skin/en/privacy-policy/current

TAVIE-SKIN Application Privacy Policy

Last updated: November 19th, 2019

This Privacy Policy applies to the use of the TAVIE-SKIN Mobile Application (the “Application”) made available by MedClinik.

MedClinik respects your privacy and we believe it is important that you are aware of our practices regarding the information we receive through the Application or any service offered using the Application (the “Services”). The purpose of this Privacy Policy is to describe the conditions under which MedClinik processes information provided by the user, the type of information we collect, how we use and share that information, and the means available to you to object to processing, to modify, obtain or delete that information. This Privacy Policy is an integral part of our General Terms and Conditions of Use (“Terms of Use”).

The term “Personal Data” used in this Privacy Policy refers to any information relating to an identified or identifiable individual.

This Privacy Policy applies to the Personal Data that MedClinik collects and processes through the Application and Services. It also describes the means available to you with respect to your Personal Data, how you can access it and how to update this information. The use of the information collected by MedClinik is limited to the purposes of providing the Services and the services for which MedClinik has been hired by its customers or partners.

Any term not defined in this Privacy Policy shall have the meaning given to it in the Terms of Use.

  • Disclaimer of Liability
  • The information we collect
  • How we use the information
  • How the information is shared
  • Data storage and preservation
  • Rights of access, modification, rectification, deletion and portability of your data
  • Protection and confidentiality of information
  • Changes to the Privacy Policy
  • Contact us for more information
Disclaimer of Liability

The Application and Services are made available to users for the purpose of:

  1. Allowing user interactions to be customized according to data entry and usage models;
  2. Understanding the use of the Application and the most used features and improve service to users ;
  3. Understand the effect of the Application on health habits.

The Application or Services are not made available to the user for diagnostic or care purposes. For either of these cases, please refer to a health professional.

The information we collect
Information you provide us with

The Application collects information that you manually insert when you use the Application or that is transmitted through connected devices, in the various tracking logs or features of the Application.

When you create an account, use the Services, enter information, answer questionnaires, we collect the following types of information:

  • Account information. When you register to use the Services, using an activation code, we collect information about your age group, gender and country of residence, as well as your professional activity. In order to render our Services, we also ask you to enter information related to the diagnosis of melanoma, your medical history as well as your current medication. This information will allow us to subsequently identify possible links between demographic and social indicators, and aspects related to the health of patients using the Application and Services, for the same purpose as that stated in the notice above.
    A random account number (the “Identifier”) is assigned to your account at the time of its creation, which aims to limit, as soon as it is entered, the personal nature of the information collected as part of our Services. We strongly suggest you save this Identifier for future reference, in a case where you would need to set your account on a different device, for example.
  • Your information entered manually. The data collected varies depending on the features you have chosen to use and the information you enter manually. This information may include your physical activities, sleep, weight, height, medication goals, healthcare providers contacts and your answers to the questionnaires integrated into the Application.
  • Your information collected automatically. The Application might allow you to record and track the history of data collected through connected devices. The data collected varies depending on the connected device or third-party application you have chosen and agreed to synchronize with the Application and that is compatible with the Application.
  • Health data, a special category of personal data. Many of the information you enter and/or that we collect is health data, which belongs to a particular category of personal data. These data include melanoma diagnosis, medical history, sleep, weight, height. This information requested within the application and its various functionalities is necessary in order to achieve the objective of the Application, which is to support the patient throughout his care journey and in the management of his health condition.
  • Your communications with us. To request technical support or to share with us suggestions for improving the Application, you can contact us through the Application, in the settings page. If you communicate with us through the Application your request will be associated with your Random Identifier and we will not be able to identify you personally. Please note we can not reply directly to your questions or comments sent via the settings of the application. For any question related to health, please consult your healthcare provider.
Information we receive about your use of the Services
  • Information collected automatically (e.g. connected devices, tracking technologies). MedClinik uses tracking technologies to collect certain information automatically, such as the mobile device you are using and the version of the operating system, technical incidents, connected objects or third-party applications you have agreed to activate and synchronize with the Application, information about your progress within coaching sessions, or attendance data (features used, connection history, interactions at the activity log level or “Feed”). This information is collected for statistical purposes. It allows us to understand how users use the Application and helps us improve its presentation and content, it also helps us customizing user interactions and understand the effect of the Application on users’ health habits. This automatically collected information is not linked to Personal Data and does not allow the user to be personally identified.
How we use the information

