Privacy Policy

Privacy Policy

Effective Date: 09-02-2022

The Untire® app is a registered medical device which helps cancer patients and cancer survivors improve cancer-related fatigue (ICD10 code R53.83 Fatigue) and associated quality of life.

The Untire® app (Untire) is brought to you by Tired of Cancer B.V. (ToC BV, we, us). ToC BV in the sense of the General Data Protection Regulation (GDPR) is a controller.

In this Privacy Policy, we explain what personal data we collect from you and how we use it when you use the Untire app. We also explain why we process this data, the so-called legal grounds for processing, what interest we have and what rights you subsequently have.

We attach great importance to the protection of your data. That is why your personal and sensitive health information is carefully handled and protected. We are certified for our high standard of Information Security (ISO 27001).

By using Untire, and by agreeing to the terms of use and privacy policy, you unequivocally authorize ToC BV to record and process your personal information and sensitive health data in accordance with the purposes stated in this Privacy Policy.

If you have any questions about your data or the protection of your privacy, please contact us at support@untire.com.

Purpose of processing

When you use Untire, ToC BV collects, stores and uses personal, non-personal and sensitive health data (hereinafter: data). We collect this data for the following purposes:

– to provide our services in accordance with our user agreement (EULA)

– for communication purposes

– for contractual purposes

– for quality purposes and statistics

– to improve our services

– to scientifically evaluate our services

What is the basis for processing your personal data?

ToC BV will only process your data if this is permitted on the basis of one of the bases in the GDPR. We rely on the following bases:

– Consent – Art. 6 § 1 lit. a GDPR

– Contract – Art. 6 § 1 lit. b GDPR

– Legal obligations – Art. 6 § 1 lit. c GDPR

– Our legitimate interest – Art. 6 § 1 lit. f GDPR

Consent

By using Untire, and you check the boxes in the Terms of Use and Privacy Policy, you are giving your unequivocal consent to:

  1. The processing of your data, that you provide through the use of the Untire app, for the purpose of providing our service to you. Personal data that you provide to ToC BV through the use of Untire includes personal data that you enter in the Untire app itself, such as your name and account details, and depending on the data you provide, health information – including measurements, vase of energy, reflection steps, etc.
  2. Processing your personal data to ensure the technical functionality, user-friendliness and further development of the Untire app on an ongoing basis.

iii. ToC BV may use your health information to create depersonalised sets of data for internal research purposes in order to improve our services.

If you do not agree with the collection and processing of your data, we encourage you to withdraw your consent by stopping using Untire, deleting your account in the app and uninstalling Untire. When deleting your account all your personal data will be deleted.

Optional consent

For some services you can give optional consent. This consent can be withdrawn at any time via the app settings.

Data collection

Because we want to be transparent, we give you an overview of the information we collect.

Personal data collection at downloading

Certain information is processed automatically when you download Untire from the App or Playstore, including your:

  • Username
  • E-mail address
  • Customer number of your account
  • The time of download
  • Individual device identification number

The processing of this data takes place exclusively via the respective app or play store, whereby Apple or Google are responsible for the processing in this case. This processing is therefore beyond our control.

Data when using Untire

All data that we collect with Untire is necessary for ToC BV to be able to offer the services you use (with the exception of optional consent). The amount of data we collect is minimized as much as possible to protect your privacy. You are the only one who has access to your personal data.

 

  • Account
    • account details; We need some of your personal information, such as your email address (username), password and PIN code, to create your Untire account.
    • e-mail address; Your email address will also be used to communicate with you through your account. For example, a welcome email or a password change.
  • Personal Information
    • Name; we will ask you for your first name or a pseudonym so that we can use it for communication purposes to personalize Untire.
  • Device information

We collect information about your mobile phone, namely model, name and identifiers, device settings, application identifier and crash information.

  • Event and usage data

When you use Untire, we process data to understand how you use our app, for example, which page in Untire you open or which button you have used. We collect this information and use it as aggregated data to better understand which features are most relevant or useful to our users overall.

  • Location and language information

We use the regional settings of your chosen app or Playstore in combination with your phone’s country and language settings to determine your location and language settings. We use the location for country-specific requirements, for example, legal framework conditions and requirements.

  • Health and sensitive data
    • Health data app; we store health data, including your measurements, your energy input and your reflection steps.

Optional services

For a number of components, you can give permission without obligation. You can always withdraw this permission via the app settings.

  • E-mail

We occasionally send e-mails to remind, motivate and inform you to (continue to) use Untire.

  • Push notifications

We occasionally send push notifications to remind, motivate, inform you to (continue to) use Untire.

  • Service improvement

We collect additional data in order to further improve our services. For this specific data we request additional consent. All of this data will be processed anonymously:

  • Age; we will ask you about your age to improve Untire.
  • Gender; we ask about your gender to improve Untire.
  • Cancer diagnosis; we will ask you if you have been diagnosed with cancer to understand your use of Untire and improve the product.
  • Type of cancer; we’ll ask you what type of cancer you’ve been diagnosed with to understand how Untire is used and to improve the product.

Local storage

You can use the App offline, after downloading the specific content. When online again the App will synchronize your data with the server. That means your own input such as journals and measurements as well as the content of the App are stored both locally on your device as on the ToC server.

