Resilience

Privacy policy for telemonitored patients

Date of last update: 14/02/2024

Article 1

Introduction

The essentials

RESILIENCE takes to heart and is committed to respecting the applicable regulations to protect your Personal Data.

This Privacy Policy details how and why we use your Personal Data. It is an integral part of the General Terms of Use (GTU ) that you accepted when you registered.

Text

RESILIENCE takes the protection of Patients' Personal Data to heart and is committed to managing the information it collects about you securely and responsibly, in compliance with the General Data Protection Regulation (RGPD).

The RGPD follows on from French law no. 78-17 of January 6, 1978 ("loi informatique et libertés") and has been applicable since May 25, 2018. The RGPD frames the use of Personal Data by public and private organizations, including RESILIENCE.

This Privacy Policy is an integral part of the General Terms of Use (GTU) and aims to provide you with clear and transparent information on how we collect and use Personal Data concerning you in our capacity as Data Controller.

Terms beginning with a capital letter are defined in our GTU as well as in the "Definitions" section of each article of this Policy.

This Policy may change periodically. We will inform you of any substantial updates, but we also invite you to consult our Privacy Policy regularly.

Definition

RESILIENCE (or "we" or "us") refers to the company RESILIENCE, a société par actions simplifiée with a capital of 16,611.98 euros, registered with the RCS of Paris under number 893 834 713, with VAT number FR67893834713 and whose registered office is located at 6, rue d'Armaillé - 75017 Paris (France), marketing the Resilience Solution.

The Patient (or "you") refers to any individual under the care of a Healthcare Professional who has access to the Resilience Solution. The Patient is considered by default as a non-healthcare professional.

Personal Data is any information that allows you to be identified. It includes in particular your surname, first name, and data on your state of health.

Article 2

Object

The essentials

RESILIENCE acts as :

  • As a subcontractor to a partner healthcare facility or to your prescribing healthcare professional, or
  • As data controller.

In the first case, please contact your Health Care Establishment for more information.

Text

This Privacy Policy describes the collection and use of your Personal Data by RESILIENCE in its capacity as Data Controller.

RESILIENCE may also act as a Subcontractor to your Healthcare Establishment or your prescribing Healthcare Professional for the provision of a solution to assist in the management of Cancer Patients. We invite you to contact them for further information.

In the specific case of the provision of our Resilience Solution for a clinical study, the Data Controller is the study sponsor.

Definition

Healthcare Facility (or "Facility") refers to any healthcare facility involved in your care, whether or not it has entered into a contract with RESILIENCE, one of its affiliates or one of its distributors, for the provision of the Resilience Solution to Patients.

A Data Controller determines the purposes and means of a Personal Data processing operation, i.e. the purpose of the processing and how it is to be carried out.

The Healthcare Professional is the member of your healthcare team as a Patient, practicing within or outside his or her Establishment and participating in your medical care.

A Subcontractor processes data on behalf of another organization (" the Data Controller "), as part of a service or provision.

Article 3

Introducing the Resilience Solution

The essentials

The Resilience Solution contains a remote monitoring module called Resilience PRO.

This Solution is offered to you by your Healthcare Professionalś as part of your medical care.

Text

The Resilience Solution complements the IT tools of Healthcare Professionals and/or Facilities with remote monitoring and support functionalities for Patients affected by cancer, thanks to two main features:

  • Support, via the Resilience Care Application;
  • Remote monitoring, via the Resilience PRO telemonitoring module, a IIa medical device manufactured by Resilience MD, for telemonitoring prescribed by a Healthcare Professional to Patients, without replacing medical care.

For further information, please consult our General Terms of Use.

Definition

Resilience MD, a société par actions simplifiée with capital of 6,315.00 euros, registered in the Bayonne Trade and Companies Register under number 791 307 309 and headquartered at 24, Avenue Victor Hugo - 64200 Biarritz, manufactures the Resilience PRO remote monitoring module.

The Resilience Solution complements the IT tools of Healthcare Professionals and/or Facilities with remote monitoring and support functionalities for Patients affected by cancer thanks to two main functionalities:
- Support, via the Resilience.care application
- Remote monitoring, via the Resilience PRO module.

Resilience PRO is a class IIa medical device remote monitoring module, manufactured by Resilience MD. Resilience PRO is a regulated healthcare product certified as "medical software for monitoring and clinical decision support in the oncology field" and carries, under this regulation, the CE 0459 mark. Paris (France), marketing the Resilience Solution.

