Privacy Policy for “FacileVitals App” by TeleMedware

TeleMedware S.r.l. provisions “FacileVitals App” (hereafter named “App”) as a tool aimed to the use of its mobile Telemedicine services, reserved to registered user. As responsible for personal data treatment TeleMedware S.r.l. provides the information regarding the processing of your data in connection with the use of the App.

This information is provided in accordance to articles 13 and 14 of the European Regulation for the protection of personal data 679/2016 (GDPR) and refers only to the methods of processing data collected through the App and not to any additional services or websites to which the user should access to interact with TeleMedware S.r.l The App is designed, developed and distributed by TeleMedware S.r.l. based in Piazzetta Schiatti 8 - Ferrara (www.telemedware.com).

DATA PROCESSED AND PURPOSE OF THE TREATMENT

The personal data processed by the App are those of regularly registered users and the purpose is to collect data for monitoring the user ‘s vital parameters , necessary for the specific purposes of the Service provided by TeleMedware S.r.l.

Data acquisition is carried out either through a Bluetooth wireless connection (for medical devices) or manually data input by the user. The vital parameters acquired by the App are the following: Temperature, Blood Pressure, Heart Rate, Oxygen Saturation, Blood Sugar, Weight, 1 Lead Electrocardiogram.

The data acquired through the App are treated in compliance with the GDPR, the Provisions of the Guarantor Authority for the protection of personal data with respect to the confidentiality obligations which TeleMedware S.r.l is subject to.; the data may also be processed by third parties named “Responsible” by TeleMedware S.r.l. for:

fulfillment of the obligations established by laws, regulations and community legislation, or provisions issued by Authorities legitimated by the law and by Supervisory and Control Bodies. The provision of personal data necessary for these purposes is mandatory and the related processing does not require the consent of the user concerned;

purposes strictly related to the App download and activation (for example, the acquisition of information on the model of the phone, the operational system used, the telephone number, etc., necessary for the activation of the App itself).

In order to allow the App download and exclusively for reasons related to the use of the Service, the users must agree to make accessible some resources of their mobile device to the App itself, such as:

• Bluetooth: for acquisition of vital parameters from medical devices
• Camera and microphone: to grant audio-videocommunication between the user and Telemedicine staff
• Image Gallery: to allow photo sharing among users
• Position (Network + GPS): for determination of position while acquiring vital parameters during autonomous movement of the user
• Network (internet): to connect with the Data Center of TeleMedware S.r.l.
• Information about the device and the Operational System installed: to allow a personalized experience based on the type of device in which the App is installed (e.g. different views based on the video resolution of the device)

TeleMedware S.r.l. may also collect anonymous information related to the download and use of the App for the sole purpose of collecting statistics on the number of users who have downloaded or who are active users of the App. TeleMedware S.r.l. does not use the data collected by the App for user profiling, to offer products and services other than those specifically provided by the App or for other commercial purposes. Therefore the use of any type of cookies is not foreseen. Be informed however, that third parties IT systems and software requested for the correct functioning of the App (e.g. Apple Store, Google Play) can acquire data referring to the user , whose transmission is implicit in the use of internet communication protocols, smartphones and used devices. TeleMedware S.r.l. is not involved in these treatments, carried out in autonomous and exclusive way by the respective Data Controllers, nor can it be considered responsible. Therefore, we invite you to consult in advance the privacy policies published on the aforementioned platforms.

OPTIONAL OR MANDATORY DATA SUPPLY

The provision of user’s data is optional but necessary for the provision of the service. The refusal to provide the data does not allow the provision of the service and the use of the App.

METHOD OF TREATMENT

Personal data are processed using manual and IT tools at TeleMedware S.r.l. facilities or to other appointed persons as Data Processors; data are treated only for aforementioned purposes, kept for the time necessary to achieve the purposes for which they were collected and by adopting specific security measures aimed at preventing data loss, illicit or incorrect use and unauthorized access. No personal data acquired through the App can be disseminated to unauthorized third parties.

PLACE OF TREATMENT

The data collected by the App are processed both at the headquarters of the Data Controller and at the Data Center of the Web Hosting Provider which:

- is the authorized external manager for data processing

- is located in the European Economic Area, acting in accordance with the European Data Protection Regulation no. 679/2016 (GDPR).

SECURITY PROCESSES

User data is preserved in a lawful and correct manner, adopting the appropriate security measures to prevent unauthorized access, disclosure, modification or unauthorized destruction of personal information. TeleMedware S.r.l. undertakes to protect the security of personal data during transmission, making use of encrypted software. Processing is carried out using IT and informatics tools, with organization methods and logics strictly related to the purposes indicated above.

USER RIGHTS

In accordance to the European Regulation 679/2016 (GDPR) and national regulations, the user of the App may, in the manner and within the limits established by the current legislation, apply to the following rights:

• request confirmation of the existence of personal data (right of access);
• to know the data origin;
• receive intelligible communication;
• to have information about the logic, the methods and the purposes of the processing;
• request the updating, rectification, integration, cancellation, transformation into anonymous form, blocking of data processed in violation of the law, including those no longer necessary for the pursuit of the purposes for which they were collected;
• exercise the limitation right and / or opposition to the processing of concerned data ;
• exercise the right of revocation;
• exercise the right for data portability;
• in case of consent-based processing, receive the data provided to the holder, in a structured and readable form by a data processor and in a format commonly used by an electronic device;
• exercise the right to claim with the Control Authority.

The requests must in any case be directed to the Data Controller.