Politique de confidentialité - Soignants

RESILIENCE takes the protection of Patients' Personal Data very seriously and shall process the information it collects about you in a secure and responsible way, in compliance with the General Data Protection Regulation (GDPR).
‍
The GDPR is in line with French law No. 78-17 of January 6th, 1978 ("Data Protection law") and has been applicable since May 25th, 2018. The GDPR regulates the use of Personal Data by public and private organisations, including RESILIENCE.
‍
This Privacy Policy is part of the GTUs and its purpose is to provide you with clear and transparent information on how we collect and use your Personal Data as a Data Controller.
Les termes commençant par une majuscule sont définis dans nos Conditions Générales d’Utilisation ainsi que dans la partie « Définitions » de chaque article de la présente Politique.

Terms starting with a capital letter are defined in our General Terms of Use as well as in the "Definitions" section of each article in this Policy.

RESILIENCE (or "We") refers to the company RESILIENCE, a simplified joint-stock company with a capital of 18.849,72 euros, registered with the Paris Trade and Companies Register under number 893 834 713 and whose registered office is located at 6, rue d'Armaillé - 75017 Paris (France), which is marketing the Resilience Solution.

The Resilience Solution is designed to complement the IT tools used by Healthcare Professionals and/or Establishments with remote monitoring and support functionalities for Patients with cancer, thanks to the two following key functionalities:

• Support, via the Resilience.care application.
• Remote monitoring, via the Resilience PRO module.

The Application  refers to the Resilience Care mobile application developed by RESILIENCE and accessible as part of the Resilience Solution. This tool is designed to support Patients by providing personalised content and wellness programmes. 

Resilience PRO is a Class IIa medical device, remote monitoring module, manufactured by BETTERISE. Resilience PRO is a regulated health product certified as "medical monitoring and clinical decision-making support software in the field of Oncology" and bears, under this regulation, the CE 0459 marking.

Personal Data are information that can be used to identify you. They specifically include your surname, first name, and your professional speciality.

This Privacy Policy describes how your Personal Data are collected and used by RESILIENCE in its capacity as Data Controller.
‍
RESILIENCE can also work as your Subcontractor or the Subcontractor of your home Healthcare Establishment to provide a solution to help support Patients with cancer. Please contact them for more information.
‍
If our Resilience Solution is specifically used for a clinical trial, the Data Controller will be the Sponsor of the trial.

The Partner Healthcare Establishment (or  "Establishment") refers to any healthcare establishment involved in your care as a Patient and having concluded or not a contract with RESILIENCE, one of its affiliates or one of its distributors, in aim of providing the Resilience Solution to Patients.
‍
A Data Controller determines the purposes and means of personal data processing, i.e. the purpose of the processing and how to implement it.
‍
The Patient refers to any natural person cared for by a Healthcare Professional having access to and using the Resilience Solution. The Patient is considered by default as a non-healthcare professional.

A Subcontractor processes data on behalf of another organisation ("the Data Controller"), as part of a service.

The Resilience Solution is designed to complement your IT tools and/or those used by Establishments with remote monitoring and support functionalities for Patients with cancer, thanks to the two following key functionalities:

• Support, via the Resilience Care App;
  

• Remote monitoring, via the Resilience PRO telemonitoring module, a Class IIa medical device manufactured by RESILIENCE MD, for telemonitoring prescribed by a healthcare professional to patients, without replacing medical care.
  

RESILIENCE MD, a simplified joint-stock company with a capital of 6,315.00 euros, registered with the Bayonne Trade and Companies Register under number 791 307 309, with its headquarters located at 24, Avenue Victor Hugo – 64200 Biarritz, is the manufacturer of the Resilience PRO telemonitoring module.
‍
The Healthcare Professional refers to you as a caregiver practicing within your Establishment or outside the latter and participating in the medical care of the Patient.

RESILIENCE and its subsidiary RESILIENCE MD (manufacturer of the Resilience PRO module) collect and use Personal Data as Data Controller for the following purposes and based on the following legal grounds:

• Creation and administrative and technical management of your Caregiver User account (based on the contract concluded between your Establishment and RESILIENCE for using our Solution).
  
• Management of user support and your claims (contract).
  
• Technical support management (contract).
• Ensuring the operation and continuous improvement of the Services and our Solution (legitimate interest of RESILIENCE).
• Analyze your use of our Solution (legitimate interest of RESILIENCE);
• Research in relation to the Health Data Warehouse for the purposes authorised by the French National Commission for Data Protection and Liberties (CNIL) (legitimate interest of RESILIENCE).  
• Detection and resolution of technical incidents (legitimate interest of RESILIENCE).
• Management of incidents and materiovigilance (legal obligation).
• Post-marketing clinical monitoring (legal obligation).
• Post-marketing monitoring (legal obligation).
• Billing (legal obligation).

By using our Resilience Solution, you send us a certain amount of information about yourself, some of which are likely to identify you:

• Your identification data: to create your Account and to allow us to contact you again (for example if you send us a question). This includes, for example, your surname, first name, identification number, e-mail address, phone number. 
  
