top of page

PRIVACY POLICY OF THE DEEP DIGITAL EVIDENCE ECOSYSTEM & PROTOCOLS PLATFORM

Last Updated: Jan 2024
 

1. PURPOSE
1.1 At DEEP, we’re committed to your privacy. We know that earning your trust is utmost important to us when you use our Services.
1.2 Our digital evidence ecosystem & protocols platform (“Platform”) provides a catalogue of digital measures and measurement solutions, and a collaborative framework for faster development of digital measures and measurement solutions improving regulatory decision- making of measurement solutions.
1.3 This privacy policy applies to the collection, use, and disclosure of personal data when you use our Platform and services.
 

2. WHAT INFORMATION DO WE COLLECT?
2.1 We collect following personal data when you use our Platform or interact with Us:
(a) basic information, such as name, and contact details (email address);
(b) service-related information, e.g. user IDs, authentication credentials as well as data generated in connection with service provision e.g., login information, and how services are used;
(c) your communication and interactions with us, such as correspondence, and service requests; and
2.2 We may collect and use for any purpose aggregated metadata of the Platform, where individual person is not identified from e.g., statistical data collected in connection with the use of our Platform.
2.3 We do not collect any health or patient data (data collected from patients in a clinical trial).
 

3. PURPOSE AND LEGAL BASIS FOR PROCESSING OF PERSONAL DATA
3.1 We collect and process your personal data for the purposes of providing our Platform to you and fulfilling our contractual obligations.
3.2 The legal basis for processing your personal data may vary depending on the specific purposes for which we are processing your data but may include our legitimate interests for performance of the contract, or compliance with legal obligations.
(a) Keeping Our Platform running - Providing services to you and ensuring the functioning and maintenance of the Platform;
(b) Verifying your identity for the purposes of signing into the Platform;
(c) Managing your user account in the Platform; and
(d) User Support, corresponding with users, solving issues, and providing support;
 

4. DATA SHARING AND DISCLOSURES OF PERSONAL DATA
4.1 We may share your personal data with third-party service providers who assist us in providing our services. We may also disclose your personal data to comply with legal obligations or to protect our legal interests.
 

5. TRANSFER OF PERSONAL DATA OUTSIDE OF THE EU OR EEA
5.1 DEEP does not transfer the Personal Data outside of the European Union (EU) / European Economic Area (EEA) without a prior written consent, and DEEP uses data centers located within the EU / EEA. Some of the sub-processors of DEEP may be established or may have access to the Personal Data outside of the EU/EEA e.g., in cases where the Customer has initiated support ticket and customer support of the cloud service provider may have access to the Personal Data within the support ticket.
5.2 If Personal Data is transferred to the country outside of the EU/EEA that is not recognized by the European Commission as providing an adequate level of  protection for Personal Data, DEEP shall

(i) comply with chapter v of the GDPR;

(ii) use transfer tools (such as standard contractual clauses for controller-processor transfers) adopted by the European Commission;

(iii) take necessary steps to provide appropriate safeguards for international data transfers;

(iv) to the extent necessary implement supplementary measures for protection of Personal Data as required by applicable laws; and

(v) where necessary ensure that the party responsible for the transfer of Personal Data have conducted the transfer impact assessment if needed.
 

6. RETENTION OF PERSONAL DATA
6.1 We will retain your personal data only for as long as necessary to provide services to you during the performance of the pilot agreement, and the platform usage agreement, and as required by law (After that, we will securely dispose of your personal data.
 

7. YOUR RIGHTS
7.1 You have certain rights regarding your personal data:
7.2 Right to Access: You have the right to access your personal data that we hold.
7.3 Right to Rectify Personal Data: You have the right to request that we correct any inaccurate or incomplete personal data that we hold.
7.4 The Right to Object to the Processing: You have the right to object to the processing of your personal data for certain purposes.
7.5 The Right to Data Portability: You have the right to receive your personal data in a structured, commonly used, and machine-readable format.
7.6 The Right to Be Forgotten: You have the right to request that we erase your personal data under certain circumstances.
7.7 The Right to Restriction of the Processing: You have the right to request that we restrict the processing of your personal data under certain circumstances.
7.8 The Right to Give and Withdraw Your Consent: You have the right to give or withdraw your consent for the processing of your personal data.
 

8. DATA SECURITY
8.1 We take appropriate technical and organizational measures to protect your personal data from unauthorized access, disclosure, or other misuse. These measures include physical, electronic, and procedural safeguards that comply with applicable legal requirements.
8.2 Our Platform is running in Azure cloud. Azure provides various security measures and controls to help protect members data, including network security, identity and access management, encryption, and monitoring.
8.3 To ensure information security and data protection for the Platform, access control mechanisms are implemented to restrict access to data to authorized personnel only. Data is encrypted both in transit and at rest, and secure protocols are used.
8.4 Although our good faith efforts to store your data in a secure operating environment that is not available to the public, please remember that unfortunately no data transmission or storage is 100% risk free. You provide your personal data at your own risk, and we cannot guarantee the absolute security of your data. In the unfortunate case of a security breach that endangers your privacy or data we will inform you as well as the relevant authorities, as required by law. We may also temporarily shut down services to protect the personal data.
 

9. CHANGES TO THE PRIVACY POLICY
9.1 We may update this privacy policy from time to time. We will notify you of any significant changes by posting a notice on our website or by sending you an email.
 

10. CONTACT US
10.1 If you have any questions or concerns about this privacy policy or our use of your personal data, please contact us at [qonm_pilot@deepmeasures.health]

bottom of page