We believe that sharing experiences with one another may improve understanding in health and treatments and helps to form a better support network for Users. Since this may include you sharing sensitive information about your health, we also believe it is important to be transparent about our privacy policies.
YOUR CONSENT – PLEASE READ CAREFULLY
WHAT INFORMATION MAY WE COLLECT FROM OUR USERS?
We may collect different types of data and information from our Users:
The first type of information is non-identifiable and anonymous information (“Non-personal Information”). We are not aware of the identity of the User from which we have collected the Non-Personal Information. Non-Personal Information is any unconcealed information which is available to us while Users are using the Service. Non-personal Information which is being gathered consists of technical information and behavioral information (e.g the browser type and version, device type).
The second type of information is individually identifiable information (“Personal Information”). This information may identify an individual or may be of a private and/or sensitive nature. Personal Information which is being gathered consists of any personal details provided consciously and voluntarily by the User. The Personal Information is collected from the details the Users provide when Users wish to contact us or register as a member to the Service, which requires Users to complete a comprehensive registration survey containing the personal and medical details of the patient, as more fully described in our TOU. Types of Personal Information that Users may submit include, among others: age group, gender, location, demographic and geographic information.
For avoidance of doubt, any Non-Personal Information connected or linked to any Personal Information shall be deemed as Personal Information as long as such connection or linkage exists.
Personal and Non-personal Information which is being gathered in connection with your use of the Service may consist of the following:
Technical Information. The User may automatically provide us with certain technical Non-personal Information and aggregated usage information, such as the User's mobile device brand and model, operating system type and version, browser information, language, screen resolution, geolocation, altitude, which Third Party Services’ applications are installed on the User’s device and User’s uses thereof through the Service, the User's manual configurations, 'click-stream', session recordings, interactions and activities on the Service, the period of time the User used the Service and related timestamps, crash and error logs, etc.
HOW DO WE COLLECT INFORMATION ON OUR USERS?
There are two main methods we use:
Use of the Services. We collect Non-Personal and Personal Information when you register with, access or use the Service. In other words, we are aware of your usage of the Service and may gather, collect and record the information relating to such usage. We also collect Non-Personal and Personal Information derived from information we receive from third party services and providers we work with.
Voluntarily Provided. We may collect Personal Information which you voluntarily provide to us when you use the Service. We may also collect information provided via your social network account(s) in the event that you voluntarily choose to share it with us (like Facebook), through , your use of the mobile application, and may also collect Non-Personal Information through the processing, analysis and anonymization of Personal Information provided by you.
WHAT IS THE LEGAL BASIS FOR USE?
With your consent: We ask for your agreement to process your information for specific purposes and you have the right to withdraw your consent at any time. When Performing our services under the TOU: We collect and process your Personal Information in order to provide you with the Service, following your acceptance of these Terms; and to maintain our Service to you.
WHAT ARE THE PURPOSES OF THE COLLECTION OF INFORMATION?
We may use information that we collect about you for the following purposes:
To provide, operate and improve our Service to you such as through features such as data analytics and manage our business;
To develop new services and features for our Users;
To find and analyze the correlations between different groups of patients and treatments;
To personalize our service to you by generating insights for our Users and connecting patients with similar conditions so that they may share their treatment histories and experiences, ensuring a better User experience;
To send you updates, notices, notifications, announcements, and additional information related to the Service;
To be able to manage your account and provide you with customer support;
To display or send to you marketing and advertising material and general and personalized content and advertisements via the Service, email, postal mail, telephone and/or mobile devices;
To develop, display, and track content and advertising tailored to your interests on our Service and other sites, including providing our advertisements to you when you visit other sites;
To create cumulative statistical data and other cumulative information and/or other conclusive information that is non-personal, in which we and/or our business partners might make use of in order to operate and improve our Service and provide related services;
To perform market research using deidentified and/or aggregated data.
To perform and provide scientific and medical research, and improve treatment options for patients, using deidentified and/or aggregated data. With your consent, we may share your information with our Partners in the industry, government and/or academia for research purposes, as more fully described below.
To perform functions or services as otherwise described to you at the time of collection;
To prevent, detect, mitigate, and investigate fraud, security breaches or other potentially prohibited or illegal activities;
To comply with any applicable rule or regulation and/or respond to or defend against legal proceedings brought against us or our affiliates.
SHARING INFORMATION WITH THIRD PARTIES
Third Party Services: We are partnering with a number of selected service providers, whose services and solutions complement, facilitate and enhance our own. These include hosting, database and server co-location services (e.g. Amazon (AWS)), data analytics services (Google Analytics), session replay records for analytic purposes such as crashes, functionality and usability (e.g. FullStory) and our business, legal and financial advisors (collectively, “Third Party Service Providers”).
Such Third-Party Service Providers may receive or otherwise have access to your Personal Information, depending on each of their particular roles and purposes in facilitating and enhancing the Service, and may only use your Personal Information for such purposes. Such disclosure or access is strictly subject to the recipient's or user's undertaking of confidentiality obligations, and the prevention of any independent right to use this data except as required to help us provide the Service
Our Partners. We will not share your personal information without your explicit consent, with our valued partners, including but not limited to those in the medical, pharmaceutical and biotechnology industries, academic institutions, and government agencies and regulatory bodies, including regulatory bodies such as the American CDC and FDA, or other national and international bodies, as applicable and as necessary. We may share only de-identified and/or aggregated information with Partners, in order to conduct scientific, and/or medical research, as part of our Service. When disclosing information to our Partners or otherwise selling user information for scientific or market research purposes, we make sure to anonymize and/or remove all Personal Information or other personally-identifying indicators in the data (de-identification) to minimize the possibility of accidental member identification.
