In aanvulling op artikel ‘Uw privacy’:
Als u een persoonlijk oefenprogramma aanvraagt in de app, dan registreert u zich met uw naam, e-mailadres en geboortedatum. Deze gegevens worden alleen gebruikt om uw persoonlijke oefenprogramma aan te maken. De beveiliging van deze gegevens in de app is van hoog niveau. Physitrack is een app voor zorgaanbieders. Daarom heeft Hifysio, de praktijk waarmee we werken voor Fysiochecknu, inzage in uw gegevens als u zich registreert en een oefenprogramma wilt. Zij zullen nooit medewerkers van ONVZ inzage geven in uw gegevens. Wanneer u uw gegevens wilt laten verwijderen, kunt u dit aanvragen via support@physitrack.nl.
In aanvulling op artikel ‘Onze verantwoordelijkheid voor door u geleden verlies of schade’:
Voor zover toegestaan door de wet, wordt Physitrack's aansprakelijkheid onder enige garantie, voorwaarde of waarborg (met inbegrip van, zonder beperking, enige garantie, voorwaarde of waarborg van verkoopbaarheid, aanvaardbare kwaliteit, geschiktheid voor een bepaald doel, of geschiktheid voor openbaar gemaakt resultaat), of enig ander recht of rechtsmiddel, onder enige wet of geïmpliceerd in deze Servicevoorwaarden door enige wet (wettelijke garanties) is hierbij uitgesloten. Indien Physitrack aansprakelijk is onder enige Wettelijke Garanties, en wettelijke bepalingen in een contract die de toepassing van, of de uitoefening van, of aansprakelijkheid onder dergelijke Wettelijke Garanties uitsluit of wijzigt, wordt Physitrack's aansprakelijkheid voor enige inbreuk op dergelijke Wettelijke Garanties beperkt, naar keuze van Physitrack, tot een of meer van het volgende: - indien de inbreuk betrekking heeft op goederen: de vervanging van de goederen of de levering van gelijkwaardige goederen; de reparatie van dergelijke goederen; de kosten van de vervanging van de goederen of de aankoop van gelijkwaardige goederen; of de kosten van het laten repareren van de goederen; en - indien de inbreuk betrekking heeft op diensten: de herlevering van de diensten of de kosten om de diensten opnieuw te laten leveren.
The GDPR is in place to protect personal information in the ever-increasing digital world that we live in. There are various video summaries available on YouTube to explain how GDPR might affect your practice.
Any company or organisation who handles or processes data about individuals associated with goods or services used within the EU must comply with GDPR.
At Physitrack, the protection of our customers' data, including all client data is paramount. Below, we describe how Physitrack complies with all 7 pillars set out by the GDPR. If you have any questions, please feel free to contact us at support@physitrack.com.
Consent
In obtaining consent for data use, companies cannot use indecipherable terms and conditions filled with legalese. It must be as easy to withdraw consent as to give it.
Physitrack's Terms of Service and Privacy Policy are written in clear English and divided into logical chunks. A practitioner can remove any client at any time, and remove their own account at any time as well.
Breach Notification
In the event of a data breach, data processors have to notify their controllers and customers of any risk within 72 hours.
Physitrack has a communications infrastructure in place which will let us quickly communicate information in the event of a data breach.
Right to Access
Data Subjects have the right to obtain confirmation from the Data Controller of how their personal data is being processed by the Data Controller. On demand, the Data Controller should provide an electronic copy of personal data to Data Subjects at no charge.
At any time, practitioners can download their client information as easy to use spreadsheets. Further, information on how data is being processed is set forth in the Terms of Service and Privacy Policy referenced above.
Right to be forgotten
When data is no longer relevant to its original purpose, Data Subjects can request the Data Controller to erase their personal data and cease its dissemination.
- If you are a healthcare practitioner, you can remove any patient at any time, as well as remove your own Physitrack account.
- If you are a patient, you can request that your healthcare practitioner remove your data from their Physitrack account.
Data Portability
Allow individuals to obtain and reuse their personal data for their own purposes by transferring it across different IT environments.
A practitioner can quickly export all of a client's data for re-use in other applications.
Privacy by Design
Inclusion of data protection from the onset of the system's design, with the implementation of appropriate technical and infrastructural measures.
Physitrack is tested regularly for various security vulnerabilities, both during development, where static analysis algorithms check code before it is checked into our continuous integration pipeline, and on our production systems, where weekly scans are conducted for (among others) OWASP-10 vulnerabilities.
Data Protection Officer (DPO)
Physitrack's DPO can be reached at dpo@physitrack.com
Physitrack is registered with the UK Information Commissioner's Office (ICO) under number ZA396165.
Subprocessors & more information
For more information about how Physitrack processes data, including a list of which data we store and who our subprocessors are, please see our GDPR support section.
If you or your practice are based in the United States, then the US version of our Terms of Service and the US version of our End User Terms apply to you.
If you or your practice are not in the United States, then the outside USA version of our Terms of Service and outside USA version of our End User Terms apply to you.
140 London Wall
London EC2Y 5DN
United Kingdom
We hereby declare that the medical device (Software) specified above meets the provisions of the Council Directive No. 93/42/EEC for Medical Devices and issued under the sole responsibility of Physitrack PLC.
The Software as medical device covered by the present EU declaration is in conformity with the (EU) MDR 2017/745.
All supporting documentation for this EC Declaration of Conformity is retained in the document management system of the manufacturer.
Breht McConville
Chief Compliance Officer
Physitrack PLC