Privacy statement mynexuzhealth
This Privacy Policy explains how we use your personal data that we collect and process, when you use nexuzhealth’s mynexuzhealth app, as well as the purposes for which it will be used.
Nexuzhealth nv, a company incorporated under Belgian law, having its registered office in Hasselt, enterprise number 0667 753 542, is the controller. Nexuzhealth nv is a joint venture between Cegeka Health Care nv and UZ Leuven.
Nexuzhealth has appointed a data protection officer to ensure that your personal data are processed in the appropriate manner. You can contact our DPO by sending an email to gdpr@nexuzhealth.com.
Nexuzhealth as processor
Nexuzhealth is a supplier of software to healthcare institutions for managing Electronic Patient Records (EPD). This EPD is one centrally managed record across all nexuzhealth healthcare institutions.
Nexuzhealth itself does not manage personal data of patients, but merely works as a processor on behalf of healthcare institutions. If you have any questions concerning the following data that you, as a user, share with the nexuzhealth healthcare institutions via the mynexuzhealth app or concerning the data in your electronic patient record, please contact the nexuzhealth healthcare institution(s) that you are connected to, for this purpose:
- E-mail address: for correspondence
- Phone number: for correspondence
- Address details: for correspondence
- Media files (photo, video, pdf, etc.): as an attachment to a message or for addition to the medical record (your permission will be requested to enable the uploading of media files from your internal storage)
- GPS location and/or Wi-Fi network information: used only during the registration procedure to verify that the user is on the campus of a nexuzhealth healthcare institution
- Camera and audio recordings made via your device: to scan a QR code when using certain activation methods or adding photos or videos
- Calendar: to add appointments to the user’s personal calendar (without reading the user’s private appointments)
- Other data (for example, when you complete a hospital questionnaire as part of a consultation via the app)
This privacy policy is only concerned with your data that is processed by nexuzhealth itself, as the controller, in order to ensure proper functioning of the mynexuzhealth app.
You are not obliged to provide this data to nexuzhealth, but a refusal may prevent the app from working, or working properly.
What information does nexuzhealth collect about you?
We collect the following information about your device:
- Operating system version
- Software versions
- Battery level
- Signal strength
- Available storage space
- Crash reports
- Signaalsterkte
- Beschikbare opslagruimte
- Crashrapporten
Why does nexuzhealth collect your personal data?
This data is used purely to improve the stability of the application.
Your data will not be used for automatic decision-making or profiling.
On what basis does nexuzhealth use this information about you?
Nexuzhealth collects and processes your personal data on the basis of legitimate interest. The processing is required in order to ensure the proper functioning of the application, with nexuzhealth collecting only the minimum amount of data.
When your permission is requested, for example to enable the uploading of media files from your internal storage, this happens on behalf of the healthcare facilities.
How long does nexuzhealth retain your personal data?
Nexuzhealth will not store your data for longer than is necessary for the purposes for which we need this information about you. The data will be deleted after a maximum of 14 months.
Who has access to your data?
Nexuzhealth employees and employees of our processors will process your personal data for the purposes described above.
How does nexuzhealth secure your personal data?
Whenever nexuzhealth processes your personal data, we take steps to ensure that it is treated in a secure manner. Nexuzhealth has put in place reasonable physical, organisational and technical measures to help protect your personal data from unauthorised access, disclosure or use.
Where does nexuzhealth store and process your personal data?
Your personal data may be processed by service providers with data centres located outside the EU.
We conclude an agreement with these processors based on a model approved by the European Commission that ensures the same level of protection as set out in the European data protection legislation. Furthermore, we examine the impact of these transmissions on your rights, and take measures to ensure that your data enjoys a similar level of protection as it would within the EU.
You may request more information concerning these transmissions by sending an email to gdpr@nexuzhealth.com.
What are your rights and how can you exercise them?
You have a number of options that allow you to retain control over the use of your personal data, depending on the type of processing activity and the legal basis for the same.
When exercising these rights, you should bear in mind that in case you object to certain processing operations or revoke your consent to various processing operations of your personal data, you may no longer be informed of or be able to use the activities or services offered.
- Right of access – You have access to the personal data that we process, and the right to inspect this data. If you wish, we will provide you with a copy of the same free of charge.
- Right to rectification – You have the right to request the erasure or rectification of incorrect, incomplete, inappropriate or outdated personal data.
- Right to object to certain processing – If your personal data are processed on legitimate grounds, you have the right to object to the processing of your data for reasons relating to your specific situation.
- Right to erasure – You have the right to obtain the erasure of your personal data. Thus, if you wish to terminate your relationship with us, you may request us to stop using your personal data.
- Right to portability of your data – As regards personal data processed on the basis of your consent or because of their necessity for the provision of the requested products or services, you may under certain conditions request us to transmit the personal data that you have communicated to us directly to a third party or to yourself.
These rights are relative. For example, nexuzhealth may not be able to delete your data because we are bound by a legal retention period.
You may exercise your rights by sending an email to gdpr@nexuzhealth.com.
Complaints
If you believe that nexuzhealth is processing your personal data unlawfully or incorrectly, please do not hesitate to contact us using the contact details provided below. In any case, you always have the right to lodge a complaint with the authority responsible for data protection in your country in case you believe that your data has not been processed correctly by nexuzhealth.
For Belgium, this is the Data Protection Authority (DPA): https://www.gegevensbeschermingsautoriteit.be/.
Changes to this Privacy Policy
Nexuzhealth reserves the right to make changes to this Privacy Policy. This Privacy Policy was last amended on 4/10/2022.
How can you contact us?
If you have any questions concerning the processing of your personal data or concerning this Privacy Policy, or wish to send us a request to exercise your rights, please contact nexuzhealth at the following address:
Nexuzhealth nv
Kempische Steenweg 307 (Corda 3)
B – 3500 Hasselt