Law enforcement, legal proceedings, and as authorized by law: We may disclose or otherwise allow access to Personal Information pursuant to a legal requirement or request, such as a subpoena, search warrant or court order, or in compliance with applicable laws and regulations. Such disclosure or access may occur with or without notice to you, if we have a good faith belief that we are legally required to do so, or that disclosure is appropriate in connection with efforts to investigate, prevent, or take action regarding actual or suspected illegal activity, fraud, or other wrongdoing.
Protecting Rights and Safety: We may share your Personal Information with others, with or without notice to you, in cases of emergency or if we believe in good faith that this will help protect the rights, property or personal safety of our Company, any of our Users, or any members of the general public.
For the removal of doubt, we may share your Personal Information in additional manners, pursuant to your explicit approval, or if we are legally obligated to do so. Additionally, we may transfer, share or otherwise use non-personal information in our sole discretion and without the need for further approval.
WHERE DO WE STORE USER’S PERSONAL INFORMATION?
Information regarding the Users will be maintained, processed and stored by us and our authorized affiliates and service providers in the United States, and as necessary, in a secure cloud storage, provided by our Third-Party Service Providers.
You hereby accept the place of storage and the transfer of information as described above.
USING COOKIES AND OTHER TRACKING TECHNOLOGIES
We may use certain monitoring and tracking technologies (such as “cookies” or “pixel tags”) to understand how Users use our Service, including ones offered by Third Party Service Providers. These technologies are used in order to maintain, provide and improve our Website, App and/or Service on an ongoing basis, and in order to provide a better experience to our Users. For example, these technologies enable us to: (i) keep track of and “remember” our Users’ preferences and authenticated sessions, (ii) secure our Website and/or App by detecting abnormal behaviors, (iii) identify technical issues and improve the overall performance of our Website and/or App, (iv) and create and monitor analytics.
To use the Service, you must be over the age of sixteen (16). SideFacts does not knowingly collect Personal Information from children under the age of sixteen (16) and does not wish to do so. We reserve the right to request proof of age at any stage so that we can verify that minors under the age of sixteen (16) are not using the Service. In the event that it comes to our attention that a person under the age of sixteen (16) is using the Service, we may prohibit and block such User from using the Service and will make all efforts to promptly delete any Personal Information with respect to such User. You warrant that you are the parent or legal guardian and have the actual authority and legal right to upload, submit, disclose or otherwise share the Non-Personal Information and/or Personal Information and/or any other form of sensitive information, of a minor child under your care. You may withdraw this consent at any time. Additionally, you may request erasure of the Personal Information.
COMPLIANCE WITH USA PRIVACY REGULATIONS
SideFacts is not a Covered Entity or Business Associate of any Covered Entity. Accordingly, any Health Information you provide voluntarily is not protected by the Health Insurance Portability and Accountability Act of 1996, and regulations promulgated there-under, including the Standards for Security and Privacy of Individually Identifiable Health Information at 45 Code of Federal Regulations Parts 160 through 164 (“Privacy and Security Regulations”), as amended from time to time, in addition to the Health Information Technology for Economic and Clinical Health Act, enacted as part of the American Recovery and Reinvestment Act of 2009, Public Law 111-005. Moreover, this Site and App is not a Medical Device, and thereby is not regulated by the Federal Food, Drug & Cosmetic Act.
We take great care in implementing and maintaining the security of the Service and our Users’ Personal Information. We employ industry standard procedures and policies to ensure the safety of our Users’ Personal Information, reduce the risks stemming from loss of information and prevent unauthorized use of any such information. However, we do not and cannot guarantee that unauthorized access will never occur and reiterate that no measure can provide absolute information security.
We retain the Personal Information we collect only for as long as your registered user account exists in our system and as needed in order to provide you with our services and to comply with applicable laws and regulations.
If you withdraw your consent to us processing your Personal Information, we will delete your Personal Information from our systems (except to the extent such data in whole or in part is required to comply with any applicable rule or regulation and/or to respond to or defend against legal proceedings brought against us or our affiliates).
UPDATING, OBTAINING A COPY OF, OR DELETING YOUR PERSONAL INFORMATION
If the law applicable to you grants you such rights, you may ask to access, correct, or delete your Personal Information that is stored in our systems. You may also ask for our confirmation as to whether or not we process your Personal Information. Under certain circumstances, you may have the right to restrict processing and/or object to the processing of your Personal Information. Subject to the limitations in law, you may request that we update, correct, or delete inaccurate or outdated information. You may also request that we suspend the use of any Personal Information whose accuracy you contest while we verify the status of that data. Subject to the limitations in law, you may also be entitled to obtain the Personal Information you directly provided us (excluding Information we obtained from other sources) in a structured, commonly used, and machine-readable format and may have the right to transmit such Information to another party.
If you wish to exercise any of these rights, contact us with an explicit request at: [email protected]
When handling these requests, we may ask for additional information to confirm your identity and your request. Please note, upon request to delete your Personal Information, we may retain such Information in whole or in part to comply with any applicable rule or regulation and/or to respond to or defend against legal proceedings brought against us or our affiliates.
To find out whether these rights apply to you and for any other privacy-related matters, you can contact your local Information protection authority if you have concerns regarding your rights under local law.
SideFacts are the data controllers of the Personal Information collected in connection with the use of SideFacts’s services.
To exercise the rights regarding data protection, or revoke the consents given, the User may write to the email address [email protected]
indicating "Data Protection" as a reference.
The User may file a complaint with their national data protection authority if the User has a concern about our privacy practices, including the way we handle personal information. In addition, the User can contact our Data Protection Officer by writing to [email protected]
HAVE ANY QUESTIONS
and we will make an effort to reply within a reasonable timeframe.