Privacy Policy
1. Subject of this privacy policy
This privacy policy (hereinafter the “policy”) provides more information regarding the processing of Personal Data by BINGLI.
The privacy of the Patient providing Personal Data to BINGLI is very important to BINGLI. BINGLI only uses all the Personal Data provided by the Patient for the purposes referred to in this Policy and complies with the applicable laws and legislation regarding the protection of Personal Data, including the European Regulation 2016/679 from 27 April 2016 (General Data Protection Regulation or GDPR).
In addition, the Personal Data of the physicians for whom BINGLI processes the Patient’s Personal Data is also important to BINGLI. The physician can already find most information about the processing of his Personal Data in his contract with BINGLI. This policy is only important to the physician for exercising his rights to his Personal Data (see articles 7 and 8 of this Policy)
2. Purposes
2.1. Processing the Personal Data of the Patient on behalf of the attending physician
BINGLI allows your attending physician to collect and process data regarding you as a Patient. Your attending physician is responsible for the processing of your data, but the website itself is operated by BINGLI, who acts as processor on behalf of your physician. The Services of BINGLI have the following purposes, and the Patient and his physician therefore use the Service, provided with your consent as a Patient:
Management, in particular retrieval, storage, modification and transfer of the Personal Data of the Patient;
The improvement of the usability of the Personal Data of the Patient;
The simplification of participation in scientific research, if the Patient wishes so;
The evaluation of the health care provided to the Patient, with the aim to improve this; and
The identification of potential risks of the Patient.
In addition to doctors, BINGLI can also work on behalf of hospitals or other entities.
2.2. Processing for the benefit of BINGLI
In addition, BINGLI will also be able to anonymise the Patient’s personal data under its own responsibility, in order to enable further processing and transfer to third parties for scientific purposes. After this anonymisation the identity of the Patient can no longer be linked in any way to the data originating from this Patient, so that the privacy of this Patient cannot be compromised and the GDPR will no longer be applicable.
BINGLI will also be able to process the non-anonymised personal data of the Patient (together with the feedback received from the physician), under its own responsibility, in order to improve its own services. This will only be done with the Patient’s consent and after pseudonymization of the Patient’s data so the BINGLI employee can no longer see the Patient’s name.
3. Confidential treatment by BINGLI
BINGLI acknowledges that the Patient’s Personal Data is strictly confidential.
Except with informed consent of the Patient and/or when it is necessary for a physician or hospital in the context of the treatment of the Patient and/or in the context of legal permissions or obligations and/or by court order and/or for the initiation, exercise or substantiation of a legal claim, BINGLI will not disclose the Personal Data to a third party.
People who can have access to the Personal Data in the context of the Service, are:
BINGLI employees and contractors responsible for collecting, processing, managing and reviewing the Personal Data;
BINGLI employees and contractors responsible for quality management and security;
BINGLI responsible people for checking the BINGLI employees and contractors;
Any party for whom the Physician or the Patient gives BINGLI the order to release; and
Any other person who has authorised access due to applicable legislation.
BINGLI makes the aforementioned people aware of the interest of the confidential treatment of the Personal Data, and makes them, when applicable, sign a confidentiality statement that will be added to the agreement concluded with them.
4. Protection of Personal Data
BINGLI takes appropriate technical and organisational measures (such as pseudonymization) to protect the Personal Data from loss or any type of unlawful processing or access. These measures guarantee an appropriate level of security, considering the state of technique and the associated costs.
5. Storage of data
The Patient accepts that BINGLI will store the Patient’s Personal Data in electronic archives and/or databases, set up and managed by BINGLI, in the form in which this Personal Data is received or in any other derivative form that BINGLI uses in the context of the Service. BINGLI can appeal to third-party service providers for the storage of personal data, who in principle are established in the European Economic Area. In case Bingli appeals to service providers established outside the European Economic Area, it will make the necessary arrangements to realise an equivalent level of protection of Personal Data in accordance with the articles 44 up to 49 of the General Data Protection Regulation.
BINGLI will not store the Personal Data any longer than is necessary to provide the Service and to improve this Service. As soon as the Personal Data is no longer required or at the request of the Patient, BINGLI will remove the Personal Data, unless the storage of Personal Data is or will become mandatory.
6. Secure communication
The Patient accepts that the communication of Personal Data to BINGLI is done electronically, and that any form of communication entails a risk of interception, incorrect delivery or loss. BINGLI is not liable for communication errors that are not attributable to them.
7. Rights of physicians and Patients to their Personal data
The rights of the physician and the Patient related to the processing of their Personal Data by BINGLI are explained below.
