Version of June 2025
Resilience values and is committed to complying with the applicable regulations to protect your Personal Data.
This Privacy Policy details how and why we use your Personal Data. It as fully incorporated into the General Conditions of Use that you accepted when you registered.
RESILIENCE takes the protection of Patients' Personal Data to heart and is committed to managing the information it collects about you securely and responsibly, in compliance with the General Data Protection Regulation (RGPD).
The RGPD follows on from French law no. 78-17 of January 6, 1978 ("loi informatique et libertés") and has been applicable since May 25, 2018. The RGPD frames the use of Personal Data by public and private organizations, including RESILIENCE.
This Privacy Policy is an integral part of the General Terms of Use (GTU) and aims to provide you with clear and transparent information on how we collect and use Personal Data concerning you in our capacity as Data Controller.
Terms beginning with a capital letter are defined in our GTU as well as in the "Definitions" section of each article of this Policy.
This Policy may change periodically. We will inform you of any substantial updates, but we also invite you to consult our Privacy Policy regularly.
RESILIENCE (or “we”) refers to the company RESILIENCE, a simplified joint-stock company, registered with the Paris Trade & Companies Register under number 893 834 713, and whose head office is located at 6 rue d’Armaillé, 75017 Paris (France), and which markets the Resilience Solution.
The Patient is any individual person that a Healthcare provider treats and who has access to the Resilience Solution. The Patient is automatically considered not to be a healthcare provider.
The Healthcare provider is the member of the Patient’s care team working at or outside their Healthcare facility and contributing to their medical care.
Personal Data is any information that can identify you. It includes your surname, first name and health data.
RESILIENCE acts as :
In the first case, please contact your Health Care Establishment for more information.
This Privacy Policy describes the collection and use of your Personal Data by RESILIENCE in its capacity as Data Controller.
RESILIENCE may also act as a Subcontractor to your Healthcare Establishment or your prescribing Healthcare Professional for the provision of a solution to assist in the management of Cancer Patients. We invite you to contact them for further information.
In the specific case of the provision of our Resilience Solution for a clinical study, the Data Controller is the study sponsor.
Healthcare Facility (or "Facility") refers to any healthcare facility involved in your care, whether or not it has entered into a contract with RESILIENCE, one of its affiliates or one of its distributors, for the provision of the Resilience Solution to Patients.
A Data Controller determines the purposes and means of a Personal Data processing operation, i.e. the purpose of the processing and how it is to be carried out.
The Healthcare Professional is the member of your healthcare team as a Patient, practicing within or outside his or her Establishment and participating in your medical care.
A Subcontractor processes data on behalf of another organization (" the Data Controller "), as part of a service or provision.
The Resilience Solution contains a remote monitoring module called Resilience PRO.
This Solution is offered to you by your Healthcare Professionalś as part of your medical care.
The Resilience Solution complements the IT tools of Healthcare Professionals and/or Facilities with remote monitoring and support functionalities for Patients affected by cancer, thanks to two main features:
For further information, please consult our General Terms of Use.
Resilience MD, a simplified joint stock company with a capital of EUR 6.315,00, registered with the RCS of Bayonne under number 791 307 309 and whose registered office is located at 24, Avenue Victor Hugo – 64200 Biarritz, manufacturer of the Resilience PRO remote monitoring module.
Resilience PRO is a Class IIa medical device remote monitoring module, manufactured by Resilience MD. Resilience PRO is a regulated health product certified as ‘medical software for monitoring and clinical decision support in the oncological field’ and bears, under that regulation, the CE 0459 marking. Paris (France), marketing the Resilience Solution.
As part of your use of the Resilience Solution, your Personal Data is collected, in particular to:
If you would like more information about the use of your Personal Data, please contact your Health Care Professional or your Establishment.
RESILIENCE and its subsidiary Resilience MD (manufacturer of the Resilience PRO module) collect and use Personal Data as Data Controller for the following purposes and on the following legal bases:
Development of services and solutions:
Medical device surveillance activities:
Billing :
Communication on RESILIENCE activities :
Satisfaction survey :
If you would like more information about the use of your Personal Data, please contact your Health Care Professional or your Establishment.