MedClinik uses the information, including Personal Data and Health Data, to perform the Services, to respond to requests associated with the Services, or to improve and customize our Services or content to user needs.
MedClinik collects this information for the following purposes:

  • Administration and maintenance. MedClinik uses the information collected for administrative and maintenance purposes, including:
    – Measure user interest in the Application and Services;
    – Develop new products or services;
    – Perform troubleshooting operations and protect you against errors;
    – Perform data analysis and testing;
    – Maintain the Application;
    – Prevent potentially prohibited or illegal activities;
    – Enforce our Terms of Use.
  • Improvement and personalization of our products and services. We use some of your information to make deductions and further customize the content of the Application and our Services. For example, we can use the data collected on your sleep habits to provide you with personalized information to help you improve it. We also use the data we collect to generate anonymous data or non-identifiable data sets aggregated with data or information from other sources.
  • Use of anonymous and aggregated data. MedClinik uses certain Personal Data and other information for statistical purposes, in which case this information is anonymized or aggregated with data or information from other sources. This data is collected for the purpose of generating other types of information, such as demographic information, geographic trends, information about the types of mobile devices from which users access the Services, or other analyses. This anonymized or aggregated data is used for a variety of purposes, including to measure the use of the Services or the functions of the Application for its evaluation, or to improve our existing products and Services or to develop new products and services.
    Anonymized or aggregated information is not Personal Data and MedClinik uses this information for research and technological development purposes, to ensure the quality of our Services, or for any other purpose required or legally authorized. This information is used in an anonymous or aggregated form designed to prevent anyone from identifying you.
How the information is shared

MedClinik does not sell or disclose Personal Data about you except as described in this Policy or as you expressly consent. For the purposes of rendering the Services, we may share certain information with:

  • Our partners. MedClinik may provide some of the data you manually entered or that was automatically collected, as aggregated, anonymized or pseudonymized information to its partners with whom it jointly offers the Application or Services (the “Partners”), namely Pierre Fabre, as set out in the Terms of Use. MedClinik ensures that its Partners respect the same obligations of confidentiality and security of the personal information they hold on your behalf. Non-personal information that is aggregated or anonymized, so that cannot reasonably be used to identify an individual, may be shared in publicly available scientific publications.
    MedClinik does not transmit any Personal Data or other information about you in a way that would allow your identification. MedClinik provides Pierre Fabre with a report every three months on anonymized, pseudonymized and/or aggregated data in order to generate other types of information, such as demographic information, geographic trends, information regarding the use of the Services, or other analyses. This data is not used for any purpose other than to provide information on the use of the Services and to perform an evaluation of the Application.
    IMPORTANT: If you wish to report an adverse event via the Application, the information you will disclose will be shared “as is” with Pierre Fabre. This information is not stored on MedClinik servers.
  • Service providers (excluding data hosting services). MedClinik uses the services of third parties to analyze anonymized, pseudonymized or aggregated data. This allows us having a better understanding of how users use our Services and improving our products and services accordingly. These services also allow us to carry out analysis work on anonymized and aggregated data that are part of the services requested by our Partners, such as the analysis of demographic data, trends by geographic region or by professional activity.
    Some of the collected information is transmitted to Craft AI’s artificial intelligence platform, which aims to analyze this data and respond in a customized way to user needs. The information transmitted is the age, gender and time when the user accesses certain features of the application.
  • Systems and Application Maintenance. Some aggregated non-personal information may be shared with our affiliates or service providers, such as system monitoring or application operation data, for the sole purpose of maintaining the Application and associated Services. Only a limited and privileged number of employees of our parent company, located in Montreal, Canada, who ensure the confidentiality, availability, integrity and security of your data have access to it, in order to protect your data, your rights, and access to the Services.
  • Disclosure for protection purposes. We may preserve or disclose information about you if we believe it is necessary or appropriate to: (i) comply with applicable laws, legal process or a request from public authorities; (ii) protect your rights or safety, ours or those of others; (iii) enforce our contracts and policies; or (iv) where we believe disclosure is necessary or appropriate to prevent physical harm or in connection with an investigation or prosecution for suspected or actual illegal activity.
  • Merger, sale, or other transfer of assets. If MedClinik or its affiliated companies are involved in a merger, acquisition, due diligence, restructuring, bankruptcy, legal administration, sale of company assets, or transition of service to another supplier, then your information may be transferred to the new entity, as permitted by law and/or contract. In such circumstances, MedClinik will order the transferee to use the personal information in a manner consistent with the Privacy Policy in effect at the time the personal information was collected. In that case, the Terms of Use and/or Privacy Policy will be updated and you will be notified of such update/change within the Application.
Data storage and preservation