Article 4

Why does RESILIENCE use your Personal Data?

The essentials

In the context of your use of the Resilience Solution, your Personal Data is collected, in particular for :

  • Medical device monitoring activities ;
  • Support and claims management ;
  • Ensure the operation and continuous improvement of our Solution;
  • Detection and resolution of technical incidents.

If you would like more information about the use of your Personal Data, please contact your Health Care Professional or your Establishment.

Text

Resilience MD (manufacturer of the Resilience PRO module) collects and uses Personal Data in its capacity as Data Controller for the following purposes and legal bases:

‍Development ofservices and solutions:

  • Operation, continuous improvement and development of the Resilience Solution, including the Resilience PRO module, and of services offered to Establishments based on usage monitoring of the Resilience Solution (legitimate interest);
  • Clinical evaluation (legitimate interest). Medical device monitoring activitiesMateriovigilance (legal obligation) ;


Medical device monitoring activities :

  • Materials vigilance (legal obligation) ;
  • Post-marketing clinical surveillance (legal obligation) ;
  • Post-marketing surveillance (legal obligation).


Billing :

  • Drawing up and electronically transmitting documents to the health insurance system (legal obligation);
  • Bookkeeping (legitimate interest).


Communication onRESILIENCE activities :

  • Newsletters(consent).


Satisfaction survey :

  • Request for returns (legitimate interest).


If you would like more information about the use of your Personal Data, please contact your Health Care Professional or your Establishment.

Article 5

What information does RESILIENCE collect and how?

The essentials

When you use the Resilience Solution, the following information about you is collected:

  • Your health data ;
  • Your identification data ;
  • Information about your personal life and lifestyle;
  • Your connection and technical data.

Text

By using our Resilience Solution, you provide us with a certain amount of information about yourself, some of which may identify you:

  • Your identification data, for the creation of your Account and to enable us to contact you again (for example, if you send us a question): this includes, for example, your surname, first name, age, e-mail address, telephone number, as well as your referring Healthcare Establishment and the names of the members of your medical team authorized to access your information;


RESILIENCE also collects your National Health Identifier (INS) for identity-vigilance purposes and your social security number for billing.

  • Your health data: your pathology(ies), your symptom(s), your medical calendar, your treatment (systemic and/or radiotherapy), your prescription date (treatment start date or prescription renewal date), etc. ;
  • Information about your personal life and lifestyle: what you eat, whether you are physically active, etc. ;
  • Your login details: any information you need to access your Account (password and other information required for authentication and access to your Account);


We also collect technical data, contained in the browser or mobile device with which you use our Solution, including:

  • Data that enables us to learn more about the device you are using ("device data"): the type and model of the device, its operating system and version, its unique identifier, and so on.
  • Log data is automatically recorded by our servers based on information sent by your browser. This includes the date and time of your visit, the browser version used (and its configuration), your last response to a questionnaire, your IP address and protocol, and how you used our Solution.

Article 6

With whom does RESILIENCE share your Personal Data?

The essentials

We share your Personal Data with :

  • Our subsidiary Resilience MD;
  • Our service providers ;
  • Your medical team.

Text

We may share your Personal Data with the following recipients:

  • Our subsidiary Resilience MD, which manufactures the Resilience PRO module, needs your information for remote monitoring and to meet its material safety obligations.
  • Our service providers: we use a variety of service providers, for example to supply technological or logistical services, to manage patient support or to host your healthcare data on HDS-certified servers (for healthcare data hosting).
    Our service providers must comply with our requirements in terms of confidentiality and security of Personal Data. They are listed on our website.
  • Your medical team: we may transmit your Personal Data to healthcare professionals authorized to access your information, as part of your patient follow-up.


As part of the management of serious adverse events in the event of the use of Resilience PRO, Resilience MD or RESILIENCE may also transmit your Data to Healthcare Professionals participating in your follow-up or who can provide assistance in the analysis of your file, to notified bodies in charge of evaluating the Resilience PRO medical device and to national public bodies (for example: the ANSM in France or the FAMHP in Belgium).

Article 7

Are your Personal Data transferred to third countries?

The essentials

Your Health Data is hosted in France by certified hosts authorized to store Health Data.

RESILIENCE may use service providers located outside the European Union: RESILIENCE will then implement appropriate safeguards to protect your Personal Data.

