The following Privacy Policy describes the ways in which BioAssist S.A. collects, maintains and uses simple and sensitive personal data that it receives from the users of the "HeartAround" service (from now on referred to as "the service"), which is available through the heartaround.com website (from now on referred to as "the website").
By registering and using the service you automatically consent to the collection, maintenance and use of your data as described in this Privacy Policy. Any amendment to the Privacy Policy will be communicated to the registered users via the service. The continuation of the use of the service results in the automatic acceptance of the new policy.
For the subscription to the service and the creation of an account in the information system, all the users are required to enter their personal and contact information, such as name and surname, telephone number, email and home address, along with demographic information, such as age, gender and area.
The Members of the service (premium subscribers) are also asked to enter payment data as well as their SSN, based on which data from service providers of primary health care services (if any) are collected for their medical records (including, without limitation, outcomes of outpatient examinations and medical findings) and are, then, automatically and continuously updated.
For doctors’ registration in the service, their VAT number is required and it can be used to certify their professional status.
For each user, information collected from the administration and personalization of their account is maintained as long as they use the service, including, without limitation, their account settings, personal photo and contact list (of individuals from their familiar environment who are subscribed to the service).
In addition, the content that each user uploads is stored and may include, without limitation, reminders and photographs which can possibly contain personal information of the user or other people.
For the members of the service, a history of the service’s usage is maintained, including information on the users’ communication with the helpdesk of the service. Moreover, apart from the medical data gathered by the cooperating partners, medical records registered by the users themselves or other users - authorized by the former - (e.g. their doctor) are stored in the members' accounts and include, without limitation, test results, allergies, medications, reminders and biosignal measurements.
For security purposes, all the users’ data concerning the ones regarding the usage of the service, are also collected automatically and include, without limitation, the time period that the user is connected to the service, contact information among users (such as time and duration of calls) and records of changes of their medical records.
While browsing the site, data is automatically collected and may include, among others, the user's IP address, the browser type, the operating system, the country, the page of the website previously visited, pages of the website they visited and duration of their browsing, and other statistical information, either for a visitor or a registered user of the service.
In addition, session cookies are used to connect users and enable certain features of the service. The session cookies are automatically deleted after logging off and closing the browser.
The personal and medical data collected and maintained for each user, are used exclusively for the provision of the service and for matters regarding the service, the communication and the updating of the users about the services of BioAssist S.A. and are accessible by the company's staff and partners in the above context.
In case that a user invites another person to register in the service, they will need to enter the person's email address, so that it can be used to send automatically an electronic registration invitation. This e-mail address is stored for this purpose only and the owner can contact the service and request its deletion from the database.
Anonymous data collected from the users are used to improve the quality and value of the service. In addition, these data can be combined with personal ones and can be used to provide a better user experience, either for all the users, after statistical processing, or per user individually, for personalization, according to their preferences.
When a user invites another person to subscribe to the service as their contact or sends a request to another user to be added as contact, they automatically give that person access to their personal data, including contact information and uploaded material (photos/videos). Likewise, by accepting the request by the other user, they are provided with access to their corresponding data.
In addition, the members of the service (premium subscribers) may authorize doctors registered to the service, to have access to their personal and medical data held by the service, with limited ability to add new information or process it.
Users reserve the right to revoke the above authorizations whenever they wish.
BioAssist S.A. has the possibility to transfer anonymous data and log data that collects to other individuals for purposes such as statistical analysis of demographic characteristics. The data shared in this context do not include any personal or user identification information.
BioAssist S.A. has the possibility to provide other individual service providers with partial or full support of its services, provision of the service on its behalf, and support services that are related to the service's website and information system (including, with no restriction, services of maintenance, database management, processing of payments, web data analysis, and improvement of the application’s features). These partners have access to the data of the users of the service exclusively for the execution of the aforementioned tasks, on behalf of BioAssist S.A., and are obliged not to reveal or use these data for any other purpose.
BioAssist S.A. may disclose personal data to users of the service in case that the law requires so, under court order or request by the state or a regulatory authority and exclusively by those authorities.
BioAssist S.A. does not trade, share, communicate, transmit or distribute in any way the personal and medical data of users of the service, with the exception of the ones provided herein and as defined by the applicable law.
BioAssist S.A. takes natural, technical and procedural measures to secure the personal and medical data of the users of the service and to protect them from loss, misuse, unauthorized access, disclosure, distortion or destruction. However, no security system or data transmission system via the internet can be 100% secure and BioAssist S.A. cannot guarantee the absolute security of the data it maintains.
Each user is solely responsible for any action taking place through their account and must preserve their login information (username and password) and inform BioAssist S.A. in case that there is a suspicion of interception or violation of the data.
All users have the ability to update and delete their own personal data and the content they upload on their account on their own.
Users of the service may deactivate their account whenever they wish, upon request. In this case, their personal data cease being available unless they have been copied by other users (such as their attending doctor) according to the rights the users have granted to their doctors through their account. In addition, an archived copy of their data may be kept if required by law or for legitimate business purposes.
BioAssist S.A. maintains the users’ data as long as long as their account remains active and for as long as it is necessary for the provision of the service to the specific user. The company may maintain and use the data provided by a user through the service, if necessary for the company’s compliance with its legal obligations, arrangement of any dispute and implementation of its agreements.
The service's website may include links to other websites that are not controlled by BioAssist S.A. but by other entities (physical or legal entities) and to whom this policy is not applicable. Under no circumstances is BioAssist S.A. responsible for the terms of the protection of visitors' personal data whom these entities follow.
The website and the service are not intended for minors. BioAssist S.A. does not collect and store knowingly the personal data of minors. If a parent or guardian realizes that his child has given, through the website or the service, personal data without their consent, they must contact the company. BioAssist S.A. complies with the legislation on the protection of minors.
The collection and processing of the personal data of users of the service is subject to the terms of the present document and to the regulations of the national, European and international law and in particular to the provisions of the law 2472/1997 regarding the protection of individuals from the processing of personal data, as the case may be.