The data collected is hosted locally in your mobile device as well as on a server certified for hosting health data, provided by Amazon Web Services (AWS), located in the Paris Region, in France, and used solely for the purpose of performing the Services or as stipulated in this Policy.
MedClinik retains your data for as long as your account is active or as long as necessary to provide you with the Services, including to operate the features you choose to use. We also retain your information and the one of your account to provide you with personal statistics and maintain the Services, including to allow you retrieving your account on another device. We retain and use your information as necessary for the legitimate interests of our company, to comply with our legal obligations, for legal reasons or to prevent harm, and to enforce our Terms of Use and policies.

Rights of access, modification, rectification, deletion and portability of your data

Users have the right to access, modify, rectify, delete and transfer their Personal Data at any time.

  • Users. You can change, update or delete your account information at any time directly in the Application (settings page). You can also obtain this information by downloading it from the Application. The deletion of your Account will trigger the automatic erasure of your Personal Data from our servers and consequently from any ulterior reporting to our Partners.
    You can also contact MedClinik to obtain information about the general processing of personal information and the recipients to whom it is sent by contacting us directly. These requests will be processed in accordance with the laws in force. We will respond to any request within 30 days of receipt.
  • Notifications transmitted through the Application. The Application may occasionally send you notifications. You can refuse to receive these notifications at any time by changing the settings in the Application or on your mobile device.

    When you provide your consent to this Privacy Policy, you consent to be bound by this Privacy Policy and any changes to the Privacy Policy for which you will be notified. Your express consent to the processing of Personal Data or Health Data is required for us to collect such data and process it as set out in this Privacy Policy. Without your consent and in the absence of being able to collect the required information, MedClinik will not be able to provide the Services.
    To completely stop the collection and/or processing of your data, it is therefore suggested that you request that your data be deleted and that you uninstall the Application from your device.
    Note that uninstalling the Application will delete the data stored on your device but will not delete it from MedClinik servers. Deleting the data stored on our servers requires 1) your deletion request via the Application settings or 2) the termination of our Services.
    Also note that once deleted, this data will no longer be retrievable. It is therefore strongly recommended that you export and save your data before deleting it, which is possible via the Application settings.
    It is also important to note that if you continue to use the Application and Services with your Account following the deletion of your data, you consent to the processing of this new data as set out in this Policy.
Protection and confidentiality of information

The security and confidentiality of your personal information and the information of our users and customers is important to us. MedClinik maintains the necessary security measures to protect your information from loss, destruction, use, access or unauthorized disclosure.
Sensitive information that you enter into the Application, including information concerning your health, as well as the transmission of this information for the purpose of providing the Services, is encrypted using SSL (Secure Socket Layer) technology. The Application uses AES256 encryption at the file system level, and x.509 SSL certificates encrypt data transmission. We also use the AUTH2 protocol to protect data transmission between the mobile device and the servers on which the information is stored.
These technologies help us ensure the security and protection of your information and to make it available only to you and those to whom you have granted access.
If you have any questions about the security of our Application, you can contact us directly at tavieskin@tavierx.net.

Changes to the Privacy Policy

MedClinik updates its Privacy Policy from time to time or as legislation changes. You can review our most current version of this Privacy Policy at any time at https://toupp.pre-360.net/skin/en/privacy-policy/current/
If we make material changes to this Policy, we will notify you by means of a notice sent on the Application before the change takes effect.
Any legal or administrative provision that would require the modification of this Privacy Policy in whole or in part will make such modification applicable as soon as they come into force, without notice.

Contact us for more information

MedClinik is committed to resolving any complaint regarding our collection or use of your information and Personal Data. Persons living in the European Union who have questions or complaints about our Privacy Policy may contact us directly at the address at the bottom of this Policy.

If you have any questions, suggestions or additional information about this Privacy Policy or our practices regarding the use or security of information, please contact us by email at tavieskin@tavierx.net or by mail at:

MedClinik SAS
38 rue de Berri
75008 Paris
FRANCE

If, after contacting us, you feel that your rights are not being respected or that the TAVIE-SKIN Mobile Application does not comply with data protection rules, you can send a complaint online to the CNIL or by post to the following address:

CNIL
3 place de Fontenoy
TSA 80715 – 75334 Paris CEDEX 07
FRANCE
https://www.cnil.fr/