The Patient can always exercise his rights related to the processing of his Personal Data by BINGLI, by contacting his attending physician on whose behalf BINGLI processes the Personal Data. As physician you have the following rights with respect to BINGLI.
If the Patient only has a request related to the processing of his Personal data by BINGLI for the own purposes of BINGLI (improvement of BINGLI services or anonymising for scientific research; see article 2.2 of this policy), the Patient must bear in mind that BINGLI only processes his Personal data for these purposes in a way where the patient concerned cannot be identified. If the Patient wants to exercise his rights on this Personal Data, BINGLI may ask the Patient to provide additional Personal Data in order to identify the Patient. After the identification, you as a Patient, will have the following rights.
Right to access and copy
Access – You always have the right to free access to the Personal Data that BINGLI processes about you, unless this access is excluded by law. You also have the right to receive certain information about this processing. More specifically, you have the right to the following information:
the existence of processing of your Personal Data or not;
the Personal Data itself
the purposes of the processing of this Personal Data;
the categories of Personal Data and their storage time;
the categories of receivers to whom this Personal Data will be provided;
your rights regarding this Personal Data;
the source of this Personal Data, if this has not been collected from yourself.
Copy – You also have the right to receive a free copy of your Personal Data, insofar as you may access this conform the GDPR. If you wish several copies of the same information, BINGLI reserves the right to charge you administrative costs for this.
Right to improvement
You also have the right to have all incorrect or incomplete processed Personal Data be improved or supplemented, free of charge.
You can also request that your Personal Data is temporarily no longer processed (except in a number of statutory cases) till the correctness or completeness of your Personal Data has been checked and any inaccuracies/omissions have been corrected (except in a number of statutory cases). See also the section “right to restricted processing”.
Right to transferability
With regard to Personal data that is automatically processed (via computer) you also have the right to request BINGLI to transfer a copy of your Personal Data in a machine-readable format (e.g. XML) to you and/or directly to another institution or person of your choice. This right only applies to Personal Data that you have provided yourself and only if the processing by BINGLI is based on your consent.
Right to withdraw your consent
When BINGLI processes your Personal Data based on your consent, you always have the right to withdraw this consent. In that case BINGLI will no longer process your Personal Data. However, this does not affect the lawfulness of the processing before the withdrawal of your consent.
When you withdraw your consent, you can also request that your Personal Data is deleted at the same time. See also the section “right to removal”.
Right to removal
If you believe that your Personal Data may no longer be processed (for example because this data is no longer necessary or because it is processed unlawfully), you can request that your Personal Data is permanently deleted from the files of BINGLI.
Instead of removal, the patient can alternatively also request that his Personal Data remains stored but is no longer processed (except in certain legally defined cases). See also the section “right to restricted processing”.
BINGLI is however not obliged to delete the Personal Data if it still may or must be lawfully processed in accordance with the GDPR.
Right to object to the processing
Even when your Personal Data is processed without your consent, you can in certain cases object to the processing of your Personal Data by BINGLI. This is the case when your Personal Data is processed based on the justified interest of BINGLI within the meaning of article 6, paragraph 1(f) AVG (Dutch version of GDPR) (for example for maintaining customer relations).
However, insofar as the processing does not involve any form of direct marketing, BINGLI may continue to process your Personal Data if this is necessary for compelling justified reasons. While awaiting the assessment of these reasons, you may however request us to temporarily stop processing the Personal Data in question (except in a number of statutory cases). See also the section “right to restricted processing”.
Right to restricted processing
In certain cases you have the right to request that your Personal Data is still stored by BINGLI but that it is temporarily no longer processed. Except for the cases mentioned with the right to improvement, to object and to removal in this Policy, you also have this right when BINGLI no longer needs your Personal Data, but you still need this yourself in the context of a legal claim.
In some statutory cases the restricted processing does however not apply and BINGLI may continue to process your Personal Data. These cases are the following:
if you have given your specific consent for a certain processing:
if BINGLI needs your Personal Data in the context of a legal claim;
if your Personal Data must be processed to protect the rights of another natural person or legal entity; or
for serious reasons of public interest.
8. Questions and complaints
Questions – For requests to exercise your rights or any other questions regarding the processing of Personal Data by BINGLI, you can always contact Tom Van De putte, tvdp@mybingli.com or our data protection officer via An Vijverman, free of charge.
Complaints – If you believe that the provisions of this privacy policy or of the GDPR are not complied with, you can always submit a complaint to the Data Protection Authority. If you have any complaint, we kindly ask you to first submit this to us, so we can look for a solution to your problem.