Datacubed Health
PRIVACY POLICY
Your Privacy Rights

Effective Date: 1 Februrary 2019

 

Introduction

Your privacy matters to us at Datacubed Health.  This Privacy Policy (Policy) explains how we may collect, use and share personal information.  It applies to our website, services, information, tools, functionality, updates and similar materials (collectively Services).  If you have questions about the Policy, please feel free to contact us at legal@datacubed.com.  You have several rights concerning your information.  Please read the Policy carefully to understand what we do and what your rights are.

 

Who we are

We are Data Cubed, LLC d/b/a Datacubed Health.  We can be reached at legal@datacubed.com.

Datacubed Health is a pioneering technology company making better science and healthier communities a reality.  We apply individualized solutions for the capture of data, including smartphone apps, wearable, in-home, and environmental sensors, for remote engagement with patients and for virtual clinical studies.  References to “we,” “us” and “our” mean Datacubed Health.  References to “third-party” mean someone who is not you or us.

 

Who you are

In the Policy, you means you as a:

  • Client – an employee or a representative of a business that uses Datacubed Health
  • Client Participant – an individual solicited by a business who participates in a study conducted by Datacubed Health on behalf of the business
  • Datacubed Health Participant – an individual who participates in a study conducted by Datacubed Health on its own behalf

 

What legal basis we have for processing personal information

We process your personal information based on:

  • Consent you provide. You have the right to withdraw your consent at any time.
  • Performance of your contract with use or to enter into a contract with you or to take action on your requests.

 

What personal information we collect

As a Client Participant or a Datacubed Health Participant, we may collect the following information:

 

  • Name
  • Address
  • Email address
  • Username
  • Information from your activities on the Services
  • Location
  • Phone device information
  • Bluetooth device information
  • Phone contacts
  • IP addresses
  • Social media metadata

 

As a Client, we may collect the following information:

  • Name
  • Business address
  • Business phone number
  • Business email address
  • Any messages you send us
  • Billing information
  • Other details necessary to provide our services to you

 

How we may use personal information

We use the information we collect from you as a Client Participant or a Datacubed Health Participant to provide the Services to you.  We may also use this information to help us develop and improve our Services, fulfill your request, send materials to you, inform you about our offers and those of others, tailor our Services to meet your interests and for other purposes permitted by law.

We use the information we collect from Clients to answer your inquiries and to provide the Services to you.

 

How we may share personal information

We may share personal information with third-parties for general business purposes.

We may share personal information with our business associates, consultants, service providers, advisors and affiliates on a confidential basis in order for them to provide services to us, to you, and to enable us to provide the Services.  For example, our host and internet service provider may have access to this information.

We may share personal information to the extent we believe it necessary to comply with the law, such as in response to a subpoena or court order, to defend a legal claim or establish or protect our legal rights or otherwise as permitted by applicable law.  We may disclose personal information in our possession in the event we believe it necessary or appropriate to prevent criminal activity, personal injury, property damage or bodily harm.

We may transfer your information to a successor in interest, which may include but may not be limited to a third-party in the event of an acquisition, sale, asset sale, merger or bankruptcy.  The policies applicable to your information thereafter may be determined by the transferee, unless otherwise prohibited by law.

 

Where we store and process personal information

We store the information we collect from you on servers provided by Amazon Web Services in the United States and Europe.  For testing and analysis purposes, the information we collect from you may also be stored on desktop and laptop computers used by our employees in the United States.  The information we collect from you in the EU may be transferred from and kept outside the EU because our operations and some of our servers are located in the United States.   We rely on the EU-U.S. Privacy Shield in order to transfer your information to the U.S. from the EU.

 

How long we may keep your personal information

We may keep your information for as long as we have to by law.  If there is no contradictory legal requirement, we will only keep it for as long as we need it to perform the Services.  We may also keep your information for a reasonable period of time.  Where U.S. law applies, and where required by U.S. law, we retain covered protected health information for 7.5 years or as otherwise required or permitted by law.

 

Your rights regarding your information

You have the right:

  • To know if we are collecting, using or sharing your information and to request access to this information
  • To request that we correct your information if it is inaccurate or incomplete
  • To ask us to erase your information if
    • Your information is no longer necessary for the purposes for which it was collected, used or shared
    • You withdraw the consent on which the collection, use or sharing is based
    • You object to the collection, use or sharing and there is no overriding legitimate interest for continuing the collection, use or sharing
    • You object to the collection, use or sharing of your information for direct marketing purposes
    • Your information was unlawfully collected, used or shared
    • Your information has to be erased in order to comply with a legal obligation
    • Your information was collected in order to offer online services to children
  • To obtain from us a restriction on the collection, use or sharing of your information if
    • You contest the accuracy of your information
    • You have objected to the collection, use or sharing based on legitimate interest and we are considering whether our or a third-party’s legitimate interest ground overrides your interest
    • The collection, use or sharing is unlawful, and you oppose erasure and request that use be restricted instead
    • We no longer need your information, but you require your information to establish, exercise or defend a legal claim
  • To be able to take with you the information you provided to us and to transmit that information to another organization where our collection, use or sharing of that information is carried out by automated means and is based on your consent or the performance of a contract
  • To object to collection, use or sharing based on the purposes of legitimate interest or performance of a legal task, direct marketing and scientific/historical research and statistics
  • Not to be subject to a decision based solely on automated processing (including profiling) which produces legal effects concerning you or similarly significantly affects you
  • To lodge a complaint with a supervisory authority

 

How you exercise your rights

You may access, correct or delete your account information or cancel your account at any time by emailing us at legal@datacubed.com.  Please note that in some cases we may retain certain information about you as required by law.

REV ME1 29557458V.2