Privacy Policy

The Tired of Cancer App “App” is made available to you by Tired of Cancer B.V. – also referred to as “ToC BV, we, our” –, a company under Dutch law and compliant to European mHealth Guidelines. Established at Lucas Bolwerk 6, 3521EG Utrecht, The Netherlands.

Our founder, Dr. Bram Kuiper, has a mission for the App to help (ex) cancer patients worldwide with their fatigue and related issues. The awareness or research into of Cancer-related Fatigue (“CRF”) is still very little and ToC BV has the aim to do more research into CRF and to offer the necessary tools through an App to better cope with CRF.

ToC BV is of the opinion that the protection of data of its users is of the utmost importance. Your personal data, which concerns all data that can be used to directly or indirectly identify you,  is therefore carefully handled and protected. When processing data, ToC BV observes the Dutch Personal Protection Data Act and other privacy legislation like the General Data Protection Regulation (GDPR), issued by the European Union.

By using the Website, the App, ticking the privacy & terms checkbox and creating an account, you grant unambiguous consent to ToC BV for the registration, processing of your personal information and sensitive health data in accordance with the purposes stated in this Privacy policy.

If you have any questions regarding your data or privacy protection, you can contact us via support@untire.com

Purpose of processing

When you use Untire—including use without an account—Tired of Cancer collects, stores, and uses personal, non-personal data and sensitive health data. We collect this data for the following purposes:

To understand your needs and improve our services

We collect data in order to understand your needs and your use of Untire, to analyze bugs and fix issues, and to bring you the best possible and reliable experience.

To deliver personalized insights into your cancer-related fatigue
The data you track and enter in Untire about your health and activities is considered sensitive personal data. ToC BV only store sensitive personal data with your explicit permission, by giving consent upon the use of the App. 

Consent

If you use Untire, your personal data—including sensitive data and data related to your health—is stored on your device and is also stored and processed on the Untire servers. This is done so we can offer you the option of backing up your data and to enable additional features.

By using Untire, and you tick the consent (terms & privacy) box, you explicitly consent that:

i. ToC BV may store and process personal data you provide through the usage of the Untire app solely for the purpose of providing Untire services to you and to improve Untire’s service features. Such Untire services may include sending you information and reminders through the Untire app or to the email address you provided to Untire. 

ii. Personal data you provide to ToC BV by using Untire includes personal data you enter into the Untire app, such as your account data (e.g. your email address), and depending on the data you provide, health information (e.g. measurements, vase of energy, reflection steps) , etc.

iii. ToC BV will not transmit any of your personal data to third parties, except if it is required to provide the Untire service to you (e.g. technical service providers), unless Untire has asked for your explicit consent. 

iv. ToC BV may use your health information to create anonymized sets of data for research purposes to improve our services.

You may withdraw your consent to this use of your data at any time by deleting your Untire account.

Data collection

Because we like to be transparent we will give you an overview of what information we collect.

Without an account

  • First/Nick- Name
    When you use the app we ask you to fill in your first name (or a nickname). We only use you name for communication purposes only, to make it more personal.
  • Device data
    We collect information about your mobile phone such as the model, name and identifiers, device settings, the application identifier, and crash information.
  • Event and usage data

When you use the app, we process data in order to understand your usage of our App—for example, which screen in the app you open or button you used. We collect this information and use it as aggregate data to better understand which features are the most relevant or useful to our users as whole.

  • Location information
    We store the country and time-zone you life in and , so we can automaticly set the right language for you.
  • Health and sensitive data
    We store health data such as your measurements, vase of energy input, and reflection steps.

 With an account

  • Personal information
    Account credentials; We need some of your personal data, such as your email address (username) and password, in order to create your Untire account.

Email address; to communicate with you about the welcoming opt-in, subscription renewal, and the password reset process. We minimize the number of emails you receive.

All the data we collect with Untire is necessary for ToC BV to deliver the services you use. The amount of informatie we collect has been minimized wherever possible to respect your privacy.

You are the only one who has access to your personal data. ToC BV can view all data, except for all personal information and all health and sensitive text data. We do collect measurements, but anonymously.

 Should you still disagree with the collection and processing of this data, we recommend you stop using Untire, delete your account and uninstall the app.

 Local storage

You can use the App offline, after downloading the specific content. When online again the App will synchronize your data with the server. That means your own input such as journals and measurements as well as the content of the App are stored both locally on your device as on the ToC server.

Sharing

We offer you the option to share information about your progress and other actions with third parties (caregivers, friends, family, etc). The standard functionality for sharing information on your phone allows you to share information through third-party services, such as your social media accounts.

Please note that any Personal Information you provide to be shared and displayed in your publicly-available online profile will be displayed for others to see. We cannot and will not be responsible for what third parties do with any Personal Information that you choose to make publicly available.

Only you have the option to enable sharing. As such, we advise that you exercise great care in determining what information you choose to make publicly available through the Services or on third-party services.

Data Processing

How do we process your data?