Text

Your Health Data, collected as part of your use of our Resilience Solution, are hosted by certified Healthcare Data Hosting (HDS) companies in France:

  • Ecritel, for the Resilience PRO remote monitoring module;
  • OVH, for the Resilience Care Application.


RESILIENCE may also use service providers located outside the European Union. In the event of a transfer to a third country, in which legislation has not been recognized as offering an adequate level of protection for Personal Data, RESILIENCE will put in place appropriate safeguards, such as standard contractual clauses.

All of our service providers and the appropriate safeguards taken by RESILIENCE are listed on our website.

Article 8

How long are your Personal Data kept?

The essentials

Vos Données Personnelles sont conservées le temps de votre inscription et de votre utilisation de notre Solution. En cas de non-utilisation de la Solution Resilience pendant 12 mois :

  • Your Personal Data will be kept for 24 months,
  • Then, unless you tell us otherwise, it will be deleted or anonymized (i.e. it will no longer be possible to identify you and know that this data belongs to you).

Text

Vos Données Personnelles sont conservées le temps de votre inscription et de votre utilisation de notre Solution, sous réserve du respect des dispositions légales applicables.

En cas de non-reconnexion ou de non-utilisation de notre application mobile pendant une durée de douze (12) mois vos Données Personnelles seront conservées pendant une durée de vingt-quatre (24) mois pour vous permettre de retrouver votre Compte par exemple en cas de rechute.

Sans manifestation contraire de votre part, nous supprimerons ou anonymiserons vos Données Personnelles liées à votre suivi médical dix (10) ans après le dernier questionnaire complété, dans le cadre de la Solution Resilience et afin de répondre à nos obligations réglementaires.

In the event of archiving by the Healthcare Professional

The essentials

Your Healthcare Professional may decide to archive your Account.

If such a decision is taken by your Healthcare Professional, you will be informed of it when you open your Account and/or by SMS/email.

The decision to archive your Healthcare Professional will only put an end to your medical telemonitoring. You will still be able to use the Resilience Care Application.

Text

Your Healthcare Professional may decide to archive your Account, including during your follow-up. This archiving decision may occur when your treatment path has been completed, or in the event of voluntary archiving by the Healthcare Professional.

This archiving decision does not prevent you from continuing your treatment path with your Healthcare Professional, or the carer of your choice. It will only put an end to your remote medical monitoring. It will still be possible for you to be monitored outside our Resilience Solution, or to continue to benefit from the Application outside any medical monitoring. In the event that you continue to use the Application, the service cannot replace medical monitoring by a healthcare professional.

When this archiving decision is taken, you will be informed by an information message when you open your Account and/or by SMS/email.

If you would like more information about the reason for closing your Account, or if you would like to recover your Personal Data, please contact us at the following address: aide@resilience.care.

Article 9

RESILIENCE's Health Data Warehouse

The essentials

With your consent, your Personal Data (without your name, surname or any other directly identifying information), collected in the context of your use of the Resilience Solution, may be collected in the RESILIENCE Health Data Warehouse and may notably enable us to carry out scientific research, in order to improve the care and quality of life of Patients.

Your refusal has no impact on your use of our Resilience Solution and your medical care.

Text

In its capacity as Data Controller, RESILIENCE carries out scientific research to improve the care and quality of life of cancer patients. To this end, RESILIENCE has set up a health data warehouse, authorized by the Commission Nationale de l'Informatique et des Libertés (CNIL) on April 21, 2022.

With your consent, your pseudonymized Personal Data (i.e. without your surname, first name or any other directly identifying information), including data collected as part of the use of the Resilience Solution, may be collected in this database, based on RESILIENCE's legitimate interests, and used for scientific research purposes and as part of the development of our decision support and medical management tool.

Your data will be kept for fifteen (15) years from the date of collection, as monitoring after cancer can last a lifetime: RESILIENCE wishes to support Patients, some of whom are taking long-term adjuvant treatments, and to be able to improve their quality of life under treatment, in particular by alleviating their side effects.

Your refusal has no impact on your use of our Resilience Solution and your medical care.

You can exercise your rights, and in particular oppose the collection and re-use of your data, by contacting our Data Protection Officer at the following address: privacy@resilience.care or by post to RESILIENCE (for the attention of the DPO), 6 rue d'Armaillé - 75017 Paris (France).

You can also contact us if you have any questions about our Health Data Warehouse and our research.

