcareandscience.eu.
This privacy statement may change. You can always find the latest version here. You will find the date of the last change at the bottom of this statement.
If you believe that the Foundation has not dealt with your personal details correctly and you feel the Foundation has not dealt with you complaint appropriately, you have the right to submit a complaint to the Dutch Data Protection Authority (Dutch: Autoriteit Persoonsgegevens, AP).
Hilversum, December 29, 2022