Sharing

It is not possible to share the data from the app with third parties. Untire does NOT automatically share data with third parties, except when you as a user explicitly give permission for this in specific situations.

Data Processing

How do we process your data?

  • Your data will be stored on our secure servers; allowing you to retrieve your data using compatible devices you own and to synchronise your data between these devices.
  • Our servers run a day incremental backup and a weekly full backup, allowing us to keep your data safe in case of an unforeseen event in which your data has been lost, deleted, corrupted, etc.
  • Your data will not be sold to or shared with third parties; nor will we allow third parties to use your data for their own purposes. However, development, storage, and backup services are outsourced by ToC BV to a third party service provider. In case of scientific research, we will explicitly ask separately informed consent. ToC BV, as the controller, will ensure at all times that the third party service provider will be bound by an appropriate agreement in accordance with applicable data protection law, and ensuring at all times that your data will remain protected in accordance with at least the same standards as under the present privacy policy.
  • Contracted third parties, as processors, get the task of processing the data for agreed purposes only and it is forbidden for them to process data for any other purposes.
  • ToC BV will implement appropriate technical and organizational measures and procedures in such a way that ensures the protection of your rights, and always in accordance with applicable data protection law.
  • In case of a security breach leading to the accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to, your personal data, ToC BV will inform you of the breach without undue delay, including a summary description of the potential impact and a recommendation on measures to mitigate the possible adverse effects of the breach.
  • We will automatically delete your account (when available) and personal data after a year of not using the App. You will receive, 1 month prior to the deletion, a request to take action (to preserve your account) or not (so we delete your account).

Security

We do our very best to protect ToC BV and the App from unauthorized access, disclosure or destruction of data held by us. We do this through the following protective measures:

  • All personal information is stored in a separate, extra secure server that is accessible by you as a user only. In this way, we can assure a very high level of privacy for your personal data.
  • Data on your device is secured by encryption, only if you have created an account.
  • Your data is transferred from your device to our server using HTTPS and TLS for encryption. This means that all information that is sent remains confidential and is not legible by third parties.
  • Our web development provider is in compliance with ISO 27001. The ISO 27001 standard sets specific requirements for the security measures and prescribes how safety risks should be assessed and dealt with.
  • Our hosting provider is in compliance with ISO 27001, ISO 9001, NEN 7510 and has prepared ISAE 3402 type I and II reports. All standards have the aim to secure your data.

Your rights

You are the owner of your own data. Always.

Right to rectification

You can always review and modify your Name and E-mail address by using the App settings. It is not possible to modify your Login, due to technical complications. The only option is to delete your Personal Data (see hereunder).

You can always review and modify your entries such as your measurements, goals, the vase and (diary) notes through the Untire app. You can only change your measurements, goals and the vase once every 7 days. This is because it is part of the therapeutic programme.

Right to be forgotten

You may delete your personal data at any time by using the in-App function “Forget me”.  After consent, we will delete all personal data. After deletion, you can remove the app from your device.

Right of access and data portability

You can download your personal data from the App at any time, so you are in control of your own data. You could reuse it somewhere else.

We offer the possibility to download your data as readable format in PDF and as machine-readable format in .CSV and through so called FHIR profiles.

Right to restriction of data processing

If you are of the opinion that your data is possibly incorrect, the processing is unlawful, we no longer need your data or you wish to object, please send us an e-mail to support@untire.me.

Right to a human perspective on decisions

Untire does not use automated decision-making and profiling.

Right to object (but also questions, feedback or complaints)

If you have any feedback, questions, complaints or objections regarding your rights and personal data, please contact us at support@untire.com.

Your responsibility

Keeping your data safe is not just the sole task of ToC BV. Security is a matter of all involved parties, and that includes you. It is in your own best interest to ensure that your information is processed in a safe, responsible and legitimate manner, so keep the following in mind:

  • Keep your phone secured with a screenlock and password.
  • Secure Untire by creating an account and make use of a PIN-code or fingerprint authentication to login easily and securely.
  • Make sure your devices and software are always up to date.
  • About your password: the more complex, the better. And of course, make it unique.
  • If you backup your device using a third party service, like iCloud, be aware that you will transfer all personal data stored on your device to the third party. If that’s the case, ToC BV refers to the third party’s privacy policy and we encourage you to review it to keep your information safe.
  • The Untire app is only for adults aged 18 and above. The use of Untire by a child (18-) can be reported via support@untire.me.

Contact information

Tired of Cancer BV
Koningin Wilhelminalaan 5
3527 LA Utrecht
The Netherlands

Info@tiredofcancerapp.com

 

Privacy officer

Name:
A. Aukes Msc.

E-Mail:
support@untire.me

Address:
Koningin Wilhelminalaan 5
3527 LA Utrecht
The Netherlands

End Note

We reserve the right to amend this Privacy Policy from time to time to reflect changes in the law, our data collection and data use practices, the features of ToC BV services or advances in technology. Such amendments shall become effective two weeks after a new version of the App has been published. Changes to the privacy policy will be available on this page and if the changes are significant, ToC BV will provide a more noticeable notice and ask for consent again.