Privacy Policy of the app

Privacy statement Patient Journey App 

Disclaimer

This application contains general information and is intended to supplement the oral information you have received from your specialist or other healthcare professional. This means that the treatment and rehabilitation process are described as they usually occur. The doctor may choose a different procedure that better suits your situation. It is not possible in this application to mention all variants and alternatives. Risks and side effects are also described in general terms. The content of this application can be improved, modified, supplemented, or removed without prior notice.

Copyright

Without prior written permission from the hospital, the user of this application is not allowed to reproduce or make public the information offered in the application. All content and images always remain reserved to the hospital. For use, you must have written permission from the hospital. You can request this by sending an email.

Liability

The maker of this application accepts no liability for any direct or indirect damage that may arise from the use of the application. The use of the application is at the user's risk. No rights can be derived in any way from the content of this application. The maker of this application cannot be held liable for the incorrect functioning of your phone or network. The maker of the application accepts no liability for any consequences of (temporary) unavailability or non-functioning of notifications, provided by a third party. Emailing is at your own risk: data can potentially be seen by third parties.

Privacy Statement

This is the privacy statement of Interactive Studios B.V. (Interactive Studios). Interactive Studios is the processor of the personal data of users of Patient Journey App, as meant in the General Data Protection Regulation (GDPR).

Each privacy statement of the Data Controller takes precedence over this privacy statement. They are responsible for the processing and protection of the personal data of users of Patient Journey App.

A few important definitions for this privacy statement:

• Data Controllers: the clients of Interactive Studios, i.e., the healthcare organizations that offer Patient Journey App to their patients;
• Processor: Interactive Studios, because only personal data of Users in Patient Journey App is processed on behalf of and on the instruction of the Data Controllers and never for their own purposes;
• User(s): the users of Patient Journey App;
• Data Subject(s): the persons to whom the processed personal data relate. Users are also Data Subjects.

Data Protection Officer

Interactive Studios has appointed a Data Protection Officer (DPO), who supervises the compliance with legal and regulatory requirements concerning the processing and protection of personal data by Interactive Studios.

The healthcare organisation through which you use Patient Journey App has appointed its own DPO. If you have questions about the processing of your personal data, we refer you to the Data Controller(s).

Personal Data

The standard version of Patient Journey App collects the following categories of personal data: device ID, treatment, and treatment date(s).

The personal version also contains, if necessary, patient number, name, email address, phone number, and date of birth, and can also process questions, images, and interactions of Users. These personal data can be used by healthcare professionals to send messages about treatment progress. The healthcare professional or Data Controller determines which exact information they wish to process from Data Subject(s) via Patient Journey App. Additionally, this data, upon request of healthcare professionals, can be accessed by employees of Interactive Studios to provide the right support to healthcare professionals and/or patients.

In the portal of the healthcare professional, user statistics, log in details, device data, communication tokens, and other relevant information are processed.

Purpose and Basis

As a Processor, Interactive Studios has no independent basis or own purposes for the processing of your personal data. We process your personal data solely on behalf of and on the instruction of the Data Controllers.

Interactive Studios offers two versions of Patient Journey App:

• The standard version. This version uses an interactive timeline. Push notifications are used to actively inform users of the app about newly available information.
• Patient Journey App Personal. This is a personal version of Patient Journey App where the User logs in with a personal code. This code makes it possible to link information to the Data Subject. This can be answering questions or uploading images.

The content of Patient Journey App, including the personal information of Users, is managed in the portal by healthcare professionals.

Sharing of Information with Third Parties

To make Patient Journey App function optimally, we may collaborate with third parties, both within and outside the European Economic Area (EEA). We enter into agreements with these parties to ensure that they adhere to the same data protection conditions as we do. These conditions are laid down for us in the processor agreement that we conclude with the Data Controllers. If necessary, we take appropriate measures to ensure that your personal data is also adequately protected outside the EEA, as agreed with the Data Controllers.

If you permit Patient Journey App, health data from the Health Kit and the Health app (on iOS) or Google Fit (Android) are shared with healthcare professionals.

Patient Journey App keeps user statistics, so healthcare professionals can optimize the content. These statistics contain information about the number of times the app is opened, whether questions are answered or changed, whether photos are uploaded, whether devices are connected or removed, whether messages are sent, and whether parts of the content are read.

Retention Period

Interactive Studios does not store your personal data longer than allowed by the Data Controller or than legally required. As a Processor, Interactive Studios will not delete data on its own initiative unless Interactive Studios would violate the law by not doing so. Deleting data always happens in consultation with the Data Controller.

Your Rights

As a Data Subject, the GDPR grants you several rights concerning your personal data.

1. Right of access: you have the right to view and, if desired, receive a copy of the personal data that are processed about you.
2. Right to erasure: you have the right to have certain personal data deleted, although this is not always possible for all data.
3. Right to rectification and supplementation: you have the right to make corrections to your personal data.
4. Right to data portability: you have the right to have your personal data transferred to another party.
5. Right to restriction of processing: you have the right to limit the processing of your personal data.
6. Right to object: you have the right to object to the processing of your personal data.
7. Right to lodge a complaint with the supervisory authority: you have the right to file a complaint with the Personal Data Authority if you believe that your personal data are being processed in violation of applicable privacy legislation.

If you wish to exercise any of the rights mentioned above, you can contact the Data Controller. Interactive Studios assists the Data Controller(s) in complying with the legal provisions concerning the rights of the Data Subject(s).

Miscellaneous

It is important to note that this privacy statement does not address the provisions of the GDPR concerning automated decision-making and the protection of personal data of minors, as these provisions are not relevant to the processing of personal data that takes place via Patient Journey App. Moreover, no cookies are placed during the use of Patient Journey App, and there is no data processing based on consent or legitimate interest.

Changes

Interactive Studios reserves the right to occasionally change the privacy statement if necessary due to changes in legislation or other developments.

These changes will be announced to Users of Patient Journey App via push notifications. You can also find the most recent version of the privacy statement in the app. Interactive Studios is not responsible when the function to receive push notifications is not enabled on the device of the User. If you have questions about this privacy statement, you can send an email to support@patientjourneyapp.nl.

This privacy statement was last revised on July 13, 2023.