  • Your data will be stored on our secure servers; allowing you to retrieve your data using compatible devices you own and to synchronise your data between these devices;
  • Our servers run a day incremental backup and a weekly full backup, allowing us to keep your data safe in case of an unforeseen event in which your data has been lost, deleted, corrupted, etc.
  • Your data will not be sold to third parties; nor will we allow third parties to use your data for their own purposes. However, development, storage, and backup services are outsourced by ToC BV to a third party service provider. In case of scientific research, we will explicitly ask separately informed consent. ToC BV, as the controller, will ensure at all times that the third party service provider will be bound by an appropriate agreement in accordance with applicable data protection law, and ensuring at all times that your data will remain protected in accordance with at least the same standards as under the present privacy policy.
  • Contracted third parties, as processors, get the task of processing the data for agreed purposes only and it is forbidden for them to process data for any other purposes.
  • ToC BV will implement appropriate technical and organizational measures and procedures in such a way that ensures the protection of your rights, and always in accordance with applicable data protection law.
  • In case of a security breach leading to the accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to, your personal data, ToC BV will inform you of the breach without undue delay, including a summary description of the potential impact and a recommendation on measures to mitigate the possible adverse effects of the breach.
  • We will automatically delete your account and personal data after a year of not using the App. You will receive 1 month prior to the deletion a request to take action (to preserve your account) or not (so we delete your account).

Security

We do our very best to protect ToC BV and the App from unauthorized access, disclosure or destruction of data held by us. We do this through the following protective measures:

  • All personal information is stored in a separate, extra secure, server that is accessible by you as a user only. So we can assure a very high level of privacy for your personal data.
  • Your data is transferred from your device to our server using HTTPS and TLS for encryption. This means that all information that is sent remains confidential and is not legible by third parties.
  • Our web development provider is in compliance with ISO 27001. The ISO 27001 standard sets specific requirements for the security measures and prescribes how safety risks should be assessed and dealt with.
  • Our hosting provider is in compliance with ISO 27001, ISO 9001, NEN 7510 and has prepared ISAE 3402 type I and II reports. All standards have the aim to secure your data.

 Your rights

You are the owner of your own data. Always.

  • You can always review and modify your Name and E-mail address by using the App settings. It is not possible to modify your Login, due to technical complications. The only option is to delete your Personal Data (see hereunder).
  • You can always review and alter you Journal entries by using the App notes.
  • You may delete your personal data at any time by using the in-App function “Forget me”. After consent, we will delete all personal data. After deletion, you can remove the app from your device.
  • You can download your personal data from the App at any time, so you are in control of your own data. You could reuse it somewhere else.
  • If you have any questions, complaints, objections, regarding your rights and personal data please contact us at support@untire.com.

Your responsibility

Keeping your data safe is not just a sole task for ToC BV. Security is a matter of all involved parties, and that includes you. It is in your own best interest to ensure that your information is processed in a safe, responsible and legitimate manner, so keep the following in mind:

  • Keep your phone secured with a screenlock and password;
  • Make sure your devices and software are always up to date;
  • About your password: the more complex, the better. And of course, make it unique;
  • Think carefully about with whom and where you share your personal data.
  • If you backup your device using a third party service, like iCloud, be aware that you will transfer all personal data stored on your device to the third party. If that’s the case, ToC BV refers to the third party’s privacy policy and we encourage you to review it to keep your information safe.

Data Protection officer

Name:              A. Aukes Msc.

E-mail:             security@tiredofcancerapp.com

Address:           Lucasbolwerk 6, 3512EG Utrecht

The Netherlands

 

End Note

We reserve the right to amend this Privacy Policy from time to time to reflect changes in the law, our data collection and data use practices, the features of ToC BV services or advances in technology. Such amendments shall become effective two weeks after a new version of the App has been published. Changes to the privacy policy will be available on this page and if the changes are significant, ToC BV will provide a more noticeable notice.

Your data

What we collect

We may collect, store and use personally identifiable data that you may voluntarily submit to us by making use of one of our Services, including your: name and email address.

We may also collect, store and use certain information that you to provide to us through using the contact form or via email, including, but not limited to, questions, remarks, feedback, etc.

We may collect certain anonymous data automatically, including, but not limited to, your browser and OS fingerprint, language, location data, and information about the way you use the Website, including the sections the Website you viewed or used, and how long you spent on a particular section.

Our use of your data

Our primary goals in collecting information is to provide and improve our Website and to enable you to enjoy and easily navigate our Website.

We process personal data for the following purposes:

  • To respond to comments and questions and provide customer service.

For more information about our Services see hereunder at Services.

Note: ToC BV does not make decisions on the basis of automated processing (algorithms) that could have adverse consequences for you.

Services

Contact form & E-mail

A contact form is available on our website. If you wish to make use of this, ToC BV will ask you to provide the following personal details:

  • Name;
  • E-mail address;

Tired of Cancer processes your personal data for the purpose of dealing with a question, complaint or other communication you have submitted to us. For this reason, it is also compulsory to fill in personal data. The legal basis of this processing is that this data processing is necessary for the representation of the legitimate interest of ToC BV and of you. This interest consists concretely of the interest of ToC BV and of you to be able to deal with questions, complaints or other types of communication at your request. These personal data will be kept for as long as is necessary for the complete answering and handling of the question, complaint or other communication sent with the contact form is necessary. After that, the personal data will be deleted.

