Last modified on November 7, 2018
With the advent of the General Data Protection Regulation (GDPR) on 25 May 2018, there is a requirement to keep individuals informed about how the data on our servers is collected, stored, processed and generally protected. This Privacy Notice serves to inform our clients, contacts and contractors (“Contacts”).
A complementary notice will be released to inform specifically the individual beneficiaries of our products, services or technologies (“Patients”) in the purpose to collect their Free consent to GESPODO for the collection, treatment and archive of their Personal Data (including eventual Medical records).
Who we are
We are GESPODO SPRL, a company limited by guarantee (company number BE0657989996). Our registered office and postal address is rue du village 54B – 7850 Enghien – Belgium.
Our Privacy Commitment
This policy answers the following questions:
- What this privacy notice is for
- What information do we collect about you and how do we use it?
- Will we share your personal information with third parties?
- What choices do you have about the collection and use of your personal information?
- What security measures do we take to safeguard your personal information?
What this privacy notice is for
This policy is intended to provide information about how GESPODO will use (or "process") personal data about its Contacts and their Patients. This information is provided because Data Protection Law gives individuals rights to understand how their data is used. Contacts are all encouraged to read this Privacy Notice and understand GESPODO SPRL obligations. Anyone who works on behalf of the GESPODO SPRL such as employees and service providers should also be aware of and comply with this Privacy Notice.
Given the nature of our work, you can be assured that we give protection of privacy and confidentiality the highest consideration.
Why GESPODO SPRL needs to process personal data
Personal information means information that can be used to identify and contact you.
You do not need to submit personal information to access the Service generally. However, you may be required to submit personal information to access certain aspects of the Service. When purchasing services through the Service, you will also be required to provide a credit card number, billing address, phone number or other payment information. No information of this type will be collected unless you have registered for aspects of the Service that require it.
Uses of personal data will be made in accordance with the company’s legitimate interests, or the legitimate interests of another (licensors or licensees), provided that these are not outweighed by the impact on individuals, and provided it does not involve special or sensitive types of data.
The company expects that the following uses will fall within that category of its “legitimate interests”:
- General correspondence (by post, telephone or email);
- Administration of workshops, coaching sessions and other training vehicles (including administration of the finance surrounding these operations);
- Publication of regular updates, reminders and marketing materials;
- Interactions with Contacts via the GESPODO’s Services;
- Feedback collection for GESPODO’s Services beneficiaries and/or patients.
Types of personal data processed by GESPODO SPRL
- Contact’s identity data which may include your first name, maiden name, last name, title, gender and date of birth. This may also include photographs and film featuring your image.
- Contact’s contact data which may include addresses (postal and email) and telephone numbers.
- Contact’s transaction data which may include details about payments between us and other details of bookings made by you or your employer and any notes collected during courses or coaching sessions pertinent to your practice development.
- Contact’s technical data which may include IP addresses, browser type and version, browser location, operating system and platform and other technology on the devices you use to access the Services.
- Contact’s Usage data which may include information about how you use our website, application products and services
- Contact’s Marketing and Communication data which may include your preferences in receiving marketing communications and your communication preferences.
- Patient’s data which are collected following each patient’s free consent, for the purpose of supporting the developments from GESPODO or its licensees or licensors around the design and production of patient’s podiatric (orthotics, prosthetics, footcare) products, services or technologies. Patient data collected may include first name, maiden name, last name, gender and date of birth. It may include Patients and prescriptors contact details (email or mobile phone numbers). It may include Patient’s physical conditions (Height, weight,…) , sport activity and intensity, medical conditions records (pathology, medical observations) and records on the therapeutical choices made by the Contacts with regards to the individual condition of the Patient. This may also include photographs and film featuring your image. Finally it may include Patient’s feedback on the usage of the product/services sold.
NB: Patient’s personal contact data will only be used for the purpose of collecting medical and satisfaction feedback on the usage of the products or services sold (Insole, orthotics, prosthetics, footwear) with the purpose of improvement of the Services, technologies or Contact’s practice.
How GESPODO SPRL collects data
The company receives personal data from the individual directly. This may be in the form of data collected via our website, our mobile application registration, from Contact’s interaction with our social network platforms and discussion groups, from the attendance to our events, webinars, conferences.