• Your professional information: such as your profession, your speciality, your home Healthcare Establishment.  
  
• Your login details: all information you need to access your Account, such as your password and other information necessary for authentication and accessing your Account).

We may need to share your Personal Data with the following recipients:

• Our subsidiary RESILIENCE MD, , which is the manufacturer of the Resilience PRO module and needs your information to ensure remote monitoring of your Patients or to meet its materiovigilance obligations.
  
• Our service providers: we use various service providers, for example, to provide technological or logistical services, and support management. Our service providers must comply with our requirements regarding the confidentiality and security of Personal Data. They are not authorised to use Personal Data. They are listed on our website.
  
• Your medical team: we can send your Data to other members of the medical team as part of your Patient's monitoring.
  

Your Personal Data, collected when you use the Resilience Solution, are hosted by certified HDS (Health Data Hosting Provider) hosts in France. For the Resilience PRO remote monitoring module, the Data are stored by Ecritel.
‍
RESILIENCE may also use service providers located outside the European Union. Should data be transferred to a third-party country whose legislation has not been recognised as offering an adequate level of protection for Personal Data, RESILIENCE will implement appropriate guarantees, such as standard contractual clauses.
‍
All of our service providers and the appropriate guarantees implemented by RESILIENCE are listed on our website.

Your Personal Data are kept for the period during which you are registered and use our Solution, subject to compliance with the applicable legal provisions.
‍
If you do not log in or use our services for a period of 12 months your Data will be archived on an intermediate basis for a period of 24 months. The account will then be archived for a period of 10 years to comply with our regulatory obligations before being permanently deleted.
‍
Then, unless you instruct us otherwise, we will delete your Data, or we will irreversibly anonymise your Data in order to use it for scientific research purposes.

The anonymisation process used by RESILIENCE MD will no longer allow any identification of your Personal Data, either directly or indirectly.

When the decision to archive is taken, Patients are informed by a pop-up notification when their account is opened, by text message/e-mail sent using the contact details provided when they subscribed to our Solution.

If you would like more information about the reason your Account was closed, or if you would like to recover your Personal Data, please contact us at the following address: privacy@resilience.care.

As a Data Controller, RESILIENCE performs scientific research to improve the care and quality of life of cancer patients. In this respect, RESILIENCE set up a Health Data Warehouse, authorised by the French National Commission for Information Technology and Civil Liberties (Commission Nationale de l'Informatique et des Libertés - CNIL) on April 21st, 2022.
‍
With your consent, your pseudonymised Personal Data (i.e. without your surname, first name or any other directly identifying information), including data collected when you use Resilience PRO, may be stored and used by RESILIENCE in a database for scientific research purposes and as part of the development of our decision-making and medical care support tool.
‍
Your Data will be kept in this database for 15 years after being collected.
‍
If you refuse, this will not affect how you use the Resilience Solution.
‍
‍You can exercise your rights, and in particular object to your Personal Data being collected and re-used, by contacting our Data Protection Officer at the following address: privacy@resilience.care or by post by writing to RESILIENCE (for the attention of the DPO), 6 rue d'Armaillé - 75017 Paris (France).

To access the list of research programmes, studies and assessments or obtain more information about our warehouse, you can consult our Transparency portal.

Definition

The Health Data Warehouse ("Resilience Data Warehouse") is a database intended to be used by RESILIENCE specifically for research, studies or assessments in the field of health. RESILIENCE has been authorised by deliberation No. 2022-049 of April 21st, 2022.

RESILIENCE shall protect your Personal Data against any loss, destruction, alteration, unauthorised access or disclosure.
‍
RESILIENCE shall therefore implement appropriate technical and organisational measures to preserve the security and confidentiality of your Personal Data such as the following:

A "cookie" or connection tracker is a string of information containing your browsing data, which are stored by your web browser for a specific period of time.
‍
RESILIENCE is required to use internal trackers. These trackers are used to track your activity within the Resilience Solution, to measure the number of visitors (measure performance, detect navigation problems, optimise technical performance or ergonomics, assess the power of the necessary servers, and analyse the content being consulted).  
‍
However, these trackers are only used internally and are not shared outside RESILIENCE or for advertising purposes. 

Your Personal Data belongs to you, and as such, you have a number of rights.
In accordance with applicable laws and regulations relating to the protection of personal data, you have the right:

• Of access: you have the right to know what Personal Data we have about you, to consult them and to obtain a copy (find out more).  
• Of rectification: if you notice an error, you can ask us at any time to correct the incorrect information or to complete your information (find out more).
• Of deletion: under certain conditions, you can ask us to delete your Personal Data. Please note that we may retain certain information about you when we are required to do so by current laws and regulations or when we have a legitimate reason to do so (find out more).
• De limitation : sous certaines conditions, vous pouvez nous demander de limiter l’utilisation que nous faisons de vos Données Personnelles, par exemple pendant la durée nécessaire à l’examen d’une demande de rectification (en savoir plus).