We use Microsoft365 for all email communication. See also their privacy policy for more information: https://www.microsoft.com/online/legal/v2/?docid=18&langid=en-UK

Third party services

Google Analytics

We have a processors agreement with Google. The data we collect in Google Analytics is anonymized and encrypted. The so-called ‘sharing of data’ with Google is not allowed. Finally, we do not use Analytics cookies in combination with other Google services.

See also the privacy policy of Google to get more information, and specificly about Google Analytics: http://www.google.com/intl/en/policies/privacy/

Social buttons

We use buttons to promote or share our pages, blogs, etc on Facebook, Twitter, Google+ or LinkedIn. These buttons are created by these social media platforms themselves and make use of a cookie. The cookies could have multiple functions, like it remembers that your are logged in on a specific social media platform so you won’t have to login when sharing.

In order to get insight of what these social media platform do with your personal data, please read the privacy statements of Facebook, Twitter, Google+ and LinkedIn carefully.

Embedded Content

On our Website we use embedded content that is hosted by Vimeo.

Vimeo make use of cookies and could collect personal information. In order to get insight in how Vimeo handles your personal data, please read the privacy statement of Vimeo: https://vimeo.com/privacy

Cookies

On our Website we use Cookies. Cookies are small textfiles which are saved on your computer/device by your browser. Cookies can be “persistent” or “session” cookies. Persistent cookies remain on your personal computer or mobile device when you go offline, while session cookies are deleted as soon as you close your web browser.

We use Cookies to properly run our Webiste but also to gain anonymous insight in how you use our Website and how we could improve it (by using Google Analytics). The “tracking cookies” , that are placed for analytis or advertisements, are third party cookies. These cookies are not set by ourselfs, but by third party services like YouTube and Facebook.

You don’t want to make use of cookies? You can easily turn them off by using your browser. For more information on how to do so, see https://cookiesandyou.com.

Data processing & Security

How do we process and secure your data? In short:

  • Your data will be stored in secure, sometimes Third-Party, applications;
  • You personal data will not be given, sold, rented, loaned or otherwise disclosed to any third party, unless: you have authorized us to do so; we are legally required to do so, for example, in response to a subpoena, court order or other legal process; it is necessary to do so in order to protect and defend the rights or property of this web site.
  • We also may share aggregate, non-personal information about web site usage with unaffiliated third parties. This aggregate information does not contain any personal information about you.
  • Some services are outsourced by ToC BV to a third party service providers. ToC BV, as the controller, will ensure at all times that the third party service provider will be bound by an appropriate agreement in accordance with applicable data protection law, and ensuring at all times that your data will remain protected.
  • Contracted third parties, also called processors, get the task of processing your data for agreed purposes only and it is forbidden to process data for any other purposes.
  • ToC BV will implement appropriate technical and organisational measures and procedures in such a way that ensures the protection of your rights, and always in accordance with applicable data protection law.
  • The personal data provided by you will be sent to us in encrypted form via an HTTPS connection. DKIM and SPF are Internet standards that we use to prevent you from receiving e-mails on our behalf that contain viruses, are spam or are intended to obtain personal (login) data. As a result, it is possible that a secure connection will be established with your receiving e-mail servers (if they support this).
  • In case of a security breach leading to the accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to, your personal data, ToC BV will inform you of the breach without undue delay, including a summary description of the potential impact and a recommendation on measures to mitigate the possible adverse effects of the breach.

Your rights

You are the owner of your own data. Always.

Storage of data

Personal data may not be kept for longer than is necessary. The retention period depends on the purpose for which we have received or collected the data and on any legal obligations to retain the data. If you have any questions, please contact privacy@untire.me.

Access, correct or delete

You have the right to access, correct or delete your personal data. In addition, you have the right to withdraw your consent for the data processing or to object to the processing of your personal data by ToC BV and you have the right to data transferability. This means that you can submit a request to us to send you the personal data that we have collected.

You can send a request for access, correction, deletion, data transfer of your personal data or for the withdrawal of your consent or objection to the processing of your personal data to privacy@untire.me.

In order to be sure that the request for inspection has been made by you, we ask you to send us a copy of your identity document with the request. In this copy, please blacken your passport photo, MRZ (machine readable zone, the strip with numbers at the bottom of the passport), passport number and Social Security number to protect your privacy. We will respond to your request as soon as possible, but no later than four weeks.

Complaints

We would like to draw your attention to the fact that you have the opportunity to lodge a complaint with the national supervisory authority, the Personal Data Authority.

Questions

If you have any questions, complaints, objections, regarding your rights and personal data please contact us at privacy@untire.me.

End Note

We reserves the right to amend this Privacy Policy from time to time to reflect changes in the law, our data collection and data use practices, the features of ToC BV services or advances in technology. Changes to the privacy policy will be available on this page and if the changes are significant, ToC BV will provide a more noticeable notice.