When you use the Resilience Solution, the following information about you is collected:
By using our Resilience Solution, you provide us with a certain amount of information about yourself, some of which can identify you:
RESILIENCE also collects your National Health Identifier (INS) for identity-vigilance purposes and your social security number for billing.
We also collect technical data, contained in the browser or mobile device with which you use our Solution, including:
We share your Personal Data with :
We may share your Personal Data with the following recipients:
As part of the management of serious adverse events in the event of the use of Resilience PRO, Resilience MD or RESILIENCE may also transmit your Data to Healthcare Professionals participating in your follow-up or who can provide assistance in the analysis of your file, to notified bodies in charge of evaluating the Resilience PRO medical device and to national public bodies (for example: the ANSM in France or the FAMHP in Belgium).
Your Health Data is hosted in France by certified hosts authorized to store Health Data.
RESILIENCE may use service providers located outside the European Union: RESILIENCE will then implement appropriate safeguards to protect your Personal Data.
Your Health Data, collected as part of your use of our Resilience Solution, is hosted by certified Health Data Hosters (HDS) in France:
RESILIENCE may also use service providers located outside the European Union. In the event of a transfer to a third country, in which legislation has not been recognized as offering an adequate level of protection for Personal Data, RESILIENCE will put in place appropriate safeguards, such as standard contractual clauses.
All of our service providers and the appropriate safeguards taken by RESILIENCE are listed on our website.
Your Personal Data is kept for the time of your registration and your use of our Solution. If the Resilience Solution is not used for 12 months:
Your Personal Data is kept for the time of your registration and your use of our Solution, subject to compliance with the applicable legal provisions.
In case of non-reconnection or non-use of our mobile application for a period of twelve (12) months your Personal Data will be kept for a period of twenty-four (24) months to allow you to find your Account for example in case of relapse.
Without any contrary manifestation on your part, we will delete or anonymize your Personal Data related to your medical follow-up ten (10) years after the last completed questionnaire, as part of the Resilience Solution and in order to meet our regulatory obligations.
Your Healthcare Professional may decide to archive your Account.
If such a decision is taken by your Healthcare Professional, you will be informed of it when you open your Account and/or by SMS/email.
The decision to archive your Healthcare Professional will only put an end to your medical telemonitoring. You will still be able to use the Resilience Care Application.
Your Healthcare Professional may decide to archive your Account, including during your follow-up. This archiving decision may occur when your treatment path has been completed, or in the event of voluntary archiving by the Healthcare Professional.
This archiving decision does not prevent you from continuing your treatment path with your Healthcare Professional, or the carer of your choice. It will only put an end to your remote medical monitoring. It will still be possible for you to be monitored outside our Resilience Solution, or to continue to benefit from the Application outside any medical monitoring. In the event that you continue to use the Application, the service cannot replace medical monitoring by a healthcare professional.
When this archiving decision is taken, you will be informed by an information message when you open your Account and/or by SMS/email.
If you would like more information about the reason for closing your Account, or if you would like to recover your Personal Data, please contact us at the following address: aide@resilience.care.
Your Personal Data (without your name, surname or any other directly identifying information), collected in the context of your use of the Resilience Solution, may be collected in the RESILIENCE Health Data Warehouse and may notably enable us to carry out scientific research, in order to improve the care and quality of life of Patients.
Your choice has no impact on your use of our Resilience Solution and your medical care.
As Data controller, RESILIENCE carries out scientific research to improve the care and quality of life of cancer patients. As such, RESILIENCE set up a health data warehouse, authorised by the Commission Nationale de l’Informatique et des Libertés (CNIL) on 21 April 2022, supplemented by deliberation No 2023-088 of 7 September 2023.