In the context of the usage of our mobile Footscan3D application and/or the GESPODO PRO Extranet, the Contacts will collect Patient’s individual Free consent and Patient’s data for each and every Patient’s record.
Third Party Privacy Policies
How we use your personal data
The personal information you provide to us will allow us to communicate with you and provide the Service to you, depending on the aspects of the Service for which you register. This includes alerting you of new services, features, or enhancements to the Service; verifying your identity; handling your customer service questions or issues; processing orders; and requesting feedback. We may also use your email address as part of the Service in sending you messages about the Service and other general announcements.
We may use your personal information with non-personal information that we have collected in a manner such that the end-product does not personally identify you or any other user of the Service. We may make your personal information non-personally identifiable by either combining it with information about other users (aggregating your personal information with information about other users), or by removing characteristics (such as your name or email address) that make the information personally identifiable. This process is known as de-personalizing your information. You grant us a royalty-free, worldwide, perpetual, irrevocable and fully transferable right and license to use your personal information in connection with the creation and development of analytical and statistical analysis tools relating to the use of the customer data we collect in providing the Service (the “Analytical Data”). We are expressly authorized to make any commercial use of the Analytical Data, including without limitation, sharing the Analytical Data with third parties, provided that we do not sell, trade, or otherwise transfer from us any part of the Analytical Data that personally identifies any Service users.
Firebase & Zoho
GESPODO uses Firebase and Zoho to help us learn about who uses the App and what features of the Services are being used.
You can manage how your browser handles cookies, or refuse them altogether, by changing your settings.www.aboutcookies.org has useful information on how to manage cookies in your browser.
Who has access to personal data and who GESPODO shares it with
It is necessary to share your personal data with our team of Podiatrists, who may be contractors rather than employees of GESPODO SPRL. Our administration, finance and marketing functions may also be performed by contractors and we will also be required to share certain information with them for the completion of their roles. All of our contractors adhere to strict security standards.
Otherwise, personal data collected will remain within the company.
Our servers may automatically record information that your browser sends whenever you visit the Site. This information includes your Internet Protocol address, your browser type and version, and the search engine you used to find the Service, if any. We use this information to monitor and analyze how users access the Site, to provide customer service and to maintain and improve the Service. We may also collect similar information from emails we may send to you which then help us track which emails are opened and which links are clicked by recipients. The information allows for more accurate reporting and improvement of the Service.
How we share Your information
- Asset transfers. If we become involved in a merger, acquisition or other transaction involving the sale of some or all of GESPODO’s assets, user information, including personal information collected from you through your use of the Service, could be included in the transferred assets. Should such an event occur, we will use reasonable means to notify you through email and/or a prominent notice on the Site and/or the App.
How long we keep personal data
Once consent has been granted by you, contact information for finance, marketing or medical purposes will be kept indefinitely.
What security measures do we take to safeguard your personal information?
The personal information that you provide to us is stored on servers which are protected by protocols and procedures designed to ensure the security of such information. We restrict access to personal information to GESPODO employees, independent contractors and agents who need to know this information in order to develop, operate and maintain the Service. However, no server, computer or communications network or system, or data transmission over the Internet can be guaranteed to be 100% secure. As a result, while we strive to protect user information, we cannot ensure or warrant the security of any information you transmit to us or through the use of the Service and you acknowledge and agree that you provide such information and engage in such transmissions at your own risk. Once we receive a transmission from you, we will endeavor to maintain its security on our systems.
In the event that personal information you provide to us is compromised as a result of a breach of security, when appropriate we will take reasonable steps to investigate the situation, notify you and take the necessary steps to comply with any applicable laws and regulations.
Individuals have various rights under Data Protection Law to access and understand personal data about them held by the company and in some cases ask for it to be erased or amended, or for the company to stop processing it, but subject to certain exemptions and limitations.
Any individual wishing to access or amend their personal data, or who has some other objection to how their personal data is used, should put their request in writing to the company using the address above or via firstname.lastname@example.org
We rely on your consent to engage in certain types of electronic (email/telephone) activity. You may withdraw your consent to receiving such communications at any time by contacting the company by email : email@example.com
Notification of Changes
Questions? Contact Us
QUERIES AND COMPLAINTS
Any comments or queries on this policy should be directed to the Company via Privacy@gespodo.com