To access the list of research, studies and evaluations, or for more information about our warehouse, please consult our Transparency Portal.

Definition

The Resilience Data Warehouse is the database intended for use by RESILIENCE, in particular for research, studies or evaluations in the healthcare field. RESILIENCE was authorized by resolution no. 2022-049 of April 21, 2022.

Article 10

How is your Personal Data secured?

The essentials

We implement appropriate technical and organizational measures to preserve the security and confidentiality of your Personal Data.

As required by regulations, the Resilience Solution is stored by certified Health Data Hosting (HDS) providers, Ecritel and OVH.

Text

RESILIENCE is committed to protecting your Personal Data from loss, destruction, alteration, unauthorized access or disclosure.RESILIENCE therefore implements appropriate technical and organizational measures to preserve the security and confidentiality of your Personal Data, such as:

  • Access to Personal Data is limited to persons authorized to access it by virtue of their functions;
  • Contractual guarantees in the event of recourse to an external service provider;Data protection impact assessments (DPA);
  • Our employees are trained in data protection and are subject to confidentiality obligations;
  • Regular reviews of our privacy practices and policies and/or physical and/or logical security measures (secure access, authentication procedures, backups, antivirus software, firewalls, etc.).
  • Data encryption, etc.

RESILIENCE undertakes to ensure that the Resilience Solution is hosted by a service provider that has obtained Health Data Hosting (HDS) certification. This means :

  • For the Resilience PRO remote monitoring module: your Personal Data is stored by Ecritel. For more information, please consult Ecritel's Privacy Policy.
  • For the Application: your Personal Data is stored by OVH. For more information, please consult the OVH Privacy Policy.

Article 11

How are cookies managed?

The essentials

We may use internal tracers to measure our audience, i.e. they will not be communicated outside RESILIENCE.

Text

A "cookie" is a string of information containing your browsing data, which is stored by your web browser for a specific period of time.

RESILIENCE may use internal cookies. These tracers enable us to track your activity within the Resilience Solution, in order to offer you personalized content and to measure our audiences (performance measurement, detection of navigation problems, optimization of technical performance or ergonomics, estimation of server power required, analysis of content consulted).

However, these tracers are only used internally and are not communicated outside RESILIENCE or for advertising purposes.

Article 12

What are my rights?

The essentials

You have several rights regarding your Personal Data.
You can exercise them:

If you are not satisfied with the response, you can lodge a complaint with your data protection authority, in France the CNIL. You will find all the competent authorities in Europe on this link.

Text

Your Personal Data belongs to you, and as such, you have a certain number of rights.

In accordance with the laws and regulations relating to the protection of personal data in force, you have a right :

  • Access : you have the right to know what Personal Data we hold about you, to consult it and to obtain a copy(find out more);  
  • Rectification: if you become aware of an error, you can ask us to rectify the incorrect information or complete the information concerning you at any time (find out more);
  • Deletion: under certain conditions, you may ask us to delete your Personal Data. Please note that we may retain certain information about you when required to do so by applicable laws and regulations, or when we have a legitimate reason to do so(read more).
  • Opposition: you may object, for reasons relating to your particular situation, to the use of your Personal Data. At any time, you may object to the processing of your Personal Data for the purpose of providing Resilience Services by writing to the DPO. However, this will result in termination of the contract allowing you to access the Resilience Services, which cannot function without the use of your Personal Data;
  • Limitation: under certain conditions, you may ask us to limit the use we make of your Personal Data, for example for the time necessary to examine a request for rectification(more information).


These rights are exercised :

  • From the healthcare professional or facility, or
  • By contacting RESILIENCE at: privacy@resilience.care, or at the following postal address: RESILIENCE - For the attention of the DPO - 6, rue d'Armaillé - 75017 Paris (France).

When you submit a request to exercise your rights, we have one (1) month from receipt to respond. This period of one (1) month may be extended by two (2) months, depending on the complexity of your request.

In order to respond to your request and guarantee the confidentiality of your Personal Data, we may ask you to prove your identity by any means.

If, after contacting us, you feel that your rights have not been respected, you have the right to lodge a complaint with the supervisory authority in France or in your country, for example the Commission Nationale de l'Informatique et des Libertés (CNIL) in France, the Autorité de Protection des Données (APD) in Belgium, the Federal Trade Commission or the Office for Civil Rights in the United States. Click here for a list of all the competent authorities in Europe.

resilience logo
Resilience 2024 © All rights reserved