Your pseudonymised Personal Data (i.e. without your surname, first name or any other directly identifying information), including data collected in the context of the use of the Resilience Solution, may be collected in this database, based on the legitimate interests of RESILIENCE, and used for scientific research purposes and in the development of our medical decision-making and care support tool.
How you participate in the Resilience Health Data Warehouse varies depending on your Healthcare Facility:
- Your Healthcare Facility requires your prior consent before any secondary use of your information. An information message will ask you for your consent in full transparency.
- Your Healthcare Facility authorises the non-opposition process to the secondary use of your data. An information message will tell you how to object to the processing. Your information will only be transmitted to the Health Data Warehouse if you do not object within thirty (30) days of the posting of this message.
- Your Healthcare Facility does not allow the use of the Health Data Warehouse. None of your data will then be used for this purpose.
Your data will be kept there for fifteen (15) years from their collection because surveillance after cancer can last a lifetime: RESILIENCE wishes to accompany patients, some of whom take long-term adjuvant treatments, and be able to improve their quality of life under treatment, in particular by soothing their side effects.
Your choice has no impact on your use of our Resilience Solution and your medical care.
You can exercise your rights, in particular to object to the collection of your data and its re-use at any time, by contacting our Data Protection Officer at the following address: privacy@resilience.care or by post to RESILIENCE (for the attention of the DPO), 6 rue d’Armaillé - 75017 Paris (France).
You can change your choice directly in the settings of your application in "Profile" and then "Consent".
You can also contact us with any questions about our Health Data Warehouse and our research.
To access the list of research, studies and evaluations or more information about our warehouse, you can consult our Transparency Portal.
The Resilience Data Warehouse is the database intended to be used by RESILIENCE in particular for the purposes of research, studies or evaluations in the field of health. RESILIENCE was authorised by Deliberation No 2022-049 of 21 April 2022, supplemented by Deliberation No 2023-088 of 7 September 2023.
We implement appropriate technical and organizational measures to preserve the security and confidentiality of your Personal Data.
As required by regulations, the Resilience Solution is stored by certified Health Data Hosting (HDS) providers, Ecritel and OVH.
RESILIENCE s’engage à protéger vos Données Personnelles contre toute perte, destruction, altération, accès ou divulgation non autorisée. RESILIENCE met donc en œuvre des mesures techniques et organisationnelles appropriées pour préserver la sécurité et la confidentialité de vos Données Personnelles, telles que :
RESILIENCE undertakes to ensure that the Resilience Solution is hosted by a service provider that has obtained Health Data Hosting (HDS) certification. This means :
We may use internal tracers to measure our audience, i.e. they will not be communicated outside RESILIENCE.
A "cookie" is a string of information containing your browsing data, which is stored by your web browser for a specific period of time.
RESILIENCE may use internal cookies. These tracers enable us to track your activity within the Resilience Solution, in order to offer you personalized content and to measure our audiences (performance measurement, detection of navigation problems, optimization of technical performance or ergonomics, estimation of server power required, analysis of content consulted).
However, these tracers are only used internally and are not communicated outside RESILIENCE or for advertising purposes.
You have several rights regarding your Personal Data.
You can exercise them:
If you are not satisfied with the response, you can lodge a complaint with your data protection authority, in France the CNIL. You will find all the competent authorities in Europe on this link.
Your Personal Data belongs to you, and as such, you have a certain number of rights.
In accordance with the laws and regulations relating to the protection of personal data in force, you have a right :
These rights are exercised :
When you submit a request to exercise your rights, we have one (1) month from receipt to respond. This period of one (1) month may be extended by two (2) months, depending on the complexity of your request.
In order to respond to your request and guarantee the confidentiality of your Personal Data, we may ask you to prove your identity by any means.
If, after contacting us, you feel that your rights have not been respected, you have the right to lodge a complaint with the supervisory authority in France or in your country, for example the Commission Nationale de l'Informatique et des Libertés (CNIL) in France, the Autorité de Protection des Données (APD) in Belgium, the Federal Trade Commission or the Office for Civil Rights in the United States. Click here for a list of all the competent authorities in Europe.
