Date of last update: 14/02/2024
RESILIENCE takes to heart and is committed to respecting the applicable regulations to protect your Personal Data.
This Privacy Policy details how and why we use your Personal Data. It is an integral part of the General Terms of Use (GTU ) that you accepted when you registered.
RESILIENCE takes the protection of Patients' Personal Data to heart and is committed to managing the information it collects about you securely and responsibly, in compliance with the General Data Protection Regulation (RGPD).
The RGPD follows on from French law no. 78-17 of January 6, 1978 ("loi informatique et libertés") and has been applicable since May 25, 2018. The RGPD frames the use of Personal Data by public and private organizations, including RESILIENCE.
This Privacy Policy is an integral part of the General Terms of Use (GTU) and aims to provide you with clear and transparent information on how we collect and use Personal Data concerning you in our capacity as Data Controller.
Terms beginning with a capital letter are defined in our GTU as well as in the "Definitions" section of each article of this Policy.
This Policy may change periodically. We will inform you of any substantial updates, but we also invite you to consult our Privacy Policy regularly.
RESILIENCE (or "we" or "us") refers to the company RESILIENCE, a société par actions simplifiée with a capital of 16,611.98 euros, registered with the RCS of Paris under number 893 834 713, with VAT number FR67893834713 and whose registered office is located at 6, rue d'Armaillé - 75017 Paris (France), marketing the Resilience Solution.
The Patient (or "you") refers to any individual under the care of a Healthcare Professional who has access to the Resilience Solution. The Patient is considered by default as a non-healthcare professional.
Personal Data is any information that allows you to be identified. It includes in particular your surname, first name, and data on your state of health.
RESILIENCE acts as :
In the first case, please contact your Health Care Establishment for more information.
This Privacy Policy describes the collection and use of your Personal Data by RESILIENCE in its capacity as Data Controller.
RESILIENCE may also act as a Subcontractor to your Healthcare Establishment or your prescribing Healthcare Professional for the provision of a solution to assist in the management of Cancer Patients. We invite you to contact them for further information.
In the specific case of the provision of our Resilience Solution for a clinical study, the Data Controller is the study sponsor.
Healthcare Facility (or "Facility") refers to any healthcare facility involved in your care, whether or not it has entered into a contract with RESILIENCE, one of its affiliates or one of its distributors, for the provision of the Resilience Solution to Patients.
A Data Controller determines the purposes and means of a Personal Data processing operation, i.e. the purpose of the processing and how it is to be carried out.
The Healthcare Professional is the member of your healthcare team as a Patient, practicing within or outside his or her Establishment and participating in your medical care.
A Subcontractor processes data on behalf of another organization (" the Data Controller "), as part of a service or provision.
The Resilience Solution contains a remote monitoring module called Resilience PRO.
This Solution is offered to you by your Healthcare Professionalś as part of your medical care.
The Resilience Solution complements the IT tools of Healthcare Professionals and/or Facilities with remote monitoring and support functionalities for Patients affected by cancer, thanks to two main features:
For further information, please consult our General Terms of Use.
Resilience MD, a société par actions simplifiée with capital of 6,315.00 euros, registered in the Bayonne Trade and Companies Register under number 791 307 309 and headquartered at 24, Avenue Victor Hugo - 64200 Biarritz, manufactures the Resilience PRO remote monitoring module.
The Resilience Solution complements the IT tools of Healthcare Professionals and/or Facilities with remote monitoring and support functionalities for Patients affected by cancer thanks to two main functionalities:
- Support, via the Resilience.care application
- Remote monitoring, via the Resilience PRO module.
Resilience PRO is a class IIa medical device remote monitoring module, manufactured by Resilience MD. Resilience PRO is a regulated healthcare product certified as "medical software for monitoring and clinical decision support in the oncology field" and carries, under this regulation, the CE 0459 mark. Paris (France), marketing the Resilience Solution.
In the context of your use of the Resilience Solution, your Personal Data is collected, in particular for :
If you would like more information about the use of your Personal Data, please contact your Health Care Professional or your Establishment.
Resilience MD (manufacturer of the Resilience PRO module) collects and uses Personal Data in its capacity as Data Controller for the following purposes and legal bases:
Development ofservices and solutions:
Medical device monitoring activities :
Billing :
Communication onRESILIENCE activities :
Satisfaction survey :
If you would like more information about the use of your Personal Data, please contact your Health Care Professional or your Establishment.
When you use the Resilience Solution, the following information about you is collected:
By using our Resilience Solution, you provide us with a certain amount of information about yourself, some of which may identify you:
RESILIENCE also collects your National Health Identifier (INS) for identity-vigilance purposes and your social security number for billing.
We also collect technical data, contained in the browser or mobile device with which you use our Solution, including:
We share your Personal Data with :
We may share your Personal Data with the following recipients:
As part of the management of serious adverse events in the event of the use of Resilience PRO, Resilience MD or RESILIENCE may also transmit your Data to Healthcare Professionals participating in your follow-up or who can provide assistance in the analysis of your file, to notified bodies in charge of evaluating the Resilience PRO medical device and to national public bodies (for example: the ANSM in France or the FAMHP in Belgium).
Your Health Data is hosted in France by certified hosts authorized to store Health Data.
RESILIENCE may use service providers located outside the European Union: RESILIENCE will then implement appropriate safeguards to protect your Personal Data.
Your Health Data, collected as part of your use of our Resilience Solution, are hosted by certified Healthcare Data Hosting (HDS) companies in France:
RESILIENCE may also use service providers located outside the European Union. In the event of a transfer to a third country, in which legislation has not been recognized as offering an adequate level of protection for Personal Data, RESILIENCE will put in place appropriate safeguards, such as standard contractual clauses.
All of our service providers and the appropriate safeguards taken by RESILIENCE are listed on our website.
Your Personal Data is kept for the duration of your registration and use of our Solution. If you do not use the Resilience Solution for 6 months :
Your Personal Data is kept for the duration of your registration and use of our Solution, subject to compliance with applicable legal provisions.
In the event of non-reconnection or non-use of our mobile application for a period of six (6) months, your Personal Data will be kept for a period of twenty-four (24) months to enable you to recover your Account, for example in the event of a relapse.
Unless you indicate otherwise, we will delete or anonymize your Personal Data linked to your medical follow-up ten (10) years after the last questionnaire completed, as part of the Resilience Solution and in order to meet our regulatory obligations.
Your Healthcare Professional may decide to archive your Account.
If such a decision is taken by your Healthcare Professional, you will be informed of it when you open your Account and/or by SMS/email.
The decision to archive your Healthcare Professional will only put an end to your medical telemonitoring. You will still be able to use the Resilience Care Application.
Your Healthcare Professional may decide to archive your Account, including during your follow-up. This archiving decision may occur when your treatment path has been completed, or in the event of voluntary archiving by the Healthcare Professional.
This archiving decision does not prevent you from continuing your treatment path with your Healthcare Professional, or the carer of your choice. It will only put an end to your remote medical monitoring. It will still be possible for you to be monitored outside our Resilience Solution, or to continue to benefit from the Application outside any medical monitoring. In the event that you continue to use the Application, the service cannot replace medical monitoring by a healthcare professional.
When this archiving decision is taken, you will be informed by an information message when you open your Account and/or by SMS/email.
If you would like more information about the reason for closing your Account, or if you would like to recover your Personal Data, please contact us at the following address: aide@resilience.care.
With your consent, your Personal Data (without your name, surname or any other directly identifying information), collected in the context of your use of the Resilience Solution, may be collected in the RESILIENCE Health Data Warehouse and may notably enable us to carry out scientific research, in order to improve the care and quality of life of Patients.
Your refusal has no impact on your use of our Resilience Solution and your medical care.
In its capacity as Data Controller, RESILIENCE carries out scientific research to improve the care and quality of life of cancer patients. To this end, RESILIENCE has set up a health data warehouse, authorized by the Commission Nationale de l'Informatique et des Libertés (CNIL) on April 21, 2022.
With your consent, your pseudonymized Personal Data (i.e. without your surname, first name or any other directly identifying information), including data collected as part of the use of the Resilience Solution, may be collected in this database, based on RESILIENCE's legitimate interests, and used for scientific research purposes and as part of the development of our decision support and medical management tool.
Your data will be kept for fifteen (15) years from the date of collection, as monitoring after cancer can last a lifetime: RESILIENCE wishes to support Patients, some of whom are taking long-term adjuvant treatments, and to be able to improve their quality of life under treatment, in particular by alleviating their side effects.
Your refusal has no impact on your use of our Resilience Solution and your medical care.
You can exercise your rights, and in particular oppose the collection and re-use of your data, by contacting our Data Protection Officer at the following address: privacy@resilience.care or by post to RESILIENCE (for the attention of the DPO), 6 rue d'Armaillé - 75017 Paris (France).
You can also contact us if you have any questions about our Health Data Warehouse and our research.
To access the list of research, studies and evaluations, or for more information about our warehouse, please consult our Transparency Portal.
The Resilience Data Warehouse is the database intended for use by RESILIENCE, in particular for research, studies or evaluations in the healthcare field. RESILIENCE was authorized by resolution no. 2022-049 of April 21, 2022.
We implement appropriate technical and organizational measures to preserve the security and confidentiality of your Personal Data.
As required by regulations, the Resilience Solution is stored by certified Health Data Hosting (HDS) providers, Ecritel and OVH.
RESILIENCE is committed to protecting your Personal Data from loss, destruction, alteration, unauthorized access or disclosure.RESILIENCE therefore implements appropriate technical and organizational measures to preserve the security and confidentiality of your Personal Data, such as:
RESILIENCE undertakes to ensure that the Resilience Solution is hosted by a service provider that has obtained Health Data Hosting (HDS) certification. This means :
We may use internal tracers to measure our audience, i.e. they will not be communicated outside RESILIENCE.
A "cookie" is a string of information containing your browsing data, which is stored by your web browser for a specific period of time.
RESILIENCE may use internal cookies. These tracers enable us to track your activity within the Resilience Solution, in order to offer you personalized content and to measure our audiences (performance measurement, detection of navigation problems, optimization of technical performance or ergonomics, estimation of server power required, analysis of content consulted).
However, these tracers are only used internally and are not communicated outside RESILIENCE or for advertising purposes.
You have several rights regarding your Personal Data.
You can exercise them:
If you are not satisfied with the response, you can lodge a complaint with your data protection authority, in France the CNIL. You will find all the competent authorities in Europe on this link.
Your Personal Data belongs to you, and as such, you have a certain number of rights.
In accordance with the laws and regulations relating to the protection of personal data in force, you have a right :
These rights are exercised :
When you submit a request to exercise your rights, we have one (1) month from receipt to respond. This period of one (1) month may be extended by two (2) months, depending on the complexity of your request.
In order to respond to your request and guarantee the confidentiality of your Personal Data, we may ask you to prove your identity by any means.
If, after contacting us, you feel that your rights have not been respected, you have the right to lodge a complaint with the supervisory authority in France or in your country, for example the Commission Nationale de l'Informatique et des Libertés (CNIL) in France, the Autorité de Protection des Données (APD) in Belgium, the Federal Trade Commission or the Office for Civil Rights in the United States. Click here for a list of all the competent authorities in Europe.
